|
|
This chapter describes how to configure multicast services and broadcast/multicast suppression on the Catalyst 5000, 4000, 2948G, 2926G, and 2926 series switches.
This chapter consists of these sections:
These sections describe how multicasting works on the Catalyst 5000, 4000, 2948G, 2926G, and 2926 series switches:
The Cisco Group Management Protocol (CGMP) and the Internet Group Management Protocol (IGMP) manage multicast traffic in switches by allowing directed switching of IP multicast traffic at rates greater than one million packets per second.
CGMP is supported in supervisor engine software release 2.2 or later and Cisco IOS software release 11.1(3) or later on Cisco routers.
IGMP snooping is supported in supervisor engine software release 4.1 or later and requires a Supervisor Engine III, III FSX, or III FLX with a NetFlow Feature Card (NFFC) or NFFC II. IGMP snooping is also supported on the Catalyst 2926G series switches.
Switches can use CGMP and IGMP to dynamically configure switch ports so that IP multicast traffic is forwarded only to those ports associated with IP multicast hosts.
CGMP and IGMP software components run on both the Cisco router and the switch. A CGMP/IGMP-capable IP multicast router sees all IGMP packets and can inform the switch when specific hosts join or leave IP multicast groups.
When the CGMP/IGMP-capable router receives an IGMP control packet, it creates a CGMP or IGMP packet that contains the request type (either join or leave), the multicast group address, and the Media Access Control (MAC) address of the host. The router sends the packet to a well-known address to which all switches listen. When a switch receives the packet, the supervisor engine module interprets the packet and modifies the forwarding table automatically.
You can statically configure multicast groups using the set cam static command. Multicast groups learned through CGMP or IGMP snooping are dynamic. If you specify group membership for a multicast group address, your static setting supersedes any automatic manipulation by CGMP or IGMP. Multicast group membership lists can consist of both user-defined and CGMP/IGMP-learned settings.
If a CGMP/IGMP-learned port link is disabled for any reason, that port is removed from any multicast group memberships.
We recommend that you enable the spanning-tree PortFast feature on ports to which hosts are directly connected if you are using CGMP. For information on configuring spanning-tree PortFast, see the "Configuring Spanning-Tree PortFast" section of "Configuring Spanning Tree."
When a host wants to join an IP multicast group, it sends an IGMP join message specifying its MAC address and the IP multicast group it wants to join. The CGMP/IGMP-capable router then builds a CGMP/IGMP join message and multicasts the join message to the well-known address to which the switches listen.
Upon receipt of the join message, each switch searches its Enhanced Address Recognition Logic (EARL) table to determine if it contains the MAC address of the host asking to join the multicast group. If a switch finds the MAC address of the host in its EARL table associating the MAC address with a nontrunking port, the switch creates a multicast forwarding entry in the EARL forwarding table. The host associated with that port receives multicast traffic for that multicast group. In this way, the EARL automatically learns the MAC addresses and port numbers of the IP multicast hosts.
The CGMP/IGMP-capable router sends periodic multicast group queries. If a host wants to remain in a multicast group, it responds to the query from the router. In this case, the router does nothing. If a host does not want to remain in the multicast group, it does not respond to the router query. If after a number of queries the router receives no reports from any host in a multicast group, the router sends a CGMP/IGMP command to the switch, telling it to remove the multicast group from its forwarding tables.
CGMP fast-leave-processing allows the switch to detect IGMP V.2 leave messages sent to the all-routers multicast address by hosts on any of the supervisor engine module ports. When the supervisor engine module receives a leave message, it starts a query-response timer. If this timer expires before a CGMP join message is received, the port is pruned from the multicast tree for the multicast group specified in the original leave message. Fast-leave processing ensures optimal bandwidth management for all hosts on a switched network, even when multiple multicast groups are in use simultaneously.
These sections describe how to configure CGMP:
These guidelines apply when configuring CGMP:
To enable CGMP, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Enable CGMP on the switch. | set cgmp enable |
Step 2 Verify that CGMP is enabled. | show cgmp statistics [vlan_num] |
This example shows how to enable CGMP and verify the configuration:
Console> (enable) set cgmp enable CGMP support for IP multicast enabled. Console> (enable) show cgmp statistics 1 CGMP enabled CGMP statistics for vlan 1: valid rx pkts received 211915 invalid rx pkts received 0 valid cgmp joins received 211729 valid cgmp leaves received 186 valid igmp leaves received 0 valid igmp queries received 3122 igmp gs queries transmitted 0 igmp leaves transmitted 0 failures to add GDA to EARL 0 topology notifications received 80 number of CGMP packets dropped 2032227 Console> (enable)
When you enable CGMP, the switch automatically learns to which ports a multicast router is connected.
