Login
- Table of Contents
-
- 08-IP Multicast Configuration Guide
- 00-Preface
- 01-Multicast overview
- 02-IGMP snooping configuration
- 03-PIM snooping configuration
- 04-Multicast VLAN configuration
- 05-Multicast routing and forwarding configuration
- 06-IGMP configuration
- 07-PIM configuration
- 08-MSDP configuration
- 09-Multicast VPN configuration
- 10-MLD snooping configuration
- 11-IPv6 PIM snooping configuration
- 12-IPv6 multicast VLAN configuration
- 13-IPv6 multicast routing and forwarding configuration
- 14-MLD configuration
- 15-IPv6 PIM configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 10-MLD snooping configuration | 416.72 KB |
Restrictions and guidelines: MLD snooping configuration
VLAN-based MLD snooping tasks at a glance
Enabling MLD snooping for multiple VLANs
Enabling MLD snooping for a VLAN
Configuring basic MLD snooping features
Specifying an MLD snooping version
Setting the maximum number of MLD snooping forwarding entries
Configuring static IPv6 multicast MAC address entries
Setting the MLD last listener query interval
Configuring MLD snooping port features
Setting aging timers for dynamic ports
Configuring a static member port
Configuring a static router port
Configuring a port as a simulated member host
Enabling fast-leave processing
Disabling a port from becoming a dynamic router port
Configuring the MLD snooping querier
Enabling the MLD snooping querier
Configuring parameters for MLD general queries and responses
Enabling MLD snooping proxying
Configuring parameters for MLD messages
Configuring source IPv6 addresses for MLD messages
Configuring MLD snooping policies
Configuring an IPv6 multicast group policy
Enabling dropping unknown IPv6 multicast data
Enabling MLD report suppression
Setting the maximum number of IPv6 multicast groups on a port
Enabling IPv6 multicast group replacement
Enabling SNMP notifications for MLD snooping
Display and maintenance commands for MLD snooping
MLD snooping configuration examples
Example: Configuring VLAN-based IPv6 group policy and simulated joining
Example: Configuring VLAN-based static ports
Example: Configuring the VLAN-based MLD snooping querier
Example: Configuring VLAN-based MLD snooping proxying
Layer 2 multicast forwarding cannot function
IPv6 multicast group policy does not work
Configuring MLD snooping
About MLD snooping
Fundamentals of MLD snooping
As shown in Figure 1, when MLD snooping is not enabled, the Layer 2 switch floods IPv6 multicast packets to all hosts in a VLAN or VSI. When MLD snooping is enabled, the Layer 2 switch forwards multicast packets of known IPv6 multicast groups to only the receivers.
Figure 1 Multicast packet transmission processes without and with MLD snooping
MLD snooping ports
As shown in Figure 2, MLD snooping runs on Device A and Device B, and Host A and Host C are receiver hosts in an IPv6 multicast group. MLD snooping ports are divided into member ports and router ports.
Router ports
On an MLD snooping Layer 2 device, the ports toward Layer 3 multicast devices are called router ports. In Figure 2, Port A1 of Device A and Port B1 of Device B are router ports.
Router ports contain the following types:
· Dynamic router port—When a port receives an MLD general query whose source address is not 0::0 or receives an IPv6 PIM hello message, the port is added into the dynamic router port list. At the same time, an aging timer is started for the port. If the port receives either of the messages before the timer expires, the timer is reset. If the port does not receive either of the messages when the timer expires, the port is removed from the dynamic router port list.
· Static router port—When a port is statically configured as a router port, it is added into the static router port list. The static router port does not age out, and it can be deleted only manually.
Do not confuse the "router port" in MLD snooping with the "routed interface" commonly known as the "Layer 3 interface." The router port in MLD snooping is a Layer 2 interface.
Member ports
On an MLD snooping Layer 2 device, the ports toward receiver hosts are called member ports. In Figure 2, Port A2 and Port A3 of Device A and Port B2 of Device B are member ports.
Member ports contain the following types:
· Dynamic member port—When a port receives an MLD report, it is added to the associated dynamic MLD snooping forwarding entry as an outgoing interface. At the same time, an aging timer is started for the port. If the port receives an MLD report before the timer expires, the timer is reset. If the port does not receive an MLD report when the timer expires, the port is removed from the associated dynamic forwarding entry.
· Static member port—When a port is statically configured as a member port, it is added to the associated static MLD snooping forwarding entry as an outgoing interface. The static member port does not age out, and it can be deleted only manually.
Unless otherwise specified, router ports and member ports in this document include both static and dynamic router ports and member ports.
How MLD snooping works
The ports in this section are dynamic ports. For information about how to configure and remove static ports, see "Configuring a static member port" and "Configuring a static router port."
General query
The MLD querier periodically sends MLD general queries to all hosts and devices on the local subnet to check for the existence of IPv6 multicast group members.
After receiving an MLD general query, the Layer 2 device forwards the query to all ports in the VLAN except the receiving port. The Layer 2 device also performs one of the following actions:
· If the receiving port is a dynamic router port in the dynamic router port list, the Layer 2 device restarts the aging timer for the router port.
· If the receiving port does not exist in the dynamic router port list, the Layer 2 device adds the port to the dynamic router port list. It also starts an aging timer for the port.
MLD report
A host sends an MLD report to the MLD querier for the following purposes:
· Responds to queries if the host is an IPv6 multicast group member.
· Applies for an IPv6 multicast group membership.
After receiving an MLD report from a host, the Layer 2 device forwards the report through all the router ports in the VLAN. It also resolves the IPv6 address of the reported IPv6 multicast group, and looks up the forwarding table for a matching entry as follows:
· If no match is found, the Layer 2 device creates a forwarding entry for the group with the receiving port an outgoing interface. It also marks the receiving port as a dynamic member port and starts an aging timer for the port.
· If a match is found but the matching forwarding entry does not contain the receiving port, the Layer 2 device adds the receiving port to the outgoing interface list. It also marks the port as a dynamic member port to the forwarding entry and starts an aging timer for the port.
· If a match is found and the matching forwarding entry contains the receiving port, the Layer 2 device restarts the aging timer for the port.
|
|
NOTE: A Layer 2 device does not forward an MLD report through a non-router port because of the host MLD report suppression mechanism. If a non-router port has member host attached, the member hosts suppress their MLD reports upon receiving MLD reports forwarded by the non-router port. The Layer 2 device cannot know the existence of the member hosts attached to the non-router port. For more information about the MLD report suppression mechanism, see "Configuring MLD." |
Done message
When a host leaves an IPv6 multicast group, the host sends an MLD done message to the Layer 3 devices. When the Layer 2 device receives the MLD done message on a dynamic member port, the Layer 2 device first examines whether a forwarding entry matches the IPv6 multicast group address in the message.
· If no match is found, the Layer 2 device discards the MLD done message.
· If a match is found but the receiving port is not an outgoing interface in the forwarding entry, the Layer 2 device discards the MLD done message.
· If a match is found and the receiving port is not the only outgoing interface in the forwarding entry, the Layer 2 device performs the following actions:
¡ Discards the MLD done message.
¡ Sends an MLD multicast-address-specific query to identify whether the group has active listeners attached to the receiving port.
¡ Sets the aging timer for the receiving port to twice the MLD last listener query interval.
· If a match is found and the receiving port is the only outgoing interface in the forwarding entry, the Layer 2 device performs the following actions:
¡ Forwards the MLD done message to all router ports in the VLAN.
