What is IGMP Snooping?

This article may contain affiliate links. When you purchase through links on our site, we may earn an affiliate commission.

what is igmp snooping
IGMP or Internet Group Management Protocol is an advanced internet option used for multicast traffic on VLANs. It constrains this traffic and ensures that it is only broadcasted to the interfaces connected to receivers who are actually interested. You can enable IGMP snooping if you feel like you need it, but let’s first look at everything you need to know about it.

Why Use IGMP Snooping?

People primarily use IGMP snooping for its two main benefits; the first being increased bandwidth utilization and the second being better security. Most routers have the option of IGMP snooping available.

Since IGMP reduces flooding of data packets and enables selective forwarding of multicast data to willing ports (instead of all the available ports in a VLAN), it optimizes the utilization of your available bandwidth. Your network becomes more secure overall because IGMP snooping prevents service attacks from unknown sources.

How IGMP Snooping Works

For multicast streaming, the destination address itself can never be the source, so when multicast traffic is received from such an address, it floods the VLAN on the receiving end. IGMP snooping prevents an overflow of unwanted and unneeded traffic by monitoring the data packets between the multicast router and the receiver.

It then makes a forwarding table of sorts, which is used to selectively forward traffic to willing members of the multicast group. IGMP snooping is most commonly used for RVIs or Routed VLAN Interfaces.

Message Types

We have talked about how IGMP snooping sends traffic to interested parties, but how does it filter these parties out? Multicast routers can use IGMP for queries as well; in which case it can send out certain types of messages as queries, depending on the purpose.

General queries are used to find out if any host is listening to any multicast group. Group-specific queries check is any hosts are listening to a specific multicast group, and group-and-source-specific queries check if any hosts are listening to group traffic from a specific multicast source.

Hosts that are listening to multicast groups are the interested parties. Such hosts can send out membership or leave reports as messages (indicating that they want to join or leave an existing multicast group). Group-specific and group-and-source-specific queries are usually sent out in response to leave reports so that new listening hosts can be identified to replace the ones leaving.

Joining/Leaving Existing Multicast Groups

Both join and leave reports work similarly, but provide certain options as well. Join reports can be either in the form of unsolicited IGMP join messages to a multicast router, or by sending this join message in response to a general query from a multicast router.

The forwarding that happens in multicast routers ensures that periodic IGMP queries are always being sent out. A host cannot remain a member of a multicast group if it doesn’t respond to these queries. A host wanting to leave can hence either simple ignore periodic general inquiries for a certain interval of time, or send out a leave report, which is quicker and more straightforward than taking a silent leave.

Forwarding Interfaces and Rules

Forwarding interfaces for IGMP snooping can be of two types. Multicast-router interfaces forward to IGMP query ports or simply to multicast routers. Group-member interfaces forward to hosts that are already members of multicast groups. The relevant device can learn about which interface to use by monitoring IGMP traffic.

These interfaces, when present in a VLAN that has IGMP snooping enabled, receive multicast traffic and then forward it while following certain rules. The rules simply pertain to differentiating between IGMP traffic and regular multicast traffic (which is not IGMP) and sending it to the appropriate destination.

Conclusion: Should You Enable IGMP Snooping?

While the whole process of IGMP snooping as described here may seem complicated, the practical application is as simple as enabling the option on your router (it is usually disabled by default). However, leaving it at that is fine if you do not need IGMP snooping, because if you have it enabled but don’t use multicast traffic, then you’ll only lose processing power when your router is constantly trying to monitor multicast transmissions that don’t even exist on your network.

Notify of
Inline Feedbacks
View all comments