To statically define multicast router ports, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Configure multicast router ports. | set multicast router mod_num/port_num |
Step 2 Verify the multicast router configuration. | show multicast router [mod_num/port_num] [vlan_id] |
Step 3 Verify the multicast router information that was learned dynamically through CGMP. | show multicast router cgmp [mod_num/port_num] [vlan_id] |
This example shows how to define a multicast router port manually and verify the configuration (the asterisk [*] next to the multicast router on port 3/1 indicates that the entry was configured manually):
Console> (enable)set multicast router 3/1Port 3/1 added to multicast router port list.Console> (enable)show multicast router CGMP enabled IGMP disabled Port Vlan --------- ---------------- 2/1 99 2/2 255 3/1 * 1 7/9 2,99 Total Number of Entries = 4 '*' - Configured Console> (enable)
This example shows how to display only those multicast router ports that were learned dynamically through CGMP:
Console> (enable) show multicast router cgmp
CGMP enabled
IGMP disabled
Port Vlan
--------- ----------------
2/1 99
2/2 255
7/9 2,99
Total Number of Entries = 3
'*' - Configured
Console> (enable)
To statically configure a multicast group, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Add one or more multicast MAC addresses to the CAM table. | set cam {static | permanent} multicast_mac mod_num/port_num [vlan] |
Step 2 Verify the multicast group configuration. | show multicast group [mac_addr] [vlan_id] |
Step 3 Verify the multicast group information that was learned dynamically through CGMP. | show multicast group cgmp [mac_addr] [vlan_id] |
Step 4 If desired, show the total number of multicast addresses (groups) in a VLAN. | show multicast group count [cgmp] [vlan_id] |
This example shows how to define multicast groups manually and verify the configuration (the asterisks indicate the entry was manually configured):
Console> (enable) set cam static 01-00-11-22-33-44 2/6-12 Static multicast entry added to CAM table. Console> (enable) set cam static 01-11-22-33-44-55 2/6-12 Static multicast entry added to CAM table. Console> (enable) set cam static 01-22-33-44-55-66 2/6-12 Static multicast entry added to CAM table. Console> (enable) set cam static 01-33-44-55-66-77 2/6-12 Static multicast entry added to CAM table. Console> (enable) show multicast group CGMP enabled IGMP disabled VLAN Dest MAC/Route Des Destination Ports or VCs / [Protocol Type] ---- ------------------ ---------------------------------------------------- 1 01-00-11-22-33-44* 2/6-12 1 01-11-22-33-44-55* 2/6-12 1 01-22-33-44-55-66* 2/6-12 1 01-33-44-55-66-77* 2/6-12 Total Number of Entries = 4 Console> (enable)
To enable CGMP leave processing, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Enable CGMP leave processing on a device. | set cgmp leave enable |
Step 2 Verify that CGMP leave processing is enabled. | show cgmp leave |
This example shows how to enable CGMP leave processing and verify the configuration:
Console> (enable) set cgmp leave enable CGMP leave processing enabled. Console> (enable) Console> (enable) show cgmp leave CGMP: enabled CGMP leave: enabled Console> (enable)
To check CGMP statistics on the switch, perform this task:
Display CGMP statistics. | show cgmp statistics [vlan_id] |
This example shows how to display CGMP statistics:
Console> (enable) show cgmp statistics CGMP enabled CGMP statistics for vlan 1: valid rx pkts received 211915 invalid rx pkts received 0 valid cgmp joins received 211729 valid cgmp leaves received 186 valid igmp leaves received 0 valid igmp queries received 3122 igmp gs queries transmitted 0 igmp leaves transmitted 0 failures to add GDA to EARL 0 topology notifications received 80 number of CGMP packets dropped 2032227 Console> (enable)
To clear manually configured multicast router ports, perform one of these tasks in privileged mode:
| Task | Command |
|---|---|
| clear multicast router mod_num/port_num |
| clear multicast router all |
This example shows how to clear a manually configured multicast router port entry:
Console> (enable) clear multicast router 2/12 Port 2/12 cleared from multicast router port list. Console> (enable)
To disable manually configured multicast group entries, perform this task in privileged mode:
