since there is no IGMP snooping, is there any way to prevent multicast frames getting out from some port with ACL rules. Tried to put 224.0.0.0/4 as IP Dst:, but no effect.
Check appropriate “from” ports (incoming), fill “224.0.0.0/4” as “Ip Dst”, check “Redirect To” and don’t check any port there.
is it working? i’m going to buy SwOS if this works
I’ve tested that and it was working for me. It would be good if somebody else will confirm that too.
zervan - could you paste screen shot of your acl config?
Here you are:
Ok but I dont understand one thing. IGMP Snooping “knows” from which port to which port multicast is going. So what gives you that configuration?
look into this like manual IGMP snooping. With this setup you can filter out multicast from some ports or all of them.
in configuration, mentioned above is:
From: port5 (packets coming in from port5)
IP Dst: 224.0.0.0/4 (this selects all packets with multicast destination IP’s)
Redirect To: none (previously selected packets is not forwarded to any ports)
or if you select some ports in “redirect to”, then multicast will be forwarded to these ports only. After all, it is the same thing what IGMP snooping does, but it does it automatically when group joining and leaving messages pass the switch.
And I can confirm, this config works really well.
how to implement this in routeros?
Guess like this cant test it.
/interface ethernet switch rule add ports=ether1 switch=switch1 dst-address=224.0.0.0/4 new-dst-ports=
You should check your switch en and port nr.
Let met know if it works.
Where I find this in winbox?