IOS Features & Management
Multicast: What is the difference between an igmp filter and an igmp access-group?
Email this post
⋅ 
Print this post
⋅ Post a commentSite Search Tags: access list, filtering, igmp, igmp filtering, mock labs, multicast, vlan
Thanks for visiting! If you're new here, you may want to subscribe to my RSS feed. This blog posts regular tutorials, news, and study tips about networking, especially about Cisco CCIE related topics. Go ahead, subscribe to the rss feed! You can also receive updates from this blog via email. Thanks for visiting!
After doing IE Mock Lab 5, and analyzing it over the last few days, I had an epiphany with regards to an igmp filtering question. The question required you to limit users joining a certain multicast group, and also place a limit on how many groups users in that vlan can join. I immediately thought “Oh cool, no problem ip igmp access-group with a standard access list, and an ip igmp limit and we are good to go! This stuff is easy”. Brrr! Wrong! :)
The ip igmp limit and ip igmp access-group commands apply to a layer 3 routed port! The question involved setting this up on a layer 2 port so this wouldn’t work properly. The correct answer involved ip igmp profile and ip igmp max-groups.
So, lets say you have a requirement where you want to limit users on vlan 10 from joining multicast groups 232.0.0.0 -> 239.255.255.255. The requirement also says to limit it so they can belong to only 5 multicast groups. How would you do this on a layer 2 port vs a layer 3 port? I’m glad you asked! :)
Solution on Layer 3 Switch:
Layer 2 Port (ie switchport)
int f0/10
switchport mode access
switchport access vlan 10
ip igmp max-groups 5
ip igmp filter 1
!
ip igmp profile 1
deny
range 232.0.0.0 239.255.255.255
Layer 3 Port (ie routed port)
int vlan 10
ip igmp access-group DENY_THESE_GROUPS
ip igmp limit 5
!
ip access-list standard DENY_THESE_GROUPS
deny 232.0.0.0 7.255.255.255
permit any
The Layer 3 port configuration would equally apply on a routed port (ie port with no switchport configured or a port on a router). Notice the differences in defining of the groups allowed. “Hey Ards, How about one of your famous tutorials on this so I can follow along in Dynamips?”. Sorry, no time :) My CCIE lab is in 30 days and I have a million practice labs to do! I’ll write one up when I’m done…hopefully with some CCIE digits next to my name!
Related posts
Categories
Twitter Feed...
- Sitting at the docklands listening to the band play acoustic matchbox 20 http://twitpic.com/kt11
- At the horse races http://twitpic.com/jtqv
- @ccietalk LOL. just taking a break! This is my first summer in two years that I haven't been studying!
- @joshatterbury dude that is my kind of diet!
- James squire tasting paddle. 5 beers. Heaven http://twitpic.com/jpdj
Follow me...
Recent Comments
- diriger on Tutorial: IPv6 Tunnels Part 2 - Automatic 6to4 Tunnels
- csyeo on Blog: My IPexpert Voice Stuff Has Arrived!
- Arden Packeer, CCIE #20716 on Tutorial: How to use Cisco MQC & NBAR to filter websites like Youtube
- Dan on Tutorial: How to use Cisco MQC & NBAR to filter websites like Youtube
- Ricardo on Configuring Priority Queuing
Most Emailed
- Tutorial: How to use Cisco MQC & NBAR to filter websites like Youtube - 10 emails
- Tutorial: What is the difference between bandwidth percent and bandwidth remaining percent? - 10 emails
- Tutorial: OSPF Network Types and Frame Relay Part 1 - 7 emails
- Tutorial: How to set up a basic Dynamips Lab using Dynagen, Part 1 - 6 emails
- Tutorial: OSPF Network Types and Frame Relay Part 4 - 3 emails
Discussion
No comments for “Multicast: What is the difference between an igmp filter and an igmp access-group?”
Post a comment