| Task | Command |
|---|---|
Clear a multicast group entry from the CAM table. | clear cam mac_addr [vlan] |
This example shows how to clear a multicast group entry from the CAM table:
Console> (enable) clear cam 01-11-22-33-44-55 1 CAM entry cleared. Console> (enable)
To disable CGMP leave processing, perform this task in privileged mode:
| Task | Command |
|---|---|
Disable CGMP leave processing on a device. | set cgmp leave disable |
This example shows how to disable CGMP leave processing on the switch:
Console> (enable) set cgmp leave disable CGMP leave processing disabled. Console> (enable)
To disable CGMP on the switch, perform this task in privileged mode:
| Task | Command |
|---|---|
Disable CGMP on the switch. | set cgmp disable |
This example shows how to disable CGMP:
Console> (enable) set cgmp disable CGMP support for IP multicast disabled. Console> (enable)
These sections describe how to configure IGMP snooping:
These guidelines apply when you are configuring IGMP snooping:
To enable IGMP snooping, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Enable IGMP snooping on the switch. | set igmp enable |
Step 2 Verify that IGMP snooping is enabled. | show igmp statistics [vlan_num] |
This example shows how to enable IGMP snooping and verify the configuration:
Console> (enable) set igmp enable IGMP Snooping is enabled. CGMP is disabled. Console> (enable) show igmp statistics IGMP enabled IGMP statistics for vlan 1: Total valid pkts rcvd: 18951 Total invalid pkts recvd 0 General Queries recvd 377 Group Specific Queries recvd 0 MAC-Based General Queries recvd 0 Leaves recvd 14 Reports recvd 16741 Queries Xmitted 0 GS Queries Xmitted 16 Reports Xmitted 0 Leaves Xmitted 0 Failures to add GDA to EARL 0 Topology Notifications rcvd 10 IGMP packets dropped 0 Console> (enable)
When you enable IGMP snooping, the switch automatically learns to which ports a multicast router is connected.
To statically define multicast router ports, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Configure multicast router ports. | set multicast router mod_num/port_num |
Step 2 Verify the multicast router configuration. | show multicast router [mod_num/port_num] [vlan_id] |
Step 3 Verify the multicast router information that was learned dynamically through IGMP. | show multicast router igmp [mod_num/port_num] [vlan_id] |
This example shows how to define a multicast router port manually and verify the configuration (the asterisk [*] next to the multicast router on port 5/7 indicates that the entry was configured manually):
Console> (enable)set multicast router 5/7Port 5/7 added to multicast router port list.Console> (enable)show multicast router CGMP disabled IGMP enabled Port Vlan --------- ---------------- 1/1 1 2/1 2,99,255 5/7 * 99 Total Number of Entries = 3 '*' - Configured Console> (enable)
This example shows how to display only those multicast router ports that were learned dynamically through IGMP:
Console> (enable) show multicast router igmp
CGMP disabled
IGMP enabled
Port Vlan
--------- ----------------
1/1 1
2/1 2,99,255
Total Number of Entries = 2
'*' - Configured
Console> (enable)
To statically configure a multicast group, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Add one or more multicast MAC addresses to the CAM table. | set cam {static | permanent} multicast_mac mod_num/port_num [vlan] |
Step 2 Verify the multicast group configuration. | show multicast group [mac_addr] [vlan_id] |
Step 3 Verify the multicast group information that was learned dynamically through IGMP. | show multicast group igmp [mac_addr] [vlan_id] |
Step 4 If desired, show the total number of multicast addresses (groups) in a VLAN. | show multicast group count [igmp] [vlan_id] |
This example shows how to define multicast groups manually and verify the configuration:
Console> (enable) set cam static 01-00-11-22-33-44 2/6-12 Static multicast entry added to CAM table. Console> (enable) set cam static 01-11-22-33-44-55 2/6-12 Static multicast entry added to CAM table. Console> (enable) set cam static 01-22-33-44-55-66 2/6-12 Static multicast entry added to CAM table. Console> (enable) set cam static 01-33-44-55-66-77 2/6-12 Static multicast entry added to CAM table. Console> (enable) show multicast group CGMP disabled IGMP enabled VLAN Dest MAC/Route Des Destination Ports or VCs / [Protocol Type] ---- ------------------ ---------------------------------------------------- 1 01-00-11-22-33-44* 2/6-12 1 01-11-22-33-44-55* 2/6-12 1 01-22-33-44-55-66* 2/6-12 1 01-33-44-55-66-77* 2/6-12 Total Number of Entries = 4 Console> (enable)
