Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 07-MLD snooping configuration | 317.29 KB |
MLD snooping configuration task list
Configuring basic MLD snooping features
Setting the maximum number of MLD snooping forwarding entries
Setting the MLD last listener query interval
Configuring MLD snooping port features
Setting aging timers for dynamic ports
Configuring a port as a simulated member host
Enabling fast-leave processing
Enabling inner VLAN ID-based forwarding
Configuring the MLD snooping querier
Enabling the MLD snooping querier
Configuring parameters for MLD general queries and responses
Configuring source IPv6 addresses for MLD messages
Configuring MLD snooping policies
Configuring an IPv6 multicast group policy
Enabling IPv6 multicast source port filtering
Enabling dropping unknown IPv6 multicast data
Enabling MLD report suppression
Setting the maximum number of IPv6 multicast groups on a port
Enabling IPv6 multicast group replacement
Displaying and maintaining MLD snooping
MLD snooping configuration examples
IPv6 group policy configuration example
Static port configuration example
MLD snooping querier configuration example
Layer 2 multicast forwarding cannot function
IPv6 multicast group policy does not work
Configuring MLD snooping
Overview
As shown in Figure 1, when MLD snooping is not enabled, the Layer 2 switch floods IPv6 multicast packets to all hosts. When MLD snooping is enabled, the Layer 2 switch forwards multicast packets of known IPv6 multicast groups to only the receivers.
Figure 1 Multicast packet transmission processes without and with MLD snooping
Basic MLD snooping concepts
MLD snooping ports
As shown in Figure 2, MLD snooping runs on Switch A and Switch B, and Host A and Host C are receiver hosts in an IPv6 multicast group.
Figure 2 MLD snooping related ports
The following describes the ports involved in MLD snooping, as shown in Figure 2:
· Router port—Layer 3 multicast device-side port. Layer 3 multicast devices include designated routers and MLD queriers. In Figure 2, FortyGigE 1/0/1 of Switch A and FortyGigE 1/0/1 of Switch B are the router ports. A switch records all its local router ports in a router port list.
Do not confuse the "router port" in MLD snooping with the "routed interface" commonly known as the "Layer 3 interface." The router port in MLD snooping is a Layer 2 interface.
· Member port—Multicast receiver-side port. In Figure 2, FortyGigE 1/0/2 and FortyGigE 1/0/3 of Switch A and FortyGigE 1/0/2 of Switch B are member ports. A switch records all its local member ports in its MLD snooping forwarding table.
Unless otherwise specified, router ports and member ports in this document include both static and dynamic router ports and member ports.
|
|
NOTE: When MLD snooping is enabled, all ports that receive IPv6 PIM hello messages or MLD general queries with a source IP address other than 0::0 are considered dynamic router ports. |
Aging timers for dynamic ports in MLD snooping
The following are aging timers for dynamic ports in MLD snooping:
· Dynamic router port aging timer—The switch starts this timer for a port that receives an MLD general query with the source address other than 0::0 or an IPv6 PIM hello message. If the port does not either of receive these messages before the timer expires, the switch removes the port from its router port list.
· Dynamic member port aging timer—The switch starts this timer for a port that receives an MLD report. If the port does not receive a report before the timer expires, the switch removes the port from the MLD snooping forwarding entries.
|
|
NOTE: In MLD snooping, only dynamic ports age out. Static ports never age out. |
How MLD snooping works
The ports in this section are dynamic ports. For information about how to configure and remove static ports, see "Configuring static ports."
General query
The MLD querier periodically sends MLD general queries to all hosts and routers on the local subnet to check for the existence of IPv6 multicast group members.
After receiving an MLD general query from the MLD querier, the switch forwards the query to all ports in the VLAN except the receiving port. The switch also performs one of the following operations:
· If the receiving port is a dynamic router port in the router port list, the switch restarts the aging timer for the router port.
· If the receiving port does not exist in the router port list, the switch adds the port to the router port list. It also starts an aging timer for the port.
MLD report
A host sends an MLD report to the MLD querier for the following purposes:
· Responds to queries if the host is an IPv6 multicast group member.
· Applies for an IPv6 multicast group membership.
After receiving an MLD report from a host, the switch forwards the report through all the router ports in the VLAN. It also resolves the IPv6 address of the reported IPv6 multicast group, and looks up the forwarding table for a matching entry:
· If no match is found, the switch creates a forwarding entry for the group with the receiving port as an outgoing interface. It also marks the receiving port as a dynamic member port and starts an aging timer for the port.
· If a match is found but the receiving port is not in the forwarding entry, the switch adds the receiving port as an outgoing interface to the forwarding entry. It also marks the receiving port as a dynamic member port and starts an aging timer for the port.
· If a match is found and the receiving port is in the forwarding entry, the switch restarts the aging timer for the port.
In an application with an IPv6 multicast group policy configured on an MLD snooping-enabled switch, when a user requests a multicast program, the user's host initiates an MLD report. After receiving this report message, the switch resolves the IPv6 multicast group address in the report and performs ACL filtering on the report. If the report passes ACL filtering, the switch creates an MLD snooping forwarding entry for the IPv6 multicast group with the receiving port as an outgoing interface. Otherwise, the switch drops this report message, which means the receiver does not successfully join the IPv6 multicast group and cannot retrieve the program.
