Just as broadcast frames are forwarded to every port within a broadcast domain, frames carrying unknown IP unicast and IP multicast packets are also forwarded to every port on a switch. Let’s assume that one port on a 24 port switch connects to a host that has used ICMP to join a multicast group and begin receiving data from a particular source. Because IGMP is a Layer 3 protocol, the Ethernet switch has no easy way to determine what ports the group member is on. As a result, the multicast traffic is forwarded to all 23 ports (discounting the source port). If one of the goals of multicast is to limit the unneeded use of resources, then clearly we need some way for a switch to determine what the detsination ports are for a particular multicast stream.
IGMP/MLD Snooping, described in RFC 4541, is designed to do exactly that — distribute multicast sessions only to those switch ports on which group members are located. The “snooping” comes in because the switch (normally an L2 device) looks at the higher layer headers in multicast packets to identify IGMP/MLD messages. From these, it can identify which of its ports multicast routers are attached to, and which of its ports group members are attached to, and limit the relevant multicast traffic to those ports.
To prevent Host Membership reports from being distributed to all upstream routers, it would be nice if we had a method to learn which routers led to which upstream sources. This is accomplished via PIM snooping. When you enable PIM snooping, the switch learns which multicast router ports need to receive the multicast traffic within a specific VLAN by listening to the PIM hello messages, PIM join and prune messages, and bidirectional PIM designated forwarder-election messages.
Under IGMPv1, IGMPv2, and MLDv1, hosts that hear a Membership Report from another host on the subnet suppress their own reports. With snooping, the switch does not forward reports from one member to other members. Each group member must respond to the query individually so that the switch can record the member port. The same applies to group leaves; each host, not being aware of other hosts on its subnet, sends a Leave Group (or MLD Listener Done) message when it leaves a group, and the switch removes the host from its port list for that group.
The configuration can be done globally on a switch as shown below.
SW1(config)# ip igmp snooping
SW1(config)# exit
You can also limit it to a particular VLAN.
SW1(config)# ip igmp snooping vlan 100
SW1(config)# exit
Note this feature is turned on automatically by default.
An STP Topology change on a switch may signal that a multicast receiver has moved. IGMP Snooping would obviously be a concerned party and should know if a receiver moved. So when an STP TCN event occurs, the switch floods all multicast groups on all ports with a membership query. The hosts will reply to the query with a membership report and the switch can once again be certain that its IGMP group to receiver mappings are still correct.
There is also a feature called IGMP Throttling. It allows you to limit the number of multicast groups that are joined on an interface. This is useful as a very basic DOS attack could generate multicast membership reports for all 260 million Class D multicast groups and a (*, G) entry would be created for every one of those groups on the requesting interface.
SW1(config)# interface GigabitEthernet0/1
SW1(config-if)# ip igmp max-groups 4
SW1(config-if)# ip igmp max-groups action {deny | replace}
SW1(config-if)# exit