Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 03-MLD Snooping Configuration | 239.94 KB |
Table of Contents
Basic Concepts in MLD Snooping
MLD Snooping Configuration Task List
Configuring Basic Functions of MLD Snooping
Configuring the Version of MLD Snooping
Configuring MLD Snooping Port Functions
Configuring Aging Timers for Dynamic Ports
Configuring Fast Leave Processing
Configuring MLD Snooping Querier
Configuring MLD Queries and Responses
Configuring Source IPv6 Addresses of MLD Queries
Configuring an MLD Snooping Policy
Configuring an IPv6 Multicast Group Filter
Configuring Dropping Unknown IPv6 Multicast Data
Configuring MLD Report Suppression
Configuring Maximum Multicast Groups that Can Be Joined on a Port
Configuring IPv6 Multicast Group Replacement
Displaying and Maintaining MLD Snooping
MLD Snooping Configuration Example
IPv6 Group Policy Configuration Example
AP Fails in Layer 2 Multicast Forwarding
Configured IPv6 Multicast Group Policy Fails to Take Effect
l Support of the H3C WA series WLAN access points (APs) for features may vary by AP model. For more information, see Feature Matrix.
l The display information varies by AP model and configuration.
l The term AP in this document refers to common APs, wireless bridges, and mesh APs.
l The term router in this document refers to both routers and routing-enabled APs.
l The models listed in this document are not applicable to all regions. Please consult your local sales office for the models applicable to your region.
This chapter includes these sections:
l MLD Snooping Configuration Task List
l Displaying and Maintaining MLD Snooping
l Troubleshooting MLD Snooping
MLD Snooping Overview
Introduction to MLD Snooping
By analyzing received MLD messages, a Layer 2 device running MLD snooping establishes mappings between ports and multicast MAC addresses and forwards IPv6 multicast data based on these mappings.
As shown in Figure 1-1, when MLD snooping is not running, IPv6 multicast packets are broadcast to all devices at Layer 2. When MLD snooping runs, multicast packets for known IPv6 multicast groups are multicast to the receivers at Layer 2.
Figure 1-1 Before and after MLD snooping is enabled on the Layer 2 device
Basic Concepts in MLD Snooping
MLD Snooping related ports
As shown in Figure 1-2, Router connects to the multicast source, MLD snooping runs on Switch and AP, Host A and Host B are receiver hosts (namely, IPv6 multicast group members).
Figure 1-2 MLD snooping related ports
Ports involved in MLD snooping, as shown in Figure 1-2, are described as follows:
l Router port: A router port is a port on a switch or AP that leads towards the Layer-3 multicast device (DR or MLD querier). In the figure, Ethernet 1/0 of Switch and Ethernet 1/0/1 of AP are router ports. The switch and AP register all their local router ports in their respective router port lists.
l Member port: A member port (also known as IPv6 multicast group member port) is a port on a switch or AP that leads towards multicast group members. In the figure, Ethernet 1/1 of Switch and WLAN-BSS 1 and WLAN-BSS 2 of AP are member ports. The switch and AP register all their member ports in their respective MLD snooping forwarding tables.
l Whenever mentioned in this document, a router port is a router-connecting port on a switch or AP, rather than a port on a router.
l Unless otherwise specified, router/member ports mentioned in this document include static and dynamic ports.
l On an MLD snooping–enabled switch or AP, the ports that received MLD general queries with the source address other than 0::0 or IPv6 PIM hello messages are dynamic router ports.
Aging timers for dynamic ports in MLD Snooping
Table 1-1 Aging timers for dynamic ports in MLD snooping and related messages and actions
|
Timer |
Description |
Message before expiry |
Action after expiry |
|
Dynamic router port aging timer |
For each dynamic router port, the AP sets a timer initialized to the dynamic router port aging time. |
MLD general query of which the source address is not 0::0 or IPv6 PIM hello. |
The AP removes this port from its router port list. |
|
Dynamic member port aging timer |
When a port dynamically joins an IPv6 multicast group, the AP sets a timer for the port, which is initialized to the dynamic member port aging time. |
MLD report message. |
The AP removes this port from the MLD snooping forwarding table. |
The port aging mechanism of MLD snooping works only for dynamic ports; a static port will never age out.