A switch does not forward an MLD report through a non-router port because of the MLD report suppression mechanism.
Done message
When a host leaves an IPv6 multicast group, the host sends an MLD done message to the multicast routers. When the switch receives the MLD done message on a dynamic member port, the switch first examines whether a forwarding entry matches the IPv6 multicast group address in the message.
· If no match is found, the switch discards the MLD done message.
· If a match is found but the receiving port is not an outgoing interface in the forwarding entry, the switch discards the MLD done message.
· If a match is found and the receiving port is not the only outgoing interface in the forwarding entry, the switch performs the following operations:
? Discards the MLD done message.
? Sends an MLD multicast-address-specific query to identify whether the group has active listeners attached to the receiving port.
? Sets the aging timer for the receiving port to twice the MLD last listener query interval.
· If a match is found and the receiving port is the only outgoing interface in the forwarding entry, the switch performs the following operations:
? Forwards the MLD done message to all router ports in the VLAN.
? Sends an MLD multicast-address-specific query to identify whether the group has active listeners attached to the receiving port.
? Sets the aging timer for the receiving port to twice the MLD last listener query interval.
After receiving the MLD done message, the MLD querier resolves the IPv6 multicast group address in the message. Then, it sends an MLD multicast-address-specific query to the IPv6 multicast group through the port that received the done message.
After receiving the MLD multicast-address-specific query, the switch forwards the query through all its router ports in the VLAN and all member ports of the IPv6 multicast group. Then, it waits for the responding MLD reports from the directly connected hosts. For the member port that received the done message, the switch performs one of the following operations:
· If the port receives an MLD report before the aging timer expires, the switch adjusts the aging timer for the port.
· If the port does not receive an MLD report when the aging timer expires, the switch removes the port from the forwarding entry for the IPv6 multicast group.
MLD snooping version
Different MLD snooping versions can process different versions of MLD messages:
· MLDv1 snooping can process MLDv1 messages, but it floods MLDv2 messages in the VLAN instead of processing them.
· MLDv2 snooping can process MLDv1 and MLDv2 messages.
The switch supports only MLDv1 snooping.
Protocols and standards
RFC 4541, Considerations for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches
MLD snooping configuration task list
The MLD snooping configurations made on Layer 2 aggregate interfaces do not interfere with the configurations made on member ports. In addition, the configurations made on Layer 2 aggregate interfaces do not take part in aggregation calculations. The configuration made on a member port of the aggregate group takes effect after the port leaves the aggregate group.
Configuring basic MLD snooping features
Before you configure basic MLD snooping features, complete the following tasks:
· Configure the associated VLANs.
· Determine the maximum number of MLD snooping forwarding entries.
· Determine the MLD last listener query interval.
Enabling MLD snooping
When you enable MLD snooping, follow these guidelines:
· You must enable MLD snooping globally before you can enable it for a VLAN.
· MLD snooping for a VLAN works only on the member ports in that VLAN.
· You can enable MLD snooping for the specified VLANs in MLD-snooping view or for a VLAN in VLAN view. For a VLAN, the configuration in VLAN view has the same priority as the configuration in MLD-snooping view, and the most recent configuration takes effect.
Enabling MLD snooping in MLD-snooping view
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable MLD snooping globally and enter MLD-snooping view. |
mld-snooping |
By default, MLD snooping is globally disabled. |
|
3. Enable MLD snooping for the specified VLANs. |
enable vlan vlan-list |
By default, MLD snooping is disabled for a VLAN. |
Enabling MLD snooping in VLAN view
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable MLD snooping globally and enter MLD-snooping view. |
mld-snooping |
By default, MLD snooping is globally disabled. |
|
3. Return to system view. |
quit |
N/A |
|
4. Enter VLAN view. |
vlan vlan-id |
N/A |
|
5. Enable MLD snooping for the VLAN. |
mld-snooping enable |
By default, MLD snooping is disabled in a VLAN. |
Setting the maximum number of MLD snooping forwarding entries
You can modify the maximum number of MLD snooping forwarding entries, including dynamic entries and static entries. When the number of forwarding entries on the device reaches the upper limit, the device does not automatically remove any existing entries. As a best practice, manually remove some entries to allow new entries to be created.
To set the maximum number of MLD snooping forwarding entries:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Set the maximum number of MLD snooping forwarding entries. |
entry-limit limit |
The default setting is 4294967295. |
Setting the MLD last listener query interval
A receiver host starts a report delay timer for an IPv6 multicast group when it receives an MLD multicast-address-specific query for the group. This timer is set to a random value in the range of 0 to the maximum response time advertised in the query. When the timer value decreases to 0, the host sends an MLD report to the group.
The MLD last listener query interval defines the maximum response time advertised in MLD multicast-address-specific queries. Set an appropriate value for the MLD last listener query interval to speed up hosts' responses to MLD multicast-address-specific queries and avoid MLD report traffic bursts.
Configuration restrictions and guidelines
When you set the MLD last listener query interval, follow these restrictions and guidelines:
· If the Layer 2 device receives a done message from a port enabled with fast-leave processing, the device does not send an MLD multicast-address-specific query to the port.
