====== Networking - IGMP Snooping ====== [[https://en.wikipedia.org/wiki/Multicast_routing|Multicast routing]] is a networking method for efficient distribution of one-to-many traffic. When your network has plenty of multicast traffic, the performance for the entire network can take a hit because of excessive false flooding. **IGMP** (Internet Group Management Protocol) snooping optimizes that performance overhead. The Router decides which devices will receive the applicable multicast traffic to improve the overall network speed. * It monitors IGMP traffic on the network and uses what it learns to forward multicast traffic to **only** the downstream interfaces that are connected to interested receivers. * It conserves bandwidth by sending multicast traffic only to interfaces connected to devices that want to receive the traffic, instead of flooding the traffic to all the downstream interfaces. Without IGMP Querying/Snooping, Multicast traffic is treated in the same manner as a Broadcast transmission, which forwards packets to all ports on the network. IGMP Snooping generates no additional network traffic, which significantly reduces the Multicast traffic passing through your switch. ---- ===== Benefits of IGMP Snooping ===== * **Optimized bandwidth utilization**: IGMP snooping reduces flooding of packets. The device selectively forwards IPv4 multicast data to a list of ports that **want** to receive the data instead of flooding it to all ports in a VLAN. * **Improved security**: Prevents denial of service attacks from unknown sources. ---- ===== When to Enable IGMP Snooping for Home Use ===== Enable IGMP when you frequently use any kind of streaming or mirroring from your devices to stream to IOT devices, such as Chromecast or Apple TV. Do not turn it on unless actually needed. This will just add extra traffic, which the router will need to listen to and monitor; and could result in less performance. ---- ===== How IGMP Snooping Works ===== Devices usually learn unicast MAC addresses by checking the source address field of the frames they receive and then send any traffic for that unicast address only to the appropriate interfaces. A multicast MAC address, however, can never be the source address for a packet. As a result, when a device receives traffic for a multicast destination address, it floods the traffic on the relevant VLAN, sending a significant amount of traffic for which there might not necessarily be interested receivers. **IGMP snooping** prevents this flooding. When you enable IGMP snooping, the device monitors IGMP packets between receivers and multicast routers and uses the content of the packets to build a multicast forwarding tableā€”a database of multicast groups and the interfaces that are connected to members of the groups. When the device receives multicast packets, it uses the multicast forwarding table to selectively forward the traffic to only the interfaces that are connected to members of the appropriate multicast groups. ---- ===== IGMP Message Types ===== Multicast routers use IGMP to learn which groups have interested listeners for each of their attached physical networks. In any given subnet, one multicast router acts as an IGMP querier. The IGMP querier sends out the following types of queries to hosts: * **General query**: Asks whether any host is listening to any group. * **Group-specific query (IGMPv2 and IGMPv3 only)**: Asks whether any host is listening to a specific multicast group. * This query is sent in response to a host leaving the multicast group and allows the router to quickly determine if any remaining hosts are interested in the group. * **Group-and-source-specific query (IGMPv3 only)**: Asks whether any host is listening to group multicast traffic from a specific multicast source. * This query is sent in response to a host indicating that it is not longer interested in receiving group multicast traffic from the multicast source and allows the router to quickly determine any remaining hosts are interested in receiving group multicast traffic from that source. Hosts that are multicast listeners send the following kinds of messages: * **Membership report**: Indicates that the host wants to join a particular multicast group. * **Leave report (IGMPv2 and IGMPv3 only)**: Indicates that the host wants to leave a particular multicast group. ---- ===== How Hosts Join and Leave Multicast Groups ===== Hosts can join multicast groups in two ways: * By sending an unsolicited IGMP join message to a multicast router that specifies the IP multicast group the host wants to join. * By sending an IGMP join message in response to a general query from a multicast router. A multicast router continues to forward multicast traffic to a VLAN provided that at least one host on that VLAN responds to the periodic general IGMP queries. * For a host to remain a member of a multicast group, it must continue to respond to the periodic general IGMP queries. Hosts can leave a multicast group in either of two ways: * By not responding to periodic queries within a particular interval of time, which is considered a **silent leave**. * This is the only leave method for IGMPv1 hosts. * By sending a leave report. * This method can be used by IGMPv2 and IGMPv3 hosts. ---- ===== References ===== [[https://tools.ietf.org/html/rfc3171|RFC 3171 - IANA Guidelines for IPv4 Multicast Address Assignments]] [[https://tools.ietf.org/html/rfc1112|RFC 1112 - IGMP Version 1]] [[https://tools.ietf.org/html/rfc2236|RFC 2236 - IGMP Version 2]].