Warning: Do not use these configurations as it is in actual deployment. This configuration is setup to test if the MC is forwarded out to the intended destination without any mc receiving application running.
For this configuration we will use the default vlan 1, for the actual application you can use any vlan that you wish.
3550-1 global configuration
By default multicast-routing and routing capabilities are turned off in MLS.
3550-1(config)#access-list 100 permit udp any any eq 65000
Group the “interesting” packets to be used for broadcast-multicast translation. In this case we are interested only in the udp packet destined for port 65000, we are not interested about the source or destination.
3550-1(config)#ip forward-protocol udp 65000
This command is necessary for the router to process udp packet that’s destined for port 65000.
3550-1 routed interface configuration
This is to make fa0/15 to be a routed port. By default all MLS’ ports are switchports.
3550-1(config-if)#ip address 192.168.1.1 255.255.255.0
The command ip directed-broadcast is necessary because router needs to process the broadcast so that broadcast can be translated into multicast using the below command. If this is not enabled then the broadcast packet will be dropped by the router and no translation will be done.
3550-1(config-if)#ip multicast helper-map broadcast 126.96.36.199 100
The ip multicast helper-map is using the “from-to” approach. This command means to translate local broadcast (255.255.255.255) from any source that’s destined to udp 65000 into multicast address 188.8.131.52.
3550-1(config-if)#ip pim dense-mode
This command is necessary if you want the interface to process the multicast, all interfaces that require to process multicast and route multicast, regardless of SVI or physical interface, have to include this command. For this setup I am using PIM Dense-mode which is easier to configure and understand. Designated router to PIM dense mode has very little effect. The PIM router with the highest ip address number will be the designated router. In PIM version 2, user can specify the designated router role by adjusting the PIM priority value. PIM router will send hello packet every 30s to its neighbour, hello packet is delivered using multicast address 184.108.40.206.
3550-1 SVI configuration
3550-1(config)#int vlan 1
3550-1(config-if)#ip pim dense-mode
Since SVI vlan 1 is process the multicast ip pim dense-mode command is configured.
3550-1(config-if)#ip igmp join-group 220.127.116.11
Make the vlan1 to be the group of 18.104.22.168. Once you use this command ip igmp snooping is enabled by the MLS or router.
Correction: ip igmp join-group <address> is used for testing purpose only, this command will make the the switch to simulate as a mc receiver. Once ip multicast helper-map command is used IOS will auto join the group by following the source and destination address from the access-list. Ask yourself, SVI is forwarding MC out using PIM why does it need to join MC like a MC receiver? Your MC receiver will know when to join and leave the MC group dynamically.
3550-1(config)#ip igmp snooping vlan 1 mrouter interface fa0/7
By default when ip igmp join-group is used ip igmp snooping is enabled by default. If no ip igmp snooping is used to disable the igmp snooping then the host connected to any vlan 1 access ports will receive the multicast. The keyword mrouter means the switch assumed there is a multicast router at interface fa0/7. This is used for testing only, your application should know how to join the group dynamically. Find out which IGMP version can your host support.
The other way to do igmp snooping is by assigning a static multicast mac address. Wrong explanation, this should not be used at all, your application will know when to join and when to leave.
In this case we are using multicast ip address 22.214.171.124 which has a multicast mac address of 0100.5e05.0505.
If you see 0100.5exx.xxxx it is likely a multicast mac address, between 0100.e500.0000 and 0100.5e7f.ffff is used for multicast.
So to make host connected to fa0/7 to receive multicast, there’s 3 ways to implement the ip igmp snooping feature:
1. ip igmp snooping vlan 1 mrouter interface fa0/7
This is to make the switch believe that there’s a multicast router connected to fa0/7.
2. ip igmp snooping vlan 1 static 0100.5e05.0505 interface fa0/7
Statically hardcode the multicast mac address into the mroute table. Use this one if you are doing testing only. Your MC receiver application will know how to join the mc group itself, this is configured to test with a host using wireshark, in actual deployment if mc is forwarded out, interested mc receivers will automatically join and leave dynamically.
3. no ip igmp snooping
Disable ip igmp snooping feature. The default is to turn on ip igmp snooping. Turning off igmp snooping will have a major impact on your network traffic, please do not turn this off. Not all hosts in your vlan needs a mc, snooping is to limit the mc to those receivers that are interested!
This screenshot showed Multicast receiver 2 receive the multicast after ip igmp snooping vlan 1 static 0100.5e05.0505 interface fa0/7 was used.
This screenshot was taken when the command ip igmp snooping vlan 1 mrouter interface fa0/7 was used.
3550-2 global configuration
3550-2(config)#ip forward-protocol udp 65000
3550-2(config)#ip igmp snooping vlan 1 mrouter interface fa0/7
3550-2 SVI configuration
3550-2(config)#int vlan 1
3550-2(config-if)#ip address 172.30.10.2 255.255.255.0
3550-2(config-if)#ip pim dense-mode
3550-2(config-if)#ip igmp join-group 126.96.36.199
The configuration for 3550-2 is similar to 3550-1, 3550-2 only has clients that are multicast receivers hence 3550-2 does not need ip directed-broadcast and an access-list.
This screenshot taken from 3550-1 showed that the broadcast translated into multicast address 188.8.131.52.
One thought on “For Testing only: Broadcast to multicast translation and multicast routing using MLS”
This configuration is flawed, in actual deployment static mac address entry is not needed at all. By default, the mc receiver hosts (mc listeners) should join the group themselves if they are interested to receive the mc packets from the source. a ip igmp snooping vlan 1 static 0100.5exx.xxxx interface fa0/7 is not necessary unless the mc receiver does not send a join message itself. In this configuration it is tested with crafted bc packet from netcat, the broadcast is then translated into mc and sent out to the outgoing svi vlan 1. The host connected to vlan 1 fa0/7 is not igmp capable, in fact only wireshark is turned on, hence naturally no igmp join request is sent, so in order to test if the mc is forwarded out to the group the static entry was created.