¡ Sends an MLD multicast-address-specific query to identify whether the group has active listeners attached to the receiving port.
¡ Sets the aging timer for the receiving port to twice the MLD last listener query interval.
After receiving the MLD done message on a port, the MLD querier resolves the IPv6 multicast group address in the message. Then, it sends an MLD multicast-address-specific query to the IPv6 multicast group through the receiving port.
After receiving the MLD multicast-address-specific query, the Layer 2 device forwards the query through all router ports and member ports of the group in the VLAN. Then, it waits for the responding MLD report from the directly connected hosts. For the dynamic member port that received the done message, the Layer 2 device also performs one of the following actions:
· If the port receives an MLD report before the aging timer expires, the Layer 2 device resets the aging timer for the port.
· If the port does not receive any MLD report messages when the aging timer expires, the Layer 2 device removes the port from the forwarding entry for the IPv6 multicast group.
MLD snooping proxying
As shown in Figure 3, to reduce the number of MLD report and done messages received by the upstream device, you can enable MLD snooping proxying on the edge device. With MLD snooping proxying enabled, the edge device acts as a host for the upstream MLD snooping querier to send MLD report and done messages to Device A. The host MLD report suppression mechanism on the edge device does not take effect. For more information about the MLD report suppression mechanism, see "Configuring MLD."
Figure 3 MLD snooping proxying
The MLD snooping proxy device processes different MLD messages as follows:
· General query.
After receiving an MLD general query, the device forwards the query to all ports in the VLAN except the receiving port. The device also generates an MLD report based on the local membership information and sends the report to all router ports.
· Multicast-address-specific query or multicast-address-and-source-specific query.
After receiving an MLD multicast-address-specific query or multicast-address-and-source-specific query, the device forwards the query to all ports in the VLAN except the receiving port. If the forwarding entry has a member port, the device sends a response to all router ports in the VLAN.
· Report.
After receiving an MLD report from a host, the device looks up the forwarding table for a matching entry as follows:
¡ If a match is found and the matching forwarding entry contains the receiving port, the device resets the aging timer for the port.
¡ If a match is found but the matching forwarding entry does not contain the receiving port, the device adds the receiving port to the outgoing interface list. It also marks the receiving port as a dynamic member port and starts an aging timer for the port.
¡ If no match is found, the device creates a forwarding entry with the receiving port as an outgoing interface. It also marks the receiving port as a dynamic member port and starts an aging timer for the port. Then it sends the report to all router ports.
· Done message.
After receiving the MLD done message on a port, the device sends an MLD multicast-address-specific query through the receiving port. The device sends the MLD done message to all router ports only when the last member port is removed from the forwarding entry.
Protocols and standards
RFC 4541, Considerations for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches
Restrictions and guidelines: MLD snooping configuration
The MLD snooping configurations made on Layer 2 aggregate interfaces do not interfere with the configurations made on member ports. In addition, the configurations made on Layer 2 aggregate interfaces do not take part in aggregation calculations. The configuration made on a member port of the aggregate group takes effect after the port leaves the aggregate group.
To configure MLD snooping features for VLANs, you must enable MLD snooping for the specific VLANs even though MLD snooping is enabled globally.
Some features can be configured for a VLAN in VLAN view or for multiple VLANs in MLD-snooping view. The VLAN-specific configuration and the configuration made in MLD-snooping view have the same priority, and the most recent configuration takes effect.
Some features can be configured for a VLAN in VLAN view or globally for all VLANs in MLD-snooping view. The VLAN-specific configuration takes priority over the global configuration.
Some features can be configured for an interface in interface view or for all interfaces of the specified VLANs in MLD-snooping view. The interface-specific configuration takes priority over the configuration made in MLD-snooping view.
VLAN-based MLD snooping tasks at a glance
To configure MLD snooping for VLANs, perform the following tasks:
2. (Optional.) Configuring basic MLD snooping features
¡ Specifying an MLD snooping version
¡ Setting the maximum number of MLD snooping forwarding entries
¡ Configuring static IPv6 multicast MAC address entries
¡ Setting the MLD last listener query interval
3. (Optional.) Configuring MLD snooping port features
¡ Setting aging timers for dynamic ports
¡ Configuring a static member port
¡ Configuring a static router port
¡ Configuring a port as a simulated member host
¡ Enabling fast-leave processing
¡ Disabling a port from becoming a dynamic router port
4. (Optional.) Configuring the MLD snooping querier
¡ Enabling the MLD snooping querier
¡ Configuring parameters for MLD general queries and responses
5. (Optional.) Enabling MLD snooping proxying
6. (Optional.) Configuring parameters for MLD messages
¡ Configuring source IPv6 addresses for MLD messages
7. (Optional.) Configuring MLD snooping policies
¡ Configuring an IPv6 multicast group policy
¡ Enabling dropping unknown IPv6 multicast data
¡ Enabling MLD report suppression
¡ Setting the maximum number of IPv6 multicast groups on a port
¡ Enabling IPv6 multicast group replacement
8. (Optional.) Enabling SNMP notifications for MLD snooping
Enabling MLD snooping
Enabling MLD snooping for multiple VLANs
1. Enter system view.
system-view
2. Enable MLD snooping globally and enter MLD-snooping view.
mld-snooping
By default, MLD snooping is globally disabled.
3. Enable MLD snooping for multiple VLANs.
enable vlan vlan-list
By default, MLD snooping is disabled for a VLAN.
MLD snooping configuration for a VLAN takes effect only on member ports in the VLAN.
Enabling MLD snooping for a VLAN
1. Enter system view.
system-view
2. Enable MLD snooping globally and enter MLD-snooping view.
mld-snooping
By default, MLD snooping is disabled globally.
3. Return to system view.
quit
4. Enter VLAN view.
vlan vlan-id
5. Enable MLD snooping for the VLAN.
mld-snooping enable
By default, MLD snooping is disabled for a VLAN.
MLD snooping configuration for a VLAN takes effect only on member ports in the VLAN.
Configuring basic MLD snooping features
Specifying an MLD snooping version
About this task
Different MLD snooping versions can process different versions of MLD messages:
· MLDv1 snooping can process MLDv1 messages, but it floods MLDv2 messages in the VLAN instead of processing them.
· MLDv2 snooping can process MLDv1 and MLDv2 messages.
Restrictions and guidelines
If you change the version of MLD snooping from 2 to 1, the system performs the following actions:
· Clears all MLD snooping forwarding entries that are dynamically created.
· Keeps static MLDv2 snooping forwarding entries (*, G).
· Clears static MLDv2 snooping forwarding entries (S, G), which will be restored when MLD snooping is switched back to MLDv2 snooping.
For more information about static MLD snooping forwarding entries, see "Configuring a static member port."
Specifying an MLD snooping version for multiple VLANs
1. Enter system view.
system-view
2. Enter MLD-snooping view.
mld-snooping
3. Specify an MLD snooping version for multiple VLANs.
version version-number vlan vlan-list
By default, the MLD snooping version for a VLAN is 1.
Specifying an MLD snooping version for a VLAN
1. Enter system view.
system-view
2. Enter VLAN view.
vlan vlan-id
3. Specify an MLD snooping version for the VLAN.
mld-snooping version version-number
By default, the MLD snooping version for a VLAN is 1.
