Cisco Cisco Aironet 350 Mini-PCI Wireless LAN Client Adapter デザインガイド
6-8
Enterprise Mobility 4.1 Design Guide
OL-14435-01
Chapter 6 Cisco Unified Wireless Multicast Design
Multicast Deployment Considerations
In the past, Time To Live field in the IP Multicast datagram was used for creating Auto-RP
administrative boundaries using the ttl-threshold command. This has been superseded by the ip
multicast boundary interface mode command, which filters IP multicast traffic and also Auto-RP
messages. Cisco recommends using the new command.
administrative boundaries using the ttl-threshold command. This has been superseded by the ip
multicast boundary interface mode command, which filters IP multicast traffic and also Auto-RP
messages. Cisco recommends using the new command.
Other useful commands include the ip multicast rate-limit interface command. This command
enforces low rates on the wireless VLANs. Without it, even if the network engineer filters the high rate
multicast addresses, a low rate multicast address cannot exceed its rate.
enforces low rates on the wireless VLANs. Without it, even if the network engineer filters the high rate
multicast addresses, a low rate multicast address cannot exceed its rate.
A typical example on a wireless client VLAN is given below. For more information on other multicast
commands for a multicast enabled network refer to
commands for a multicast enabled network refer to
. Filtering for
multicast-enabled traffic also allows you to prevent propagation of certain worms like the sasser worm
which relied on the TCP and ICMP transports with multicast addresses. Blocking these types of traffic
with multicast group addresses does not affect most applications since they typically use UDP or TCP
for streaming.
which relied on the TCP and ICMP transports with multicast addresses. Blocking these types of traffic
with multicast group addresses does not affect most applications since they typically use UDP or TCP
for streaming.
In the following example, packets to the multicast group range 239.0.0.0 to 239.127.255.255 from any
source will have their packets rate-limited to 128 kbps. The example also sets up a boundary for all
multicast addresses not in the lower administratively scoped addresses. In addition, hosts serviced by
Vlan40 can only join the lower administrative groups 239.0.0.0 to 239.127.255.255.
source will have their packets rate-limited to 128 kbps. The example also sets up a boundary for all
multicast addresses not in the lower administratively scoped addresses. In addition, hosts serviced by
Vlan40 can only join the lower administrative groups 239.0.0.0 to 239.127.255.255.
mls qos
!
class-map match-all multicast_traffic
description Permit Low Rate Multicast Range of 239.0.0.0 to 239.127.0.0
match access-group 101
!
policy-map multicast
description Rate Limit Multicast traffic to 2.56mps with burst of 12800 bytes
class multicast_traffic
police cir 2560000 bc 12800 be 12800 conform-action transmit exceed-action drop
!
interface Vlan40
description To Wireless Clients
ip address 10.20.40.3 255.255.255.0
ip pim sparse-mode
ip multicast boundary 1
ip igmp access-group 30
standby 40 ip 10.20.40.1
standby 40 preempt
service-policy output multicast
!
access-list 1 remark Permit Low Rate Multicast Range of 239.0.0.0 to 239.127.0.0 for
multicast boundary
access-list 1 permit 239.0.0.0 0.127.255.255
!
access-list 30 remark Only Allow IGMP joins to this Multicast Group Range
access-list 30 permit 239.0.0.0 0.127.255.255
!
access-list 101 remark Permit Low Rate Multicast Range of 239.0.0.0 to 239.127.0.0 for
class-map
access-list 101 permit ip any 239.0.0.0 0.127.255.255