Multicast traffic flooding

Similar Messages

• Multicast trafficis being flooded on igmp snooping enabled switch

  I have two devices connected to the same switch, S streams video using multicast, H doesn't send join request, but the multicast is being sent to H, actually it is being flooded. Both hosts are in the same vlan.
  Distribution-1#show ver | in WS
  cisco WS-C2960-24TT-L (PowerPC405) processor (revision E0) with 65536K bytes of memory.
  Model number                    : WS-C2960-24TT-L
  *    1 26    WS-C2960-24TT-L    15.0(1)SE2            C2960-LANBASEK9-M

  Duplicate post.
  Go here:  https://supportforums.cisco.com/discussion/12218811/multicast-trafficis-being-flooded-igmp-snooping-enabled-switch

• Cisco devices that support Multicast traffic?

  Folks,
  I am looking for list of Cisco devices that support Multicast traffic. Does anyone know how to get this information?
  Thanks,
  Nagesh 

  Cisco Feature Navigator

• MPLS to support multicast traffic

  Dear Gurus,
  Does EoMPLS passes multicast traffic? Before my customer can pass multicast traffic (video) thru our Metro-Ethernet network. What we did is migrate the connection to our EoMPLS network, and then suddenly the video is not working.
  Thanks.
  Jeff

  Hi Laurent,
  Its just modulator that converts some analog videos to digital but uses multicast, the multicast data are transmiited by the modulator and received on the other end by the demod. Below is the topology
  Before:
  Modulator----metro-ethernet----metro-ethernet----demodulator
  Current Setup:
  Modulator----metro-ethernet---MPLS-ROUTER-----------------MPLS-ROUTER---metro-ethernet----demodulator
  tia.

• Cisco outdoor AP 1300 - OSPF multicast traffic

  Hi everybody,
  I have a basic question but i really do not know the answer.
  So,
  I want to know if i can talk OSPF through a wireless connection formed by 2 cisco aironet 1300?
  I mean i am not sure if the access point is going to pass the OSPF's multicast traffic.
  best regards

  Duplicate post. 
  I'm posting my response to your other post.

• RSPAN does not put IPv6 multicast traffic into port

  Hi.
  There is two switches in the equation:
  WS-C2960-24TT-L    12.2(55)SE5           C2960-LANBASEK9-M
  and stack of
  Switch Ports Model              SW Version            SW Image
       1 12    WS-C3750G-12S      12.2(55)SE8           C3750-IPSERVICESK9-M
       2 12    WS-C3750G-12S      12.2(55)SE8           C3750-IPSERVICESK9-M
  *    3 24    WS-C3750G-24T      12.2(55)SE8           C3750-IPSERVICESK9-M
  3 is a master
  There is VTP domain with pruning off and RSPAN VLAN 1001
  core#sho vlan remote-span
  Remote SPAN VLANs
  1001
  there is RSPAN session on first:
  #sho monitor session 1
  Session 1
  Type                   : Remote Source Session
  Source Ports           :
      Both               : Fa0/11
  Dest RSPAN VLAN        : 1001
  Port Fa0/11 is in access mode, VLAN 303
  and on second:
  core#sho monitor session 1
  Session 1
  Type                   : Remote Destination Session
  Source RSPAN VLAN      : 1001
  Destination Ports      : Gi3/0/2
      Encapsulation      : Native
            Ingress      : Disabled
  Problem is that i can't see any IPv6 multicast traffic (like ICMPv6 RA or such) on Gi3/0/2 which is absolutely sure there, because if i remove monitoring session on core switch and put Gi3/0/2 into trunk mode, i can see packets i need in vlan 1001:
  # tcpdump -s0 -nnvei eth1 vlan 1001 and ip6
  tcpdump: WARNING: eth1: no IPv4 address assigned
  tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
  14:17:37.059045 50:57:a8:f0:72:1b > 33:33:ff:00:00:01, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, (class 0xe0, hlim 255, next-header ICMPv6 (58) payload length: 32) 2abc:abc:1:600b::2 > ff02::1:ff00:1: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2abc:abc:1:600b::1
            source link-address option (1), length 8 (1): 50:57:a8:f0:72:1b
  14:17:38.083266 50:57:a8:f0:72:1b > 33:33:ff:00:00:01, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, (class 0xe0, hlim 255, next-header ICMPv6 (58) payload length: 32) 2abc:abc:1:600b::2 > ff02::1:ff00:1: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2abc:abc:1:600b::1
            source link-address option (1), length 8 (1): 50:57:a8:f0:72:1b
  14:17:39.107068 50:57:a8:f0:72:1b > 33:33:ff:00:00:01, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, (class 0xe0, hlim 255, next-header ICMPv6 (58) payload length: 32) 2abc:abc:1:600b::2 > ff02::1:ff00:1: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2abc:abc:1:600b::1
            source link-address option (1), length 8 (1): 50:57:a8:f0:72:1b
  There is no such problem with usual unicast and broadcast traffic.
  Any suggestions?