Setting the maximum number of MLD snooping forwarding entries
About this task
You can modify the maximum number of MLD snooping forwarding entries, including dynamic entries and static entries. When the number of forwarding entries on the device reaches the upper limit, the device does not automatically remove any existing entries. To allow new entries to be created, remove some entries manually.
Procedure
1. Enter system view.
system-view
2. Enter MLD-snooping view.
mld-snooping
3. Set the maximum number of MLD snooping forwarding entries.
entry-limit limit
By default, the maximum number of MLD snooping forwarding entries is 4294967295.
Configuring static IPv6 multicast MAC address entries
About this task
In Layer 2 IPv6 multicast, IPv6 multicast MAC address entries can be dynamically created through Layer 2 multicast protocols (such as MLD snooping). You can also manually configure static IPv6 multicast MAC address entries by binding IPv6 multicast MAC addresses and ports to control the destination ports of the IPv6 multicast data.
Restrictions and guidelines
You must specify an unused multicast MAC address when configuring a static IPv6 multicast MAC address entry. A multicast MAC address is the MAC address in which the least significant bit of the most significant octet is 1.
Configuring a static IPv6 multicast MAC address entry in system view
1. Enter system view.
system-view
2. Configure a static IPv6 multicast MAC address entry.
mac-address multicast mac-address interface interface-list vlan vlan-id
Configuring a static IPv6 multicast MAC address entry in interface view
1. Enter system view.
system-view
2. Enter Layer 2 interface view.
¡ Enter Layer 2 Ethernet interface view.
interface interface-type interface-number
¡ Enter Layer 2 aggregate interface view.
interface bridge-aggregation interface-number
3. Configure a static IPv6 multicast MAC address entry.
mac-address multicast mac-address vlan vlan-id
Setting the MLD last listener query interval
About this task
A receiver host starts a report delay timer for an IPv6 multicast group when it receives an MLD multicast-address-specific query for the group. This timer is set to a random value in the range of 0 to the maximum response time advertised in the query. When the timer value decreases to 0, the host sends an MLD report to the group.
The MLD last listener query interval defines the maximum response time advertised in MLD multicast-address-specific queries. Set an appropriate value for the MLD last listener query interval to speed up hosts' responses to MLD multicast-address-specific queries and avoid MLD report traffic bursts.
Setting the MLD last listener query interval globally
1. Enter system view.
system-view
2. Enter MLD-snooping view.
mld-snooping
3. Set the MLD last listener query interval globally.
last-listener-query-interval interval
By default, the MLD last listener query interval is 1 second.
Setting the MLD last listener query interval for a VLAN
1. Enter system view.
system-view
2. Enter VLAN view.
vlan vlan-id
3. Set the MLD last listener query interval for the VLAN
mld-snooping last-listener-query-interval interval
By default, the MLD last listener query interval is 1 second for a VLAN.
Setting the MLD last listener query interval for a VSI
1. Enter system view.
system-view
2. Enter VSI view.
vsi vsi-name
3. Set the MLD last listener query interval for the VSI.
mld-snooping last-listener-query-interval interval
By default, the MLD last listener query interval is 1 second for a VSI.
Configuring MLD snooping port features
Setting aging timers for dynamic ports
About this task
A dynamic router port is removed from the dynamic router port list if it does not receive an MLD general query or IPv6 PIM hello message when its aging timer expires.
A dynamic member port is removed from the dynamic member port if it does not receive an MLD report when its aging timer expires.
Restrictions and guidelines
Set an appropriate value for the aging timers of dynamic ports based on the actual network requirement. For example, if the memberships of IPv6 multicast groups frequently change, set a relatively small value for the aging timer of the dynamic member ports.
If a dynamic router port receives an IPv6 PIMv2 hello message, the aging timer for the port is specified by the hello message. In this case, the mld-snooping router-aging-time command does not take effect on the port.
MLD multicast-address-specific queries originated by the Layer 2 device trigger the adjustment of aging timers of dynamic member ports. If a dynamic member port receives such a query, its aging timer is set to twice the MLD last listener query interval. For more information about setting the MLD last listener query interval on the Layer 2 device, see "Setting the MLD last listener query interval."
Setting the aging timers for dynamic ports globally
1. Enter system view.
system-view
2. Enter MLD-snooping view.
mld-snooping
3. Set the aging timer for dynamic router ports globally.
router-aging-time seconds
By default, the aging timer for dynamic router ports is 260 seconds.
4. Set the aging timer for dynamic member ports globally.
host-aging-time seconds
By default, the aging timer for dynamic member ports is 260 seconds.
Setting the aging timers for dynamic ports in a VLAN
1. Enter system view.
system-view
2. Enter VLAN view.
vlan vlan-id
3. Set the aging timer for dynamic router ports in the VLAN.
mld-snooping router-aging-time seconds
By default, the global aging timer for dynamic router ports is used for a VLAN.
4. Set the aging timer for dynamic member ports in the VLAN.
mld-snooping host-aging-time seconds
By default, the global aging timer for dynamic member ports is used for a VLAN.
Configuring a static member port
About this task
You can configure a port as a static member port for an IPv6 multicast group so that all hosts attached to the port can always receive IPv6 multicast data for the group. The static member port does not respond to MLD queries. When you complete or cancel this configuration, the port does not send an unsolicited report or done message.
Procedure
1. Enter system view.
system-view
2. Enter Layer 2 interface view.
¡ Enter Layer 2 Ethernet interface view.
interface interface-type interface-number
¡ Enter Layer 2 aggregate interface view.
interface bridge-aggregation interface-number
3. Configure the port as a static member port.
mld-snooping static-group ipv6-group-address [ source-ip ipv6-source-address ] vlan vlan-id
By default, a port is not a static member port.
Configuring a static router port
About this task
You can configure a port as a static router port for an IPv6 multicast group so that all IPv6 multicast data for the group received on the port will be forwarded.
Procedure
1. Enter system view.
system-view
2. Enter Layer 2 interface view.
¡ Enter Layer 2 Ethernet interface view.
interface interface-type interface-number
¡ Enter Layer 2 aggregate interface view.
interface bridge-aggregation interface-number
3. Configure the port as a static router port.
mld-snooping static-router-port vlan vlan-id
By default, a port is not a static router port.
Configuring a port as a simulated member host
About this task
When a port is configured as a simulated member host, it is equivalent to an independent host in the following ways:
· It sends an unsolicited MLD report when you complete the configuration.
· It responds to MLD general queries with MLD reports.
· It sends an MLD done message when you remove the configuration.
The version of MLD running on the simulated member host is the same as the version of MLD snooping running on the port. The port ages out in the same ways as a dynamic member port.
Procedure
1. Enter system view.
system-view
2. Enter Layer 2 interface view.
¡ Enter Layer 2 Ethernet interface view.
interface interface-type interface-number
¡ Enter Layer 2 aggregate interface view.
interface bridge-aggregation interface-number
3. Configure the port as a simulated member host.
mld-snooping host-join ipv6-group-address [ source-ip ipv6-source-address ] vlan vlan-id
By default, the port is not a simulated member host.
Enabling fast-leave processing
About this task
This feature enables the Layer 2 device to immediately remove a port from the forwarding entry for an IPv6 multicast group when the port receives a done message. The device no longer sends or forwards MLD multicast-address-specific queries for the group to the port.
Restrictions and guidelines
Do not enable fast-leave processing on a port that has multiple receiver hosts attached in a VLAN. If you do so, the remaining receivers cannot receive IPv6 multicast data for a group after a receiver leaves the group.
