Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 03-MLD snooping configuration | 279.21 KB |
Feature and hardware compatibility
Command and hardware compatibility
MLD snooping configuration task list
Configuring basic MLD snooping features
Specifying an MLD snooping version
Setting the maximum number of MLD snooping forwarding entries
Setting the MLD last listener query interval
Configuring MLD snooping port features
Setting aging timers for dynamic ports
Configuring a port as a simulated member host
Enabling fast-leave processing
Disabling a port from becoming a dynamic router port
Configuring the MLD snooping querier
Enabling the MLD snooping querier
Configuring parameters for MLD general queries and responses
Configuring parameters for MLD messages
Configuring source IPv6 addresses for MLD messages
Setting the 802.1p priority for MLD messages
Configuring MLD snooping policies
Configuring an IPv6 multicast group policy
Enabling dropping unknown IPv6 multicast data
Enabling MLD report suppression
Setting the maximum number of IPv6 multicast groups on a port
Enabling the IPv6 multicast group replacement feature
Displaying and maintaining MLD snooping
MLD snooping configuration example
Layer 2 multicast forwarding cannot function
IPv6 multicast group policy does not work
Configuring MLD snooping
Overview
As shown in Figure 1, when MLD snooping is not enabled, the AC floods IPv6 multicast packets to all hosts in a VLAN. When MLD snooping is enabled, the AC forwards multicast packets of known IPv6 multicast groups only to the receivers.
Figure 1 Multicast packet transmission processes without and with MLD snooping
MLD snooping ports
As shown in Figure 2, MLD snooping runs on Device A and Device B, and Host A and Host C are receiver hosts in an IPv6 multicast group. MLD snooping ports are divided into member ports and router ports.
Router ports
On an MLD snooping Layer 2 device, the ports toward Layer 3 multicast devices are called router ports. In Figure 2, GigabitEthernet 1/0/1 of Device A and GigabitEthernet 1/0/1 of Device B are router ports.
Router ports contain the following types:
· Dynamic router port—When a port receives an MLD general query whose source address is not 0::0, the port is added into the dynamic router port list. At the same time, an aging timer is started for the port. If the port receives an MLD general query before the timer expires, the timer is reset. If the port does not receive an MLD general query when the timer expires, the port is removed from the dynamic router port list.
· Static router port—When a port is statically configured as a router port, it is added into the static router port list. The static router port does not age out, and it can be deleted only manually.
Do not confuse the "router port" in MLD snooping with the "routed interface" commonly known as the "Layer 3 interface." The router port in MLD snooping is a Layer 2 interface.
Member ports
On an MLD snooping Layer 2 device, the ports toward receiver hosts are called member ports. In Figure 2, GigabitEthernet 1/0/2 and GigabitEthernet 1/0/3 of Device A and GigabitEthernet 1/0/2 of Device B are member ports.
Member ports contain the following types:
· Dynamic member port—When a port receives an MLD report, it is added to the associated dynamic MLD snooping forwarding entry as an outgoing interface. At the same time, an aging timer is started for the port. If the port receives an MLD report before the timer expires, the timer is reset. If the port does not receive an MLD report when the timer expires, the port is removed from the associated dynamic forwarding entry.
· Static member port—When a port is statically configured as a member port, it is added to the associated static MLD snooping forwarding entry as an outgoing interface. The static member port does not age out, and it can be deleted only manually.
Unless otherwise specified, router ports and member ports in this document include both static and dynamic router ports and member ports.
How MLD snooping works
The ports in this section are dynamic ports. For information about how to configure and remove static ports, see "Configuring static ports."
General query
The MLD querier periodically sends MLD general queries to all hosts and routers on the local subnet to check for the existence of IPv6 multicast group members.
After receiving an MLD general query, the Layer 2 device forwards the query to all ports in the VLAN except the receiving port. The Layer 2 device also performs one of the following actions:
· If the receiving port is a dynamic router port in the dynamic router port list, the Layer 2 device restarts the aging timer for the router port.
· If the receiving port does not exist in the dynamic router port list, the Layer 2 device adds the port to the dynamic router port list. It also starts an aging timer for the port.
MLD report
A host sends an MLD report to the MLD querier for the following purposes:
· Responds to queries if the host is an IPv6 multicast group member.
· Applies for an IPv6 multicast group membership.