How MLD Snooping Works
An AP running MLD snooping performs different actions when it receives different MLD messages, as follows:
The description about adding or deleting a port in this section is only for a dynamic port. Static ports can be added or deleted only through the corresponding configurations. For more information, see Configuring Static Ports.
General queries
Upon receiving an MLD general query, the AP forwards it through all ports in the VLAN except the port on which it received the MLD query and performs the following:
l If the port on which the AP received the MLD query is a dynamic router port in its router port list, the AP resets the aging timer for this dynamic router port.
l If the port is not included in its router port list, the AP adds it into its router port list as a dynamic router port and sets an aging timer for it.
Membership reports
A host sends an MLD report to the MLD querier in the following circumstances:
l Upon receiving an MLD query, an IPv6 multicast group member host responds with an MLD report.
l When intended to join an IPv6 multicast group, a host sends an MLD report to the MLD querier to announce that it is interested in the multicast information addressed to that IPv6 multicast group.
Upon receiving an MLD report, the AP forwards it through all the router ports in the VLAN, resolves the address of the reported IPv6 multicast group, and performs the following to the receiving port:
l If no forwarding table entry exists for the reported IPv6 multicast group, the AP creates an entry, adds the port as a dynamic member port to the outgoing port list, and starts a member port aging timer for that port.
l If a forwarding table entry exists for the reported IPv6 multicast group, but the port is not included in the outgoing port list for that group, the AP adds the port as a dynamic member port to the outgoing port list, and starts a member port aging timer for that port.
l If a forwarding table entry exists for the reported IPv6 multicast group and the port is included in the outgoing port list, which means that this port is already a dynamic member port, the AP resets the member port aging timer for that port.
An AP does not forward an MLD report through a non-router port. The reason is as follows: Due to the MLD report suppression mechanism, if the AP forwards a report message through a member port, all the attached hosts listening to the reported IPv6 multicast address will suppress their own reports upon receiving this report, and this will prevent the AP from knowing whether the reported multicast group still has active members attached to that port.
Done messages
When a host leaves an IPv6 multicast group, the host sends an MLD done message to the multicast router.
When the AP receives an MLD done message on a dynamic member port, the AP first checks whether a forwarding table entry for the IPv6 multicast group address in the message exists, and, if one exists, whether the outgoing port list contains the port.
l If the forwarding table entry does not exist or if the outgoing port list does not contain the port, the AP discards the MLD done message instead of forwarding it to any port.
l If the forwarding table entry exists and the outgoing port list contains the port, the AP forwards the MLD done message to all router ports in the native VLAN. Because the AP does not know whether any other hosts attached to the port are still listening to that IPv6 multicast group address, the AP does not immediately remove the port from the outgoing port list of the forwarding table entry for that group; instead, it resets the aging timer for the port.
Upon receiving an MLD done message from a host, the MLD querier resolves the IPv6 multicast group address in the message and sends an MLD multicast-address-specific query to that IPv6 multicast group address through the port that received the MLD done message. Upon receiving the MLD multicast-address-specific query, the AP forwards it through all the router ports in the VLAN and all member ports for that IPv6 multicast group, and performs the following to the receiving port:
l If no MLD report in response to the MLD multicast-address-specific query is received on the port before its aging timer expires, this means that no hosts attached to the port are still listening to that IPv6 multicast group address. The AP removes the port from the outgoing port list of the forwarding table entry for that IPv6 multicast group when the aging timer expires.
Protocols and Standards
MLD snooping is documented in:
l RFC 4541: Considerations for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches
MLD Snooping Configuration Task List
Complete these tasks to configure MLD snooping:
|
Task |
Remarks |
|
|
Required |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Configuring Maximum Multicast Groups that Can Be Joined on a Port |
Optional |
|
|
Optional |
||
l Configurations made in MLD snooping view are effective for all VLANs, while configurations made in VLAN view are effective only for ports belonging to the current VLAN. For a given VLAN, a configuration made in MLD snooping view is effective only if the same configuration is not made in VLAN view.
l Configurations made in MLD snooping view are effective for all ports; configurations made in interface view are effective only for the current interface. For a given port, a configuration made in MLD snooping view is effective only if the same configuration is not made in interface view.
