Syntax
display igmp-snooping configuration
View
Any view
Parameter
None
Description
Use the display igmp-snooping
configuration command to display IGMP Snooping configuration information.
When IGMP Snooping is enabled on the
switch, this command displays the following information: IGMP Snooping status,
aging time of the router port, query response timeout time, and aging time of multicast
member ports.
Related command: igmp-snooping.
Example
# Display IGMP Snooping configuration
information on the switch.
<H3C> display igmp-snooping
configuration
Enable IGMP-Snooping.
The router port timeout is 105
second(s).
The max response timeout is 1
second(s).
The host port timeout is 260
second(s).
The above information shows: IGMP Snooping
is enabled, the aging time of the router port is 105 seconds, the query response
timeout time is one second, and the aging time of multicast member ports is 260
seconds.
Syntax
display igmp-snooping group [ vlan vlan-id ]
View
Any view
Parameter
vlan vlan-id: Specifies a VLAN ID.
Description
Use the display igmp-snooping group
command to display information about the IP and MAC multicast groups under one specified
VLAN (with vlan vlan-id) or all VLANs (without vlan vlan-id).
This command displays the following
information: VLAN ID, router port, IP multicast group address, member ports
included in the IP multicast group, MAC multicast group, MAC multicast group
address, and member ports included in the MAC multicast group.
Example
# Display information about the multicast
groups under VLAN 2.
<H3C> display igmp-snooping
group vlan 2
***************Multicast group
table***************
Vlan(id):2.
Router port(s):Ethernet1/0/1
IP group(s):the following ip group(s)
match to one mac group.
IP group address:230.45.45.1
Member port(s):Ethernet1/0/2
MAC group(s):
MAC group address:01-00-5e-2d-2d-01
Member port(s):Ethernet1/0/2
Syntax
display igmp-snooping statistics
View
Any view
Parameter
None
Description
Use the display igmp-snooping statistics
command to display IGMP Snooping message statistics.
This command displays the following
information: the numbers of the IGMP general query messages, IGMP group-specific
query messages, IGMP V1 report messages, IGMP V2 report messages, IGMP leave messages
and error IGMP messages received, and the number of the IGMP group-specific
query messages sent.
Related command: igmp-snooping.
Example
# Display IGMP Snooping message statistics.
<H3C> display igmp-snooping
statistics
Received IGMP general query packet(s)
number:0.
Received IGMP specific query
packet(s) number:0.
Received IGMP V1 report packet(s)
number:0.
Received IGMP V2 report packet(s)
number:0.
Received IGMP leave packet(s)
number:0.
Received error IGMP packet(s)
number:0.
Sent IGMP specific query packet(s)
number:0.
Syntax
igmp-snooping { enable | disable }
View
System view, VLAN view
Parameter
enable:
Enables IGMP Snooping.
disable:
Disables IGMP Snooping.
Description
Use the igmp-snooping enable command
to enable IGMP Snooping.
Use the igmp-snooping disable
command to disable IGMP Snooping.
By default, IGMP Snooping is disabled.
Example
# Enable IGMP Snooping on the switch.
<H3C>system-view
System View: return to User View with
Ctrl+Z.
[H3C] igmp-snooping enable
Syntax
igmp-snooping fast-leave
undo igmp-snooping fast-leave
View
Ethernet port view
Parameter
None
Description
Use the igmp-snooping fast-leave
command to enable IGMP fast leave processing.
Use the undo igmp-snooping fast-leave
command to cancel the configuration.
By default, IGMP fast leave processing is disabled.
Normally, when receiving an IGMP Leave message,
IGMP Snooping does not immediately remove the port from the multicast group,
but sends a group-specific query message. If no response is received in a given
period, it then removes the port from the multicast group.
If this command is executed, when receiving
an IGMP Leave message, IGMP Snooping removes the port from the multicast group
immediately. When the port has only one user, enabling IGMP fast leave
processing can save bandwidth.
Note that, if the client(s) under the port
are IGMP V2–enabled, this feature operates normally (that is, it
functions only when the port has only one user). Otherwise, when the port has
multiple users, the leave of one user may disrupt the multicast to every other
user under the port in the same multicast group.
Example
# Enable IGMP fast leave processing on the Ethernet1/0/1
port.
<H3C>system-view
System View: return to User View with
Ctrl+Z.
[H3C] interface Ethernet 1/0/1
[H3C-Ethernet1/0/1] igmp-snooping
fast-leave
Syntax
igmp-snooping group-limit limit
undo igmp-snooping group-limit
View
Ethernet port view
Parameter
limit:
Maximum number of multicast groups the port can join, in the range of 1 to 256.
Description
Use the igmp-snooping group-limit
command to define the maximum number of multicast groups the port can join.
Use the undo igmp-snooping group-limit
command to restore the default setting.
By default, there is no limit on the number
of multicast groups the port can join.
Example
# Allow the Ethernet1/0/1 port to join at
most 200 multicast groups.
<H3C>system-view
System View: return to User View with
Ctrl+Z.
