References:
https://blogs.vmware.com/vsphere/2013/05/vxlan-series-multicast-basics-part-2.html
https://www.juniper.net/documentation/en_US/junos/topics/concept/igmp-snooping-qfx-series-overview.html
https://mrncciew.com/2012/12/25/igmp-basics/
How does layer 2 network devices know which nodes are interested in which conversations or multicast groups?
The layer 2 switches monitor the IGMP query and report messages to find out which switch ports are subscribed to which multicast group. This functionality of a layer 2 switch is called IGMP snooping.
The diagram below shows an example where there are two servers on the right streaming two different webcasts A and B. The users on the left choose to subscribe to a particular webcast by sending IGMP report messages.
The Layer 2 switch monitors IGMP packets sent by the users and makes entry in the forwarding table about the membership to particular multicast addresses. As you can see that multicast group address 239.1.1.100 is associated with Webcast A and 239.1.1.101 with Webcast B. In this example Port 1 and 2 are members of the multicast group 239.1.1.100 while Port 3 and 4 are members of 230.1.1.101.
The diagram below shows how the Webcast A packets with destination IP address 239.1.1.00 (Orange Arrow) sent to port 10 are only replicated to port 1 and 2 of the switch. Similarly the Webcast B traffic (Green Arrow) is only sent to port 3 and 4. User connected to port 5 is not subscribed to any Webcasts so it won’t receive any multicast traffic.
This shows how IGMP snooping capability on a physical switch optimizes the multicast packet delivery.
*Note that in this example each user has joined only one multicast group, but in reality they can join any number of multicast groups.
Without an IGMP querier to respond to, users do not send periodic membership requests. As a result, the entries in the layer 2 switch times out and multicast traffic is not delivered. In any given subnet, one multicast router acts as an IGMP querier.
The IGMP querier sends out the following types of queries to hosts:
https://blogs.vmware.com/vsphere/2013/05/vxlan-series-multicast-basics-part-2.html
https://www.juniper.net/documentation/en_US/junos/topics/concept/igmp-snooping-qfx-series-overview.html
https://mrncciew.com/2012/12/25/igmp-basics/
How does layer 2 network devices know which nodes are interested in which conversations or multicast groups?
The layer 2 switches monitor the IGMP query and report messages to find out which switch ports are subscribed to which multicast group. This functionality of a layer 2 switch is called IGMP snooping.
The diagram below shows an example where there are two servers on the right streaming two different webcasts A and B. The users on the left choose to subscribe to a particular webcast by sending IGMP report messages.
IGMP Join request
The diagram below shows how the Webcast A packets with destination IP address 239.1.1.00 (Orange Arrow) sent to port 10 are only replicated to port 1 and 2 of the switch. Similarly the Webcast B traffic (Green Arrow) is only sent to port 3 and 4. User connected to port 5 is not subscribed to any Webcasts so it won’t receive any multicast traffic.
Multicast Packets
*Note that in this example each user has joined only one multicast group, but in reality they can join any number of multicast groups.
Why do you need IGMP querier ?
IGMP querier is the function of a router and it is important to enable that for a proper IGMP snooping operation on layer 2 switches. We looked at how users join a multicast group by sending IGMP query messages. These messages are sent to the multicast router or IGMP querier.Without an IGMP querier to respond to, users do not send periodic membership requests. As a result, the entries in the layer 2 switch times out and multicast traffic is not delivered. In any given subnet, one multicast router acts as an IGMP querier.
The IGMP querier sends out the following types of queries to hosts:
- General query—Asks whether any host is listening to any group.
- Group-specific query—(IGMPv2 and IGMPv3 only) Asks whether any host is listening to a specific multicast group. This query is sent in response to a host leaving the multicast group and allows the router to quickly determine if any remaining hosts are interested in the group.
- Group-and-source-specific query—(IGMPv3 only) Asks whether any host is listening to group multicast traffic from a specific multicast source. This query is sent in response to a host indicating that it is not longer interested in receiving group multicast traffic from the multicast source and allows the router to quickly determine any remaining hosts are interested in receiving group multicast traffic from that source.Hosts that are multicast listeners send the following kinds of messages:
- Membership report—Indicates that the host wants to join a particular multicast group.
- Leave report—(IGMPv2 and IGMPv3 only) Indicates that the host wants to leave a particular multicast group.
How Hosts Join and Leave Multicast Groups
Hosts can join multicast groups in two ways: - By sending an unsolicited IGMP join message to a multicast router that specifies the IP multicast group the host wants to join.
- By sending an IGMP join message in response to a general query from a multicast router.
A multicast router continues to forward multicast traffic to a VLAN provided that at least one host on that VLAN responds to the periodic general IGMP queries. For a host to remain a member of a multicast group, it must continue to respond to the periodic general IGMP queries.
Hosts can leave a multicast group in either of two ways: - By not responding to periodic queries within a particular interval of time, which is considered a “silent leave.” This is the only leave method for IGMPv1 hosts.
- By sending a leave report. This method can be used by IGMPv2 and IGMPv3 hosts.
Advantages of IGMP Snooping:
1.
A multicast MAC address can never be the source address for
a packet. As a result, when a device receives traffic for a multicast
destination address, it floods the traffic on the relevant VLAN, sending
a significant amount of traffic for which there might not necessarily
be interested receivers.
IGMP snooping prevents this flooding thus the device
conserves bandwidth by sending multicast traffic only to interfaces
connected to devices that want to receive the traffic, instead of
flooding the traffic to all the downstream interfaces in a VLAN.
2.
Improved security—Prevents
denial of service attacks from unknown sources.
No comments:
Post a Comment