Configuring Basic Functions of MLD Snooping
Configuration Prerequisites
Before configuring the basic functions of MLD snooping, complete the following tasks:
l Configure the corresponding VLANs
Before configuring the basic functions of MLD snooping, prepare the following data:
Enabling MLD Snooping
Follow these steps to enable MLD snooping:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enable MLD snooping globally and enter MLD snooping view |
mld-snooping |
Required Disabled by default |
|
Return to system view |
quit |
— |
|
Enter VLAN view |
vlan vlan-id |
— |
|
Enable MLD snooping in the VLAN |
mld-snooping enable |
Required Disabled by default |
l MLD snooping must be enabled globally before it can be enabled in a VLAN.
l When you enable MLD snooping in a specified VLAN, this function takes effect for ports in this VLAN only.
Configuring the Version of MLD Snooping
By configuring the MLD snooping version, you actually configure the version of MLD messages that MLD snooping can process.
l MLD snooping version 1 can process MLDv1 messages, but cannot analyze and process MLDv2 messages, which will be flooded in the VLAN.
l MLD snooping version 2 can process MLDv1 and MLDv2 messages.
Follow these steps to configure the version of MLD snooping:
|
To do… |
Use the command… |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter VLAN view |
vlan vlan-id |
— |
|
Configure the version of MLD snooping |
mld-snooping version version-number |
Optional Version 1 by default |
If you switch MLD snooping from version 2 to version 1, the system will clear all MLD snooping forwarding entries from dynamic joins, and will:
l Keep forwarding entries from version 2 static (*, G) joins;
l Clear forwarding entries from version 2 static (S, G) joins, which will be restored when MLD snooping is switched back to version 2.
For more information about static joins, see Configuring Static Ports.
Configuring MLD Snooping Port Functions
Configuration Prerequisites
Before configuring MLD snooping port functions, complete the following tasks:
l Enable MLD snooping in the VLAN.
Before configuring MLD snooping port functions, prepare the following data:
l Aging time of dynamic router ports
l Aging timer of dynamic member ports
l IPv6 multicast group and IPv6 multicast source addresses
Configuring Aging Timers for Dynamic Ports
If an AP receives no MLD general queries or IPv6 PIM hello messages on a dynamic router port, the AP removes the port from the router port list when the aging timer of the port expires.
If an AP receives no MLD reports for an IPv6 multicast group on a dynamic member port, the AP removes the port from the outgoing port list of the forwarding table entry for that IPv6 multicast group when the port aging timer expires.
If IPv6 multicast group memberships change frequently, you can set a relatively small value for the dynamic member port aging timer.
Configuring aging timers for dynamic ports globally
Follow these steps to configure aging timers for dynamic ports globally:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter MLD snooping view |
mld-snooping |
— |
|
Configure dynamic router port aging time |
router-aging-time interval |
Optional 260 seconds by default |
|
Configure dynamic member port aging time |
host-aging-time interval |
Optional 260 seconds by default |
Configuring aging timers for dynamic ports in a VLAN
Follow these steps to configure aging timers for dynamic ports in a VLAN:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter VLAN view |
vlan vlan-id |
— |
|
Configure dynamic router port aging time |
mld-snooping router-aging-time interval |
Optional 260 seconds by default |
|
Configure dynamic member port aging time |
mld-snooping host-aging-time interval |
Optional 260 seconds by default |
Configuring Static Ports
You can configure a port of an AP to be a static router port, through which the AP can forward all IPv6 multicast data it received.