[H3C] interface Ethernet 1/0/1
[H3C-Ethernet1/0/1] igmp-snooping
group-limit 200
Syntax
igmp-snooping group-policy acl-number vlan vlan-id
undo igmp-snooping group-policy vlan vlan-id
View
System view, Ethernet port view
Parameter
acl-number:
Basic ACL number, in the range of 2000 to 2999.
vlan-id: ID
of the VLAN for the Ethernet port, in the range of 1 to 4094.
Description
Use the igmp-snooping group-policy
command to configure an IGMP Snooping filtering ACL.
Use the undo igmp-snooping
group-policy command to remove the IGMP Snooping filtering ACL.
By default, no IGMP Snooping filtering ACL
is configured.
You can configure multicast filtering ACLs
globally or on the switch ports connected to user ends so as to use the IGMP
Snooping filter function to limit the multicast streams that the users can access.
With this function, you can treat different VoD users in different ways by
allowing them to access the multicast streams in different multicast groups.
In practice, when a user orders a multicast
program, an IGMP report message is generated. When the message arrives at the
switch, the switch examines the multicast filtering ACL configured on the access
port to determine if the port can join the corresponding multicast group or
not. If yes, it adds the port to the forward port list of the multicast group. If
not, it drops the IGMP report message and does not forward the corresponding data
stream to the port. In this way, you can control the multicast streams that
users can access.
An ACL rule defines a multicast address or
a multicast address range (for example 224.0.0.1 to 239.255.255.255) and is
used to.
l
Allow the port(s) to join only the multicast
group(s) defined in the rule by a permit statement.
l
Inhibit the port(s) from joining the multicast
group(s) defined in the rule by a deny statement.
l
One port can belong to multiple VLANs. But for
each VLAN on the port, you can configure only one ACL.
l
If no ACL rule is configured or the port does
not belong to the specified VLAN, the filter ACL you configured does not take
effect on the port.
l
Since most devices broadcast unknown multicast
packets, this function is often used together with the unknown multicast packet
drop function to prevent multicast streams from being broadcasted to a filtered
port as unknown multicast.
Related command: unknown-multicast drop
enable.
Example
# Configure ACL 2000 to allow users under
port Ethernet 1/0/1 to access the multicast streams in groups 225.0.0.0 to 225.255.255.255.
l
Configure ACL 2000.
<H3C>system-view
System View: return to User View with
Ctrl+Z.
[H3C] acl number 2000
[H3C-acl-basic-2000] rule permit
source 225.0.0.0 0.255.255.255
l
Create VLAN 2 and add the Ethernet 1/0/1 port to
VLAN 2.
[H3C] vlan 2
[H3C-vlan2] port Ethernet 1/0/1
l
Configure ACL 2000 on the Ethernet 1/0/1 port to
allow this VLAN 2 port to join only the IGMP multicast groups defined in the
rule of ACL 2000.
[H3C] interface Ethernet 1/0/1
[H3C-Ethernet1/0/1] igmp-snooping
group-policy 2000 vlan 2
# Configure ACL 2001 to allow users under the
Ethernet 1/0/2 port to access the multicast streams in any groups except groups
225.0.0.0 to 225.0.0.255.
l
Configure ACL 2001.
[H3C] acl number 2001
[H3C-acl-basic-2001] rule deny source
225.0.0.0 0.0.0.255
[H3C-acl-basic-2001] rule permint
source any
l
Create VLAN 2 and add the Ethernet 1/0/2 port to
VLAN 2.
[H3C] vlan 2
[H3C-vlan2] port Ethernet 1/0/2
l
Configure ACL 2001 on the Ethernet 1/0/2 port to
allow this VLAN 2 port to join any IGMP multicast groups except those defined
in the deny rule of ACL 2001.
[H3C] interface Ethernet 1/0/2
[H3C-Ethernet1/0/2] igmp-snooping group-policy
2001 vlan 2
Syntax
igmp-snooping host-aging-time seconds
undo igmp-snooping host-aging-time
View
System view
Parameter
seconds:
Aging time of multicast member ports, in the range of 200 to 1000 (seconds).
Description
Use the igmp-snooping host-aging-time
command to configure the aging time of multicast member port.
Use the undo igmp-snooping
host-aging-time command to restore the default aging time.
By default, the aging time of multicast
member ports is 260 seconds.
The aging time of multicast member ports
determines the refresh frequency of multicast group members. In an environment
where multicast group members change frequently, a relatively shorter aging
time is required.
Related command: igmp-snooping.
Example
# Set the aging time of multicast member
ports to 300 seconds.
<H3C>system-view
System View: return to User View with
Ctrl+Z.
[H3C] igmp-snooping host-aging-time
300
Syntax
igmp-snooping router-aging-time seconds
undo igmp-snooping router-aging-time
View
System view
Parameter
seconds:
Aging time of the router port, in the range of 1 to 1000 (seconds).
Description
Use the igmp-snooping router-aging-time
command to configure the aging time of the router port.