After receiving an MLD report from a host, the Layer 2 device forwards the report through all the router ports in the VLAN. It also resolves the IPv6 address of the reported IPv6 multicast group, and looks up the forwarding table for a matching entry as follows:
· If no match is found, the Layer 2 device creates a forwarding entry for the group with the receiving port an outgoing interface. It also marks the receiving port as a dynamic member port and starts an aging timer for the port.
· If a match is found but the matching forwarding entry does not contain the receiving port, the Layer 2 device adds the receiving port to the outgoing interface list. It also marks the port as a dynamic member port to the forwarding entry and starts an aging timer for the port.
· If a match is found and the matching forwarding entry contains the receiving port, the Layer 2 device restarts the aging timer for the port.
In an application with an IPv6 multicast group policy configured on an MLD snooping-enabled Layer 2 device, when a user requests a multicast program, the user's host initiates an MLD report. After receiving this report message, the Layer 2 device resolves the IPv6 multicast group address in the report and performs ACL filtering on the report. If the report passes ACL filtering, the Layer 2 device creates an MLD snooping forwarding entry for the group with the receiving port as an outgoing interface. Otherwise, the Layer 2 device drops this report message, in which case, the IPv6 multicast data for the IPv6 multicast group is not sent to this port, and the user cannot retrieve the program.
A Layer 2 device does not forward an MLD report through a non-router port because of the host MLD report suppression mechanism.
Done message
When a host leaves an IPv6 multicast group, the host sends an MLD done message to the Layer 3 devices. When the Layer 2 device receives the MLD done message on a dynamic member port, the Layer 2 device first examines whether a forwarding entry matches the IPv6 multicast group address in the message.
· If no match is found, the Layer 2 device discards the MLD done message.
· If a match is found but the receiving port is not an outgoing interface in the forwarding entry, the Layer 2 device discards the MLD done message.
· If a match is found and the receiving port is not the only outgoing interface in the forwarding entry, the Layer 2 device performs the following actions:
? Discards the MLD done message.
? Sends an MLD multicast-address-specific query to identify whether the group has active listeners attached to the receiving port.
? Sets the aging timer for the receiving port to twice the MLD last listener query interval.
· If a match is found and the receiving port is the only outgoing interface in the forwarding entry, the Layer 2 device performs the following actions:
? Forwards the MLD done message to all router ports in the VLAN.
? Sends an MLD multicast-address-specific query to identify whether the group has active listeners attached to the receiving port.
? Sets the aging timer for the receiving port to twice the MLD last listener query interval.
After receiving the MLD done message on a port, the MLD querier resolves the IPv6 multicast group address in the message. Then, it sends an MLD multicast-address-specific query to the IPv6 multicast group through the receiving port.
After receiving the MLD multicast-address-specific query, the Layer 2 device forwards the query through all its router ports in the VLAN and all member ports of the IPv6 multicast group. Then, it waits for the responding MLD report from the directly connected hosts. For the dynamic member port that received the done message, the Layer 2 device also performs one of the following actions:
· If the port receives an MLD report before the aging timer expires, the Layer 2 device resets the aging timer for the port.
· If the port does not receive any MLD report messages when the aging timer expires, the Layer 2 device removes the port from the forwarding entry for the IPv6 multicast group.
Protocols and standards
RFC 4541, Considerations for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches
Compatibility information
Feature and hardware compatibility
|
Hardware series |
Model |
MLD snooping compatibility |
|
WX1800H series |
WX1804H WX1810H WX1820H |
Yes |
|
WX2500H series |
WX2510H WX2540H WX2560H |
Yes |
|
WX3000H series |
WX3010H WX3010H-L WX3010H-X WX3024H WX3024H-L |
Yes: · WX3010H · WX3010H-X · WX3024H No: · WX3010H-L · WX3010H-L |
|
WX3500H series |
WX3508H WX3510H WX3520H WX3540H |
Yes |
|
WX5500E series |
WX5510E WX5540E |
Yes |
|
WX5500H series |
WX5540H WX5560H WX5580H |
Yes |
|
Access controller modules |
EWPXM1MAC0F EWPXM1WCME0 EWPXM2WCMD0F LSQM1WCMX20 LSQM1WCMX40 LSUM1WCME0 LSUM1WCMX20RT LSUM1WCMX40RT |
Yes |
Command and hardware compatibility
The WX1800H series, WX2500H series, and WX3000H series access controllers do not support the slot keyword or the slot-number argument.
MLD snooping configuration task list
The MLD snooping configurations made on Layer 2 aggregate interfaces do not interfere with the configurations made on member ports. In addition, the configurations made on Layer 2 aggregate interfaces do not take part in aggregation calculations. The configuration made on a member port of the aggregate group takes effect after the port leaves the aggregate group.
