Cisco Cisco Aironet 350 Mini-PCI Wireless LAN Client Adapter Guia Do Desenho
6-7
Enterprise Mobility 4.1 Design Guide
OL-14435-01
Chapter 6 Cisco Unified Wireless Multicast Design
Multicast Deployment Considerations
All Controllers have the Same LWAPP Multicast Group
To prevent the second controller from retransmitting these LWAPP encapsulated packets, the controllers
blocks incoming multicast packets to the LWAPP multicast group and the LWAPP reserved ports. By
blocking the reserved ports, the controller blocks the first part of a fragmented packet in an encapsulated
LWAPP multicast packet. However, the second packet does not contain port numbers and can only be
blocked by filtering it on the multicast group address (destination address). The controller blocks any
packets where the destination address is equal to the LWAPP multicast group address assigned to the
controller.
blocks incoming multicast packets to the LWAPP multicast group and the LWAPP reserved ports. By
blocking the reserved ports, the controller blocks the first part of a fragmented packet in an encapsulated
LWAPP multicast packet. However, the second packet does not contain port numbers and can only be
blocked by filtering it on the multicast group address (destination address). The controller blocks any
packets where the destination address is equal to the LWAPP multicast group address assigned to the
controller.
However, assigning every controller to the same LWAPP multicast group creates other problems. IGMP
version 1 and 2 used by the APs to join the LWAPP multicast group use Any Source Multicast (ASM)
and the APs will receive multicast traffic from all sources of the multicast group in the network. This
means the APs will receive multicast packets from all of the controllers on the network if the controllers
are configured with the same multicast group address, and no multicast boundaries have been applied.
One controller’s multicast traffic will flood out to all of the APs across the network and every APs
receive (and drop it if the source address is not equal to its controller’s management address) the
multicast traffic that is being received from any wireless multicast client in the entire network.
Additionally, locally sourced multicast packets from any client VLAN such as HSRP, PIM, and EIGRP
and OSPF multicast packets will also be flooded throughout the network.
version 1 and 2 used by the APs to join the LWAPP multicast group use Any Source Multicast (ASM)
and the APs will receive multicast traffic from all sources of the multicast group in the network. This
means the APs will receive multicast packets from all of the controllers on the network if the controllers
are configured with the same multicast group address, and no multicast boundaries have been applied.
One controller’s multicast traffic will flood out to all of the APs across the network and every APs
receive (and drop it if the source address is not equal to its controller’s management address) the
multicast traffic that is being received from any wireless multicast client in the entire network.
Additionally, locally sourced multicast packets from any client VLAN such as HSRP, PIM, and EIGRP
and OSPF multicast packets will also be flooded throughout the network.
Note
Cisco IOS APs (e.g. 1240) use IGMPv2 while VxWorks APs (e.g. 1030) use IGMPv1.
Controlling Multicast on the WLAN Using Standard Multicast Techniques
Normal boundary techniques should be used in your multicast enabled network. These include using the
ip multicast boundary interface mode command, which filters IP multicast traffic and also Auto-RP
messages.
ip multicast boundary interface mode command, which filters IP multicast traffic and also Auto-RP
messages.
Note
A wired client anywhere in the network may request the LWAPP multicast stream and receive it from all
sources (if multicast boundaries are not applied). Multicast streams are not encrypted when they are
encapsulated in the LWAPP multicast packet. Therefore, it is recommended that multicast boundaries be
implemented to block this type of access.
sources (if multicast boundaries are not applied). Multicast streams are not encrypted when they are
encapsulated in the LWAPP multicast packet. Therefore, it is recommended that multicast boundaries be
implemented to block this type of access.
Table 6-1
Pros and Cons of using the same Multicast Group or Different
Groups
Groups
PROS
CONS
All controllers have the
same LWAPP multicast
group
same LWAPP multicast
group
No need to do any
additional fragmentation
protection measures
additional fragmentation
protection measures
Each controller’s multicast traffic is flooded
throughout the network (APs will drop
multicast packets that don’t have a source IP
address equal to their controller management
interface)
throughout the network (APs will drop
multicast packets that don’t have a source IP
address equal to their controller management
interface)
Standard multicast
techniques are used to
block LWAPP multicast
fragments
techniques are used to
block LWAPP multicast
fragments
Can use a range of
addresses thus
preventing flooding
throughout the network.
addresses thus
preventing flooding
throughout the network.
ACL filtering must be applied on first hop
router on all VLANs configured on multicast
enabled controllers
router on all VLANs configured on multicast
enabled controllers