Follow these steps to configure a static port:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter Ethernet interface view |
interface interface-type interface-number |
— |
|
Configure the port as static member port |
mld-snooping static-group ipv6-group-address [ source-ip ipv6-source-address ] vlan vlan-id |
Required No static member ports by default |
|
Configure the port as static router port |
mld-snooping static-router-port vlan vlan-id |
Required No static router ports by default |
l An IPv6 static (S, G) join takes effect only if a valid IPv6 multicast source address is specified and MLD snooping version 2 is currently running.
l A static member port does not respond to queries from the MLD querier; when static (*, G) or (S, G) joining is enabled or disabled on a port, the port does not send an unsolicited MLD report or an MLD done message.
l Static member ports and static router ports never age out. To remove such a port, you need to use the corresponding undo command.
l You cannot configure a WLAN-BSS port as a static member port or router port.
Configuring Simulated Joining
Generally, a host running MLD responds to MLD queries from the MLD querier. If a host fails to respond due to some reasons, the multicast router will deem that no member of this IPv6 multicast group exists on the network segment, and therefore will remove the corresponding forwarding path.
To avoid this situation from happening, you can enable simulated joining on a port of an AP, namely configure the port as a simulated member host for an IPv6 multicast group. When an MLD query is received, simulated host gives a response. Thus, the AP can continue receiving IPv6 multicast data.
A simulated host acts like a real host, as follows:
l When a port is configured as a simulated member host, the AP sends an unsolicited MLD report through that port.
l After a port is configured as a simulated member host, the AP responds to MLD general queries by sending MLD reports through that port.
Follow these steps to configure simulated joining:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter Ethernet interface view |
interface interface-type interface-number |
— |
|
Configure simulated joining |
mld-snooping host-join ipv6-group-address [ source-ip ipv6-source-address ] vlan vlan-id |
Required Disabled by default |
l Each simulated host is equivalent to an independent host. For example, when receiving an MLD query, the simulated host corresponding to each configuration responds respectively.
l Unlike a static member port, a port configured as a simulated member host will age out like a dynamic member port.
l You cannot configure a WLAN-BSS port as a simulated member host.
Configuring Fast Leave Processing
The fast leave processing feature allows an AP to process MLD done messages in a fast way. With the fast leave processing feature enabled, when receiving an MLD done message on a port, the AP immediately removes that port from the outgoing port list of the forwarding table entry for the indicated IPv6 multicast group. Then, when receiving MLD done multicast-address-specific queries for that IPv6 multicast group, the AP will not forward them to that port.
In VLANs where only one host is attached to each port, fast leave processing helps improve bandwidth and resource usage. However, if fast leave processing is enabled on a port to which more than one host is attached, when one host leaves a multicast group, the other hosts attached to the port and interested in the same multicast group will fail to receive multicast data for that group. Therefore, if the function of dropping unknown IPv6 multicast traffic is already enabled on the AP or in the VLANs, the fast leave processing function should not be enabled.
Configuring fast leave processing globally
Follow these steps to configure fast leave processing globally:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter MLD snooping view |
mld-snooping |
— |
|
Enable fast leave processing |
fast-leave [ vlan vlan-list ] |
Required Disabled by default |
Configuring fast leave processing on a port
Follow these steps to configure fast leave processing on a port:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter Ethernet interface view |
interface interface-type interface-number |
— |
|
Enable fast leave processing |
mld-snooping fast-leave [ vlan vlan-list ] |
Required Disabled by default |
l If fast leave processing is enabled on a port to which more than one host is connected, when one host leaves an IPv6 multicast group, the other hosts connected to port and interested in the same IPv6 multicast group will fail to receive IPv6 multicast data addressed to that group.
l You cannot configure fast leave processing on a WLAN-BSS port.
Configuring MLD Snooping Querier
Configuration Prerequisites
Before configuring MLD snooping querier, complete the following task:
l Enable MLD snooping in the VLAN.
Before configuring MLD snooping querier, prepare the following data:
l MLD general query interval
l MLD last-member query interval
l Maximum response time for MLD general queries
l Source IPv6 address of MLD general queries
l Source IPv6 address of MLD multicast-address-specific queries
Enabling MLD Snooping Querier
In an IPv6 multicast network running MLD, a multicast router or Layer 3 multicast device is responsible for sending periodic MLD general queries, so that all Layer 3 multicast devices can establish and maintain multicast forwarding entries, thus to forward multicast traffic correctly at the network layer. This router or Layer 3 switching device is called MLD querier.