· You can set the MLD last listener query interval globally for all VLANs in MLD-snooping view or for a VLAN in VLAN view. For a VLAN, the VLAN-specific configuration takes priority over the global configuration.
Setting the MLD last listener query interval globally
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Set the MLD last listener query interval globally. |
last-listener-query-interval interval |
The default setting is 1 second. |
Setting the MLD last listener query interval in a VLAN
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Set the MLD last listener query interval in the VLAN. |
mld-snooping last-listener-query-interval interval |
The default setting is 1 second. |
Configuring MLD snooping port features
Before you configure MLD snooping port features, complete the following tasks:
· Enable MLD snooping for the VLAN.
· Determine the aging timer for dynamic router ports.
· Determine the aging timer for dynamic member ports.
· Determine the addresses of the IPv6 multicast group and IPv6 multicast source.
Setting aging timers for dynamic ports
When you set aging timers for dynamic ports, follow these guidelines:
· If the memberships of IPv6 multicast groups frequently change, set a relatively small value for the aging timer of the dynamic member ports. If the memberships of IPv6 multicast groups rarely change, you can set a relatively large value.
· If a dynamic router port receives an IPv6 PIMv2 hello message, the aging timer value for the port is specified by the hello message. In this case, the mld-snooping router-aging-time command does not take effect on the port.
· MLD multicast-address-specific queries originated by the Layer 2 device trigger the aging timer adjustment of dynamic member ports. If a dynamic member port receives such a query, its aging timer is set to twice the MLD last listener query interval. For more information about setting the MLD last listener query interval on the Layer 2 device, see "Setting the MLD last listener query interval."
· You can set the timers globally for all VLANs in MLD-snooping view or for a VLAN in VLAN view. For a VLAN, the VLAN-specific configuration takes priority over the global configuration.
Setting the aging timers for dynamic ports globally
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Set the aging timer for dynamic router ports globally. |
router-aging-time interval |
The default setting is 260 seconds. |
|
4. Set the aging timer for dynamic member ports globally. |
host-aging-time interval |
The default setting is 260 seconds. |
Setting the aging timers for dynamic ports in a VLAN
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Set the aging timer for dynamic router ports in the VLAN. |
mld-snooping router-aging-time interval |
The default setting is 260 seconds. |
|
4. Set the aging timer for dynamic member ports in the VLAN. |
mld-snooping host-aging-time interval |
The default setting is 260 seconds. |
Configuring static ports
You can configure the following types of static ports:
· Static member port—When you configure a port as a static member port for an IPv6 multicast group, all hosts attached to the port will receive IPv6 multicast data for the group.
The static member port does not respond to MLD queries. When you configure or cancel this configuration, the port does not send an unsolicited report or done message.
· Static router port—When you configure a port as a static router port for an IPv6 multicast group, all IPv6 multicast data for the group received on the port will be forwarded.
Static member ports and static router ports never age out. To remove such a port, use the undo mld-snooping static-group or undo mld-snooping static-router-port command.
To configure static ports:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure the port as a static port. |
·
Configure the port as a static member port: ·
Configure the port as a static router port: |
By default, a port is not a static member port or a static router port. |
Configuring a port as a simulated member host
When a port is configured as a simulated member host, it is equivalent to an independent host in the following ways:
· It sends an unsolicited MLD report when you complete the configuration.
· It responds to MLD general queries with MLD reports.
· It sends an MLD done message when you remove the configuration.
The version of MLD running on the simulated member host is the same as the version of MLD snooping running on the port. The port ages out in the same ways as a dynamic member port.
To configure a port as a simulated member host:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
N/A |
|
|
3. Configure the port as a simulated member host. |
mld-snooping host-join ipv6-group-address vlan vlan-id |
By default, the port is not a simulated member host. |
Enabling fast-leave processing
This feature enables the switch to immediately remove a port from the forwarding entry for an IPv6 multicast group when the port receives a done message.
Configuration guidelines
When you enable fast-leave processing feature, follow these guidelines:
· Do not enable fast-leave processing on a port that has multiple receiver hosts in a VLAN. If fast-leave processing is enabled, the remaining receivers cannot receive IPv6 multicast data for a group after a receiver leaves that group.
· You can enable fast-leave processing globally for all ports in MLD-snooping view or for a port in interface view. For a port, the port-specific configuration takes priority over the global configuration.
Enabling fast-leave processing globally
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Enable fast-leave processing globally. |
fast-leave [ vlan vlan-list ] |
By default, fast-leave processing is disabled globally. |
Enabling fast-leave processing on a port
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable fast-leave processing on the port. |
mld-snooping fast-leave [ vlan vlan-list ] |
By default, fast-leave processing is disabled on a port. |
Enabling inner VLAN ID-based forwarding
Use this feature to enable a port to create and maintain MLD snooping forwarding entries based on the inner VLAN IDs of the received double-tagged MLD packets.
To enable inner VLAN ID-based forwarding:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable inner VLAN ID-based forwarding. |
mld-snooping cvid-forward |
By default, inner VLAN ID-based forwarding is disabled on a port. The port performs outer VLAN ID-based forwarding. |
Configuring the MLD snooping querier
This section describes how to configure an MLD snooping querier.