Configuring basic MLD snooping features
Before you configure basic MLD snooping features, complete the following tasks:
· Configure VLANs.
· Determine the MLD snooping version.
· Determine the MLD last listener query interval.
· Determine the maximum number of MLD snooping forwarding entries.
· Determine the MLD last listener query interval.
Enabling MLD snooping
When you enable MLD snooping, follow these restrictions and guidelines:
· You must enable MLD snooping globally before you can enable it for a VLAN.
· MLD snooping configuration made in VLAN view takes effect only on the member ports in that VLAN.
· You can enable MLD snooping for the specified VLANs in MLD-snooping view or for a VLAN in VLAN view. For a VLAN, the configuration in VLAN interface has the same priority as the configuration in MLD-snooping view, and the most recent configuration takes effect.
To enable MLD snooping for the specified VLANs:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable MLD snooping globally and enter MLD-snooping view. |
mld-snooping |
By default, MLD snooping is globally disabled. |
|
3. Enable MLD snooping for the specified VLANs. |
enable vlan vlan-list |
By default, MLD snooping is disabled for a VLAN. |
To enable MLD snooping for a VLAN:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable MLD snooping globally and enter MLD-snooping view. |
mld-snooping |
By default, MLD snooping is globally disabled. |
|
3. Return to system view. |
quit |
N/A |
|
4. Enter VLAN view. |
vlan vlan-id |
N/A |
|
5. Enable MLD snooping for the VLAN. |
mld-snooping enable |
By default, MLD snooping is disabled in a VLAN. |
Specifying an MLD snooping version
Different MLD snooping versions can process different versions of MLD messages:
· MLDv1 snooping can process MLDv1 messages, but it floods MLDv2 messages in the VLAN instead of processing them.
· MLDv2 snooping can process MLDv1 and MLDv2 messages.
If you change MLDv2 snooping to MLDv1 snooping, the system does the following:
· Clears all MLD snooping forwarding entries that are dynamically created.
· Keeps static MLDv2 snooping forwarding entries (*, G).
· Clears static MLDv2 snooping forwarding entries (S, G), which will be restored when MLD snooping is switched back to MLDv2 snooping.
For more information about static MLD snooping forwarding entries, see "Configuring static ports."
You can specify the version for the specified VLANs in MLD-snooping view or for a VLAN in VLAN view. For a VLAN, the configuration in VLAN view has the same priority as the configuration in MLD-snooping view, and the most recent configuration takes effect.
To specify an MLD snooping version for the specified VLANs:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable MLD snooping globally and enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Specify an MLD snooping version for the specified VLANs. |
version version-number vlan vlan-list |
The default setting is 1. |
To specify an MLD snooping version for a VLAN:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Specify an MLD snooping version for the VLAN. |
mld-snooping version version-number |
The default setting is 1. |
Setting the maximum number of MLD snooping forwarding entries
You can modify the maximum number of MLD snooping forwarding entries, including dynamic entries and static entries. When the number of forwarding entries on the device reaches the upper limit, the device does not automatically remove any existing entries. To allow new entries to be created, H3C recommends that you manually remove some entries.
To set the maximum number of MLD snooping forwarding entries:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Set the maximum number of MLD snooping forwarding entries. |
entry-limit limit |
The default setting is 4294967295. |
Setting the MLD last listener query interval
A receiver host starts a report delay timer for an IPv6 multicast group when it receives an MLD multicast-address-specific query for the group. This timer is set to a random value in the range of 0 to the maximum response time advertised in the query. When the timer value decreases to 0, the host sends an MLD report to the group.
The MLD last listener query interval defines the maximum response time advertised in MLD multicast-address-specific queries. Set an appropriate value for the MLD last listener query interval to speed up hosts' responses to MLD multicast-address-specific queries and avoid MLD report traffic bursts.
Configuration restrictions and guidelines
When you set the MLD last listener query interval, follow these restrictions and guidelines:
· The Layer 2 device does not send an MLD multicast-address-specific query if it receives an MLD done message from a port enabled with fast-leave processing.
· You can set the MLD last listener query interval globally for all VLANs in MLD-snooping view or for a VLAN in VLAN view. For a VLAN, the VLAN-specific configuration takes priority over the global configuration.