Follow these steps to enable the MLD snooping querier:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter VLAN view |
vlan vlan-id |
— |
|
Enable the MLD snooping querier |
mld-snooping querier |
Required Disabled by default |
It is meaningless to configure an MLD snooping querier in an IPv6 multicast network running MLD. Although an MLD snooping querier does not take part in MLD querier elections, it may affect MLD querier elections because it sends MLD general queries with a low source IPv6 address.
Configuring MLD Queries and Responses
You can tune the MLD general query interval based on actual condition of the network.
Upon receiving an MLD query (general query or multicast-address-specific query), a host starts a timer for each IPv6 multicast group it has joined. This timer is initialized to a random value in the range of 0 to the maximum response time (the host obtains the value of the maximum response time from the Max Response Time field in the MLD query it received). When the timer value comes down to 0, the host sends an MLD report to the corresponding IPv6 multicast group.
An appropriate setting of the maximum response time for MLD queries allows hosts to respond to queries quickly and avoids bursts of MLD traffic on the network caused by reports simultaneously sent by a large number of hosts when the corresponding timers expire simultaneously.
l For MLD general queries, you can configure the maximum response time to fill their Max Response time field.
l For MLD multicast-address-specific queries, you can configure the MLD last-member query interval to fill their Max Response time field. Namely, for MLD multicast-address-specific queries, the maximum response time equals to the MLD last-member query interval.
Configuring MLD queries and responses globally
Follow these steps to configure MLD queries and responses globally:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter MLD snooping view |
mld-snooping |
— |
|
Configure the maximum response time for MLD general queries |
max-response-time interval |
Optional 10 seconds by default |
|
Configure the MLD last-member query interval |
last-listener-query-interval interval |
Optional 1 second by default |
Configuring MLD queries and responses in a VLAN
Follow these steps to configure MLD queries and responses in a VLAN
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter VLAN view |
vlan vlan-id |
— |
|
Configure MLD query interval |
mld-snooping query-interval interval |
Optional 125 seconds by default |
|
Configure the maximum response time for MLD general queries |
mld-snooping max-response-time interval |
Optional 10 seconds by default |
|
Configure the MLD last-member query interval |
mld-snooping last-listener-query-interval interval |
Optional 1 second by default |
Make sure that the MLD query interval is greater than the maximum response time for MLD general queries; otherwise undesired deletion of IPv6 multicast members may occur.
Configuring Source IPv6 Addresses of MLD Queries
This configuration allows you to change the source IPv6 address of MLD queries.
Follow these steps to configure source IPv6 addresses of MLD queries:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter VLAN view |
vlan vlan-id |
— |
|
Configure the source IPv6 address of MLD general queries |
mld-snooping general-query source-ip { ipv6-address | current-interface } |
Optional FE80::02FF:FFFF:FE00:0001 by default |
|
Configure the source IPv6 address of MLD multicast-address-specific queries |
mld-snooping special-query source-ip { ipv6-address | current-interface } |
Optional FE80::02FF:FFFF:FE00:0001 by default |
The source IPv6 address of MLD query messages may affect MLD querier election within the segment.
Configuring an MLD Snooping Policy
Configuration Prerequisites
Before configuring an MLD snooping policy, complete the following tasks:
l Enable MLD snooping in the VLAN
Before configuring an MLD snooping policy, prepare the following data:
l IPv6 ACL rule for IPv6 multicast group filtering
l The maximum number of IPv6 multicast groups that can pass a port
Configuring an IPv6 Multicast Group Filter
On an MLD snooping–enabled AP, the configuration of an IPv6 multicast group filter allows the service provider to define limits of multicast programs available to different users.
