Configuring MLD Snooping on an EX Series Switch VLAN (CLI Procedure)
You can enable MLD snooping on a VLAN to constrain the flooding of IPv6 multicast traffic on a VLAN. When MLD snooping is enabled, a switch examines MLD messages between hosts and multicast routers and learns which hosts are interested in receiving multicast traffic for a multicast group. Based on what it learns, the switch then forwards IPv6 multicast traffic only to those interfaces connected to interested receivers instead of flooding the traffic to all interfaces.
MLD snooping is not enabled on the switch by default. To enable MLD snooping on all VLANs:
[edit] user@switch# set protocols mld-snooping vlan all
For many networks, MLD snooping requires no further configuration.
You can perform the following optional configurations per VLAN:
Selectively enable MLD snooping on specific VLANs.
Note:You cannot configure MLD snooping on a secondary VLAN.
Specify the MLD version for the general query that the switch sends on an interface when the interface comes up.
Enable immediate leave on a VLAN or all VLANs. Immediate leave reduces the length of time it takes the switch to stop forwarding multicast traffic when the last member host on the interface leaves the group.
Configure an interface as a static multicast-router interface for a VLAN or for all VLANs so that the switch does not need to dynamically learn that the interface is a multicast-router interface.
Configure an interface as a static member of a multicast group so that the switch does not need to dynamically learn the interface’s membership.
Change the value for certain timers and counters to match the values configured on the multicast router serving as the MLD querier.
When you configure MLD snooping using the vlan all statement, any VLAN that is not individually configured for MLD
snooping inherits the vlan all configuration. Any VLAN that
is individually configured for MLD snooping, on the other hand, inherits
none of its configuration from vlan all. Any parameters that
are not explicitly defined for the individual VLAN assume their default
values, not the values specified in the vlan all configuration.
For example, in the following configuration:
protocols {
mld-snooping {
vlan all {
robust-count 8;
}
vlan employee {
interface ge-0/0/8.0 {
static {
group ff1e::1;
}
}
}
}
} all VLANs, except employee, have a robust count of 8. Because employee has been individually configured, its robust count value is not determined by the value set under vlan all. Instead, its robust count is the default value of 2.
Enabling or Disabling MLD Snooping on VLANs
MLD snooping is not enabled on any VLAN by default. You must explicitly configure a VLAN or all VLANs for MLD snooping.
This topic describes how you can enable or disable MLD snooping on specific VLANs or on all VLANs on the switch.
To enable MLD snooping on all VLANs:
[edit protocols mld-snooping] user@switch# set vlan all
To enable MLD snooping on a specific VLAN:
[edit protocols mld-snooping] user@switch# set vlan vlan-name
Note:You cannot configure MLD snooping on a secondary VLAN.
For example, to enable MLD snooping on VLAN education:
[edit protocols mld-snooping] user@switch# set vlan education
To enable MLD snooping on all VLANs except a few VLANs:
Enable MLD snooping on all VLANs:
[edit protocols mld-snooping] user@switch# set vlan all
Disable MLD snooping on individual VLANs:
[edit protocols mld-snooping] user@switch# set vlan vlan-name disable
For example, to enable MLD snooping on all VLANs except vlan100 and vlan200:
[edit protocols mld-snooping] user@switch# set vlan all
[edit protocols mld-snooping] user@switch# set vlan vlan100 disable
[edit protocols mld-snooping] user@switch# set vlan vlan200 disable
You can also deactivate the MLD snooping protocol on the switch without changing the MLD snooping VLAN configurations:
[edit] user@switch# deactivate protocols mld-snooping
Configuring the MLD Version
You can configure the version of MLD queries sent by a switch when MLD snooping is enabled. By default, the switch uses MLD version 1 (MLDv1). If you are using Protocol-Independent Multicast source-specific multicast (PIM-SSM), we recommend that you configure the switch to use MLDv2.
Typically, a switch passively monitors MLD messages sent between multicast routers and hosts and does not send MLD queries. The exception is when a switch detects that an interface has come up. When an interface comes up, the switch sends an immediate general membership query to all hosts on the interface. By doing so, the switch enables the multicast routers to learn group memberships more quickly than they would if they had to wait until the MLD querier sent its next general query.
The MLD version of the general query determines the MLD version of the host membership reports as follows:
MLD version 1 (MLDv1) general query—Both MLDv1 and MLDv2 hosts respond with an MLDv1 membership report.
