Dropping multicast traffic

Hi all

 

This is in reference to Vol 2, Lab 14, Task 2.3.

 

I have configured the switch to drop multicast EIGRP traffic as follows but it does not work.  I have tried this on a couple of different versions of code.  Anyone know if this is possible?

 

no ip igmp snooping

 

mac address-table static 0100.5e00.000a vlan 652 interface FastEthernet0/12 

 

I have routers connected in Vlan 652 on ports F0/18 and F0/20 but they are still able to exchange multicast EIGRP packets.

 

Thanks

Nick

Comments

  • Hi Nick,

    I don't see a drop on your configs above. It's lake a drop part in you config.

    You can all so config a VACL to filter the traffic on the vlan 652.

    no ip igmp snooping

     

    mac address-table static 0100.5e00.000a vlan 652 interface FastEthernet0/12 

     

     

  • Hi Kalmogo

     

    You cannot configure 'drop' for static multicast entries, not on the 3560 anyways.  Yes VACL would be my goto solution but the task did not allow a VACL and gave the static multicast entry as the solution.  This does not work for me so either a) I am doing it wrong or b) this no longer works.

     

    Nick

  • Is not missing the keyword "drop" at the end of:

    mac address-table static 0100.5e00.000a vlan 652 interface FastEthernet0/12  DROP....

     

    have you tried that ?

  • Hi Nick,

    The aim of the task is to swich the multicast traffic to null0 (drop) in this case to fa0/12 where ther is no connectivity (please verify that point).

    Add this:

    no ip igmp snooping vlan 652


    mac address-table static 0100.5e00.000a vlan 652 interface FastEthernet0/12

    !

    Thanks,

     

  • Hi Kalmogoo

     

    I disabled igmp snooping already (in my original post).  No ip igmp snooping - disables it for ALL vlans:

     

    XRIO-SWITCH(config)#do sh ip igmp snoop vlan 652

    Global IGMP Snooping configuration:

    -------------------------------------------

    IGMP snooping                : Disabled

    IGMPv3 snooping              : Disabled

    Report suppression           : Disabled

    TCN solicit query            : Disabled

    TCN flood query count        : 2

    Robustness variable          : 2

    Last member query count      : 2

    Last member query interval   : 1000

     

    Vlan 652:

    --------

    IGMP snooping                       : Disabled

    IGMPv2 immediate leave              : Disabled

    Multicast router learning mode      : pim-dvmrp

    Robustness variable                 : 2

    Last member query count             : 2

    Last member query interval          : 1000


    Renato:



    (config)#mac address-table static 0100.5e00.000a vlan 652 drop 

    %Only unicast addresses can be configured to be dropped



    Nick
  • Is not missing the keyword "drop" at the end of:

    mac address-table static 0100.5e00.000a vlan 652 interface FastEthernet0/12  DROP....

     

    have you tried that ?

    Hi Renato,

    Either we use drop keywords or interface keyword we can't use the two:

    mac-address-table static 0100.005e.000a vlan 652 drop or mac address-table static 0100.5e00.000a vlan 652 interface FastEthernet0/12

    But the resullt will be the same if the interface fa0/12 is not connected interface.

  • Okay Nick,

    But what about fa0/12 is it a connected interface or not ?

    it must be notconnected interface in order to drop trafic.

  • I tried connected and notconnected interface but it does not make a diffeerence.

     

    Nick

  • So There is an issue.

    Either the architecture isn't approriate can you draw the architceture (physical and logical and figure out what is the traffic path)

    or their is a bug.

     

    I tried connected and notconnected interface but it does not make a diffeerence.

     

    Nick

     

  • Single switch, two routers connected to ports F0/18 and F0/20 in Vlan 652. 

     

    Nick

  • Okay Nick,

    your config area good, the architecture is staighforward.

    One thing can you verify the multicast mac address on the SW and make sure that this address match the one you statically configured on fa0/12 ?

    R1 ---Fa0/18 -SW--Fa0/20----R2

                          |

                          Fa0/12 ( drop)

     

    Thanks,

    Single switch, two routers connected to ports F0/18 and F0/20 in Vlan 652. 

     

    Nick

     

     

Sign In or Register to comment.