To check IGMP snooping statistics on the switch, perform this task:
| Task | Command |
|---|---|
Display IGMP snooping statistics. | show igmp statistics [vlan_id] |
This example shows how to display IGMP snooping statistics:
Console> (enable) show igmp statistics IGMP enabled IGMP statistics for vlan 1: Total valid pkts rcvd: 18951 Total invalid pkts recvd 0 General Queries recvd 377 Group Specific Queries recvd 0 MAC-Based General Queries recvd 0 Leaves recvd 14 Reports recvd 16741 Queries Xmitted 0 GS Queries Xmitted 16 Reports Xmitted 0 Leaves Xmitted 0 Failures to add GDA to EARL 0 Topology Notifications rcvd 10 IGMP packets dropped 0 Console> (enable)
To clear manually configured multicast router ports, perform one of these tasks in privileged mode:
| Task | Command |
|---|---|
| clear multicast router mod_num/port_num |
| clear multicast router all |
This example shows how to clear a manually configured multicast router port entry:
Console> (enable) clear multicast router 2/12 Port 2/12 cleared from multicast router port list. Console> (enable)
To disable manually configured multicast group entries, perform this task in privileged mode:
| Task | Command |
|---|---|
Clear a multicast group entry from the CAM table. | clear cam mac_addr [vlan] |
This example shows how to clear a multicast group entry from the CAM table:
Console> (enable) clear cam 01-11-22-33-44-55 1 CAM entry cleared. Console> (enable)
To disable IGMP snooping on the switch, perform this task in privileged mode:
| Task | Command |
|---|---|
Disable IGMP snooping on the switch. | set igmp disable |
This example shows how to disable IGMP snooping:
Console> (enable) set igmp disable IGMP feature for IP multicast disabled Console> (enable)
These sections describe how to use broadcast/multicast suppression:
These sections describe how broadcast/multicast suppression works:
Broadcast/multicast suppression prevents switched ports on a LAN from being disrupted by a broadcast storm. A LAN broadcast storm occurs when broadcast or multicast packets flood the LAN, creating excessive traffic and degrading network performance. Errors in the protocol-stack implementation or in the network configuration can cause a broadcast storm.
Broadcast/multicast suppression works by measuring incoming broadcast/multicast activity on a switch port. Broadcast/multicast activity can be measured in two ways:
Broadcast/multicast suppression is implemented either in hardware or in software. Hardware broadcast/multicast suppression uses the bandwidth-based method. Software broadcast/multicast suppression uses the packet-based method. Since packet sizes vary, bandwidth-based measurement is more accurate and effective than packet-based measurement.
When broadcast/multicast suppression is enabled, the switch monitors incoming packets on the port over a one-second time period. The switch uses the Individual/Group bit in the packet destination address to determine if the packet is a unicast or a broadcast/multicast. If the total number of broadcasts/multicasts exceeds a user-configured threshold, further activity is suppressed for the duration of a specified period.
Figure 12-1 shows the broadcast/multicast traffic patterns on a port over a given period. In this example, broadcast/multicast suppression occurs between the one-second intervals T1-T2 and T4-T5. During those one-second intervals, the amount of broadcast/multicast traffic exceeded the configured threshold.
Broadcast/multicast suppression is disabled by default. Bandwidth-based broadcast/multicast suppression takes precedence over packet-based broadcast/multicast suppression unless you disable bandwidth-based broadcast/multicast suppression (that is, you set the threshold value to 100 percent).
With bandwidth-based broadcast/multicast suppression, if the number of incoming broadcasts/multicasts on a port within a one-second time interval exceeds the configured threshold, the switch filters out all incoming broadcast/multicast packets on the port for the remainder of the one-second period.
