We have a remote site where the Macs are not responding to IGMP membership queries, but the Windows boxes do respond. Consequently, after about 10 minutes, the IGMP-aware network switch cuts off the multicast stream to the Macs.
Here is a screen shot of Wireshark showing the problem:
The first packet is the app requesting that the network begin allowing the IGMP packets from 239.255.20.1 through to the Mac. Then you see, about every 125 seconds thereafter, the network switch configured as the IGMP querier (10.1.254.254) ask if we're still interested in that stream. Notice the conspicuous lack of response.
Here is what happens here on the local network, for comparison:
Here, about every 95 seconds the IGMP querier (172.20.0.2) asks if we still want that stream, and the Mac in question (172.20.0.144) says, "Yes, keep sending it."
The firewall is turned off on the problem Macs in the GUI, and I've verified it at the command line:
$ /usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate Firewall is disabled. (State = 0) $ /usr/libexec/ApplicationFirewall/socketfilterfw --getblockall Block all DISABLED! $ /usr/libexec/ApplicationFirewall/socketfilterfw --getstealthmode Stealth mode disabled $ /usr/libexec/ApplicationFirewall/socketfilterfw --getappblocked /Applications/mumblemutter.app/... The application is not part of the firewall
The app doesn't matter, since the stack handles IGMP queries after the group has been joined.
The problem Macs are running 10.11.5, but I cannot believe the problem would be fixed by upgrading to the absolute latest, since that would mean that a BSD-based OS is fixing serious bugs in its network stack in 2016. Possible, but extremely low probability.