LevelOne GTL-2691 User Manual
Page 517
C
HAPTER
15
| Multicast Filtering
Layer 2 IGMP (Snooping and Query)
– 517 –
When the root bridge in a spanning tree receives a TCN for a VLAN
where IGMP snooping is enabled, it issues a global IGMP leave message
(or query solicitation). When a switch receives this solicitation, it floods
it to all ports in the VLAN where the spanning tree change occurred.
When an upstream multicast router receives this solicitation, it
immediately issues an IGMP general query.
A query solicitation can be sent whenever the switch notices a topology
change, even if it is not the root bridge in spanning tree.
◆
Router Alert Option – Discards any IGMPv2/v3 packets that do not
include the Router Alert option. (Default: Disabled)
As described in Section 9.1 of RFC 3376 for IGMP Version 3, the Router
Alert Option can be used to protect against DOS attacks. One common
method of attack is launched by an intruder who takes over the role of
querier, and starts overloading multicast hosts by sending a large
number of group-and-source-specific queries, each with a large source
list and the Maximum Response Time set to a large value.
To protect against this kind of attack, (1) routers should not forward
queries. This is easier to accomplish if the query carries the Router
Alert option. (2) Also, when the switch is acting in the role of a
multicast host (such as when using proxy routing), it should ignore
version 2 or 3 queries that do not contain the Router Alert option.
◆
Unregistered Data Flooding – Floods unregistered multicast traffic
into the attached VLAN. (Default: Disabled)
Once the table used to store multicast entries for IGMP snooping and
multicast routing is filled, no new entries are learned. If no router port
is configured in the attached VLAN, and unregistered-flooding is
disabled, any subsequent multicast traffic not found in the table is
dropped, otherwise it is flooded throughout the VLAN.
◆
Version Exclusive – Discards any received IGMP messages which use
a version different to that currently configured by the IGMP Version
attribute. (Default: Disabled)
◆
IGMP Unsolicited Report Interval – Specifies how often the
upstream interface should transmit unsolicited IGMP reports when
proxy reporting is enabled. (Range: 1-65535 seconds, Default: 400
seconds)
When a new upstream interface (that is, uplink port) starts up, the
switch sends unsolicited reports for all currently learned multicast
channels via the new upstream interface.
This command only applies when proxy reporting is enabled.
◆
Router Port Expire Time – The time the switch waits after the
previous querier stops before it considers it to have expired.
(Range: 1-65535, Recommended Range: 300-500 seconds,
Default: 300)