As a best practice to avoid multicast service interruption on other ports in the same VLAN, enable only MLD snooping fast-leave processing on a port on a network configured with both MLD snooping and MLD. Do not use the mld fast-leave command to enable MLD fast-leaving processing. For more information about the mld fast-leave command, see MLD commands in IP Multicast Command Reference.
Enabling fast-leave processing globally
1. Enter system view.
system-view
2. Enter MLD-snooping view.
mld-snooping
3. Enable fast-leave processing globally.
fast-leave [ vlan vlan-list ]
By default, fast-leave processing is disabled globally.
Enabling fast-leave processing on a port
1. Enter system view.
system-view
2. Enter Layer 2 interface view.
¡ Enter Layer 2 Ethernet interface view.
interface interface-type interface-number
¡ Enter Layer 2 aggregate interface view.
interface bridge-aggregation interface-number
3. Enable fast-leave processing on the port.
mld-snooping fast-leave [ vlan vlan-list ]
By default, fast-leave processing is disabled on a port.
Disabling a port from becoming a dynamic router port
About this task
A receiver host might send MLD general queries or IPv6 PIM hello messages for testing purposes. On the Layer 2 device, the port that receives either of the messages becomes a dynamic router port. Before the aging timer for the port expires, the following problems might occur:
· All IPv6 multicast data for the VLAN to which the port belongs flows to the port. Then, the port forwards the data to attached receiver hosts. The receiver hosts will receive IPv6 multicast data that it does not expect.
· The port forwards the MLD general queries or IPv6 PIM hello messages to its upstream Layer 3 devices. These messages might affect the multicast routing protocol state (such as the MLD querier or DR election) on the Layer 3 devices. This might further cause network interruption.
To solve these problems, you can disable the port from becoming a dynamic router port when receiving either of the messages. This also improves network security and the control over receiver hosts.
Restrictions and guidelines
This configuration and the static router port configuration do not interfere with each other.
Procedure
1. Enter system view.
system-view
2. Enter Layer 2 interface view.
¡ Enter Layer 2 Ethernet interface view.
interface interface-type interface-number
¡ Enter Layer 2 aggregate interface view.
interface bridge-aggregation interface-number
3. Disable the port from becoming a dynamic router port.
mld-snooping router-port-deny [ vlan vlan-list ]
By default, a port is allowed to become a dynamic router port.
Configuring the MLD snooping querier
Enabling the MLD snooping querier
About this task
This feature enables the Layer 2 device to periodically send MLD general queries to establish and maintain multicast forwarding entries at the data link Layer. You can configure an MLD snooping querier on a network without Layer 3 multicast devices.
Restrictions and guidelines
Do not enable the MLD snooping querier on an IPv6 multicast network that runs MLD. An MLD snooping querier does not participate in MLD querier elections. However, it might affect MLD querier elections if it sends MLD general queries with a low source IPv6 address.
Enabling the MLD snooping querier for a VLAN
1. Enter system view.
system-view
2. Enter VLAN view.
vlan vlan-id
3. Enable the MLD snooping querier for the VLAN.
mld-snooping querier
By default, the MLD snooping querier is disabled for a VLAN.
Configuring parameters for MLD general queries and responses
About this task
You can modify the MLD general query interval based on the actual network conditions.
A receiver host starts a report delay timer for each IPv6 multicast group that it has joined when it receives an MLD general query. This timer is set to a random value in the range of 0 to the maximum response time advertised in the query. When the timer value decreases to 0, the host sends an MLD report to the corresponding IPv6 multicast group.
Set an appropriate value for the maximum response time for MLD general queries to speed up hosts' responses to MLD general queries and avoid MLD report traffic bursts.
Restrictions and guidelines
To avoid mistakenly deleting IPv6 multicast group members, make sure the MLD general query interval is greater than the maximum response time for MLD general queries.
Configuring parameters for MLD general queries and responses globally
1. Enter system view.
system-view
2. Enter MLD-snooping view.
mld-snooping
3. Set the maximum response time for MLD general queries.
max-response-time seconds
By default, the maximum response time for MLD general queries is 10 seconds.
Configuring parameters for MLD general queries and responses for a VLAN
1. Enter system view.
system-view
2. Enter VLAN view.
vlan vlan-id
3. Set the MLD general query interval in the VLAN.
mld-snooping query-interval interval
By default, the MLD general query interval for a VLAN is 125 seconds.
4. Set the maximum response time for MLD general queries in the VLAN.
mld-snooping max-response-time seconds
By default, the maximum response time for MLD general queries for a VLAN is 10 seconds.
Enabling MLD snooping proxying
About MLD snooping proxying
The device enabled with MLD snooping proxying is called an MLD snooping proxy. The MLD snooping proxy acts as a host to the upstream device. Enabled with MLD snooping querier, the MLD snooping proxy acts as the router to downstream devices and receives report and done messages on behalf of the upstream device. As a best practice, enable MLD snooping proxy on the edge device to alleviate the effect caused by excessive packets.
Restrictions and guidelines
Before you enable MLD snooping proxying for a VLAN, you must first enable MLD snooping globally and enable MLD snooping for the VLAN. MLD snooping proxying does not take effect on sub VLANs of a multicast VLAN.
Use this feature with MLD snooping querier.
Enabling MLD snooping proxying for a VLAN
1. Enter system view.
system-view
2. Enter VLAN view.
vlan vlan-id
3. Enable MLD snooping proxying for the VLAN.
mld-snooping proxy enable
By default, MLD snooping proxying is disabled for a VLAN.
Configuring parameters for MLD messages
Configuring source IPv6 addresses for MLD messages
About this task
You can change the source IPv6 address of the MLD queries sent by an MLD snooping querier. This configuration might affect MLD querier election within the subnet.
You can also change the source IPv6 address of MLD reports or done messages sent by a simulated member host or an MLD snooping proxy.
Configuring the source IPv6 addresses for MLD messages for a VLAN
1. Enter system view.
system-view
2. Enter VLAN view.
vlan vlan-id
3. Configure the source IPv6 address for MLD general queries.
mld-snooping general-query source-ip ipv6-address
By default, the source IPv6 address of MLD general queries is the IPv6 link-local address of the current VLAN interface. If the current VLAN interface does not have an IPv6 link-local address, the source IPv6 address is FE80::02FF:FFFF:FE00:0001.
4. Configure the source IPv6 address for MLD multicast-address-specific queries.
mld-snooping special-query source-ip ipv6-address
By default, the source IPv6 address of MLD multicast-address-specific queries is one of the following:
¡ The source address of MLD general queries if the MLD snooping querier of the VLAN has received MLD general queries.
¡ The IPv6 link-local address of the current VLAN interface if the MLD snooping querier does not receive an MLD general query.
¡ FE80::02FF:FFFF:FE00:0001 if the MLD snooping querier does not receive an MLD general query and the current VLAN interface does not have an IPv6 link-local address.
5. Configure the source IPv6 address for MLD reports.
mld-snooping report source-ip ipv6-address
By default, the source IPv6 address of MLD reports is the IPv6 link-local address of the current VLAN interface. If the current VLAN interface does not have an IPv6 link-local address, the source IPv6 address is FE80::02FF:FFFF:FE00:0001.
