nanog mailing list archives
Re: IPV6 Multicast Listener storm control?
From: Mikael Abrahamsson <swmike () swm pp se>
Date: Tue, 23 Sep 2014 05:55:30 +0200 (CEST)
On Mon, 22 Sep 2014, Richard Holbo wrote:
Now it looks like from my reading that CISCO MLD snooping would _help_ with this, though it would not stop the offender from generating the multicast requests, it might keep if from reaching _all_ ports, but it would still
If the packets are sent to ff02::1, then this will be sent to all ports even with MLD snooping turned on.
http://www.ietf.org/rfc/rfc4541.txt "In IPv6, the data forwarding rules are more straight forward because MLD is mandated for addresses with scope 2 (link-scope) or greater. The only exception is the address FF02::1 which is the all hosts link-scope address for which MLD messages are never sent. Packets with the all hosts link-scope address should be forwarded on all ports." So I doubt turning on MLD snooping will help.Your switches, can't you do some kind of protocol based filtering, and only allow two ethertypes, ARP and IPv4?
-- Mikael Abrahamsson email: swmike () swm pp se
Current thread:
- IPV6 Multicast Listener storm control? Richard Holbo (Sep 22)
- Re: IPV6 Multicast Listener storm control? Mikael Abrahamsson (Sep 22)
- RE: IPV6 Multicast Listener storm control? Naslund, Steve (Sep 22)
- Re: IPV6 Multicast Listener storm control? Rob Seastrom (Sep 23)
- Re: IPV6 Multicast Listener storm control? Rob Seastrom (Sep 23)