Use the undo igmp-snooping
router-aging-time command to restore the default aging time.
By default, the aging time of the router port
is 260 seconds.
The router port here refers to the port
connecting the Layer 2 switch to the router. The Layer 2 switch receives IGMP general
query messages from the router through this port. The aging time of the router
port should be a value about 2.5 times of the general query interval.
Related command: igmp-snooping
max-response-time, igmp-snooping.
Example
# Set the aging time of the router port to
500 seconds.
<H3C>system-view
System View: return to User View with
Ctrl+Z.
[H3C] igmp-snooping router-aging-time
500
Syntax
reset igmp-snooping statistics
View
User view
Parameter
None
Description
Use the reset igmp-snooping statistics
command to clear IGMP Snooping statistics.
Related command: igmp-snooping.
Example
# Clear IGMP Snooping statistics.
<H3C> reset igmp-snooping
statistics
Syntax
service-type multicast
undo service-type multicast
View
VLAN view
Parameter
None
Description
Use the service-type multicast
command to set the current VLAN as a multicast VLAN.
Use the undo service-type multicast
command to cancel the multicast VLAN setting.
By default, no VLAN is a multicast VLAN.
By configuring a multicast VLAN, adding corresponding
switch ports to the multicast VLAN and enabling IGMP Snooping, you can make
users in different VLANs share the same multicast VLAN. This saves bandwidth
since multicast stream is transmitted only within the multicast VLAN, and also
guarantees the security because the multicast VLAN is completely isolated from the
user VLANs.
Example
# Configure VLAN 2 as a multicast VLAN.
<H3C> system-view
[H3C] vlan 2
[H3C-vlan2] service-type multicast
Syntax
mac-address
multicast mac-address interface interface-list vlan
vlan-id
undo mac-address
multicast [ mac-address [ interface interface-list
] vlan vlan-id ]
View
System view
Parameter
mac-address:
Multicast MAC address.
interface-list: Forward port list, in the format of { { interface-type interface-num
} [ to { interface-type interface-num } ] }&<1-10>.
Where, interface-type is a port type, interface-number is a port
number (refer to the parameter description of the interface command in
the port command module of this document), to is used to specify
a port range, and &<1-10> represents you can totally specify up to 10
ports and port ranges.
vlan-id: VLAN ID.
Description
Use the mac-address multicast
command to manually add a multicast MAC address entry.
Use the undo mac-address multicast
command to remove a multicast MAC address entry.
Each multicast MAC address entry contains:
multicast address, forward port, VLAN ID, and so on.
Related command: display mac-address
multicast static.
Example
# Add a multicast MAC address entry, with
multicast address 0100-5e0a-0805, forward port Ethernet 1/0/1, and VLAN 1 to
which the entry belongs.
<H3C> system-view
System View: return to User View with
Ctrl+Z.
[H3C] mac-address multicast
0100-5e0a-0805 interface Ethernet 1/0/1 vlan 1
Syntax
mac-address
multicast mac-addresst vlan vlan-id
undo mac-address
multicast [ [ mac-address ] vlan vlan-id ]
View
Ethernet port view
Parameter
mac-address:
Multicast MAC address.
vlan-id:
VLAN ID.
Description
Use the mac-address multicast vlan command to add a
multicast MAC address entry.
Use the undo mac-address multicast vlan command to
remove a multicast MAC address entry.
Each multicast MAC address entry contains:
multicast address, VLAN ID, and so on.
Related command: display mac-address
multicast static.
Example
# Add a multicast MAC address entry on the
Ethernet1/0/1 port, with multicast address 0100-1000-1000 and VLAN 1 to which
the entry belongs.
<H3C> system-view
System View: return to User View with
Ctrl+Z.
[H3C] interface Ethernet1/0/1
[H3C-Ethernet1/0/1]mac-address
multicast 0100-1000-1000 vlan 1
Syntax
display mac-address multicast static [ mac-address vlan vlan-id | vlan
vlan-id ]
View
Any view
Parameter
None
Description
Use the display mac-address
multicast static command to display the multicast MAC address
entry/entries manually configured on the switch.
The display output includes the following
information: multicast MAC address, VLAN ID, state of the MAC address, port
number, aging time, and so on.
l
Executing this command with neither mac-address
nor vlan vlan-id will display all the multicast MAC address
entries manually added on the switch.
l
Executing this command with vlan vlan-id but
without mac-address will
display all the multicast MAC address entries manually added in the specified
VLAN.
l
Executing this command with both mac-address
and vlan vlan-id will display the multicast
MAC address entry manually added in the specified VLAN with the specified
multicast MAC address.
Example
# Display all the
multicast MAC address entries manually added in VLAN 1.
<H3C>display mac-address
multicast static vlan 1
MAC ADDR VLAN ID STATE PORT
INDEX AGING TIME(s)
0100-0000-0001
1 Config static Ethernet1/0/1 NOAGED
000f-e207-f2e0 1 Learned Ethernet1/0/28 AGING
--- 2 mac address(es) found ---