Setting the MLD last listener query interval globally
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Set the MLD last listener query interval globally. |
last-listener-query-interval interval |
The default setting is 1 second. |
Setting the MLD last listener query interval in a VLAN
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Set the MLD last listener query interval in the VLAN. |
mld-snooping last-listener-query-interval interval |
The default setting is 1 second. |
Configuring MLD snooping port features
Before you configure MLD snooping port features, complete the following tasks:
· Enable MLD snooping for the VLAN.
· Determine the aging timer for dynamic router ports.
· Determine the aging timer for dynamic member ports.
· Determine the addresses of the IPv6 multicast group and IPv6 multicast source.
Setting aging timers for dynamic ports
When you set aging timers for dynamic ports, follow these restrictions and guidelines:
· If the memberships of IPv6 multicast groups frequently change, set a relatively small value for the aging timer of the dynamic member ports. If the memberships of IPv6 multicast groups rarely change, you can set a relatively large value.
· MLD multicast-address-specific queries originated by the Layer 2 device trigger the adjustment of aging timers of dynamic member ports. If a dynamic member port receives such a query, its aging timer is set to twice the MLD last listener query interval. For more information about setting the MLD last listener query interval on the Layer 2 device, see "Setting the MLD last listener query interval."
· You can set the timers globally for all VLANs in MLD-snooping view or for a VLAN in VLAN view. For a VLAN, the VLAN-specific configuration takes priority over the global configuration.
Setting the aging timers for dynamic ports globally
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Set the aging timer for dynamic router ports globally. |
router-aging-time interval |
The default setting is 260 seconds. |
|
4. Set the aging timer for dynamic member ports globally. |
host-aging-time interval |
The default setting is 260 seconds. |
Setting the aging timers for dynamic ports in a VLAN
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Set the aging timer for dynamic router ports in the VLAN. |
mld-snooping router-aging-time interval |
The default setting is 260 seconds. |
|
4. Set the aging timer for dynamic member ports in the VLAN. |
mld-snooping host-aging-time interval |
The default setting is 260 seconds. |
Configuring static ports
You can configure the following types of static ports:
· Static member port—When you configure a port as a static member port for an IPv6 multicast group, all hosts attached to the port will receive IPv6 multicast data for the group.
The static member port does not respond to MLD queries. When you complete or cancel this configuration, the port does not send an unsolicited report or done message.
· Static router port—When you configure a port as a static router port for an IPv6 multicast group, all IPv6 multicast data for the group received on the port will be forwarded.
To configure static ports:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure the port as a static port. |
· Configure the port as a static member port: · Configure
the port as a static router port: |
By default, a port is not a static member port or a static router port. |
Configuring a port as a simulated member host
When a port is configured as a simulated member host, it is equivalent to an independent host in the following ways:
· It sends an unsolicited MLD report when you complete the configuration.
· It responds to MLD general queries with MLD reports.
· It sends an MLD done message when you remove the configuration.
The version of MLD running on the simulated member host is the same as the version of MLD snooping running on the port. The port ages out in the same ways as a dynamic member port.
To configure a port as a simulated member host:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
N/A |
|
|
3. Configure the port as a simulated member host. |
mld-snooping host-join ipv6-group-address [ source-ip ipv6-source-address ] vlan vlan-id |
By default, the port is not a simulated member host. |
Enabling fast-leave processing
This feature enables the device to immediately remove a port from the forwarding entry for an IPv6 multicast group when the port receives a done message.
Configuration restrictions and guidelines
When you enable fast-leave processing, follow these restrictions and guidelines:
· Do not enable fast-leave processing on a port that have multiple receiver hosts attached in a VLAN. If fast-leave processing is enabled, after a receiver host leaves an IPv6 multicast group, the other receivers cannot receive IPv6 multicast data for the group.
· You can enable fast-leave processing globally for all ports in MLD-snooping view or for a port in interface view. For a port, the port-specific configuration takes priority over the global configuration.
Configuration procedure
To enable fast-leave processing globally:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Enable fast-leave processing globally. |
fast-leave [ vlan vlan-list ] |
By default, fast-leave processing is disabled. |
To enable fast-leave processing on a port:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable fast-leave processing on the port. |
mld-snooping fast-leave [ vlan vlan-list ] |
By default, fast-leave processing is disabled. |
Disabling a port from becoming a dynamic router port
A receiver host might send MLD general queries for testing purposes. On the Layer 2 device, the port that receives the queries becomes a dynamic router port. Before the aging timer for the port expires, the following problems might occur:
· All IPv6 multicast data for the VLAN to which the port belongs flows to the port. Then, the port forwards the data to attached receiver hosts. The receiver hosts will receive unexpected IPv6 multicast data.