Configuration prerequisites
Before you configure the MLD snooping querier for a VLAN, complete the following tasks:
· Enable MLD snooping for the VLAN.
· Determine the MLD general query interval.
· Determine the maximum response time for MLD general queries.
Enabling the MLD snooping querier
This feature enables the switch to periodically send MLD general queries to establish and maintain multicast forwarding entries at the data link Layer. You can configure an MLD snooping querier on a network without Layer 3 multicast devices.
When you enable the MLD snooping querier, Do not enable the MLD snooping querier on an IPv6 multicast network that runs MLD. An MLD snooping querier does not participate in MLD querier elections. However, it might affect MLD querier elections if it sends MLD general queries with a low source IPv6 address.
To enable the MLD snooping querier for a VLAN:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Enable the MLD snooping querier for the VLAN. |
mld-snooping querier |
By default, MLD snooping querier is disabled for a VLAN. |
Configuring parameters for MLD general queries and responses
|
|
CAUTION: To avoid mistakenly deleting multicast group members, make sure the MLD general query interval is greater than the maximum response time for MLD general queries. |
you can modify the MLD general query interval based on the actual network conditions.
A receiver host starts a report delay timer for each IPv6 multicast group that it has joined when it receives an MLD general query. This timer is set to a random value in the range of 0 to the maximum response time advertised in the query. When the timer value decreases to 0, the host sends an MLD report to the corresponding IPv6 multicast group.
Set an appropriate value for the maximum response time for MLD general queries to speed up hosts' responses to MLD general queries and avoid MLD report traffic bursts.
You can set the maximum response time for MLD general queries globally for all VLANs in MLD-snooping view or for a VLAN in VLAN view. For a VLAN, the VLAN-specific configuration takes priority over the global configuration.
Setting the maximum response time for MLD general queries globally
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Set the maximum response time for MLD general queries. |
max-response-time interval |
The default setting is 10 seconds. |
Configuring parameters for MLD general queries and responses in a VLAN
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Set the MLD general query interval for the VLAN. |
The default setting is 125 seconds. |
|
|
4. Set the maximum response time for MLD general queries in the VLAN. |
mld-snooping max-response-time interval |
The default setting is 10 seconds. |
Configuring source IPv6 addresses for MLD messages
You can change the source IPv6 address of MLD queries sent by an MLD snooping querier. This configuration might affect MLD querier election within the subnet.
You can also change the source IPv6 address of MLD reports or leave messages sent by a simulated member host.
To configure the source IP addresses for MLD messages in a VLAN:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Configure the source IPv6 address for MLD general queries. |
mld-snooping general-query source-ip ipv6-address |
By default, the source IPv6 address of MLD general queries is the IPv6 link-local address of the current VLAN interface. If the current VLAN interface does not have an IPv6 link-local address, the source IPv6 address is FE80::02FF:FFFF:FE00:0001. |
|
4. Configure the source IPv6 address for MLD multicast-address-specific queries. |
mld-snooping special-query source-ip ipv6-address |
By default, the source IPv6 address of MLD multicast-address-specific queries is one of the following: · The source address of MLD general queries if the MLD snooping querier has received MLD general queries. · The IPv6 link-local address of the current VLAN interface if the MLD snooping querier does not receive an MLD general query. · FE80::02FF:FFFF:FE00:0001 if the MLD snooping querier does not receive an MLD general query and the current VLAN interface does not have an IPv6 link-local address. |
|
5. Configure the source IPv6 address for MLD reports. |
By default, the source IPv6 address of MLD reports is the IPv6 link-local address of the current VLAN interface. If the current VLAN interface does not have an IPv6 link-local address, the source IPv6 address is FE80::02FF:FFFF:FE00:0001. |
|
|
6. Configure the source IPv6 address for MLD done messages. |
By default, the source IPv6 address of MLD done messages is the IPv6 link-local address of the current VLAN interface. If the current VLAN interface does not have an IPv6 link-local address, the source IPv6 address is FE80::02FF:FFFF:FE00:0001. |
Configuring MLD snooping policies
Before you configure MLD snooping policies, complete the following tasks:
· Enable MLD snooping for the VLAN.
· Determine the ACL used as the IPv6 multicast group policy.
· Determine the maximum number of IPv6 multicast groups that a port can join.
Configuring an IPv6 multicast group policy
This feature enables the switch to filter MLD reports based on the used ACL that specifies IPv6 multicast groups and the optional sources. It is used to control the IPv6 multicast groups that receiver hosts can join.
Configuration restrictions and guidelines
When you configure an IPv6 multicast group policy, follow these restrictions and guidelines:
· This configuration takes effect only on the IPv6 multicast groups that the port joins dynamically.
· You can configure an IPv6 multicast group policy globally for all ports in MLD-snooping view or for a port in interface view. For a port, the port-specific configuration takes priority over the global configuration.
