IGMP Snooping in Cisco ACI [Explained and configuration]
Contents
What is IGMP Snooping
Internet Group Management Protocol (IGMP) is a feature allows a network switch to listen in on the IGMP conversation between hosts and routers and filter multicasts links that do not need them, thus controlling which ports receive specific multicast traffic.
The IGMP snooping feature snoops the IGMP membership reports and Leave messages and forwards them only when necessary to the IGMP router function.
IGMP snooping operates upon IGMPv1, IGMPv2, and IGMPv3 control plane packets where Layer 3 control plane packets are intercepted and influence the Layer 2 forwarding behavior.
I- Create IGMP Snoop Policy
Navigate to Tenant > Policies > Protocol > IGMP Snoop and create a new Policy:
Fast leave: You can enable or disable “Fast leave” Option
- When the fast leave processing feature enabled, Upon receiving an IGMP leave message on a port, the switch immediately removes that port from the outgoing port list of the entry in the forwarding table for the indicated group.
- In VLANs where only one host is attached to each port, fast leave processing helps improve bandwidth and resource usage. However, if fast leave processing is enabled on a port to which more than one host is attached, when one host leaves a multicast group, the other hosts attached to the port and interested in the same multicast group will fail to receive multicast data for that group.
Enable Querier:
When you enable IGMP Querier, you need to also enable it under the BD subnet where this IGMP snooping policy will be applied: Tenants > tenant_name > Networking > Bridge Domains > bridge_domain_name > Subnets
Last Member Query Interval:
IGMP uses this value when it receives an IGMPv2 Leave report. This means that at least one host wants to leave the group. After it receives the Leave report, it checks that the interface is not configured for IGMP Fast Leave and if not, it sends out an out-of-sequence query.
Query Interval:
This value is used to define the amount of time the IGMP function will store a particular IGMP state if it does not hear any reports on the group.
Query Response Interval:
When a host receives the query packet, it starts counting to a random value, less that the maximum response time. When this timer expires, host replies with a report.
Start query Count
Number of queries sent at startup that are separated by the startup query interval. Values range from 1 to 10. The default is 2.
II- Apply IGMP Snooping Policy under the BD
1- Under the Bridge domain select the IGMP Snooping Policy:
2- At subnet level, enable Querier IP:
III- IGMP Snooping Verification and Troubleshooting
We have a receiver 172.16.31.2 in the configured BD with interest to join group 239.251.1.1:
- Verify the Receiver:
leaf1# show system internal epm endpoint ip 172.16.31.2
MAC : 0050.56a0.**ab ::: Num IPs : 1
IP# 0 : 172.16.31.2 ::: IP# 0 flags : ::: l3-sw-hit: No
Vlan id : 160 ::: Vlan vnid : 8400 ::: VRF name : MC:VRF-MC3
BD vnid : 15335397 ::: VRF vnid : 2359298
Phy If : 0x16000001 ::: Tunnel If : 0
Interface : port-channel2
Flags : 0x80004c05 ::: sclass : 49161 ::: Ref count : 5
EP Flags : local|vPC|IP|MAC|sclass|timer|- Check the BD PIVLAN:
From EPG PIVLAN (160), we see BD PIVLAN is 159
leaf1# show system internal epm vlan 160
+----------+---------+-----------------+----------+------+----------+-----------
VLAN ID Type Access Encap Fabric H/W id BD VLAN Endpoint
(Type Value) Encap Count
+----------+---------+-----------------+----------+------+----------+-----------
160 FD vlan 802.1Q 2008 8400 182 159 1 Code language: PHP (php)- Check IGMP Snooping information for BD:
leaf1# show ip igmp snooping vlan 159
IGMP Snooping information for vlan 159
IGMP snooping enabled
Lookup mode: IP
Optimised Multicast Flood (OMF) enabled
IGMP querier present, address: 172.16.31.254, version: 2, i/f Vlan159
Switch-querier disabled
IGMPv3 Explicit tracking enabled
IGMPv2 Fast leave disabled
IGMPv1/v2 Report suppression enabled
IGMPv3 Report suppression enabled
Link Local Groups suppression enabled
Router port detection using PIM Hellos, IGMP Queries
Number of router-ports: 1
Number of groups: 1
VLAN vPC function enabled
Multicast Routing enabled on VLAN
Active ports:
Eth1/6 Po2Code language: PHP (php)- Check IGMP Querier details:
leaf1# show ip igmp snooping querier vlan 159 detail
Vlan IP Address Version Expires Port
159 172.16.31.254 v2 00:03:28 Vlan159
IGMP snooping querier configuration for VLAN 159
IGMP snooping last member query count: 0, configured value: 0
IGMP snooping version: 2, configured value: 3
IGMP snooping robustness variable: 2, configured value: 2
IGMP snooping startup query count: 2, configured value: 2
IGMP snooping startup query interval: 31 secs, configured value: 31 secs
IGMP snooping last member query interval: 1 secs, configured value: 1 secs
IGMP snooping query interval: 125 secs, configured value: 125 secs
IGMP snooping query max response time: 10 secs, configured value: 10 secs
IGMP snooping configured querier timeout: 255 secs, defaultCode language: CSS (css)- Verify IGMP snooping group membership table:
leaf1# show ip igmp snooping groups vlan 159
Type: S - Static, D - Dynamic, R - Router port, F - Fabricpath core port
Vlan Group Address Ver Type Port list
159 */* - R Vlan159
159 239.251.1.1 v2 D Po2Code language: PHP (php)leaf1# show ip igmp snooping groups vlan 159 detail
IGMP Snooping group membership for vlan 159
Group addr: 239.251.1.1
Group ver: v2 [old-host-timer: not running]
Last reporter: 172.16.31.2
Group Report Timer: 00:00:00
Group v3 Expiry Report Timer: 00:00:00
IGMPv1/v2 memb ports:
Po2 [0 GQ missed]
vPC grp peer-link flag: exclude
M2RIB vPC grp peer-link flag: includeCode language: PHP (php)- Verify IGMP Snooping statistics for the BD:
leaf1# show ip igmp snooping statistics vlan 159
Global IGMP snooping statistics: (only non-zero values displayed)
Packets flooded: 19067
vPC ZMQ message response sent: 24
vPC ZMQ message response rcvd: 24
VLAN 159 IGMP snooping statistics, last reset: (only non-zero values displayed)
Packets received: 18681
IGMPv2 reports received: 12326
IGMPv2 queries received: 6355
Invalid reports received: 12315
IGMPv2 reports suppressed: 2
vPC Peer Link ZMQ packet statistics:
IGMP packets (sent/recv/fail): 0/12306/0Code language: PHP (php)
Thanks for reading.
