0

I have a L3 switch that does IGMP snooping, but it cannot act as an IGMP querier, and there is no IGMP querier connected to this network.

Would it be possible to implement an IGMP querier in software, so that my L3 switch can snoop on it and route accordingly?

Evgeniy Berezovsky
  • 851
  • 1
  • 8
  • 26

2 Answers2

0

I implemented a proof of concept and found it actually is possible to implement an IGMP querier in software.

My software querier gets treated like the real thing, i.e. clients send their reports when prompted by it, as I could verify with Wireshark, comparing a network with a real IGMP querier, to a network without one but having that software querier running.

The software querier periodically sends "IGMP general queries", and, using WinPCap to capture all IGMP traffic, it is able to send "IGMP specific query" messages in response to "IGMP leave" messages.

N.B. If you want to subscribe to IGMP groups on the same host (and NIC) where you run the software IGMP querier, it seems necessary to use (= spoof) an IP address/MAC address combo different from that of the interface you are using, otherwise my Windows (8.1) e.g. did not properly detect the IGMP version.

Evgeniy Berezovsky
  • 851
  • 1
  • 8
  • 26
  • Aren't generic linux machines capable of acting as queriers? There seems to be a lot of discussion on enabling them for linux bridges, and the behavior seems to be enableable by `echo -n 1 > /sys/devices/virtual/net/br0/bridge/multicast_querier`; see eg.: http://unix.stackexchange.com/questions/132604/br0-causes-to-drop-multicast-connection-after-5-minutes – P Marecki Apr 05 '17 at 09:51
  • @PMarecki That's in fact an answer to my question (so go ahead and make it a proper answer). In the past, the (software) IGMP querier was enabled by default, when IGMP snooping is enabled, but that [changed](https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/net/bridge/br_multicast.c?id=c5c23260594c5701af66ef754916775ba6a46bbc) when the flag you mention was added. – Evgeniy Berezovsky Apr 05 '17 at 22:45
-1

IGMP is only used within a broadcast domain, eg within the switch or switches. Between domains, anything that gets routed, the multicast group information is communicated by another protocol - almost always this protocol is PIM.

I'm not sure I understand your question though. The client joins the multicast group, the server don't force it into a group. If the router don't speak IGMP there's no way for the client to establish the group membership across the router.

Chris S
  • 77,337
  • 11
  • 120
  • 212
  • 3
    "IGMP querier" and "IGMP snooping" are common IGMP terms, and I'm not sure if you are aware of them. If there's no IGMP querier in a network, hosts interested in a multicast group will send a single unsolicited IGMP membership report. But to keep the membership fresh, e.g. for an "IGMP snooping" switch, the IGMP report needs to be refreshed periodically. But Clients only resend reports when prompted by IGMP queries, which are sent by the IGMP querier. – Evgeniy Berezovsky Sep 24 '14 at 05:29
  • I'm aware of the terms. But I fail to see how you're going to get multicast working on a network where the router does not support IGMP. – Chris S Sep 24 '14 at 14:34
  • As stated in the question, the L3 switch does support IGMP snooping. This is multicast where the source is in the same network as the clients, hence the routers don't need to get involved to route the traffic. What's missing is an IGMP querier. – Evgeniy Berezovsky Sep 24 '14 at 23:22
  • 1
    See e.g. NETGEAR's FAQ on [IGMP snooping queriers](http://kb.netgear.com/app/answers/detail/a_id/21776/session/L2F2LzEvdGltZS8xNDExNjA5ODA3L3NpZC9OYVFRUmUzbQ%3D%3D) for IGMP without a capable router: `the IGMP snooping operation usually requires an extra network device—usually a router—that can generate an IGMP membership query and solicit interested nodes to respond. With the built-in IGMP querier feature inside the switch, such an external device is no longer needed.` – Evgeniy Berezovsky Sep 25 '14 at 01:56
  • 1
    Or see [CISCO](http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/configuration/guide/sy_swcg/ipv4_igmp_snooping.html#wpxref74485): `You can configure the IGMP snooping querier on the switch to support IGMP snooping in subnets that do not have any multicast router interfaces` – Evgeniy Berezovsky Sep 25 '14 at 05:18
  • Ok, but your question is about your L3 Switch ***Routing*** multicast traffic. None of this has anything to do with that. Without IGMP the switch should just fall back to broadcasting the multicast traffic and letting the clients sort out where it's supposed to go. This is obviously less than ideal, but should work fine unless you've got bandwidth problems. If you don't have bandwidth problems then I don't see how this is even a "real" problem in the first place. What am I missing here? – Chris S Sep 25 '14 at 15:07
  • This isn't leading anywhere. My question is specific, and you just don't address it. In the meantime, however, my proof of concept gave the answer: `Yes, it is possible to use a software IGMP querier in the absence of a hardware one`, and the IGMP snooper won't know the difference. That fact btw is not affected by you downvoting it. – Evgeniy Berezovsky Sep 25 '14 at 23:10
  • Having said that, it might be best to migrate this question over to stackoverflow, where users actually do write software, although this question is neither here nor there. In any event, it would need 3k rep (on serverfault) to move the question. – Evgeniy Berezovsky Sep 25 '14 at 23:54
  • Eugene, You seem to really struggle to type sentences that say what you mean, go back and read what you've left, it's full of sentences that don't make sense. Your Answer doesn't actually answer your Question as it's written. [sf] is for Professional Administrators (et al) only, not programmers (if you wanted to know how to program a IGMP Querier then you should have said so and this would have been migrated immediately). Similarly if you just wanted to know if Snooping could be fooled by any random Querier then you should have said that. You seriously need to work on your communication skills – Chris S Sep 26 '14 at 13:06
  • 1
    I see that the question was rewritten at some point - as it stands now, its' a reasonable question. – Dan Pritts Apr 24 '15 at 17:24