In an actual application, when a user requests a multicast program, the user’s host initiates an MLD report. Upon receiving this report message, the AP checks the report against the configured ACL rule. If the port on which the report was received can join this IPv6 multicast group, the AP adds an entry for this port in the MLD snooping forwarding table; otherwise the AP drops this report message. Any IPv6 multicast data that fails the ACL check will not be sent to this port. In this way, the service provider can control the VOD programs provided for multicast users.
Configuring an IPv6 multicast group filter globally
Follow these steps to configure an IPv6 multicast group globally:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter MLD snooping view |
mld-snooping |
— |
|
Configure an IPv6 multicast group filter |
group-policy acl6-number [ vlan vlan-list ] |
Required No IPv6 filter configured by default. |
Configuring an IPv6 multicast group filter on a port
Follow these steps to configure an IPv6 multicast group filter on a port:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter Ethernet interface view |
interface interface-type interface-number |
— |
|
Configure an IPv6 multicast group filter |
mld-snooping group-policy acl6-number [ vlan vlan-list ] |
Required No IPv6 filter configured by default. |
Configuring Dropping Unknown IPv6 Multicast Data
Unknown IPv6 multicast data refers to IPv6 multicast data for which no forwarding entries exist in the MLD snooping forwarding table: When an AP receives such IPv6 multicast traffic:
l With the function of dropping unknown IPv6 multicast data enabled, the AP drops all unknown IPv6 multicast data received.
l With the function of dropping unknown IPv6 multicast data disabled, the AP floods unknown IPv6 multicast data in the VLAN to which the unknown IPv6 multicast data belongs.
Enabling dropping unknown IPv6 multicast data globally
Follow these steps to enable dropping unknown IPv6 multicast data globally:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter MLD snooping view |
mld-snooping |
— |
|
Enable dropping unknown IPv6 multicast data |
drop-unknown |
Required Disabled by default |
Enabling dropping unknown IPv6 multicast data in a VLAN
Follow these steps to enable dropping unknown IPv6 multicast data in a VLAN:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter VLAN view |
vlan vlan-id |
— |
|
Enable dropping unknown IPv6 multicast data |
mld-snooping drop-unknown |
Required Disabled by default |
l For APs that support both drop-unknown and mld-snooping drop-unknown commands at the same time, the configuration made in MLD snooping view and the configuration made in VLAN view are mutually exclusive. Namely, after this function is enabled in MLD snooping view, it cannot be enabled or disabled in VLAN view, and vice versa.
l When enabled to drop unknown IPv6 multicast data, the AP is automatically enabled to drop unknown IPv4 multicast data.
l When enabled to drop unknown IPv6 multicast data, the AP still forwards unknown IPv6 multicast data to other router ports in the VLAN.
Configuring MLD Report Suppression
When a Layer 2 device receives an MLD report from an IPv6 multicast group member, the Layer 2 device forwards the message to the Layer 3 device directly connected with it. Thus, when multiple members belonging to an IPv6 multicast group exist on the Layer 2 device, the Layer 3 device directly connected with it will receive duplicate MLD reports from these members.
With the MLD report suppression function enabled, within a query interval, the Layer 2 device forwards only the first MLD report of an IPv6 group to the Layer 3 device and will not forward the subsequent MLD reports from the same multicast group to the Layer 3 device. This helps reduce the number of packets being transmitted over the network.
Follow these steps to configure MLD report suppression:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter MLD snooping view |
mld-snooping |
— |
|
Enable MLD report suppression |
report-aggregation |
Optional Enabled by default |
On an MLD snooping proxy, MLD membership reports are suppressed if the entries for the corresponding groups exist in the forwarding table, no matter the suppression function is enabled or not.
Configuring Maximum Multicast Groups that Can Be Joined on a Port
By configuring the maximum number of IPv6 multicast groups that can be joined on a port, you can limit the number of multicast programs available to VOD users, thus to control the traffic on the port.