Configuring an IPv6 multicast group policy globally
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Configure an IPv6 multicast group policy globally. |
group-policy acl6-number [ vlan vlan-list ] |
By default, IPv6 multicast group policies are not globally configured. |
Configuring an IPv6 multicast group policy on a port
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure an IPv6 multicast group policy on the port. |
mld-snooping group-policy acl6-number [ vlan vlan-list ] |
By default, IPv6 multicast group policies are not configured on the port. |
Enabling IPv6 multicast source port filtering
This feature enables the switch to discard all IPv6 multicast data packets and to accept IPv6 multicast protocol packets. You can enable this feature on ports that connect only to IPv6 multicast receivers.
You can enable multicast source port filtering for the specified ports in MLD-snooping view or for a port in interface view. For a port, the configuration in interface view has the same priority as the configuration in MLD-snooping view, and the most recent configuration takes effect.
Enabling IPv6 multicast source port filtering globally
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Enable IPv6 multicast source port filtering. |
source-deny port interface-list |
By default, IPv6 multicast source port filtering is disabled. |
Enabling IPv6 multicast source port filtering on a port
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable IPv6 multicast source port filtering. |
mld-snooping source-deny |
By default, IPv6 multicast source port filtering is disabled. |
Enabling dropping unknown IPv6 multicast data
This feature enables the switch to drop all unknown IPv6 multicast data. Unknown IPv6 multicast data refers to IPv6 multicast data for which no forwarding entries exist in the MLD snooping forwarding table.
If you do not enable this feature, the unknown IPv6 multicast data is flooded in the VLAN to which the data belongs.
To enable dropping unknown IPv6 multicast data for a VLAN:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VLAN view. |
vlan vlan-id |
N/A |
|
3. Enable dropping unknown IPv6 multicast data for the VLAN |
mld-snooping drop-unknown |
By default, this feature is disabled. Unknown IPv6 multicast data is flooded. |
Enabling MLD report suppression
This feature enables the switch to forward only the first MLD report for an IPv6 multicast group to its directly connected Layer 3 device. Other reports for the same group within the same query interval are discarded.
To enable MLD report suppression:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Enable MLD report suppression. |
report-aggregation |
By default, MLD report suppression is enabled. |
Setting the maximum number of IPv6 multicast groups on a port
You can set the maximum number of IPv6 multicast groups on a port to regulate the port traffic.
Configuration restrictions and guidelines
When you set the maximum number of IPv6 multicast groups on a port, follow these restrictions and guidelines:
· This configuration takes effect only on the IPv6 multicast groups that the port joins dynamically.
· If the number of IPv6 multicast groups on a port exceeds the limit, the system removes all the forwarding entries related to that port. In this case, the receiver hosts attached to that port can join IPv6 multicast groups again before the number of IPv6 multicast groups on the port reaches the limit.
Configuration procedure
To set the maximum number of IPv6 multicast groups on a port:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Set the maximum number of IPv6 multicast groups on a port. |
mld-snooping group-limit limit [ vlan vlan-list ] |
By default, no limit is placed on the number of IPv6 multicast groups on a port. |
Enabling IPv6 multicast group replacement
This feature enables the switch to replace an existing IPv6 multicast group with a newly joined group when the number of groups exceeds the upper limit. This feature is typically used in the channel switching application. Without this feature, the switch discards MLD reports for new groups, and the user cannot change to the new channel.
Configuration restrictions and guidelines
When you enable IPv6 multicast group replacement, follow these restrictions and guidelines:
· This configuration takes effect only on the multicast groups that the port joins dynamically.
· You can enable this feature globally for all ports in MLD-snooping view or for a port in interface view. For a port, the port-specific configuration takes priority over the global configuration.
Enabling IPv6 multicast group replacement globally
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter MLD-snooping view. |
mld-snooping |
N/A |
|
3. Enable IPv6 multicast group replacement globally. |
overflow-replace [ vlan vlan-list ] |
By default, IPv6 multicast group replacement is disabled globally. |
Enabling IPv6 multicast group replacement on a port
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable IPv6 multicast group replacement on the port. |
mld-snooping overflow-replace [ vlan vlan-list ] |
By default, IPv6 multicast group replacement is disabled on a port. |
Displaying and maintaining MLD snooping
Execute display commands in any view and reset commands in user view.