6. Configure the source IPv6 address for MLD done messages.
mld-snooping done source-ip ipv6-address
By default, the source IPv6 address of MLD done messages is the IPv6 link-local address of the current VLAN interface. If the current VLAN interface does not have an IPv6 link-local address, the source IPv6 address is FE80::02FF:FFFF:FE00:0001.
Configuring MLD snooping policies
Configuring an IPv6 multicast group policy
About this task
This feature enables the Layer 2 device to filter MLD reports by using an ACL that specifies the IPv6 multicast groups and the optional sources. It is used to control the IPv6 multicast groups that receiver hosts can join. This configuration takes effect on the IPv6 multicast groups that ports join dynamically.
In an IPv6 multicast application, a host sends an unsolicited MLD report when a user requests an IPv6 multicast program. The Layer 2 device uses the IPv6 multicast group policy to filter the MLD report. The host can join the IPv6 multicast group only if the MLD report is permitted by the IPv6 multicast group policy.
Configuring an IPv6 multicast group policy globally
1. Enter system view.
system-view
2. Enter MLD-snooping view.
mld-snooping
3. Configure an IPv6 multicast group policy globally.
group-policy ipv6-acl-number [ vlan vlan-list ]
By default, no IPv6 multicast group policies exist. Hosts can join any IPv6 multicast groups.
Configuring an IPv6 multicast group policy on a port
1. Enter system view.
system-view
2. Enter Layer 2 interface view.
¡ Enter Layer 2 Ethernet interface view.
interface interface-type interface-number
¡ Enter Layer 2 aggregate interface view.
interface bridge-aggregation interface-number
3. Configure an IPv6 multicast group policy on the port.
mld-snooping group-policy ipv6-acl-number [ vlan vlan-list ]
By default, no IPv6 multicast group policies exist on a port. Hosts attached to the port can join any IPv6 multicast groups.
Enabling dropping unknown IPv6 multicast data
About this task
This feature enables the Layer 2 device to drop all unknown IPv6 multicast data. Unknown IPv6 multicast data refers to IPv6 multicast data for which no forwarding entries exist in the MLD snooping forwarding table.
If you do not enable this feature, the unknown IPv6 multicast data is flooded in the VLAN to which the data belongs.
Restrictions and guidelines
When this feature is enabled, the device also drops unknown IPv4 multicast data.
When this feature is enabled for a VLAN, the device still forwards unknown IPv6 multicast data out of router ports (except the receiving router port) in this VLAN.
Enabling dropping unknown IPv6 multicast data for a VLAN
1. Enter system view.
system-view
2. Enter VLAN view.
vlan vlan-id
3. Enable dropping unknown IPv6 multicast data for the VLAN.
mld-snooping drop-unknown
By default, dropping unknown IPv6 multicast data is disabled. Unknown IPv6 multicast data is flooded.
Enabling MLD report suppression
About this task
This feature enables the Layer 2 device to forward only the first MLD report for an IPv6 multicast group to its directly connected Layer 3 device. Other reports for the same group in the same query interval are discarded. Use this feature to reduce the multicast traffic.
Procedure
1. Enter system view.
system-view
2. Enter MLD-snooping view.
mld-snooping
3. Enable MLD report suppression.
report-aggregation
By default, MLD report suppression is enabled.
Setting the maximum number of IPv6 multicast groups on a port
About this task
You can set the maximum number of IPv6 multicast groups on a port to regulate the port traffic. This feature takes effect only on the IPv6 multicast groups that the port joins dynamically.
If the number of IPv6 multicast groups on a port exceeds the limit, the system removes all the forwarding entries related to that port. In this case, the receiver hosts attached to that port can join IPv6 multicast groups again before the number of IPv6 multicast groups on the port reaches the limit. When the number of IPv6 multicast groups on the port reaches the limit, the port automatically drops MLD reports for new IPv6 multicast groups.
Procedure
1. Enter system view.
system-view
2. Enter Layer 2 interface view.
¡ Enter Layer 2 Ethernet interface view.
interface interface-type interface-number
¡ Enter Layer 2 aggregate interface view.
interface bridge-aggregation interface-number
3. Set the maximum number of IPv6 multicast groups on the port.
mld-snooping group-limit limit [ vlan vlan-list ]
By default, no limit is placed on the maximum number of IPv6 multicast groups on a port.
Enabling IPv6 multicast group replacement
About this task
When IPv6 multicast group replacement is enabled, the port does not drop MLD reports for new groups if the number of multicast groups on the port reaches the upper limit. Instead, the port leaves an IPv6 multicast group that has the lowest IPv6 address and joins the new group contained in the MLD report. The IPv6 multicast group replacement feature is typically used in the channel switching application.
Restrictions and guidelines
This feature takes effect only on the multicast groups that the port joins dynamically.
This feature does not take effect if the following conditions exist:
· The number of the MLD snooping forwarding entries on the device reaches or exceeds the upper limit.
· The IPv6 multicast group that the port newly joins is not included in the multicast group list maintained by the device.
Enabling IPv6 multicast group replacement globally
1. Enter system view.
system-view
2. Enter MLD-snooping view.
mld-snooping
3. Enable IPv6 multicast group replacement globally.
overflow-replace [ vlan vlan-list ]
By default, IPv6 multicast group replacement is disabled globally.
Enabling IPv6 multicast group replacement on a port
1. Enter system view.
system-view
2. Enter Layer 2 interface view.
¡ Enter Layer 2 Ethernet interface view.
interface interface-type interface-number
¡ Enter Layer 2 aggregate interface view.
interface bridge-aggregation interface-number
3. Enable IPv6 multicast group replacement on the port.
mld-snooping overflow-replace [ vlan vlan-list ]
By default, IPv6 multicast group replacement is disabled on a port.
Enabling host tracking
About this task
This feature enables the Layer 2 device to record information about member hosts that are receiving IPv6 multicast data. The information includes IPv6 addresses of the hosts, length of time elapsed since the hosts joined IPv6 multicast groups, and remaining timeout time for the hosts. This feature facilitates monitoring and managing member hosts.
Restrictions and guidelines
The configuration made in MLD-snooping view does not take effect on VSIs.
Enabling host tracking globally
1. Enter system view.
system-view
2. Enter MLD-snooping view.
mld-snooping
3. Enable host tracking globally.
host-tracking
By default, host tracking is disabled globally.
Enabling host tracking in a VLAN
1. Enter system view.
system-view
2. Enter VLAN view.
vlan vlan-id
3. Enable host tracking for the VLAN.
mld-snooping host-tracking
By default, host tracking is disabled in a VLAN.
Enabling SNMP notifications for MLD snooping
About this task
To report critical MLD snooping events to an NMS, enable SNMP notifications for MLD snooping. For MLD snooping event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see Network Management and Monitoring Configuration Guide.
Procedure
1. Enter system view.
system-view
2. Enable SNMP notifications for MLD snooping.
snmp-agent trap enable mld-snooping [ global-entry-exceed ]
By default, SNMP notifications for MLD snooping are enabled.
