Community discussions

MUM Europe 2020
 
netmaster
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 68
Joined: Thu Jan 05, 2006 11:42 am

filter out multicast

Mon Aug 29, 2011 11:51 pm

since there is no IGMP snooping, is there any way to prevent multicast frames getting out from some port with ACL rules. Tried to put 224.0.0.0/4 as IP Dst:, but no effect.
 
User avatar
zervan
Member
Member
Posts: 324
Joined: Fri Aug 20, 2010 10:43 pm
Location: Slovakia
Contact:

Re: filter out multicast

Tue Aug 30, 2011 8:52 am

Check appropriate "from" ports (incoming), fill "224.0.0.0/4" as "Ip Dst", check "Redirect To" and don't check any port there.
Dusan Zervan from Slovakia
MTCNA, MTCRE
 
User avatar
winet
Member Candidate
Member Candidate
Posts: 272
Joined: Fri Mar 16, 2007 4:49 pm
Location: Indonesia

Re: filter out multicast

Wed Oct 12, 2011 4:39 pm

is it working? i'm going to buy SwOS if this works
 
User avatar
zervan
Member
Member
Posts: 324
Joined: Fri Aug 20, 2010 10:43 pm
Location: Slovakia
Contact:

Re: filter out multicast

Wed Oct 12, 2011 5:52 pm

I've tested that and it was working for me. It would be good if somebody else will confirm that too.
Dusan Zervan from Slovakia
MTCNA, MTCRE
 
log
Member Candidate
Member Candidate
Posts: 105
Joined: Fri May 28, 2010 11:37 am

Re: filter out multicast

Thu Oct 13, 2011 4:04 pm

zervan - could you paste screen shot of your acl config?
 
User avatar
zervan
Member
Member
Posts: 324
Joined: Fri Aug 20, 2010 10:43 pm
Location: Slovakia
Contact:

Re: filter out multicast

Thu Oct 13, 2011 7:27 pm

Here you are:
You do not have the required permissions to view the files attached to this post.
Dusan Zervan from Slovakia
MTCNA, MTCRE
 
log
Member Candidate
Member Candidate
Posts: 105
Joined: Fri May 28, 2010 11:37 am

Re: filter out multicast

Wed Oct 19, 2011 10:56 am

Here you are:
Ok but I dont understand one thing. IGMP Snooping "knows" from which port to which port multicast is going. So what gives you that configuration?
 
netmaster
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 68
Joined: Thu Jan 05, 2006 11:42 am

Re: filter out multicast

Wed Oct 19, 2011 11:29 am

Ok but I dont understand one thing. IGMP Snooping "knows" from which port to which port multicast is going. So what gives you that configuration?
look into this like manual IGMP snooping. With this setup you can filter out multicast from some ports or all of them.

in configuration, mentioned above is:
From: port5 (packets coming in from port5)
IP Dst: 224.0.0.0/4 (this selects all packets with multicast destination IP's)
Redirect To: none (previously selected packets is not forwarded to any ports)

or if you select some ports in "redirect to", then multicast will be forwarded to these ports only. After all, it is the same thing what IGMP snooping does, but it does it automatically when group joining and leaving messages pass the switch.
And I can confirm, this config works really well.
 
punik
just joined
Posts: 1
Joined: Tue Oct 25, 2016 10:38 am

Re: filter out multicast

Tue Oct 25, 2016 10:41 am

how to implement this in routeros?
 
stormeporm
newbie
Posts: 39
Joined: Sun Dec 30, 2012 12:39 pm

Re: filter out multicast

Wed Jan 25, 2017 6:23 pm

Guess like this cant test it.
/interface ethernet switch rule add ports=ether1 switch=switch1 dst-address=224.0.0.0/4 new-dst-ports=

You should check your switch en and port nr.
Let met know if it works.
 
lpt2007
Frequent Visitor
Frequent Visitor
Posts: 74
Joined: Wed Jul 23, 2014 4:08 pm

Re: filter out multicast

Fri Nov 30, 2018 12:18 am

Guess like this cant test it.
/interface ethernet switch rule add ports=ether1 switch=switch1 dst-address=224.0.0.0/4 new-dst-ports=

You should check your switch en and port nr.
Let met know if it works.
Where I find this in winbox?

Who is online

Users browsing this forum: No registered users and 5 guests