IGMP snooping and PortShield ports
Sliderhome
Enthusiast ✭✭
Hello.
Is there a option to enable IGMP Snooping on Port-shielded Goups.
We have a problem that multicast data is past on all ports.
Category: Entry Level Firewalls
0
Answers
Hi @Sliderhome
For controlling the multicast traffic, You can enable the Multicast snooping in Sonicwall.
Multicast Snooping: (Navigate to Firewall Settings --> Multicast)
Enable Multicast - This checkbox is disabled by default. Select this checkbox to support multicast traffic.
Require IGMP Membership reports for multicast data forwarding - This checkbox is enabled by default. Select this checkbox to improve performance by regulating multicast data to be forwarded to only interfaces joined into a multicast group address using IGMP.
Multicast state table entry timeout (minutes) - This field has a default of 5. The value range for this field is 5 to 60 (minutes). Update the default timer value of 5 in the following conditions:
You suspect membership queries or reports are being lost on the network.
You want to reduce the IGMP traffic on the network and currently have a large number of multicast groups or clients. This is a condition where you do not have a router to route traffic.
You want to synchronize the timing with an IGMP router.
For more information please find the below KB:
Hi @SLIDERHOME,
Thank you for visiting SonicWall Community.
You will have to perform the multicast enabling on the parent interface to which the other interfaces are portshielded. On the portshielded interfaces, the multicast enabling is not allowed. Multicast if enabled on the parent interface, you should be able to apply the IGMP snooping.
Hope this helps.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
Thanx @AJISHLAL and @AJISHLAL for your options.
They are not the solution. I have read all this before I asked the question.
The problem we have: If you enable Multicast and have a PortShield goup port X4 X5 X6 to X0 all ports are in one big multicast group.
We would like to enable IGMP snooping on the group so Multicast will not pass all the ports only de source and destination
Hi @Sliderhome
Multicast snooping on Sonicwall Firewall to forward/distributed the traffic in a precise manner according to the Internet Group Management Protocol (IGMP).
see the below cisco KB regarding the multicast snooping.
First you would have to try the sonicwall multicast snooping feature according to the above suggested KB. If its not working please report to sonicwall support so they can create RFE for your request.
Thanx @AJISHLAL , Your solution works only on ports that are not Port-shielded.
All ports in one Port-shielded Goup, will pass multicast, and I can't find a option for it to enable IGMP snooping.
The way I see it: All Port-shielded Goups. you can see as a normal switch with NO option to enable IGMP snooping.