Display and maintenance commands for MLD snooping
Execute display commands in any view and reset commands in user view.
|
Task |
Command |
|
Display information about Layer 2 IPv6 multicast groups. |
In standalone mode: display ipv6 l2-multicast ip [ group ipv6-group-address | source ipv6-source-address ] * [ vlan vlan-id ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display ipv6 l2-multicast ip [ group ipv6-group-address | source ipv6-source-address ] * [ vlan vlan-id ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] |
|
Display Layer 2 IPv6 multicast group entries. |
In standalone mode: display ipv6 l2-multicast ip forwarding [ group ipv6-group-address | source ipv6-source-address ] * [ vlan vlan-id ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display ipv6 l2-multicast ip forwarding [ group ipv6-group-address | source ipv6-source-address ] * [ vlan vlan-id ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] |
|
Display information about Layer 2 IPv6 MAC multicast groups. |
In standalone mode: display ipv6 l2-multicast mac [ mac-address ] [ vlan vlan-id ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display ipv6 l2-multicast mac [ mac-address ] [ vlan vlan-id ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] |
|
Display Layer 2 IPv6 MAC multicast group entries. |
In standalone mode: display ipv6 l2-multicast mac forwarding [ mac-address ] [ vlan vlan-id ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display ipv6 l2-multicast mac forwarding [ mac-address ] [ vlan vlan-id ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] |
|
Display static IPv6 multicast MAC address entries. |
display mac-address [ mac-address [ vlan vlan-id ] | [ multicast ] [ vlan vlan-id ] [ count ] ] |
|
Display MLD snooping status. |
display mld-snooping [ global | vlan vlan-id ] |
|
Display dynamic MLD snooping group entries. |
In standalone mode: display mld-snooping group [ ipv6-group-address | ipv6-source-address ] * [ vlan vlan-id ] [ verbose ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display mld-snooping group [ ipv6-group-address | ipv6-source-address ] * [ vlan vlan-id ] [ verbose ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] |
|
Display host tracking information. |
In standalone mode: display mld-snooping host-tracking vlan vlan-id group ipv6-group-address [ source ipv6-source-address ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display mld-snooping host-tracking vlan vlan-id group ipv6-group-address [ source ipv6-source-address ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] |
|
Display dynamic router port information. |
In standalone mode: display mld-snooping router-port [ vlan vlan-id ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display mld-snooping router-port [ vlan vlan-id ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] |
|
Display static MLD snooping group entries. |
In standalone mode: display mld-snooping static-group [ ipv6-group-address | ipv6-source-address ] * [ vlan vlan-id ] [ verbose ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display mld-snooping static-group [ ipv6-group-address | ipv6-source-address ] * [ vlan vlan-id ] [ verbose ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] |
|
Display static router port information. |
In standalone mode: display mld-snooping static-router-port [ vlan vlan-id ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display mld-snooping static-router-port [ vlan vlan-id ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] |
|
Display statistics for the MLD messages and IPv6 PIM hello messages learned through MLD snooping. |
display mld-snooping statistics |
|
Clear dynamic MLD snooping group entries. |
reset mld-snooping group { ipv6-group-address [ ipv6-source-address ] | all } [ vlan vlan-id ] |
|
Clear dynamic router port information. |
reset mld-snooping router-port { all | vlan vlan-id } |
|
Clear statistics for MLD messages and IPv6 PIM hello messages learned through MLD snooping. |
reset mld-snooping statistics |
MLD snooping configuration examples
Example: Configuring VLAN-based IPv6 group policy and simulated joining
Network configuration
As shown in Figure 4, Router A runs MLDv1 and acts as the MLD querier, and Device A runs MLDv1 snooping.
Configure the group policy and simulate joining to meet the following requirements:
· Host A and Host B receive only the IPv6 multicast data addressed to the IPv6 multicast group FF1E::101. IPv6 multicast data can be forwarded through Ten-GigabitEthernet 3/1/3 and Ten-GigabitEthernet 3/1/4 of Device A uninterruptedly, even though Host A and Host B fail to receive the multicast data.
· Device A will drop unknown IPv6 multicast data instead of flooding it in VLAN 100.
Procedure
1. Assign an IPv6 address and prefix length to each interface, as shown in Figure 4. (Details not shown.)
2. Configure Router A:
# Enable IPv6 multicast routing.
<RouterA> system-view
[RouterA] ipv6 multicast routing
[RouterA-mrib6] quit
# Enable MLD on Ten-GigabitEthernet 3/1/1.
[RouterA] interface ten-gigabitethernet 3/1/1
[RouterA-Ten-GigabitEthernet3/1/1] mld enable
[RouterA-Ten-GigabitEthernet3/1/1] quit
# Enable IPv6 PIM-DM on Ten-GigabitEthernet 3/1/2.
[RouterA] interface ten-gigabitethernet 3/1/2
[RouterA-Ten-GigabitEthernet3/1/2] ipv6 pim dm
[RouterA-Ten-GigabitEthernet3/1/2] quit
3. Configure Device A:
# Enable MLD snooping globally.
<DeviceA> system-view
[DeviceA] mld-snooping
[DeviceA-mld-snooping] quit
# Create VLAN 100, and assign Ten-GigabitEthernet 3/1/1 through Ten-GigabitEthernet 3/1/4 to the VLAN.
[DeviceA] vlan 100
[DeviceA-vlan100] port ten-gigabitethernet 3/1/1 to ten-gigabitethernet 3/1/4
# Enable MLD snooping, and enable dropping IPv6 unknown multicast data for VLAN 100.
[DeviceA-vlan100] mld-snooping enable
[DeviceA-vlan100] mld-snooping drop-unknown
[DeviceA-vlan100] quit
# Configure an IPv6 multicast group policy so that hosts in VLAN 100 can join only IPv6 multicast group FF1E::101.
[DeviceA] acl ipv6 basic 2001
[DeviceA-acl-ipv6-basic-2001] rule permit source ff1e::101 128
[DeviceA-acl-ipv6-basic-2001] quit
[DeviceA] mld-snooping
[DeviceA–mld-snooping] group-policy 2001 vlan 100
[DeviceA–mld-snooping] quit
# Configure Ten-GigabitEthernet 3/1/3 and Ten-GigabitEthernet 3/1/4 as simulated member hosts to join IPv6 multicast group FF1E::101.
[DeviceA] interface ten-gigabitethernet 3/1/3
[DeviceA-Ten-GigabitEthernet3/1/3] mld-snooping host-join ff1e::101 vlan 100
[DeviceA-Ten-GigabitEthernet3/1/3] quit
[DeviceA] interface ten-gigabitethernet 3/1/4
[DeviceA-Ten-GigabitEthernet3/1/4] mld-snooping host-join ff1e::101 vlan 100
[DeviceA-Ten-GigabitEthernet3/1/4] quit
Verifying the configuration
# Send MLD reports from Host A and Host B to join IPv6 multicast groups FF1E::101 and FF1E::202. (Details not shown.)
# Display dynamic MLD snooping group entries for VLAN 100 on Device A.
[DeviceA] display mld-snooping group vlan 100
Total 1 entries.
VLAN 100: Total 1 entries.
(::, FF1E::101)
Host slots (0 in total):
Host ports (2 in total):
XGE3/1/3 (00:03:23)
XGE3/1/4 (00:04:10)
The output shows the following information:
· Host A and Host B have joined IPv6 multicast group FF1E::101 through the member ports Ten-GigabitEthernet 3/1/4 and Ten-GigabitEthernet 3/1/3 on Device A, respectively.
· Host A and Host B have failed to join the multicast group FF1E::202.
Example: Configuring VLAN-based static ports
Network configuration
As shown in Figure 5:
· Router A runs MLDv1 and acts as the MLD querier. Device A, Device B, and Device C run MLDv1 snooping.
· Host A and Host C are permanent receivers of IPv6 multicast group FF1E::101.