|
Command |
|
|
Display information about Layer 2 IPv6 multicast groups (in standalone mode). |
display ipv6 l2-multicast ip [ group ipv6-group-address ] [ vlan vlan-id ] [ slot slot-number ] |
|
Display information about Layer 2 IPv6 multicast groups (in IRF mode). |
display ipv6 l2-multicast ip [ group ipv6-group-address ] [ vlan vlan-id ] [ chassis chassis-number slot slot-number ] |
|
Display information about Layer 2 IPv6 multicast group entries (in standalone mode). |
display ipv6 l2-multicast ip forwarding [ group ipv6-group-address ] [ vlan vlan-id ] [ slot slot-number ] |
|
Display information about Layer 2 IPv6 multicast group entries (in IRF mode). |
|
|
Display information about Layer 2 IPv6 MAC multicast groups (in standalone mode). |
display ipv6 l2-multicast mac [ mac-address ] [ vlan vlan-id ] [ slot slot-number ] |
|
Display information about Layer 2 IPv6 MAC multicast groups (in IRF mode). |
|
|
Display information about Layer 2 IPv6 MAC multicast group entries (in standalone mode). |
display ipv6 l2-multicast mac forwarding [ mac-address ] [ vlan vlan-id ] [ slot slot-number ] |
|
Display information about Layer 2 IPv6 MAC multicast group entries (in IRF mode). |
|
|
Display MLD snooping status. |
display mld-snooping [ global | vlan vlan-id ] |
|
Display dynamic MLD snooping forwarding entries (in standalone mode). |
display mld-snooping group [ ipv6-group-address ] [ vlan vlan-id ] [ verbose ] [ slot slot-number ] |
|
Display dynamic MLD snooping forwarding entries (in IRF mode). |
|
|
Display information about static MLD snooping forwarding entries (in standalone mode). |
display mld-snooping static-group [ ipv6-group-address ] [ vlan vlan-id ] [ verbose ] [ slot slot-number ] |
|
Display information about static MLD snooping forwarding entries (in IRF mode). |
|
|
Display dynamic router port information (in standalone mode). |
display mld-snooping router-port [ vlan vlan-id ] [ slot slot-number ] |
|
Display dynamic router port information (in IRF mode). |
|
|
Display static router port information. |
display mld-snooping static-router-port [ vlan vlan-id ] [ slot slot-number ] |
|
Display statistics for the MLD messages learned through MLD snooping. |
display mld-snooping statistics |
|
Clear dynamic MLD snooping forwarding entries. |
reset mld-snooping group { ipv6-group-address | all } [ vlan vlan-id ] |
|
Clear dynamic router port information. |
reset mld-snooping router-port { all | vlan vlan-id } |
|
Clear statistics for the MLD messages learned through MLD snooping. |
reset mld-snooping statistics |
MLD snooping configuration examples
IPv6 group policy configuration example
Network requirements
As shown in Figure 3, Router A runs MLDv1 and acts as the MLD querier. Switch A runs MLDv1 snooping.
Configure an IPv6 multicast group policy on Switch A so that Host A and Host B receive IPv6 multicast data for only IPv6 multicast group FF1E::101.
Configuration procedure
1. Assign an IPv6 address and prefix length to each interface according to Figure 3. (Details not shown.)
2. Configure Router A:
# Enable IPv6 multicast routing.
<RouterA> system-view
[RouterA] ipv6 multicast routing
[RouterA-mrib6] quit
# Enable MLD on FortyGigE 1/0/1.
[RouterA] interface fortygige 1/0/1
[RouterA-FortyGigE1/0/1] mld enable
[RouterA-FortyGigE1/0/1] quit
# Enable IPv6 PIM-DM on FortyGigE 1/0/2.
[RouterA] interface fortygige 1/0/2
[RouterA-FortyGigE1/0/2] ipv6 pim dm
[RouterA-FortyGigE1/0/2] quit
3. Configure Switch A:
# Enable MLD snooping globally.
<SwitchA> system-view
[SwitchA] mld-snooping
[SwitchA-mld-snooping] quit
# Create VLAN 100, and assign FortyGigE 1/0/1 through FortyGigE 1/0/4 to the VLAN.
[SwitchA] vlan 100
[SwitchA-vlan100] port fortygige 1/0/1 to fortygige 1/0/4
# Enable MLD snooping, and enable dropping IPv6 unknown multicast data packets for VLAN 100.
[SwitchA-vlan100] mld-snooping enable
[SwitchA-vlan100] mld-snooping drop-unknown
[SwitchA-vlan100] quit
# Configure an IPv6 multicast group policy so that hosts in VLAN 100 can join only IPv6 multicast group FF1E::101.
[SwitchA] acl ipv6 number 2001
[SwitchA-acl6-basic-2001] rule permit source ff1e::101 128
[SwitchA-acl6-basic-2001] quit
[SwitchA] mld-snooping
[SwitchA–mld-snooping] group-policy 2001 vlan 100
[SwitchA–mld-snooping] quit
Verifying the configuration
# Send MLD reports from Host A and Host B to join IPv6 multicast groups FF1E::101 and FF1E::202. (Details not shown.)
# Display dynamic MLD snooping forwarding entries in VLAN 100 on Switch A.
[SwitchA] display mld-snooping group vlan 100
Total 1 entries.
VLAN 100: Total 1 entries.
(::, FF1E::101)
Host slots (0 in total):
Host ports (2 in total):
FGE1/0/3 (00:03:23)
FGE1/0/4 (00:04:10)
The output shows the following information:
· Host A and Host B have joined IPv6 multicast group FF1E::101 through FortyGigE 1/0/4 and FortyGigE 1/0/3 on Switch A, respectively.
· Host A and Host B have not joined IPv6 multicast group FF1E::202.
Static port configuration example
Network requirements
As shown in Figure 4:
· Router A runs MLDv1 and acts as the MLD querier. Switch A, Switch B, and Switch C run MLDv1 snooping.
· Host A and Host C are permanent receivers of IPv6 multicast group FF1E::101.
Configure static ports to meet the following requirements:
· To enhance the reliability of IPv6 multicast traffic transmission, configure FortyGigE 1/0/3 and FortyGigE 1/0/5 on Switch C as static member ports for IPv6 multicast group FF1E::101.
