Example for Configuring MLD Snooping
Networking Requirements
In Figure 1, the router is connected to user hosts through the Layer 2 switch on an IPv6 network. The multicast source sends data to multicast groups FF16::1 through FF16::5, but HostA, HostB, and HostC only want to receive date of multicast groups FF16::1 through FF16::3.
Configuration Roadmap
To meet the requirement, basic MLD snooping functions and multicast group policy need to be configured on the switch. The configuration roadmap is as follows:
- Create a VLAN and add the interface to the VLAN.
- Enable MLD snooping globally and in the VLAN.
- Configure a multicast group policy in the VLAN.
Procedure
- Create a VLAN and add interfaces to the VLAN.
<HUAWEI> system-view [HUAWEI] sysname Switch [Switch] vlan 10 [Switch-vlan10] quit [Switch] interface gigabitethernet 0/0/1 [Switch-GigabitEthernet0/0/1] port link-type hybrid [Switch-GigabitEthernet0/0/1] port hybrid pvid vlan 10 [Switch-GigabitEthernet0/0/1] port hybrid untagged vlan 10 [Switch-GigabitEthernet0/0/1] quit [Switch] interface gigabitethernet 0/0/2 [Switch-GigabitEthernet0/0/2] port link-type hybrid [Switch-GigabitEthernet0/0/2] port hybrid pvid vlan 10 [Switch-GigabitEthernet0/0/2] port hybrid untagged vlan 10 [Switch-GigabitEthernet0/0/2] quit [Switch] interface gigabitethernet 0/0/3 [Switch-GigabitEthernet0/0/3] port link-type hybrid [Switch-GigabitEthernet0/0/3] port hybrid pvid vlan 10 [Switch-GigabitEthernet0/0/3] port hybrid untagged vlan 10 [Switch-GigabitEthernet0/0/3] quit
- Enable MLD snooping.
# Enable MLD snooping globally.
[Switch] mld-snooping enable# Enable MLD snooping in VLAN 10.
[Switch] vlan 10 [Switch-vlan10] mld-snooping enable [Switch-vlan10] quit
After the configuration is complete, the switch can generate Layer 2 multicast forwarding entries by listening to MLD messages. Ensure that the general query interval configured on the switch is the same as that on the upstream Layer 3 multicast device (router). Otherwise, some Layer 2 multicast forwarding entries may be aged out incorrectly, causing multicast traffic interruption. If the default general query interval of the switch is different from that of the router, run the mld-snooping query-interval query-interval command in VLAN 10 to change the general query interval on the switch.
- Configure and apply a multicast group policy.
# Configure a multicast group policy.
[Switch] acl ipv6 2000 [Switch-acl6-basic-2000] rule permit source ff16::1 128 [Switch-acl6-basic-2000] rule permit source ff16::2 128 [Switch-acl6-basic-2000] rule permit source ff16::3 128 [Switch-acl6-basic-2000] quit
# Apply the multicast policy in VLAN 10.
[Switch] vlan 10 [Switch-vlan10] mld-snooping group-policy 2000 [Switch-vlan10] quit
- Verify the configuration.
# Check the interface on the Switch.
[Switch] display mld-snooping port-info vlan 10 -------------------------------------------------------------------------------- (Source, Group) Port Flag Flag: S:Static D:Dynamic -------------------------------------------------------------------------------- VLAN 10, 3 Entry(s) (*, ff16:0:0:0:0:0:0:1) GE0/0/1 -D- GE0/0/2 -D- 2 port(s) (*, ff16:0:0:0:0:0:0:2) GE0/0/1 -D- GE0/0/2 -D- 2 port(s) (*, ff16:0:0:0:0:0:0:3) GE0/0/1 -D- GE0/0/2 -D- 2 port(s) --------------------------------------------------------------------------------
The command output shows that GE0/0/1 and GE0/0/2 on the Switch have joined groups FF16::1 through FF16::3.
# Check the Layer 2 forwarding table on the Switch.
[Switch] display mld-snooping forwarding-table vlan 10 VLAN ID : 10, Forwarding Mode : IP ------------------------------------------------------------------------ (Source, Group) Interface Out-Vlan ---------------------------------------------------------------------- Router-port GigabitEthernet0/0/3 10 (*, ff16:0:0:0:0:0:0:1) GigabitEthernet0/0/3 10 GigabitEthernet0/0/1 10 GigabitEthernet0/0/2 10 (*, ff16:0:0:0:0:0:0:2) GigabitEthernet0/0/3 10 GigabitEthernet0/0/1 10 GigabitEthernet0/0/2 10 (*, ff16:0:0:0:0:0:0:3) GigabitEthernet0/0/3 10 GigabitEthernet0/0/1 10 GigabitEthernet0/0/2 10 ------------------------------------------------------------------------ Total Group(s) : 3
The command output shows that the forwarding table only entries of groups FF16::1 to FF16::3. Data of FF16::4 and FF16::5 is not forwarded to hosts.
Configuration Files
Switch configuration file
# sysname Switch # vlan batch 10 # mld-snooping enable # acl ipv6 number 2000 rule 0 permit source FF16::1/128 rule 1 permit source FF16::2/128 rule 2 permit source FF16::3/128 # vlan 10 mld-snooping enable mld-snooping group-policy 2000 # interface GigabitEthernet0/0/1 port link-type hybrid port hybrid pvid vlan 10 port hybrid untagged vlan 10 # interface GigabitEthernet0/0/2 port link-type hybrid port hybrid pvid vlan 10 port hybrid untagged vlan 10 # interface GigabitEthernet0/0/3 port link-type hybrid port hybrid pvid vlan 10 port hybrid untagged vlan 10 # return