  Interestingly, i've found bug CSCsr64007 which i stubmbled upon on one of my switches during troubleshooting. The effect of this bug was that RSPAN took IPv6 multicast packets from unrelated VLANs and forwarded them into monitor port.
  Looks like they have "fixed" it filtering IPv6 multicast completely.

• Cisco Catalyst 2950/2960/3750 Multicast Traffic Preference

  Hello all,
  we, as a student company act as an ISP for university dormitories. We would like to (if it's possible) deploy QoS to prefer multicast traffic over all other types of traffic. 
  Devices used in network:
  Acces layer: Cisco Catalyst 2950,  12.1(22)EA14
  Dristribution layer: Cisco Catalyst 2960G, 12.2(58)SE1 
  Core layer: Cisco Catalyst 3750G, 12.2(52)SE
  Do you see any possibility to solve this with these devices? We have almost no experience with QoS, therefore any help would be greatly appreciated. 
  Thanks in advance.

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  Hmm, I think it should be doable although the 2950s, if non-E variants, are especially weak in QoS features.  I.e. those might create some issues.
  With the 2960G and 3750G, you often will create problems when you enable QoS because QoS, by default, allocates its buffers resources for 4 egress queues per port rather than using all for 1 egress queue per port.  However, this can be countered by QoS parameter tuning, but that takes some QoS expertize to match to your traffic and your overall QoS policy.

• Bridge Domain and multicast traffic

  Hi All,
  i am planning to build a Point to multipoint network based on ME3600X switch at the HQ and ISR 2900 routers at the Branches. i need to simulate a lan service.
  i though of using EOMPLS at the ISR 2900 and closing them at the ME3600X. at the ME3600X i will use bridge domain to have this point to multipoint functionality.
  at the configuration guide i saw that when i am using bridge domain i need to disable IGMP snooping on every Vlan.
  my question is how the bridge domain treat Multicast traffic ?
  furthermore, can i mix EOMPLS and Bridge Domain ?
  Thanks,
  Avi.

  Hi Avi,
  ME3600X doesn't support VPLS yet (check with your account team for the roadmap) so I don't think your design will work here. What you can do is having a router behind the ME3600X which will have a dedicated VLAN with each remote site.
  HTH
  Laurent.

• Vpc bind-vrf on Nexus 7000/N7k to ensure forwarding of multicast traffic over peer-link?

  In previous vPC setups with N5k (or also N6k), I had to use the 'vpc bind-vrf' command to ensure the forwarding of multicast over the vpc peer-link, especially for receivers in in non-vPC VLANs and the receivers connected to Layer 3 interfaces.
  I am wondering why this command isn't available on N7k? Isn't this necessary on this platform or is it just not yet implemented?
  Any hint is welcome!
  Stephan Strack

  Hey Stephan,
  The 'vpc bind-vrf' command allocates a special internal VLAN for routing traffic over the vPC peer-link to ensure L3 connections on the vPC peer or orphan ports successfully receive multicast traffic on N5k/N6k platforms.  This workaround is not needed on the N7K because that platform implements the vPC loop prevention rule differently in hardware.
  In short, 'vpc bind-vrf' is not required on N7K.
  -Andy

• Multicast Traffic - IGMP Snooping

  We are currently running a Hybrid CATOS/IOS Environment with Sup2 and MSFC2 Line Cards. The Sup Version is
  8.4(3) and MSFC is 12.1(26)we want to run multicast traffic between our internal network to our external Govt Provider in the form of a particular Video Conferencing Client. We have been told that seeing we are running CATOS on our Sup2 engines we will get periodic dropouts of multicast traffic between our internal and external Depts if we don't upgrade to an Native IOS Environment. They are saying that we cannot disable igmp snooping on a per-Vlan basis under our Current Hybrid Environment unless we upgrade to Native IOS. Can we disable igmp snooping on a per-vlan basis using our current CATOS version or do we have to upgrade to a Native IOS Software set ??
  Thanks Simon

  at the catOS level, you only have the ability to enable igmp, not per vlan.
  on the msfc SVIs you should then be able to enable or disable igmp at the VLAN interface level.
  this may provide the abilities you are looking for.
  try this and let us know if any further issues or post your config for review.

