Ip Igmp Snooping Router-Alert-Option-Check - Edge-Core ECS4610-24F Management Manual

ip igmp snooping
router-alert-option-
check
C M
OMMAND ODE
Global Configuration
C U
OMMAND SAGE
IGMP snooping querier is not supported for IGMPv3 snooping (see
◆
igmp snooping version).
◆ If enabled, the switch will serve as querier if elected. The querier is
responsible for asking hosts if they want to receive multicast traffic.
E
XAMPLE
Console(config)#ip igmp snooping querier
Console(config)#
This command discards any IGMPv2/v3 packets that do not include the
Router Alert option. Use the no form to ignore the Router Alert Option
when receiving IGMP messages.
S
YNTAX
[no] ip igmp snooping router-alert-option-check
D S
EFAULT ETTING
Disabled
C M
OMMAND ODE
Global Configuration
C U
OMMAND SAGE
As described in Section 9.1 of RFC 3376 for IGMP Version 3, the Router
Alert Option can be used to protect against DOS attacks. One common
method of attack is launched by an intruder who takes over the role of
querier, and starts overloading multicast hosts by sending a large number
of group-and-source-specific queries, each with a large source list and the
Maximum Response Time set to a large value.
To protect against this kind of attack, (1) routers should not forward
queries. This is easier to accomplish if the query carries the Router Alert
option. (2) Also, when the switch is acting in the role of a multicast host
(such as when using proxy routing), it should ignore version 2 or 3 queries
that do not contain the Router Alert option.
E
XAMPLE
Console(config)#ip igmp snooping router-alert-option-check
Console(config)#
– 907 –
| Multicast Filtering Commands
C 39
HAPTER
IGMP Snooping
ip