· Suppose the STP runs on the network. To avoid data loops, the forwarding path from Switch A to Switch C is blocked under normal conditions. IPv6 multicast data flows to the receivers attached to Switch C only along the path of Switch A—Switch B—Switch C. Configure FortyGigE 1/0/3 on Switch A as a static router port, so that IPv6 multicast data can flow to the receivers nearly uninterrupted along the path of Switch A—Switch C when the path of Switch A—Switch B—Switch C is blocked.
|
|
NOTE: If no static router port is configured, IPv6 multicast transmission is interrupted for a while after the path of Switch A—Switch B—Switch C is blocked. The reason is that at least one MLD query/response exchange is required before the new path can forward IPv6 multicast packets. |
For more information about the STP, see Layer 2—LAN Switching Configuration Guide.
Configuration procedure
1. Assign an IPv6 address and prefix length to each interface according to Figure 4. (Details not shown.)
2. Configure Router A:
# Enable IPv6 multicast routing.
<RouterA> system-view
[RouterA] ipv6 multicast routing
[RouterA-mrib6] quit
# Enable MLD on FortyGigE 1/0/1.
[RouterA] interface fortygige 1/0/1
[RouterA-FortyGigE1/0/1] mld enable
[RouterA-FortyGigE1/0/1] quit
# Enable IPv6 PIM-DM on FortyGigE 1/0/2.
[RouterA] interface fortygige 1/0/2
[RouterA-FortyGigE1/0/2] ipv6 pim dm
[RouterA-FortyGigE1/0/2] quit
3. Configure Switch A:
# Enable MLD snooping globally.
<SwitchA> system-view
[SwitchA] mld-snooping
[SwitchA-mld-snooping] quit
# Create VLAN 100, and assign FortyGigE 1/0/1 through FortyGigE 1/0/3 to the VLAN.
[SwitchA] vlan 100
[SwitchA-vlan100] port fortygige 1/0/1 to fortygige 1/0/3
# Enable MLD snooping for VLAN 100.
[SwitchA-vlan100] mld-snooping enable
[SwitchA-vlan100] quit
# Configure FortyGigE 1/0/3 as a static router port.
[SwitchA] interface fortygige 1/0/3
[SwitchA-FortyGigE1/0/3] mld-snooping static-router-port vlan 100
[SwitchA-FortyGigE1/0/3] quit
4. Configure Switch B:
# Enable MLD snooping globally.
<SwitchB> system-view
[SwitchB] mld-snooping
[SwitchB-mld-snooping] quit
# Create VLAN 100, and assign FortyGigE 1/0/1 and FortyGigE 1/0/2 to the VLAN.
[SwitchB] vlan 100
[SwitchB-vlan100] port fortygige 1/0/1 fortygige 1/0/2
# Enable MLD snooping for VLAN 100.
[SwitchB-vlan100] mld-snooping enable
[SwitchB-vlan100] quit
5. Configure Switch C:
# Enable MLD snooping globally.
<SwitchC> system-view
[SwitchC] mld-snooping
[SwitchC-mld-snooping] quit
# Create VLAN 100, and assign FortyGigE 1/0/1 through FortyGigE 1/0/5 to the VLAN.
[SwitchC] vlan 100
[SwitchC-vlan100] port fortygige 1/0/1 to fortygige 1/0/5
# Enable MLD snooping for VLAN 100.
[SwitchC-vlan100] mld-snooping enable
[SwitchC-vlan100] quit
# Configure FortyGigE 1/0/3 and FortyGigE 1/0/5 as static member ports for IPv6 multicast group FF1E::101.
[SwitchC] interface fortygige 1/0/3
[SwitchC-FortyGigE1/0/3] mld-snooping static-group ff1e::101 vlan 100
[SwitchC-FortyGigE1/0/3] quit
[SwitchC] interface fortygige 1/0/5
[SwitchC-FortyGigE1/0/5] mld-snooping static-group ff1e::101 vlan 100
[SwitchC-FortyGigE1/0/5] quit
Verifying the configuration
# Display information about the static router ports in VLAN 100 on Switch A.
[SwitchA] display mld-snooping static-router-port vlan 100
VLAN 100:
Router slots (1 in total):
1
Router ports (1 in total):
FGE1/0/3
The output shows that FortyGigE 1/0/3 on Switch A has become a static router port.
# Display static MLD snooping forwarding entries in VLAN 100 on Switch C.
[SwitchC] display mld-snooping static-group vlan 100
Total 1 entries).
VLAN 100: Total 1 entries).
(::, FF1E::101)
Host slots (0 in total):
Host ports (2 in total):
FGE1/0/3
FGE1/0/5
The output shows that FortyGigE 1/0/3 and FortyGigE 1/0/5 on Switch C have become static member ports of IPv6 multicast group FF1E::101.
MLD snooping querier configuration example
Network requirements
As shown in Figure 5:
· The network is a Layer 2-only network.
· Source 1 and Source 2 send IPv6 multicast data to IPv6 multicast groups FF1E::101 and FF1E::102, respectively.
· Host A and Host C are receivers of IPv6 multicast group FF1E::101, and Host B and Host D are receivers of IPv6 multicast group FF1E::102.