MLDv2 general query—MLDv2 hosts respond with an MLDv2 membership report, while MLDv1 hosts are unable to respond to the query.
By default, the switch sends MLDv1 queries. This ensures compatibility with hosts and multicast routers that support MLDv1 only and cannot process MLDv2 reports. However, if your VLAN contains MLDv2 multicast routers and hosts and the routers are running PIM-SSM, we recommend that you configure MLD snooping for MLDv2. Doing so enables the routers to quickly learn which multicast sources the hosts on the interface want to receive traffic from.
Configuring the MLD version does not limit the version of MLD messages that the switch can snoop. A switch can snoop both MLDv1 and MLDv2 messages regardless of the MLD version configured.
To configure the MLD version on a switch:
[edit protocols]user@switch# set mld-snooping vlan vlan-name version number
For example, to set the MLD version to version 2 for VLAN marketing:
[edit protocols]user@switch# set mld-snooping vlan marketing version 2
Enabling Immediate Leave
By default, when a switch with MLD snooping enabled receives an MLD leave report on a member interface, it waits for hosts on the interface to respond to MLD group-specific queries to determine whether there still are hosts on the interface interested in receiving the group multicast traffic. If the switch does not see any membership reports for the group within a set interval of time, it removes the interface’s group membership from the multicast forwarding table and stops forwarding multicast traffic for the group to the interface.
You can decrease the leave latency created by this default behavior by enabling immediate leave on a VLAN.
When you enable immediate leave on a VLAN, host tracking is also enabled, allowing the switch to keep track of the hosts on a interface that have joined a multicast group. When the switch receives a leave report from the last member of the group, it immediately stops forwarding traffic to the interface and does not wait for the interface group membership to time out.
Immediate leave is supported for both MLD version 1 (MLDv1) and MLDv2. However, with MLDv1, we recommend that you configure immediate leave only when there is only one MLD host on an interface. In MLDv1, only one host on a interface sends a membership report in response to a group-specifc query—any other interested hosts suppress their reports. This report-suppression feature means that the switch only knows about one interested host at any given time.
To enable immediate leave on a VLAN:
[edit protocols]user@switch# set mld-snooping vlan vlan-name immediate-leave
To enable immediate leave on all VLANs:
[edit protocols]user@switch# set mld-snooping vlan all immediate-leave
Configuring an Interface as a Multicast-Router Interface
When MLD snooping is enabled on a switch, the switch determines which interfaces face a multicast router by monitoring interfaces for MLD queries or Protocol Independent Multicast (PIM) updates. If the switch receives these messages on an interface, it adds the interface to its multicast forwarding table as a multicast-router interface.
In addition to dynamically learned interfaces, the multicast forwarding table can include interfaces that you explicitly configure to be multicast router interfaces. Unlike the table entries for dynamically learned interfaces, table entries for statically configured interfaces are not subject to aging and deletion from the forwarding table.
Examples of when you might want to configure a static multicast-router interface include:
You have an unusual network configuration that prevents MLD snooping from reliably learning about a multicast-router interface through monitoring MLD queries or PIM updates.
Your implementation does not require an MLD querier.
You have a stable topology and want to avoid the delay the dynamic learning process entails.
If the interface you are configuring as a multicast-router interface is a trunk port, the interface becomes a multicast-router interface for all VLANs configured on the trunk port even if you have not explicitly configured it for all the VLANs. In addition, all unregistered multicast packets, whether they are IPv4 or IPv6 packets, are forwarded to the multicast-router interface, even if the interface is configured as a multicast-router interface only for MLD snooping.
To configure an interface as a static multicast-router interface:
[edit protocols]user@switch# set mld-snooping vlan vlan-name interface interface-name multicast-router-interface
For example, to configure ge-0/0/5.0 as a multicast-router interface for all VLANs on the switch:
[edit protocols]user@switch# set mld-snooping vlan all interface ge-0/0/5.0 multicast-router-interface
Configuring Static Group Membership on an Interface
To determine how to forward multicast packets, a switch with MLD snooping enabled maintains a multicast forwarding table containing a list of host interfaces that have interested listeners for a specific multicast group. The switch learns which host interfaces to add or delete from this table by examining MLD membership reports as they arrive on interfaces on which MLD snooping is enabled.