Follow these steps configure the maximum number of IPv6 multicast groups allowed on a port:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter Ethernet interface view |
interface interface-type interface-number |
— |
|
Configure the maximum number of IPv6 multicast groups allowed on the port |
mld-snooping group-limit limit [ vlan vlan-list ] |
Optional 16 by default |
l When the number of IPv6 multicast groups that can be joined on a port reaches the maximum number configured, the system deletes all the forwarding entries persistent to that port from the MLD snooping forwarding table, and the hosts on this port need to join IPv6 multicast groups again.
l If you have configured static or simulated joins on a port, however, when the number of IPv6 multicast groups on the port exceeds the configured threshold, the system deletes all the forwarding entries persistent to that port from the MLD snooping forwarding table and applies the static or simulated joins again, until the number of IPv6 multicast groups joined by the port comes back within the configured threshold.
Configuring IPv6 Multicast Group Replacement
For some special reasons, the number of IPv6 multicast groups passing through an AP or a port may exceed the number configured for the AP or the port. In addition, in some specific applications, an IPv6 multicast group newly joined on the AP needs to replace an existing IPv6 multicast group automatically. A typical example is “channel switching”, namely, by joining the new multicast group, a user automatically switches from the current IPv6 multicast group to the new one.
To address this situation, you can enable the IPv6 multicast group replacement function on the AP or certain ports. When the number of IPv6 multicast groups an AP or a port has joined exceeds the limit:
l If the IPv6 multicast group replacement is enabled, the newly joined IPv6 multicast group automatically replaces an existing IPv6 multicast group with the lowest IPv6 address.
l If the IPv6 multicast group replacement is not enabled, new MLD reports will be automatically discarded.
Configuring IPv6 multicast group replacement globally
Follow these steps to configure IPv6 multicast group replacement globally:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter MLD snooping view |
mld-snooping |
— |
|
Enable IPv6 multicast group replacement |
overflow-replace [ vlan vlan-list ] |
Required Disabled by default |
Configuring IPv6 multicast group replacement on a port
Follow these steps to configure IPv6 multicast group replacement on a port:
|
To do... |
Use the command... |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter Ethernet interface view |
interface interface-type interface-number |
— |
|
Enable IPv6 multicast group replacement |
mld-snooping overflow-replace [ vlan vlan-list ] |
Required Disabled by default |
Be sure to configure the maximum number of IPv6 multicast groups allowed on a port (see Configuring Maximum Multicast Groups that Can Be Joined on a Port) before enabling IPv6 multicast group replacement. Otherwise, the IPv6 multicast group replacement functionality will not take effect.
Displaying and Maintaining MLD Snooping
|
To do… |
Use the command... |
Remarks |
|
View MLD snooping multicast group information |
display mld-snooping group [ vlan vlan-id ] [ verbose ] |
Available in any view |
|
View the statistics information of MLD messages learned by MLD snooping |
display mld-snooping statistics |
Available in any view |
|
Clear MLD snooping multicast group information |
reset mld-snooping group { ipv6-group-address | all } [ vlan vlan-id ] |
Available in user view |
|
Clear the statistics information of all kinds of MLD messages learned by MLD snooping |
reset mld-snooping statistics |
Available in user view |
l The reset mld-snooping group command works only on an MLD snooping–enabled VLAN.
l The reset mld-snooping group command cannot clear the MLD snooping multicast group information for static joins.
MLD Snooping Configuration Example
IPv6 Group Policy Configuration Example
Network requirements
l As shown in Figure 1-3, Router connects to the IPv6 multicast source through Ethernet 1/2 and to AP through Ethernet 1/1.
l MLDv1 is required on Router, MLD snooping version 1 is required on AP, and Router will act as the MLD querier on the subnet.
l It is required that the receiver (Client) attached to AP can receive IPv6 multicast traffic addressed to IPv6 multicast group FF1E::101 only.
Figure 1-3 Network diagram for IPv6 group policy configuration
Configuration procedure
1) Enable IPv6 forwarding and configure IPv6 addresses
Enable IPv6 forwarding and configure an IPv6 address and prefix length for each interface as per Figure 1-3. The detailed configuration steps are omitted.
