Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

IGMP snooping and PortShield ports

SliderhomeSliderhome Newbie ✭
edited December 2020 in Entry Level Firewalls

Hello.


Is there a option to enable IGMP Snooping on Port-shielded Goups.

We have a problem that multicast data is past on all ports.

Category: Entry Level Firewalls
Reply

Answers

  • AjishlalAjishlal All-Knowing Sage ✭✭✭✭

    Hi @Sliderhome

    For controlling the multicast traffic, You can enable the Multicast snooping in Sonicwall.

    Multicast Snooping: (Navigate to Firewall Settings --> Multicast)

    Enable Multicast - This checkbox is disabled by default. Select this checkbox to support multicast traffic.

    Require IGMP Membership reports for multicast data forwarding - This checkbox is enabled by default. Select this checkbox to improve performance by regulating multicast data to be forwarded to only interfaces joined into a multicast group address using IGMP.

    Multicast state table entry timeout (minutes) - This field has a default of 5. The value range for this field is 5 to 60 (minutes). Update the default timer value of 5 in the following conditions:

    You suspect membership queries or reports are being lost on the network.

    You want to reduce the IGMP traffic on the network and currently have a large number of multicast groups or clients. This is a condition where you do not have a router to route traffic.

    You want to synchronize the timing with an IGMP router.


    For more information please find the below KB:


  • Hi @SLIDERHOME,

    Thank you for visiting SonicWall Community.

    You will have to perform the multicast enabling on the parent interface to which the other interfaces are portshielded. On the portshielded interfaces, the multicast enabling is not allowed. Multicast if enabled on the parent interface, you should be able to apply the IGMP snooping.

    Hope this helps.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • Thanx @AJISHLAL  and @AJISHLAL  for your options.

    They are not the solution. I have read all this before I asked the question.

    The problem we have: If you enable Multicast and have a PortShield goup  port X4 X5 X6 to X0 all ports are in one big multicast group.

    We would like to enable IGMP snooping on the group so Multicast will not pass all the ports only de source and destination

  • AjishlalAjishlal All-Knowing Sage ✭✭✭✭

    Hi @Sliderhome

    Multicast snooping on Sonicwall Firewall to forward/distributed the traffic in a precise manner according to the Internet Group Management Protocol (IGMP).

    see the below cisco KB regarding the multicast snooping.

    First you would have to try the sonicwall multicast snooping feature according to the above suggested KB. If its not working please report to sonicwall support so they can create RFE for your request.



  • Thanx @AJISHLAL , Your solution works only on ports that are not  Port-shielded.

    All ports in one  Port-shielded Goup, will pass multicast, and I can't find a option for it to enable  IGMP snooping.

    The way I see it: All  Port-shielded Goups. you can see as a normal switch with NO option to enable IGMP snooping.

Sign In or Register to comment.