· All receiver hosts run MLDv1 and all switches run MLDv1 snooping. Switch A (which is close to the multicast sources) acts as the MLD snooping querier.
To prevent the switches from flooding unknown IPv6 packets in the VLAN, enable all switches to drop unknown IPv6 multicast data packets.
Configuration procedure
1. Configure Switch A:
# Enable MLD snooping globally.
[SwitchA] mld-snooping
[SwitchA-mld-snooping] quit
# Create VLAN 100, and assign FortyGigE 1/0/1 through FortyGigE 1/0/3 to the VLAN.
[SwitchA-vlan100] port fortygige 1/0/1 to fortygige 1/0/3
# Enable MLD snooping, and enable dropping unknown IPv6 multicast data packets for VLAN 100.
[SwitchA-vlan100] mld-snooping enable
[SwitchA-vlan100] mld-snooping drop-unknown
# Enable the MLD snooping querier in VLAN 100.
[SwitchA-vlan100] mld-snooping querier
[SwitchA-vlan100] quit
2. Configure Switch B:
# Enable MLD snooping globally.
[SwitchB] mld-snooping
[SwitchB-mld-snooping] quit
# Create VLAN 100, and assign FortyGigE 1/0/1 through FortyGigE 1/0/4 to the VLAN.
[SwitchB] vlan 100
[SwitchB-vlan100] port fortygige 1/0/1 to fortygige 1/0/4
# Enable MLD snooping, and enable dropping unknown IPv6 multicast data packets for VLAN 100.
[SwitchB-vlan100] mld-snooping enable
[SwitchB-vlan100] mld-snooping drop-unknown
[SwitchB-vlan100] quit
3. Configure Switch C:
# Enable MLD snooping globally.
<SwitchC> system-view
[SwitchC] mld-snooping
[SwitchC-mld-snooping] quit
# Create VLAN 100, and assign FortyGigE 1/0/1 through FortyGigE 1/0/3 to the VLAN.
[SwitchC] vlan 100
[SwitchC-vlan100] port fortygige 1/0/1 to fortygige 1/0/3
# Enable MLD snooping, and enable dropping unknown IPv6 multicast data packets for VLAN 100.
[SwitchC-vlan100] mld-snooping enable
[SwitchC-vlan100] mld-snooping drop-unknown
[SwitchC-vlan100] quit
4. Configure Switch D:
# Enable MLD snooping globally.
[SwitchD] mld-snooping
[SwitchD-mld-snooping] quit
# Create VLAN 100, and assign FortyGigE 1/0/1 and FortyGigE 1/0/2 to the VLAN.
[SwitchD] vlan 100
[SwitchD-vlan100] port fortygige 1/0/1 to fortygige 1/0/2
# Enable MLD snooping, and enable dropping unknown IPv6 multicast data packets for VLAN 100.
[SwitchD-vlan100] mld-snooping enable
[SwitchD-vlan100] mld-snooping drop-unknown
[SwitchD-vlan100] quit
Verifying the configuration
# Display statistics for MLD messages learned through MLD snooping on Switch B.
[SwitchB] display mld-snooping statistics
Received MLD general queries: 3
Received MLDv1 specific queries: 0
Received MLDv1 reports: 12
Received MLD dones: 0
Sent MLDv1 specific queries: 0
Received MLDv2 reports: 0
Received MLDv2 reports with right and wrong records: 0
Received MLDv2 specific queries: 0
Received MLDv2 specific sg queries: 0
Sent MLDv2 specific queries: 0
Sent MLDv2 specific sg queries: 0
Received IPv6 PIM hello: 0
Received error MLD messages: 0
The output shows that all switches except Switch A can receive the MLD general queries after Switch A acts as the MLD snooping querier.
Troubleshooting MLD snooping
Layer 2 multicast forwarding cannot function
Symptom
Layer 2 multicast forwarding cannot function through MLD snooping.
Solution
To resolve the problem:
1. Use the display mld-snooping command to display MLD snooping status.
2. If MLD snooping is not enabled, use the mld-snooping command in system view to enable MLD snooping globally. Then, use the mld-snooping enable command in VLAN view to enable MLD snooping for the VLAN.
3. If MLD snooping is enabled globally but not enabled for the VLAN, use the mld-snooping enable command in VLAN view to enable MLD snooping for the VLAN.
4. If the problem persists, contact H3C Support.
IPv6 multicast group policy does not work
Symptom
Hosts can receive multicast data from IPv6 multicast groups that are not permitted by the IPv6 multicast group policy.
Solution
To resolve the problem:
1. Use the display acl ipv6 command to verify that the configured IPv6 ACL meets the IPv6 multicast group policy requirements.
2. Use the display this command in MLD-snooping view or in interface view to verify that the correct IPv6 multicast group policy has been applied. If it is not correctly applied, use the group-policy or mld-snooping group-policy command to apply the correct IPv6 multicast group policy.
3. Use the display mld-snooping command to verify that dropping unknown IPv6 multicast data is enabled. If it is not enabled, use the mld-snooping drop-unknown command to enable dropping unknown IPv6 multicast data.
4. If the problem persists, contact H3C Support.