Configure static ports to meet the following requirements:
· To enhance the reliability of IPv6 multicast traffic transmission, configure Ten-GigabitEthernet 3/1/3 and Ten-GigabitEthernet 3/1/5 on Device C as static member ports for IPv6 multicast group FF1E::101.
· Suppose the STP runs on the network. To avoid data loops, the forwarding path from Device A to Device C is blocked. IPv6 multicast data flows to the receivers attached to Device C only along the path of Device A—Device B—Device C. When this path is blocked, a minimum of one MLD query-response cycle must be completed before IPv6 multicast data flows to the receivers along the path of Device A—Device C. In this case, the multicast delivery is interrupted during the process. For more information about the STP, see Layer 2—LAN Deviceing Configuration Guide.
Configure Ten-GigabitEthernet 3/1/3 on Device A as a static router port. Then, IPv6 multicast data can flow to the receivers nearly uninterrupted along the path of Device A—Device C when the path of Device A—Device B—Device C is blocked.
Procedure
1. Assign an IPv6 address and prefix length to each interface, as shown in Figure 5. (Details not shown.)
2. Configure Router A:
# Enable IPv6 multicast routing.
<RouterA> system-view
[RouterA] ipv6 multicast routing
[RouterA-mrib6] quit
# Enable MLD on Ten-GigabitEthernet 3/1/1.
[RouterA] interface ten-gigabitethernet 3/1/1
[RouterA-Ten-GigabitEthernet3/1/1] mld enable
[RouterA-Ten-GigabitEthernet3/1/1] quit
# Enable IPv6 PIM-DM on Ten-GigabitEthernet 3/1/2.
[RouterA] interface ten-gigabitethernet 3/1/2
[RouterA-Ten-GigabitEthernet3/1/2] ipv6 pim dm
[RouterA-Ten-GigabitEthernet3/1/2] quit
3. Configure Device A:
# Enable MLD snooping globally.
<DeviceA> system-view
[DeviceA] mld-snooping
[DeviceA-mld-snooping] quit
# Create VLAN 100, and assign Ten-GigabitEthernet 3/1/1 through Ten-GigabitEthernet 3/1/3 to the VLAN.
[DeviceA] vlan 100
[DeviceA-vlan100] port ten-gigabitethernet 3/1/1 to ten-gigabitethernet 3/1/3
# Enable MLD snooping for VLAN 100.
[DeviceA-vlan100] mld-snooping enable
[DeviceA-vlan100] quit
# Configure Ten-GigabitEthernet 3/1/3 as a static router port.
[DeviceA] interface ten-gigabitethernet 3/1/3
[DeviceA-Ten-GigabitEthernet3/1/3] mld-snooping static-router-port vlan 100
[DeviceA-Ten-GigabitEthernet3/1/3] quit
4. Configure Device B:
# Enable MLD snooping globally.
<DeviceB> system-view
[DeviceB] mld-snooping
[DeviceB-mld-snooping] quit
# Create VLAN 100, and assign Ten-GigabitEthernet 3/1/1 and Ten-GigabitEthernet 3/1/2 to the VLAN.
[DeviceB] vlan 100
[DeviceB-vlan100] port ten-gigabitethernet 3/1/1 ten-gigabitethernet 3/1/2
# Enable MLD snooping for VLAN 100.
[DeviceB-vlan100] mld-snooping enable
[DeviceB-vlan100] quit
5. Configure Device C:
# Enable MLD snooping globally.
<DeviceC> system-view
[DeviceC] mld-snooping
[DeviceC-mld-snooping] quit
# Create VLAN 100, and assign Ten-GigabitEthernet 3/1/1 through Ten-GigabitEthernet 3/1/5 to the VLAN.
[DeviceC] vlan 100
[DeviceC-vlan100] port ten-gigabitethernet 3/1/1 to ten-gigabitethernet 3/1/5
# Enable MLD snooping for VLAN 100.
[DeviceC-vlan100] mld-snooping enable
[DeviceC-vlan100] quit
# Configure Ten-GigabitEthernet 3/1/3 and Ten-GigabitEthernet 3/1/5 as static member ports for IPv6 multicast group FF1E::101.
[DeviceC] interface ten-gigabitethernet 3/1/3
[DeviceC-Ten-GigabitEthernet3/1/3] mld-snooping static-group ff1e::101 vlan 100
[DeviceC-Ten-GigabitEthernet3/1/3] quit
[DeviceC] interface ten-gigabitethernet 3/1/5
[DeviceC-Ten-GigabitEthernet3/1/5] mld-snooping static-group ff1e::101 vlan 100
[DeviceC-Ten-GigabitEthernet3/1/5] quit
Verifying the configuration
# Display static router port information for VLAN 100 on Device A.
[DeviceA] display mld-snooping static-router-port vlan 100
VLAN 100:
Router slots (0 in total):
Router ports (1 in total):
XGE3/1/3
The output shows that Ten-GigabitEthernet 3/1/3 on Device A has become a static router port.
# Display static MLD snooping group entries in VLAN 100 on Device C.
[DeviceC] display mld-snooping static-group vlan 100
Total 1 entries).
VLAN 100: Total 1 entries).
(::, FF1E::101)
Host slots (0 in total):
Host ports (2 in total):
XGE3/1/3
XGE3/1/5
The output shows that Ten-GigabitEthernet 3/1/3 and Ten-GigabitEthernet 3/1/5 on Device C have become static member ports of IPv6 multicast group FF1E::101.
Example: Configuring the VLAN-based MLD snooping querier
Network configuration
As shown in Figure 6:
· The network is a Layer 2-only network.
· Source 1 and Source 2 send multicast data to IPv6 multicast groups FF1E::101 and FF1E::102, respectively.
· Host A and Host C are receivers of IPv6 multicast group FF1E::101, and Host B and Host D are receivers of IPv6 multicast group FF1E::102.
· All host receivers run MLDv1 and all devices run MLDv1 snooping. Device A (which is close to the multicast sources) acts as the MLD snooping querier.
To prevent the switches from flooding unknown IPv6 packets in the VLAN, enable all the switches to drop unknown IPv6 multicast packets.