· The port forwards the MLD general queries to its upstream multicast routers. These messages might affect the multicast routing protocol state (such as the MLD querier or DR election) on the multicast routers. This might further cause network interruption.
To solve these problems, you can disable the router port from becoming a dynamic router port. This also improves network security and the control over receiver hosts.
To disable a port from becoming a dynamic router port:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
N/A |
|
|
3. Disable the port from becoming a dynamic router port. |
mld-snooping router-port-deny [ vlan vlan-list ] |
By default, a port can become a dynamic router port. This configuration does not affect the static router port configuration. |
Configuring the MLD snooping querier
This section describes how to configure the MLD snooping querier.
Configuration prerequisites
Before you configure the MLD snooping querier, complete the following tasks:
· Enable MLD snooping for the VLAN.
· Determine the MLD general query interval.
· Determine the maximum response time for MLD general queries.
Enabling the MLD snooping querier
This feature enables the device to periodically send MLD general queries to establish and maintain multicast forwarding entries at the data link Layer. You can configure an MLD snooping querier on a network without Layer 3 multicast devices.
Do not enable the MLD snooping querier on an IPv6 multicast network that runs MLD. An MLD snooping querier does not participate in MLD querier elections. However, it might affect MLD querier elections if it sends MLD general queries with a low source IPv6 address.
To enable the MLD snooping querier for a VLAN:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Enable the MLD snooping querier. |
mld-snooping querier |
By default, the MLD snooping querier is disabled. |
Configuring parameters for MLD general queries and responses
|
|
CAUTION: To avoid mistakenly delete IPv6 multicast group members, make sure the MLD general query interval is greater than the maximum response time for MLD general queries. |
You can modify the MLD general query interval based on the actual network conditions.
A receiver host starts a report delay timer for each IPv6 multicast group that it has joined when it receives an MLD general query. This timer is set to a random value in the range of 0 to the maximum response time advertised in the query. When the timer value decreases to 0, the host sends an MLD report to the corresponding IPv6 multicast group.
Set an appropriate value for the maximum response time for MLD general queries to speed up hosts' responses to MLD general queries and avoid MLD report traffic bursts.
You can set the maximum response time for MLD general queries globally for all VLANs in MLD-snooping view or for a VLAN in VLAN view. For a VLAN, the VLAN-specific configuration takes priority over the global configuration.
Configuring parameters for MLD general queries and responses globally
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Set the maximum response time for MLD general queries. |
max-response-time interval |
The default setting is 10 seconds. |
Configuring parameters for MLD general queries and responses in a VLAN
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Set the MLD general query interval in the VLAN. |
The default setting is 125 seconds. |
|
|
4. Set the maximum response time for MLD general queries in the VLAN. |
mld-snooping max-response-time interval |
The default setting is 10 seconds. |
Configuring parameters for MLD messages
This section describes how to configure parameters for MLD messages.
Configuration prerequisites
Before you configure parameters for MLD messages, complete the following tasks:
· Enable MLD snooping for the VLAN.
· Determine the source IPv6 address of MLD general queries.
· Determine the source IPv6 address of MLD multicast-address-specific queries.
· Determine the source IPv6 address of MLD reports.
· Determine the source IPv6 address of MLD done messages.
· Determine the 802.1p priority of MLD messages.
Configuring source IPv6 addresses for MLD messages
You can change the source IPv6 address of the MLD queries sent by an MLD snooping querier. This configuration might affect MLD querier election within the subnet.
You can also change the source IPv6 address of MLD reports or done messages sent by a simulated member host or an MLD snooping proxy.
