Example for Configuring IGMP Snooping in a VLAN
Networking Requirements
As shown in Figure 1, the router runs IGMPv2 and connects to user hosts through a Layer 2 switch. The multicast source (Source) sends multicast data to groups 225.1.1.1-225.1.1.5. Receiver hosts A, B, and C are only allowed to receive data for groups 225.1.1.1-225.1.1.3.
Configuration Roadmap
To meet the preceding requirements, configure basic IGMP snooping functions and a multicast group policy on the Layer 2 switch. The configuration roadmap is as follows:
- Create a VLAN and add interfaces to the VLAN.
- Enable IGMP snooping globally and in the VLAN.
- Configure a multicast group policy and apply this policy to the VLAN.
Procedure
- Create a VLAN and add interfaces to the VLAN.
<HUAWEI> system-view [HUAWEI] sysname Switch [Switch] vlan 10 [Switch-vlan10] quit [Switch] interface gigabitethernet 0/0/1 [Switch-GigabitEthernet0/0/1] port link-type hybrid [Switch-GigabitEthernet0/0/1] port hybrid pvid vlan 10 [Switch-GigabitEthernet0/0/1] port hybrid untagged vlan 10 [Switch-GigabitEthernet0/0/1] quit [Switch] interface gigabitethernet 0/0/2 [Switch-GigabitEthernet0/0/2] port link-type hybrid [Switch-GigabitEthernet0/0/2] port hybrid pvid vlan 10 [Switch-GigabitEthernet0/0/2] port hybrid untagged vlan 10 [Switch-GigabitEthernet0/0/2] quit [Switch] interface gigabitethernet 0/0/3 [Switch-GigabitEthernet0/0/3] port link-type hybrid [Switch-GigabitEthernet0/0/3] port hybrid pvid vlan 10 [Switch-GigabitEthernet0/0/3] port hybrid untagged vlan 10 [Switch-GigabitEthernet0/0/3] quit
- Enable IGMP snooping.
# Enable IGMP snooping globally.
[Switch] igmp-snooping enable# Enable IGMP snooping in VLAN 10.
[Switch] vlan 10 [Switch-vlan10] igmp-snooping enable [Switch-vlan10] quit
After the configuration is complete, the switch can generate Layer 2 multicast forwarding entries by listening to IGMP messages. Ensure that the general query interval configured on the switch is the same as that on the upstream Layer 3 router. Otherwise, some Layer 2 multicast forwarding entries may be aged out incorrectly, interrupting multicast traffic forwarding. If the default general query interval of the switch is different from that of the router, run the igmp-snooping query-interval query-interval command in VLAN 10 to change the general query interval on the switch.
- Configure a multicast group policy and apply this policy.
# Configure a multicast group policy.
[Switch] acl 2000 [Switch-acl-basic-2000] rule permit source 225.1.1.1 0 [Switch-acl-basic-2000] rule permit source 225.1.1.2 0 [Switch-acl-basic-2000] rule permit source 225.1.1.3 0 [Switch-acl-basic-2000] quit
# Apply the multicast group policy to VLAN 10.
[Switch] vlan 10 [Switch-vlan10] igmp-snooping group-policy 2000 [Switch-vlan10] quit
- Verify the configuration.
# Check interface information on the switch.
[Switch] display igmp-snooping port-info vlan 10 ----------------------------------------------------------------------- (Source, Group) Port Flag Flag: S:Static D:Dynamic M: Ssm-mapping ----------------------------------------------------------------------- VLAN 10, 3 Entry(s) (*, 225.1.1.1) GE0/0/1 -D- GE0/0/2 -D- 2 port(s) (*, 225.1.1.2) GE0/0/1 -D- GE0/0/2 -D- 2 port(s) (*, 225.1.1.3) GE0/0/1 -D- GE0/0/2 -D- 2 port(s) -----------------------------------------------------------------------
The command output shows that multicast groups 225.1.1.1 to 225.1.1.3 have dynamically generated member ports GE0/0/1 and GE0/0/2.
# Check the Layer 2 multicast forwarding table on the switch.
[Switch] display l2-multicast forwarding-table vlan 10 VLAN ID : 10, Forwarding Mode : IP Total Group(s) : 5 ------------------------------------------------------------------------ (Source, Group) Interface Out-Vlan ------------------------------------------------------------------------ the router-port GigabitEthernet0/0/3 10 (*, 225.1.1.1) GigabitEthernet0/0/1 10 GigabitEthernet0/0/2 10 GigabitEthernet0/0/3 10 (*, 225.1.1.2) GigabitEthernet0/0/1 10 GigabitEthernet0/0/2 10 GigabitEthernet0/0/3 10 (*, 225.1.1.3) GigabitEthernet0/0/1 10 GigabitEthernet0/0/2 10 GigabitEthernet0/0/3 10 (*, 225.1.1.4) stream 10 GigabitEthernet0/0/3 10 (*, 225.1.1.5) stream 10 GigabitEthernet0/0/3 10 ----------------------------------------------------------------------
According to the preceding command output, only groups 225.1.1.1 to 225.1.1.3 have member ports in the multicast forwarding table, and multicast data for these groups can be forwarded to the hosts. Groups 225.1.1.4 and 225.1.1.5 have no member ports, so multicast data for the two groups is not forwarded to the hosts.
Configuration Files
Switch configuration file
# sysname Switch # vlan batch 10 # igmp-snooping enable # acl number 2000 rule 5 permit source 225.1.1.1 0 rule 10 permit source 225.1.1.2 0 rule 15 permit source 225.1.1.3 0 # vlan 10 igmp-snooping enable igmp-snooping group-policy 2000 # interface GigabitEthernet0/0/1 port link-type hybrid port hybrid pvid vlan 10 port hybrid untagged vlan 10 # interface GigabitEthernet0/0/2 port link-type hybrid port hybrid pvid vlan 10 port hybrid untagged vlan 10 # interface GigabitEthernet0/0/3 port link-type hybrid port hybrid pvid vlan 10 port hybrid untagged vlan 10 # return