In addition to such dynamically learned interfaces, the multicast forwarding table can include interfaces that you statically configure to be members of multicast groups. When you configure a static group interface, the switch adds the interface to the forwarding table as a host interface for the group. Unlike an entry for a dynamically learned interface, a static interface entry is not subject to aging and deletion from the forwarding table.
Examples of when you might want to configure static group membership on an interface include:
You want to simulate an attached multicast receiver for testing purposes.
The interface has receivers that cannot send MLD membership reports.
You want the multicast traffic for a specific group to be immediately available to a receiver without any delay imposed by the dynamic join process.
You cannot configure multicast source addresses for a static group interface. The MLD version of a static group interface is always MLD version 1.
The switch does not simulate MLD membership reports on behalf of a statically configured interface. Thus a multicast router might be unaware that the switch has an interface that is a member of the multicast group. You can configure a static group interface on the router to ensure that the switch receives the group multicast traffic.
To configure a host interface as a static member of a multicast group:
[edit protocols]user@switch# set mld-snooping vlan vlan-name interface interface-name static group ip-address
For example, to configure interface ge-0/0/11.0 in VLAN ip-camera-vlan as a static member of multicast group ff1e::1:
[edit protocols]user@switch# set mld-snooping vlan ip-camera-vlan interface ge-0/0/11.0 static group ff1e::1
Changing the Timer and Counter Values
MLD uses various timers and counters to determine how often an MLD querier sends out membership queries and when group memberships time out. On Juniper Networks EX Series switches, the MLD and MLD snooping timers and counters default values are set to the values recommended in RFC 2710, Multicast Listener Discovery (MLD) for IPv6. These values work well for most multicast implementations.
There might be cases, however, where you might want to adjust the timer and counter values—for example, to reduce burstiness, to reduce leave latency, or to adjust for expected packet loss on a subnet. If you change a timer or counter value for the MLD querier on a VLAN, we recommend that you change the value for all multicast routers and switches on the VLAN so that all devices time out group memberships at approximately the same time.
The following timers and counters are configurable on a switch:
query-interval—The length of time the MLD querier waits between sending general queries (the default is 125 seconds). You can change this interval to tune the number of MLD messages on the subnet; larger values cause general queries to be sent less often.
You cannot configure this value directly for MLD snooping. MLD snooping inherits the value from the MLD value configured on the switch, which is applied to all VLANs on the switch.
To configure the MLD query-interval:
[edit protocols]user@switch# set mld query-interval seconds
query-response-interval—The maximum length of time the host can wait until it responds (the default is 10 seconds). You can change this interval to adjust the burst peaks of MLD messages on the subnet. Set a larger interval to make the traffic less bursty.
You cannot configure this value directly for MLD snooping. MLD snooping inherits the value from the MLD value configured on the switch, which is applied to all VLANs on the switch.
To configure the MLD query-response-interval:
[edit protocols]user@switch# set mld query-response-interval seconds
query-last-member-interval—The length of time the MLD querier waits between sending group-specific membership queries (the default is 1 second). The MLD querier sends a group-specific query after receiving a leave report from a host. You can decrease this interval to reduce the amount of time it takes for multicast traffic to stop forwarding after the last member leaves a group.
You cannot configure this value directly for MLD snooping. MLD snooping inherits the value from the MLD value configured on the switch, which is applied to all VLANs on the switch.
To configure the MLD query-last-member-interval:
[edit protocols]user@switch# set mld query-last-member-interval seconds
robust-count—The number of times the querier resends a general membership query or a group-specific membership query (the default is 2 times). You can increase this count to tune for higher expected packet loss.
For MLD snooping, you can configure robust-count for a specific VLAN. If a VLAN does not have robust-count configured, the robust-count value is inherited from the value configured for MLD.
To configure robust-count for MLD snooping on a VLAN:
[edit protocols]user@switch# set mld-snooping vlan vlan-name robust-count number
The values configured for query-interval, query-response-interval, and robust-count determine the multicast listener interval—the length of time the switch waits for a group membership report after a general query before removing a multicast group from its multicast forwarding table. The switch calculates the multicast listener interval by multiplying query-interval by robust-count and then adding query-response-interval:
(query-interval x robust-count) + query-response-interval = multicast listener interval
For example, the multicast listener interval is 260 seconds when the default settings for query-interval, query-response-interval, and robust-count are used:
(125 x 2) + 10 = 260
You can display the time remaining in the multicast listener
interval before a group times out by using the show mld-snooping
membership command.