• ASA Transparent mode multicast traffic in 8.2 and 8.4

  Hi,
  When i configure 8.2 in trasparent mode and deploy the a network that was wrok on EIGRP after that i found the neighborship was stop when i allow the mutlicast address and prtocol on outside interface it was start the working But when i deploy an ASA with 8.4 IOS and then allow the multicast address and protocol both the interface (Inside and outside) after that it was start working.
  So i want to know that what the reasion to allow multicast address and protocol on 8.4 IOS for both interface. I am not able to find any answer for this.

  Hi Mahesh,
  By default ASA in transparent mode do not allow any packets not having a valid EtherType greater than or equal to 0x600. As per my knowledge this concept remain same for all versions of ASA. Most control plane protocols are denied.
  ASA in transparent mode only allows ARP, broadcast traffic, TCP and UDP inspected unicast traffic.
  For EIGRP to work through transparent firewall, we need to open ACLs in both direction for multicast and unicast both type of EIGRP traffic on all versions of ASA Firewall.

• Which is prioritized for multicast traffic if FastSwitching and CEF is enable?

                     Hello
  Here is the related configuration and output of show command below,
  In my understanding, there are 3 swtching mode, CPU, fast-swthing and CEF swthing,
  But if FastSwthing and CEF swithing are enable both, then which swithing mode is prioritized for mutlicast traffic?
  interface Vlan302
  ip address 10.0.20.1 255.255.255.0
  3750X#sh ip int vlan 302
  Vlan302 is down, line protocol is down
    Internet address is 10.0.20.1/24
    Broadcast address is 255.255.255.255
    *omit
    IP fast switching is enabled
    IP Flow switching is disabled
    IP CEF switching is enabled
    IP CEF switching turbo vector
    IP Null turbo vector
    IP multicast fast switching is enabled
    IP multicast distributed fast switching is enabled
    IP route-cache flags are Fast, CEF
    *omit
  interface Vlan301
  ip address 10.0.10.1 255.255.255.0
  no ip mroute-cache
  3750X#sh ip int vlan 301
  Vlan301 is down, line protocol is down
    Internet address is 10.0.10.1/24
    Broadcast address is 255.255.255.255
    *omit
    IP fast switching is enabled
    IP Flow switching is disabled
    IP CEF switching is enabled
    IP CEF switching turbo vector
    IP Null turbo vector
    IP multicast fast switching is disabled
    IP multicast distributed fast switching is disabled
    IP route-cache flags are Fast, CEF, No Distributed
    *omit
  Product : Cat3750X
  IOS version :  15.0(2)SE5
  Best Regards,
  Masanobu Hiyoshi

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  I'm not 100% certain, but I believe FastSwitching and CEF switching apply to unicast, not multicast.  Your "IP mroute-cache" command enables/disables fast multicast switching.
  On a 3750, switching should be hardware based, for unicast and multicast, unless TCAM resources are insufficient.  If hardware switching falls back to non-hardware switching, you'll likely find process vs. Fast vs. CEF vs. multicast doesn't matter, all too slow.

• 3750X - Dropped multicat traffic flooding on all switchport vlan interfaces

  Hello forum, 
  I have a problem on source  multicast blocking. I have a switch with a vlan interface (Ex. vlan 20 )and on that vlan interface an extended ACL is present. That ACL block specific multicast groups. Furtehrmore I have many switchport access interfaces on vlan 20 with different sources connected. 
  If one source start streaming with multicast destination IP blocked  by ACL, dropped traffic is flooaded on all switchports on source's vlan
  IGMP snooping on this vlan is enabled but seems that dropped  traffic stay on L2 vlan without it.
  Device used: C3750X
  IOS:  15.0(2)SE5
  Thank you for help