Procedure
1. Configure Device A:
# Enable MLD snooping globally.
<DeviceA> system-view
[DeviceA] mld-snooping
[DeviceA-mld-snooping] quit
# Create VLAN 100, and assign Ten-GigabitEthernet 3/1/1 through Ten-GigabitEthernet 3/1/3 to the VLAN.
[DeviceA] vlan 100
[DeviceA-vlan100] port ten-gigabitethernet 3/1/1 to ten-gigabitethernet 3/1/3
# Enable MLD snooping, and enable dropping unknown IPv6 multicast data for VLAN 100.
[DeviceA-vlan100] mld-snooping enable
[DeviceA-vlan100] mld-snooping drop-unknown
# Configure Device A as the MLD snooping querier.
[DeviceA-vlan100] MLD-snooping querier
[DeviceA-vlan100] quit
2. Configure Device B:
# Enable MLD snooping globally.
<DeviceB> system-view
[DeviceB] mld-snooping
[DeviceB-mld-snooping] quit
# Create VLAN 100, and assign Ten-GigabitEthernet 3/1/1 through Ten-GigabitEthernet 3/1/4 to the VLAN.
[DeviceB] vlan 100
[DeviceB-vlan100] port ten-gigabitethernet 3/1/1 to ten-gigabitethernet 3/1/4
# Enable MLD snooping, and enable dropping unknown IPv6 multicast data for VLAN 100.
[DeviceB-vlan100] mld-snooping enable
[DeviceB-vlan100] mld-snooping drop-unknown
[DeviceB-vlan100] quit
3. Configure Device C:
# Enable MLD snooping globally.
<DeviceC> system-view
[DeviceC] mld-snooping
[DeviceC-mld-snooping] quit
# Create VLAN 100, and assign Ten-GigabitEthernet 3/1/1 through Ten-GigabitEthernet 3/1/3 to the VLAN.
[DeviceC] vlan 100
[DeviceC-vlan100] port ten-gigabitethernet 3/1/1 to ten-gigabitethernet 3/1/3
# Enable MLD snooping, and enable dropping unknown IPv6 multicast data for VLAN 100.
[DeviceC-vlan100] mld-snooping enable
[DeviceC-vlan100] mld-snooping drop-unknown
[DeviceC-vlan100] quit
4. Configure Device D:
# Enable MLD snooping globally.
<DeviceD> system-view
[DeviceD] mld-snooping
[DeviceD-mld-snooping] quit
# Create VLAN 100, and assign Ten-GigabitEthernet 3/1/1 and Ten-GigabitEthernet 3/1/2 to the VLAN.
[DeviceD] vlan 100
[DeviceD-vlan100] port ten-gigabitethernet 3/1/1 to ten-gigabitethernet 3/1/2
# Enable MLD snooping, and enable dropping unknown IPv6 multicast data for VLAN 100.
[DeviceD-vlan100] mld-snooping enable
[DeviceD-vlan100] mld-snooping drop-unknown
[DeviceD-vlan100] quit
Verifying the configuration
# Display statistics for MLD messages and IPv6 PIM hello messages learned through MLD snooping on Device B.
[DeviceB] display mld-snooping statistics
Received MLD general queries: 3
Received MLDv1 specific queries: 0
Received MLDv1 reports: 12
Received MLD dones: 0
Sent MLDv1 specific queries: 0
Received MLDv2 reports: 0
Received MLDv2 reports with right and wrong records: 0
Received MLDv2 specific queries: 0
Received MLDv2 specific sg queries: 0
Sent MLDv2 specific queries: 0
Sent MLDv2 specific sg queries: 0
Received IPv6 PIM hello: 0
Received error MLD messages: 0
The output shows that all switches except Device A can receive the MLD general queries after Device A acts as the MLD snooping querier.
Example: Configuring VLAN-based MLD snooping proxying
Network configuration
As shown in Figure 7, Router A runs MLDv1 and acts as the MLD querier. Device A runs MLDv1 snooping. Configure MLD snooping proxying so that Device A can perform the following actions:
· Forward MLD report and done messages to Router A.
· Respond to MLD queries sent by Router A and forward the queries to downstream hosts.
Procedure
1. Assign an IPv6 address and subnet mask to each interface, as shown in Figure 7. (Details not shown.)
2. Configure Router A:
# Enable IPv6 multicast routing.
<RouterA> system-view
[RouterA] ipv6 multicast routing
[RouterA-mrib6] quit
# Enable MLD and IPv6 PIM-DM on Ten-GigabitEthernet 3/1/1.
[RouterA] interface ten-gigabitethernet 3/1/1
[RouterA-Ten-GigabitEthernet3/1/1] mld enable
[RouterA-Ten-GigabitEthernet3/1/1] ipv6 pim dm
[RouterA-Ten-GigabitEthernet3/1/1] quit
# Enable IPv6 PIM-DM on Ten-GigabitEthernet 3/1/2.
[RouterA] interface ten-gigabitethernet 3/1/2
[RouterA-Ten-GigabitEthernet3/1/2] ipv6 pim dm
[RouterA-Ten-GigabitEthernet3/1/2] quit
3. Configure Device A:
# Enable MLD snooping globally.
<DeviceA> system-view
[DeviceA] mld-snooping
[DeviceA-mld-snooping] quit
# Create VLAN 100, and assign Ten-GigabitEthernet 3/1/1 through Ten-GigabitEthernet 3/1/4 to the VLAN.
[DeviceA] vlan 100
[DeviceA-vlan100] port ten-gigabitethernet 3/1/1 to ten-gigabitethernet 3/1/4
# Enable MLD snooping and MLD snooping proxying for the VLAN.
[DeviceA-vlan100] mld-snooping enable
[DeviceA-vlan100] mld-snooping proxy enable
[DeviceA-vlan100] quit
Verifying the configuration
# Send MLD reports from Host A and Host B to join IPv6 multicast group FF1E::101. (Details not shown.)
# Display MLD snooping group entries on Device A.
[DeviceA] display mld-snooping group
Total 1 entries.
VLAN 100: Total 1 entries.
(::, FF1E::101)
Host ports (2 in total):
XGE3/1/3 (00:04:09)
XGE3/1/4 (00:03:06)
The output shows that Ten-GigabitEthernet3/1/1 and Ten-GigabitEthernet3/1/1 are member ports of IPv6 multicast group FF1E::101. Host A and Host B will receive IPv6 multicast data for the group.
# Display MLD group membership information on Router A.
[RouterA] display mld group
MLD groups in total: 1
Ten-GigabitEthernet3/1/1(2001::1):
MLD groups reported in total: 1
Group address: FF1E::101
Last reporter: FE80::2FF:FFFF:FE00:1
Uptime: 00:00:31
Expires: 00:03:48
# Send an MLD done message from Host A to leave IPv6 multicast group FF1E::101. (Details not shown.)
# Display MLD snooping group entries on Device A.
[DeviceA] display mld-snooping group
Total 1 entries.
VLAN 100: Total 1 entries.
(::, FF1E::101)
Host ports (1 in total):
XGE3/1/3 (00:01:23)
The output shows that Ten-GigabitEthernet3/1/1 is the only member port of IPv6 multicast group FF1E::101. Only Host B will receive IPv6 multicast data for the group.
Troubleshooting MLD snooping
Layer 2 multicast forwarding cannot function
Symptom
Layer 2 multicast forwarding cannot function through MLD snooping.
Solution
To resolve the issue:
1. Use the display mld-snooping command to display MLD snooping status.
2. If MLD snooping is not enabled, use the mld-snooping command in system view to enable MLD snooping globally. Then, use the mld-snooping enable command in VLAN view to enable MLD snooping for the VLAN.
3. If MLD snooping is enabled globally but not enabled for the VLAN, use the mld-snooping enable command in VLAN view to enable MLD snooping for the VLAN.
4. If the issue persists, contact H3C Support.
IPv6 multicast group policy does not work
Symptom
Hosts can receive IPv6 multicast data for IPv6 multicast groups that are not permitted by the IPv6 multicast group policy.
Solution
To resolve the issue:
1. Use the display acl ipv6 command to verify that the configured IPv6 ACL meets the IPv6 multicast group policy requirements.
2. Use the display this command in MLD-snooping view or in interface view to verify that the correct IPv6 multicast group policy has been applied. If the applied policy is not correct, use the group-policy or mld-snooping group-policy command to apply the correct IPv6 multicast group policy.
3. Use the display mld-snooping command to verify that dropping unknown IPv6 multicast data is enabled. If it is not, use the mld-snooping drop-unknown command to enable dropping unknown IPv6 multicast data.
4. If the issue persists, contact H3C Support.