To configure the source IP addresses for MLD messages in a VLAN:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Configure the source IPv6 address for MLD general queries. |
mld-snooping general-query source-ip ipv6-address |
By default, the source IPv6 address of MLD general queries is the IPv6 link-local address of the current VLAN interface. If the current VLAN interface does not have an IPv6 link-local address, the source IPv6 address is FE80::02FF:FFFF:FE00:0001. |
|
4. Configure the source IPv6 address for MLD multicast-address-specific queries. |
mld-snooping special-query source-ip ipv6-address |
By default, the source IPv6 address of MLD multicast-address-specific queries is one of the following: · The source address of MLD general queries if the MLD snooping querier of the VLAN has received MLD general queries. · The IPv6 link-local address of the current VLAN interface if the MLD snooping querier does not receive an MLD general query. · FE80::02FF:FFFF:FE00:0001 if the MLD snooping querier does not receive an MLD general query and the current VLAN interface does not have an IPv6 link-local address. |
|
5. Configure the source IPv6 address for MLD reports. |
By default, the source IPv6 address of MLD reports is the IPv6 link-local address of the current VLAN interface. If the current VLAN interface does not have an IPv6 link-local address, the source IPv6 address is FE80::02FF:FFFF:FE00:0001. |
|
|
6. Configure the source IPv6 address for MLD done messages. |
By default, the source IPv6 address of MLD done messages is the IPv6 link-local address of the current VLAN interface. If the current VLAN interface does not have an IPv6 link-local address, the source IPv6 address is FE80::02FF:FFFF:FE00:0001. |
Setting the 802.1p priority for MLD messages
When congestion occurs on outgoing ports of the Layer 2 device, it forwards MLD messages in their 802.1p priority order, from highest to lowest. You can assign a higher 802.1p priority to MLD messages that are created or forwarded by the device.
You can set the 802.1p priority globally for all VLANs in MLD-snooping view or for a VLAN in VLAN view. For a VLAN, the VLAN-specific configuration takes priority over the global configuration.
Setting the 802.1p priority for MLD messages globally
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Set the 802.1p priority for MLD messages. |
dot1p-priority priority-number |
The default setting is 0. |
Setting the 802.1p priority for MLD messages in a VLAN
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Set the 802.1p priority for MLD messages in the VLAN. |
mld-snooping dot1p-priority priority-number |
The default setting is 0. |
Configuring MLD snooping policies
Before you configure MLD snooping policies, complete the following tasks:
· Enable MLD snooping for the VLAN.
· Determine the ACL used by the IPv6 multicast group policy.
· Determine the maximum number of IPv6 multicast groups that a port can join.
Configuring an IPv6 multicast group policy
This feature enables the device to filter MLD reports by using an ACL that specifies the IPv6 multicast groups and the optional sources. It is used to control the IPv6 multicast groups that receiver hosts can join.
Configuration restrictions and guidelines
When you configure an IPv6 multicast group policy, follow these restrictions and guidelines:
· This configuration takes effect on the IPv6 multicast groups that ports join dynamically.
· You can configure an IPv6 multicast group policy globally for all ports in MLD-snooping view or for a port in interface view. For a port, the port-specific configuration takes priority over the global configuration.
Configuration procedure
To configure an IPv6 multicast group policy globally:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Configure an IPv6 multicast group policy globally. |
group-policy acl6-number [ vlan vlan-list ] |
By default, IPv6 multicast group policies are not configured. Receiver host can join any IPv6 multicast groups. |
To configure an IPv6 multicast group policy on a port:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure an IPv6 multicast group policy for the port. |
mld-snooping group-policy acl6-number [ vlan vlan-list ] |
By default, the port is not configured with an IPv6 multicast group policy. Receiver hosts attached to the port can join any IPv6 multicast groups. |
Enabling dropping unknown IPv6 multicast data
This feature enables the device to drop all unknown IPv6 multicast data. Unknown IPv6 multicast data refers to IPv6 multicast data for which no forwarding entries exist in the MLD snooping forwarding table.
If you do not enable this feature, the unknown IPv6 multicast data is flooded in the VLAN to which the data belongs.
Configuration restrictions and guidelines
When you enable dropping unknown IPv6 multicast data, follow these restrictions and guidelines:
· You can enable this feature globally for all VLANs in MLD-snooping view or for a VLAN in VLAN view. The drop-unknown command in MLD-snooping view and the mld-snooping drop-unknown command in VLAN view are mutually exclusive. You cannot configure them on the same device.
· For a VLAN enabled with this feature, some device models drop unknown IPv4 multicast data for the VLAN.
· For a VLAN enabled with this feature, some device models still forward unknown IPv6 multicast data for the VLAN to other router ports in the VLAN.
Configuration procedure
To enable dropping unknown IPv6 multicast data globally:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Enable dropping unknown IPv6 multicast data globally. |
drop-unknown |
By default, this feature is disabled. Unknown IPv6 multicast data is flooded. |
To enable dropping unknown IPv6 multicast data for a VLAN:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Enable dropping unknown IPv6 multicast data for the VLAN. |
mld-snooping drop-unknown |
By default, dropping unknown IPv6 multicast data is disabled. Unknown IPv6 multicast data is flooded. |
Enabling MLD report suppression
This feature enables the device to forward only the first MLD report for an IPv6 multicast group to its directly connected Layer 3 device. Other reports for the same group in the same query interval are discarded. This reduces the multicast traffic.
