IGMP
Internet Group Management Protocol (IGMP) allows hosts on multiaccess networks to inform locally attached routers of their group membership information. Hosts share their group membership information by multicasting IGMP host membership reports. Multicast routers listen for these host membership reports, and then exchange this information with other multicast routers.
The group membership reporting protocol includes two types of messages: host membership query and host membership report. IGMP messages are encapsulated in IP datagrams, with an IP protocol number of 2. Protocol operation requires that a designated querier router be elected on each subnet and that it periodically multicast a host membership query to the all-hosts group.
Hosts respond to a query by generating host membership reports for each multicast group to which they belong. These reports are sent to the group being reported, which allows other active members on the subnet to cancel their reports. This behavior limits the number of reports generated to one for each active group on the subnet. This exchange allows the multicast routers to maintain a database of all active host groups on each of their attached subnets. A group is declared inactive (expired) when no report is received for several query intervals.
The IGMPv2 protocol adds a leave group message and uses an unused field in the IGMPv.1 host membership query message to specify a maximum response time. The leave group message allows a host to report when its membership in a multicast group terminates. Then, the IGMP querier router can send a group-directed query with a very small maximum response time to probe for any remaining active group members. This accelerated leave extension can reduce the time required to expire a group and prune the multicast distribution tree from minutes, down to several seconds
The unicast traceroute program allows the tracing of a path from one device to another, using mechanisms that already exist in IP. Unfortunately, you cannot apply such mechanisms to IP multicast packets. The key mechanism for unicast traceroute is the ICMP TTL exceeded message that is specifically precluded as a response to multicast packets. The traceroute facility implemented within routed conforms to the traceroute facility for IP multicast draft specification.
Gaia supports IGMP version 1, v2 and v3. Version 2 runs by default.
IGMP Version 3
Gaia provides IGMP version 3 source filtering to support source-specific multicast (SSM), which enables the Gaia system to request traffic from specific sources via PIM join/prune messages without requiring the presence of a rendezvous point (RP). This enables the Gaia system to forward traffic from only those sources from which receivers requested traffic. IGMPv3 supports applications that explicitly signal sources from which they want to receive traffic.
With IGMP version 3, receivers (hosts) identify their membership to a multicast group in the following two modes:
- Include mode: Receivers announce membership to a group and provide a list of IP addresses (the include list) from which they want to receive traffic.
- Exclude mode: Receivers announce membership to a host group and provide a list of IP addresses (the exclude list) from which they do not want to receive traffic. To receive traffic from all sources, a host sends an empty exclude list.
The multicast group address range 232/8 (232.0.0.0 to 232.255.255.255) is reserved for use by SSM protocols and applications. The DRs of senders do not send register packets to any RPs in the SSM group range.
When SSM is enabled, all other multicast groups are treated as in normal sparse-mode.
Configuring IGMP - WebUI
IGMP is enabled by default.
To configure IGMP:
- In the page of the WebUI, configure Ethernet Interfaces and assign an IP address to the interface.
- Configure a multicast routing protocol, such as PIM.
IGMP supports IP multicast groups on a network. IGMP functions only in conjunction with a multicast routing protocol to calculate a multicast distribution tree. For more information on multicast routing protocols supported by Gaia, see PIM. - Open the page of the WebUI.
- For each interface on which you enabled a multicast routing protocol:
- Select the interface and click or
The window opens.
- Configure the IGMP interface parameters. The parameters are optional.
- Optional: Add a local network Multicast Group or a static multicast group. Click .
The window opens.
- Configure the IGMP multicast group parameters.
Edit IGMP on Interface Window Parameters
Parameter
|
Description
|
|
The version of the IGMP protocol to comply with.
Note - IGMP version 2 is compatible with IGMP version 1, and version 3 is compatible with versions 2 and 1. Check Point recommends that you use version 1 only on networks that include multicast routers that are not upgraded to IGMP versions 2 or 3.
IGMP version 3 is used to support source-specific multicast (SSM). Version 3 membership reports are used to request or block multicast traffic from specific sources. For example, when a host requests traffic for a multicast group from a specific source, SSM sends PIM join/prune messages towards the source. The multicast group address 232/8 is reserved for use with SSM. Version 3 is backwards compatible with versions 1 and 2.
|
|
Allows tuning for the expected packet loss on a subnet. If the subnet is expected to be highly lossy, then the "loss robustness" value may be increased. IGMP protocol operation is robust to (lossrobustness - 1) packet loss.
|
|
The interval (in seconds) between IGMP general queries sent by the querier router. This parameter can be used to tune the IGMP messaging overhead and has a secondary effect on the timeout of idle IP multicast groups.
- Range: 1-3600.