2) Configure Router
# Enable IPv6 multicast routing, enable IPv6 PIM-DM on each interface, and enable MLD on Ethernet 1/1.
<Router> system-view
[Router] multicast ipv6 routing-enable
[Router] interface ethernet 1/1
[Router-Ethernet1/1] mld enable
[Router-Ethernet1/1] pim ipv6 dm
[Router-Ethernet1/1] quit
[Router] interface ethernet 1/2
[Router-Ethernet1/2] pim ipv6 dm
[Router-Ethernet1/2] quit
3) Configure AP
# Enable MLD snooping globally.
<AP> system-view
[AP] mld-snooping
[AP-mld-snooping] quit
# Create VLAN 1 and enable MLD snooping and the function of dropping IPv6 unknown multicast traffic in the VLAN.
[AP] vlan 1
[AP-vlan1] mld-snooping enable
[AP-vlan1] mld-snooping drop-unknown
[AP-vlan1] quit
# Configure an IPv6 multicast group filter so that the hosts in VLAN 1 can join only the IPv6 multicast group FF1E::101.
[AP] acl ipv6 number 2001
[AP-acl6-basic-2001] rule permit source ff1e::101 128
[AP-acl6-basic-2001] quit
[AP] mld-snooping
[AP–mld-snooping] group-policy 2001 vlan 1
[AP–mld-snooping] quit
4) Verify the configuration
After the configurations above are complete, Client sends an MLD report for joining FF1E::101. You can display the detailed information about the MLD snooping multicast groups using the display mld-snooping group command. For example:
# Display the detailed MLD snooping multicast group information in VLAN 1 on AP.
[AP] display mld-snooping group vlan 1
Total 1 IP Group(s).
Total 1 IP Source(s).
Total 1 MAC Group(s).
Port flags: D-Dynamic port, S-Static port, C-Copy port
Subvlan flags: R-Real VLAN, C-Copy VLAN
Vlan(id):1.
Total 1 IP Group(s).
Total 1 IP Source(s).
Total 1 MAC Group(s).
Router port(s):total 1 port.
GigabitEthernet1/0/1 (D) ( 00:01:23 )
IP group(s):the following ip group(s) match to one mac group.
IP group address:FF1E::101
(::, FF1E::101):
Host port(s):total 1 port.
WLAN-BSS1 (D)
MAC group(s):
MAC group address:3333-0000-0101
Host port(s):total 1 port.
WLAN-BSS1
As shown above, WLAN-BSS 1 of AP has joined IPv6 multicast group FF1E::101.
Troubleshooting MLD Snooping
AP Fails in Layer 2 Multicast Forwarding
Symptom
An AP fails to implement Layer 2 multicast forwarding.
Analysis
MLD snooping is not enabled.
Solution
1) Enter the display current-configuration command to view the running status of MLD snooping.
2) If MLD snooping is not enabled, use the mld-snooping command to enable MLD snooping globally, and then use mld-snooping enable command to enable MLD snooping in VLAN view.
3) If MLD snooping is disabled only for the corresponding VLAN, just use the mld-snooping enable command in VLAN view to enable MLD snooping in the corresponding VLAN.
Configured IPv6 Multicast Group Policy Fails to Take Effect
Symptom
Although an IPv6 multicast group policy has been configured to allow hosts to join specific IPv6 multicast groups, the hosts can still receive IPv6 multicast data addressed to other groups.
Analysis
l The IPv6 ACL rule is incorrectly configured.
l The IPv6 multicast group policy is not correctly applied.
l The function of dropping unknown IPv6 multicast data is not enabled, so unknown IPv6 multicast data is flooded.
Solution
1) Use the display acl ipv6 command to check the configured IPv6 ACL rule. Make sure that the IPv6 ACL rule conforms to the IPv6 multicast group policy to be implemented.
2) Use the display this command in MLD snooping view or the corresponding interface view to check whether the correct IPv6 multicast group policy has been applied. If not, use the group-policy or mld-snooping group-policy command to apply the correct IPv6 multicast group policy.
3) Use the display current-configuration command to check whether the function of dropping unknown IPv6 multicast data is enabled. If not, use the drop-unknown or mld-snooping drop-unknown command to enable the function of dropping unknown IPv6 multicast data.