Bandwidth-based broadcast/multicast suppression measures broadcast/multicast activity relative to total bandwidth. You can configure the percentage of total available bandwidth that can be used by broadcast/multicast traffic using the set port broadcast command. The higher the threshold the more incoming broadcast/multicast packets are allowed to pass. A threshold value of 100 percent means that no limit is placed on broadcast traffic (suppression is disabled).
To determine whether your hardware supports bandwidth-based broadcast/multicast suppression, see the documentation for your hardware or use the show port capabilities command.
With packet-based broadcast/multicast suppression, if the number of incoming broadcasts/multicasts on a port within a one-second time interval exceeds the configured threshold, the switch filters out all incoming traffic (including unicast packets) on the port for the remainder of the one-second period.
Packet-based broadcast/multicast suppression measures broadcast/multicast activity relative to the total number of packets received on the port. You can configure the total number of packets that can be used by broadcast/multicast traffic using the set port broadcast command. The higher the threshold the more incoming broadcast/multicast packets are allowed to pass. A threshold value of 0 packets means that no limit is placed on broadcast traffic (suppression is disabled on the port).
To determine whether your hardware supports packet-based broadcast/multicast suppression, see the documentation for your hardware or use the show port capabilities command.
Broadcast/multicast suppression capability is not available on all platforms and is hardware-dependent. Table 12-1 shows which switches have available hardware that supports broadcast/multicast suppression.
To determine whether a specific piece of hardware supports broadcast/multicast suppression, see the documentation for your hardware or use the show port capabilities command.
| Suppression Method | Catalyst 5000 Series | Catalyst 4000 Series | Catalyst 2948G Series | Catalyst 2926G Series | Catalyst 2926 Series |
|---|---|---|---|---|---|
Bandwidth-based (hardware) suppression | Yes | No | No | Yes | No |
Packet-based (software) suppression | Yes | No | No | Yes | Yes |
These sections describe how to configure broadcast/multicast suppression:
To enable bandwidth-based broadcast/multicast suppression, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Specify the broadcast/multicast suppression threshold for one or more ports as a percentage of total bandwidth. | set port broadcast mod_num/port_num threshold% |
Step 2 Verify the broadcast/multicast suppression configuration. | show port broadcast [mod_num[/port_num]] |
This example shows how to enable bandwidth-based broadcast/multicast suppression and verify the configuration:
Console> (enable) set port broadcast 3/1 75% Port(s) 3/1-24 broadcast traffic limited to 75%. Console> (enable) show port broadcast 3 Port Broadcast-Limit Broadcast-Drop -------- --------------- -------------- 3/1-8 75 % - 3/9-16 75 % - 3/17-24 75 % - Console> (enable)
To enable packet-based broadcast/multicast suppression, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Specify the broadcast/multicast suppression threshold for one or more ports as a maximum number of broadcast or multicast packets allowed in a one-second period. | set port broadcast mod_num/port_num threshold |
Step 2 Verify the broadcast/multicast suppression configuration. | show port broadcast [mod_num[/port_num]] |
This example shows how to enable packet-based broadcast/multicast suppression and verify the configuration:
Console> (enable) set port broadcast 2/6 500 Port(s) 2/6 broadcast traffic limited to 500 packets/second. Console> (enable) set port broadcast 2/7 500 Port(s) 2/7 broadcast traffic limited to 500 packets/second. Console> (enable) set port broadcast 2/8 500 Port(s) 2/8 broadcast traffic limited to 500 packets/second. Console> (enable) show port broadcast Port Broadcast-Limit Broadcast-Drop -------- --------------- -------------- 1/1 - - 1/2 - - 2/1 - 0 2/2 - 0 2/3 - 0 2/4 - 0 2/5 - 0 2/6 500 p/s 0 2/7 500 p/s 0 2/8 500 p/s 0 2/9 - 0 2/10 - 0 2/11 - 0 2/12 - 0 Console> (enable)
To disable broadcast/multicast suppression on one or more ports, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Disable broadcast/multicast suppression on one or more ports. | clear port broadcast mod_num/port_num |
Step 2 Verify the broadcast/multicast suppression configuration. | show port broadcast |
This example shows how to disable broadcast/multicast suppression on one or more ports:
Console> (enable) clear port broadcast 3/1 Port 3/1-8 broadcast traffic unlimited. Console> (enable)
|
|