- Default: 125.
|
|
The maximum response time (in seconds) inserted into the periodic IGMP general queries. The query response interval may be used to tune the burstiness of IGMP messages; a larger value spreads the host IGMP reports over a larger interval, reducing burstiness. This value must always be less than the query interval.
|
|
The maximum response time (in seconds) inserted into IGMP group-specific queries. The last member query interval may be used to tune the "leave latency." A smaller value results in a reduction in the time to detect the loss of the last member of a multicast group. This value must always be less than the query interval.
|
|
Allows the "disable insertion of IP router alert" option in all IGMP messages sent on the interface. This can be useful in interoperating with broken IP implementations that may discard the packet due to the use of this option.
- Options: Enabled, Disabled
- Default: Enabled
|
Add Multicast Group Window
Parameter
|
Description
|
|
The multicast address of the group
|
|
- - Provides a mechanism to simulate the presence of local receivers for specific groups. When a multicast group is added to an interface, IGMP sends a membership report on the interface.
- - Provides a mechanism to simulate the presence of local receivers on an interface. When a static group is configured on an interface that is also running a parent multicast protocol (such as PIM) IGMP informs the parent of the presence of a local receiver. In contrast to regular IGMP, no membership reports are sent on the corresponding interface.
If the same multicast group is configured as both a local and a static group, local group takes precedence, that is, membership reports are sent out on the interface.
|
Configuring IGMP - CLI (igmp)
Use the IGMP commands to configure parameters for the internet group management protocol.
Configure Interfaces for IGMP
Use these commands to configure IGMP for specific interfaces.
|
|
|
|
s et igmp interface if_name
version <1 | 2 | 3>
last‑member‑query‑interval <1‑25>
last‑member=query‑interval default
loss‑robustness <1‑255>
loss‑robustness default
query‑interval <1‑3600>
query‑interval default
query‑response‑interval <1‑25>
query‑response‑interval default
router‑alert <on | off>
static-group address <on | off>
local-group address <on | off>
|
|
Note -
IGMP version 2 runs by default.
In a gateway cluster, run commands on every cluster member. The configuration of each cluster member must be identical.
|
Parameter
|
Description
|
interface if_name
|
The interface on which IGMP should be configured.
|
last‑member‑query‑interval <1‑25>
|
The maximum response time (in seconds) inserted into IGMP group-specific queries. The last member query interval may be used to tune the "leave latency." A smaller value results in a reduction in the time to detect the loss of the last member of a multicast group. This value must always be less than the query interval.
|
last‑member‑query‑interval default
|
A value of 1.
|
loss‑robustness <1‑255>
|
Allows tuning for the expected packet loss on a subnet. If the subnet is expected to be highly lossy, then the "loss robustness" value may be increased. IGMP protocol operation is robust to (lossrobustness - 1) packet loss
|
loss‑robustness default
|
A value of 2.
|
query‑interval <1‑3600>
|
The interval (in seconds) between IGMP general queries sent by the querier router. This parameter can be used to tune the IGMP messaging overhead and has a secondary effect on the timeout of idle IP multicast groups.
|
query‑interval default
|
A value of 125.
|
query‑response‑interval <1‑25>
|
The maximum response time (in seconds) inserted into the periodic IGMP general queries. The query response interval may be used to tune the burstiness of IGMP messages; a larger value spreads the host IGMP reports over a larger interval, reducing burstiness. This value must always be less than the query interval.
|
query‑response‑interval default
|
A value of 10.
|
router‑alert <on | off>
|
Allows the "disable insertion of IP router alert" option in all IGMP messages sent on the interface. This can be useful in interoperating with broken IP implementations that may discard the packet due to the use of this option.
|
local-group address <on | off>
|
A multicast group address. A local group provides a mechanism to simulate the presence of local receivers for specific groups. When a multicast group is added to an interface, IGMP sends a membership report on the interface.
|
static-group address <on | off>
|
- A multicast group address. A static group provides a mechanism to simulate the presence of local receivers on an interface. When a static group is configured on an interface that is also running a parent multicast protocol (such as PIM) IGMP informs the parent of the presence of a local receiver. In contrast to regular IGMP, no membership reports are sent on the corresponding interface.
If the same multicast group is configured as both a local and a static group, local group takes precedence, that is, membership reports are sent out on the interface.
|
version <1 | 2 | 3>
|
IGMP version 2 is compatible with IGMP version 1, and version 3 is compatible with versions 2 and 1. Check Point recommends that you use version 1 only on networks that include multicast routers that are not upgraded to IGMP versions 2 or 3.
|
Monitoring IGMP (show igmp)
Use these commands to monitor and troubleshoot IGMP.
show igmp
stats
stats receive
stats transmit
stats error
interfaces
interfaces if_address
groups [interface logical_interface] [local | static]
group if_address
if‑stats
if‑stat if_address
summary
|
|
|