  Hi Michal,
  thanks for your reply!
  Yes, probably i've captured all lines of access-list... but I've to change my approach because my access-list is a extended "named" access-list and, on other post, I've read that "named" access-list cannot be debugged...
  Now i've deleted all access-lists entries that refer to vlan2 and I've created new one "numerical":
  #ip access-list extended 100
  #10 ip permit 172.16.2.0 0.0.0.15 any log
  In this mode the debug shows only access-list 100 traffic + bcast + mcast.
  But, the strange thing is another one now...
  I've bought a multifunction printer, that send scanned document to a email account, the printer haven't internal smtp, it makes a connection to hp servers that forward scans to real destination address...
  I was curious to find out how this connection works because, my private/confidential documents are send on internet and, i would hope that hp use a secure connection from my printer to its server...
  Well, if I add "log" switch command at the end of access-list, or I enable access-list debug, the printer stop to comunicate to hp services/server... if I turn off debug or rewrite access-list without "log" feature, incredibly the printer re-start to comunicate with hp...
  Have you any idea that explain that? I'm going crazy...

• HREAP and Multicast traffic

  I have a controller sat on a network (10.10.10.0/24) with a management address of 10.10.10.250.  There's a distant site we have at the other side of the network with a range at 192.168.0.0/24.  I have 5 thin HREAP access points on this network with three WLANs from the controller and one WLAN delivered via a trunk point with VLAN 2 tagging (the 192.168.0.0/24 network is VLAN1).  The VLAN2 (e.g. 172.16.0.0/24) network is basically an untrusted network to us , but I didn't think this would matter as the HREAP config would mean that none of this traffic should even leave the access point - apart from stats/client info.
  However, i've recently been seeing something odd in that there must be some multicast-talking clients on this untrusted network and whatever they are talking about I can see on my management LAN (10.10.10.0).  I can basically see multicast packets with source IPs from the untrusted network.  How is this possible?  More importantly how can I stop it?
  All network numbers are just examples.  Any help or ideas would be gratefully received.

  Hi Stuart,
  Just to clarify a point:
  "but I didn't think this would matter as the HREAP config would mean that  none of this traffic should even leave the access point"
  Keep in mind that when an ap is hreap mode, the ap essentially acts like a switch with respect to its ethernet port.  When it gets a packet from the wireless side, if appropriate, it tags it and puts it on the wire.
  Under ordinary circumstances (unless something is configured to stop this), if a wireless client connected to an hreap ap sends a multicast packet, it absoutely will be put on the wire by the ap, just as a broadcast would.  I just confirmed this with lab equipment.
  So if there isn't a routed path from the remote untrusted networks to your mgmt vlan, there may (should) be L3 multicast routing configured for the untrusted and your management routed interfaces.  Is this the case?
  thanks
  Jeff

• Load distribution not so even for multicast traffic (ECMP) between a GSR 12410 (XR) and a CRS-1 router

  Hi,
  I have a scenario in which I see the multicast S,G streams are distributed not so even in the 3 interfaces between a GSR 12404 (XR 3.8.4) and a CRS1 (XR 3.6.2). The multicast mode is SSM.
  The total S,G (sources and multicast groups) are 82.
  The topology is as follows:
                                                 ---link 1--------
   Multicast sources ----- CRS1 ---link 2-------- GSR12404------- Receivers
                                                  ---link 3--------
  From the total of 82 S,G coming from multicast sources, I see the following S,G distribution between the three links:
  Link 1: 37 S,G
  Link 2: 21 S,G
  Link 3: 24 S,G
  The big question is why the Link 1 has very different number of S,G compared to link 2 and link 3?
  Multipath is enabled on both links. I copy the multicast configuration of CRS and GSR that is the same:
  multicast-routing
   address-family ipv4
    interface GigabitEthernet0/2/0/0
     enable
    interface GigabitEthernet0/2/1/1
     enable
    interface GigabitEthernet0/2/1/2
     enable
    nsf
    multipath
    ssm range SSM
  Thanks,
  Carlos.

  Hi Agherardi,
  Did you try to disable your firewall and refer the following KB to confirm you have choose the correct Affinity and Load-Balancing Behavior of the Custom Port Rule.
  Specifying the Affinity and Load-Balancing Behavior of the Custom Port Rule
  https://technet.microsoft.com/en-us/library/cc759039(v=ws.10).aspx
  More information:
  Using NLB
  https://technet.microsoft.com/en-us/library/bb687542.aspx
  I’m glad to be of help to you!
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]