To enable MLD report suppression:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Enable MLD report suppression. |
report-aggregation |
By default, MLD report suppression is enabled. |
Setting the maximum number of IPv6 multicast groups on a port
You can set the maximum number of IPv6 multicast groups on a port to regulate the port traffic.
Configuration restrictions and guidelines
When you set the maximum number of IPv6 multicast groups on a port, follow these restrictions and guidelines:
· This configuration takes effect only on the IPv6 multicast groups that the port joins dynamically.
· If the number of IPv6 multicast groups on a port exceeds the limit, the system removes all the forwarding entries related to that port. In this case, the receiver hosts attached to that port can join IPv6 multicast groups again before the number of IPv6 multicast groups on the port reaches the limit.
Configuration procedure
To set the maximum number of IPv6 multicast groups on a port:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Set the maximum number of IPv6 multicast groups on the port. |
mld-snooping group-limit limit [ vlan vlan-list ] |
The default setting is 4294967295. |
Enabling the IPv6 multicast group replacement feature
This feature enables the device to replace an existing group with a newly joined group when the number of groups exceeds the upper limit. This feature is typically used in the channel switching application. Without this feature, the Layer 2 device discards MLD reports for new groups, and the user cannot change to the new channel.
Configuration restrictions and guidelines
When you enable the IPv6 multicast group replacement feature, follow these restrictions and guidelines:
· This configuration takes effect only on the multicast groups that the port joins dynamically.
· You can enable this feature globally for all ports in MLD-snooping view or for a port in interface view. For a port, the port-specific configuration takes priority over the global configuration.
Configuration procedure
To enable the IPv6 multicast group replacement feature globally:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Enable the IPv6 multicast group replacement feature globally. |
overflow-replace [ vlan vlan-list ] |
By default, the IPv6 multicast group replacement feature is disabled. |
To enable the IPv6 multicast group replacement on a port:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable the IPv6 multicast group replacement feature on the port. |
mld-snooping overflow-replace [ vlan vlan-list ] |
By default, the IPv6 multicast group replacement feature is disabled. |
Displaying and maintaining MLD snooping
Execute display commands in any view and reset commands in user view.
|
Command |
|
|
Display information about Layer 2 IPv6 multicast groups. |
display ipv6 l2-multicast ip [ group ipv6-group-address | source ipv6-source-address ] * [ vlan vlan-id ] [ slot slot-number ] |
|
Display Layer 2 IPv6 multicast group entries. |
display ipv6 l2-multicast ip forwarding [ group ipv6-group-address | source ipv6-source-address ] * [ vlan vlan-id ] [ slot slot-number ] |
|
Display information about Layer 2 IPv6 MAC multicast groups. |
display ipv6 l2-multicast mac [ mac-address ] [ vlan vlan-id ] [ slot slot-number ] |
|
Display Layer 2 IPv6 MAC multicast group entries. |
display ipv6 l2-multicast mac forwarding [ mac-address ] [ vlan vlan-id ] [ slot slot-number ] |
|
Display MLD snooping status. |
display mld-snooping [ global | vlan vlan-id ] |
|
Display dynamic MLD snooping group entries. |
display mld-snooping group [ ipv6-group-address | ipv6-source-address ] * [ vlan vlan-id ] [ verbose ] [ slot slot-number ] |
|
Display dynamic router port information. |
display mld-snooping router-port [ vlan vlan-id ] [ slot slot-number ] |
|
Display static MLD snooping group entries. |
display mld-snooping static-group [ ipv6-group-address | ipv6-source-address ] * [ vlan vlan-id ] [ verbose ] [ slot slot-number ] |
|
Display static router port information. |
display mld-snooping static-router-port [ vlan vlan-id ] [ slot slot-number ] |
|
Display statistics for MLD message learned through MLD snooping. |
display mld-snooping statistics |
|
Clear dynamic MLD snooping group entries. |
reset mld-snooping group { ipv6-group-address [ ipv6-source-address ] | all } [ vlan vlan-id ] |
|
Clear dynamic router port information. |
reset mld-snooping router-port { all | vlan vlan-id } |
|
Clear statistics for MLD messages learned through MLD snooping. |
reset mld-snooping statistics |
MLD snooping configuration example
Network requirements
As shown in Figure 3:
· The source sends IPv6 multicast traffic to IPv6 multicast group FF1E::1.
