Ip igmp snooping router-alert-option-check – Brocade 6910 Ethernet Access Switch Configuration Guide (Supporting R2.2.0.0) User Manual
Page 503
Brocade 6910 Ethernet Access Switch Configuration Guide
447
53-1002651-02
23
IGMP Snooping
Command Mode
Global Configuration
Command Usage
•
IGMP snooping querier is not supported for IGMPv3 snooping (see
).
•
If enabled, the switch will serve as querier if elected. The querier is responsible for asking
hosts if they want to receive multicast traffic.
Example
Console(config)#ip igmp snooping querier
Console(config)#
ip igmp snooping router-alert-option-check
This command discards any IGMPv2/v3 packets that do not include the Router Alert option. Use
the no form to ignore the Router Alert Option when receiving IGMP messages.
Syntax
[no] ip igmp snooping router-alert-option-check
Default Setting
Disabled
Command Mode
Global Configuration
Command Usage
As described in Section 9.1 of RFC 3376 for IGMP Version 3, the Router Alert Option can be used to
protect against DOS attacks. One common method of attack is launched by an intruder who takes
over the role of querier, and starts overloading multicast hosts by sending a large number of
group-and-source-specific queries, each with a large source list and the Maximum Response Time
set to a large value.
To protect against this kind of attack, (1) routers should not forward queries. This is easier to
accomplish if the query carries the Router Alert option. (2) Also, when the switch is acting in the
role of a multicast host (such as when using proxy routing), it should ignore version 2 or 3 queries
that do not contain the Router Alert option.
Example
Console(config)#ip igmp snooping router-alert-option-check
Console(config)#