Re: Multicast IGMP join limiting

From: Pavel Bykov (slidersv@gmail.com)
Date: Thu Dec 04 2008 - 01:11:32 ARST

• Next message: Pavel Bykov: "Re: Lab environment questions...."
• Previous message: Pavel Bykov: "Re: Re: ip pim bsr-candidate command"
• Maybe in reply to: mahmoud genidy: "Multicast IGMP join limiting"
• Next in thread: mahmoud genidy: "Re: Multicast IGMP join limiting"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

The command reference has a nice explanation. Both can accomplish the task.
But just think about nature of multicast.
Is there native multicast on layer 2? .... N O.
Mr. Deering was all for L3 protocols, and even though there is mapping to L2
addresses, the IGMP protocol as such is for communication between multicast
router and host.
So we need Snooping on L2 to make our device intelligent - sniff for correct
packets and take actions.

So, if the interface in question is L3, IP address and everything, then it
would be "ip igmp access-group".
If the interface in question is L2, VLAN access, trunk, or such, then it
will be "ip igmp snooping access-group".

There are exception to the rule apparently, like if you want to apply L2
filter on all ports in a VLAN, you can use "ip igmp snooping access-group"
on SVI, but that I haven't checked.

On Wed, Dec 3, 2008 at 1:21 PM, mahmoud genidy <ccie.mahmoud@gmail.com>wrote:

> Hi,
>
> I have Layer 3 switch (Catalyst with IP routing enabled). I need to drop
> IGMP join messages of specific multicast group coming from specific port
> say
> FA0/1.
>
> I was thinking about two options and I'm not sure which one is the best
> answer:
>
> 1- ip igmp snooping access-group command in interface level of fa0/1 of the
> switch. With the access list denying igmp traffic from any host to the
> multicast group
>
> 2- ip igmp access-group command in interface level of fa0/1 of the switch.
> With the same access-list which denies the specific multicast group.
>
> Which command is the right in this case?
>
> Thanks,
>
> Mahmoud
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
Pavel Bykov
----------------
Don't forget to help stopping the braindumps, use of which reduces value of
your certifications. Sign the petition at http://www.stopbraindumps.com/
Blogs and organic groups at http://www.ccie.net

• Next message: Pavel Bykov: "Re: Lab environment questions...."
• Previous message: Pavel Bykov: "Re: Re: ip pim bsr-candidate command"
• Maybe in reply to: mahmoud genidy: "Multicast IGMP join limiting"
• Next in thread: mahmoud genidy: "Re: Multicast IGMP join limiting"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jan 01 2009 - 12:53:07 ARST