Hi everyone,
we observing a strange igmp snooping issue on our mikrotik switches. In essence we see the igmp snooping breaking on mikrotik switches which are not connected directly to the querier switch.
Let me describe the setup real quick:
We are using five CRS326-24S+2Q+ switches connected to each other operating as core switches (named CSW1 - 5). We have about 90 access switches (plus other stuff routers, servers etc.) connected to these core switches. Additionally we have a cisco switch connected to one of the core switches (CSW3) acting as an igmp querier. The cisco switch is connected to a iptv head station streaming multicast into a vlan. All core switches and other switches have igmp snooping enabled. All switches recognise the igmp querier.
The mikrotik switches all run on RouterOS 7.16.1.
We see the igmp snooping process failing on a core switch further up the chain though:
The systems are connected as follows: IPTV headend → Cisco Switch → CSW3 → CSW4 → Linux machine (tcpdump)
We use tcpdump to track multicast traffic on a port. After rebooting CSW4 everything works as expected for about 30 minutes or so. Our linux machine only receives the expected multicast traffic on the expected vlan (we used ffprobe / ffmpeg). After about 15 - 45 minutes the linux machine gets flooded with multicast traffic though (as does every other port on CSW4). It seems like the igmp snooping process crashed on the CSW4 switch. Looking at the MDB you can see the multicast groups and that the port of the linux machine is not listed as an on-port.
When we deactivate Unknown Multicast on the bridge of CSW4 the linux machine is not able to receive any multicast traffic at all.
If we do the same test connecting the linux machine to a port of csw3 igmp snooping works as expected.
Has anyone seen something similar before?