· The client is a receiver host of the IPv6 multicast group.
· The route between the source and the client is reachable.
Configure the AC so that the client can receive the IPv6 multicast traffic from the source.
Configuration procedure
Configuring Router A
# Enable IPv6 multicast routing globally, and enable IPv6 PIM-DM and MLD on the port that connects to the AC. (Details not shown.)
Configuring the AC
1. Configure WLAN services:
# Create VLAN 100.
<AC> system-view
[AC] vlan 100
[AC-vlan100] quit
# Create service template 1, and set the SSID to Multicast for the service template.
[AC] wlan service-template 1
[AC-wlan-st-1] ssid Multicast
# Bind VLAN 100 to service template 1, and enable the service template.
[AC-wlan-st-1] vlan 100
[AC-wlan-st-1] service-template enable
[AC-wlan-st-1] quit
# Create an AP named ap with model WA4320i-ACN, and set the serial ID of the AP to 219801A0CNC138011454.
[AC ]wlan ap ap model WA4320i-ACN
[AC-wlan-ap-ap] serial-id 219801A0CNC138011454
# Bind service template 1 to radio 1, and enable radio 1 for AP ap.
[AC-wlan-ap-ap] radio 1
[AC-wlan-ap-ap-radio-1] service-template 1
[AC-wlan-ap-ap-radio-1] radio enable
[AC-wlan-ap-ap-radio-1] quit
[AC-wlan-ap-ap]quit
2. Configure MLD snooping:
# Enable MLD snooping globally.
[AC] mld-snooping
[AC-mld-snooping] quit
# Enable MLD snooping for VLAN 100.
[AC] vlan 100
[AC-vlan100] mld-snooping enable
[AC-vlan100] quit
3. Configure Ethernet interfaces:
# Configure GigabitEthernet 1/0/2 on the access controller as a trunk port, and assign the port to VLAN 100.
[AC] interface GigabitEthernet 1/0/2
[AC-GigabitEthernet1/0/2] port link-type trunk
[AC-GigabitEthernet1/0/2] port trunk permit vlan 100
[AC-GigabitEthernet1/0/2] quit
Configuring the client
# Configure the client to access the WLAN service with the SSID Multicast and request multicast traffic for IPv6 multicast group FF1E::1. (Details not shown.)
Verifying the configuration
# Display detailed information about dynamic MLD snooping group entries for VLAN 100 on the AC.
[AC] display mld-snooping group vlan 100 verbose
Total 1 entries.
VLAN 100: Total 1 entries.
(::,FF1E::101)
Attribute: local port
FSM information: normal
Host slots (0 in total):
Host ports (1 in total):
WLAN-BSS1/0/20 (00:03:23)
The output shows that WLAN-BSS 1/0/20 on the AC has joined the IPv6 multicast group FF1E::1.
Troubleshooting MLD snooping
Layer 2 multicast forwarding cannot function
Symptom
Layer 2 multicast forwarding cannot function through MLD snooping.
Solution
To resolve the problem:
1. Use the display mld-snooping command to display MLD snooping status.
2. If MLD snooping is not enabled, use the mld-snooping command in system view to enable MLD snooping globally. Then, use the mld-snooping enable command in VLAN view to enable MLD snooping for the VLAN.
3. If MLD snooping is enabled globally but not enabled for the VLAN, use the mld-snooping enable command in VLAN view to enable MLD snooping for the VLAN.
4. If the problem persists, contact H3C Support.
IPv6 multicast group policy does not work
Symptom
Hosts can receive multicast data from IPv6 multicast groups that are not permitted by the IPv6 multicast group policy.
Solution
To resolve the problem:
1. Use the display acl ipv6 command to verify that the configured IPv6 ACL meets the IPv6 multicast group policy requirements.
2. Use the display this command in MLD-snooping view or in a corresponding interface view to verify that the correct IPv6 multicast group policy has been correctly applied. If the applied IPv6 multicast group policy is not correct, use the group-policy or mld-snooping group-policy command to apply the correct IPv6 multicast group policy.
3. Use the display mld-snooping command to verify that dropping unknown IPv6 multicast data is enabled. If dropping unknown IPv6 multicast data is not enabled, use the drop-unknown or mld-snooping drop-unknown command to enable dropping unknown IPv6 multicast data.
4. If the problem persists, contact H3C Support.
