MLD Group Limits

The IPv6 Multicast Listener Discovery (MLD) group limits feature provides global and per-interface MLD join limits.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Information About MLD Group Limits

Multicast Listener Discovery Protocol for IPv6

To start implementing multicasting in the campus network, users must first define who receives the multicast. The MLD protocol is used by IPv6 devices to discover the presence of multicast listeners (for example, nodes that want to receive multicast packets) on their directly attached links, and to discover specifically which multicast addresses are of interest to those neighboring nodes. It is used for discovering local group and source-specific group membership. The MLD protocol provides a means to automatically control and limit the flow of multicast traffic throughout your network with the use of special multicast queriers and hosts.

The difference between multicast queriers and hosts is as follows:

  • A querier is a network device, such as a device, that sends query messages to discover which network devices are members of a given multicast group.

  • A host is a receiver, including devices, that send report messages to inform the querier of a host membership.

A set of queriers and hosts that receive multicast data streams from the same source is called a multicast group. Queriers and hosts use MLD reports to join and leave multicast groups and to begin receiving group traffic.

MLD uses the Internet Control Message Protocol (ICMP) to carry its messages. All MLD messages are link-local with a hop limit of 1, and they all have the alert option set. The alert option implies an implementation of the hop-by-hop option header.

MLD has three types of messages:

  • Query--General, group-specific, and multicast-address-specific. In a query message, the multicast address field is set to 0 when MLD sends a general query. The general query learns which multicast addresses have listeners on an attached link.

Group-specific and multicast-address-specific queries are the same. A group address is a multicast address.

  • Report--In a report message, the multicast address field is that of the specific IPv6 multicast address to which the sender is listening.

  • Done--In a done message, the multicast address field is that of the specific IPv6 multicast address to which the source of the MLD message is no longer listening.

An MLD report must be sent with a valid IPv6 link-local source address, or the unspecified address (::), if the sending interface has not yet acquired a valid link-local address. Sending reports with the unspecified address is allowed to support the use of IPv6 multicast in the Neighbor Discovery Protocol.

For stateless autoconfiguration, a node is required to join several IPv6 multicast groups in order to perform duplicate address detection (DAD). Prior to DAD, the only address the reporting node has for the sending interface is a tentative one, which cannot be used for communication. Therefore, the unspecified address must be used.

MLD states that result from MLD version 2 or MLD version 1 membership reports can be limited globally or by interface. The MLD group limits feature provides protection against denial of service (DoS) attacks caused by MLD packets. Membership reports in excess of the configured limits will not be entered in the MLD cache, and traffic for those excess membership reports will not be forwarded.

MLD provides support for source filtering. Source filtering allows a node to report interest in listening to packets only from specific source addresses (as required to support SSM), or from all addresses except specific source addresses sent to a particular multicast address.

When a host using MLD version 1 sends a leave message, the device needs to send query messages to reconfirm that this host was the last MLD version 1 host joined to the group before it can stop forwarding traffic. This function takes about 2 seconds. This "leave latency" is also present in IGMP version 2 for IPv4 multicast.

How to Implement MLD Group Limits

Implementing MLD Group Limits Globally

SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    ipv6 mld [vrf vrf-name] state-limit number


DETAILED STEPS
     Command or ActionPurpose
    Step 1 enable


    Example:
    Device> enable
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.

     
    Step 2 configure terminal


    Example:
    Device# configure terminal
     

    Enters global configuration mode.

     
    Step 3 ipv6 mld [vrf vrf-name] state-limit number


    Example:
    Device(config)# ipv6 mld state-limit 300
     

    Limits the number of MLD states globally.

     

    Implementing MLD Group Limits per Interface

    SUMMARY STEPS

      1.    enable

      2.    configure terminal

      3.    interface type number

      4.    ipv6 mld limit number [except access-list


    DETAILED STEPS
       Command or ActionPurpose
      Step 1 enable


      Example:
      Device> enable
       

      Enables privileged EXEC mode.

      • Enter your password if prompted.

       
      Step 2 configure terminal


      Example:
      Device# configure terminal
       

      Enters global configuration mode.

       
      Step 3 interface type number


      Example:
      Device(config)# interface FastEthernet 1/0
       

      Specifies an interface type and number, and places the device in interface configuration mode.

       
      Step 4 ipv6 mld limit number [except access-list


      Example:
      device(config-if)# ipv6 mld limit 100
       

      Limits the number of MLD states on a per-interface basis.

       

      Configuration Examples for MLD Group Limits

      Example: Implementing MLD Group Limits

      This example shows the groups and channels that are being accounted when the MLD group limit function is active:

      Device# show ipv6 mld groups FF03::1 detail
      
      Interface:	FastEthernet5/1
      Group:		FF03::1
      Uptime:		00:00:05
      Router mode:	EXCLUDE (Expires: 00:04:14)
      Host mode:	INCLUDE
      Last reporter:	FE80::20A:8BFF:FE4D:6039
      State accounted
      Source list is empty
      
      Interface:	FastEthernet5/1
      Group:		FF33::1
      Uptime:		00:00:03
      Router mode:	INCLUDE
      Host mode:	INCLUDE
      Last reporter:	FE80::20A:8BFF:FE4D:6039
      Group source list:
      Source Address                          Uptime    Expires   Fwd  Flags
      2001:DB8:0::1                                   00:00:03  00:04:16  Yes  Remote Ac 4
      

      The following example shows all of the groups joined by Fast Ethernet interface 2/1, including link-local groups used by network protocols.

      Device# show ipv6 mld groups FastEthernet 2/1
      
      MLD Connected Group Membership
      Group Address          Interface           Uptime        Expires
      FF02::2                FastEthernet2/1     3d18h         never
      FF02::D                FastEthernet2/1     3d18h         never
      FF02::16               FastEthernet2/1     3d18h         never
      FF02::1:FF00:1         FastEthernet2/1     3d18h         00:00:27
      FF02::1:FF00:79        FastEthernet2/1     3d18h         never
      FF02::1:FF23:83C2      FastEthernet2/1     3d18h         00:00:22
      FF02::1:FFAF:2C39      FastEthernet2/1     3d18h         never
      FF06:7777::1           FastEthernet2/1     3d18h         00:00:26

      The following is sample output from the show ipv6 mld groups summary command:

      Device# show ipv6 mld groups summary
      
      
      MLD Route Summary
        No. of (*,G) routes = 5
        No. of (S,G) routes = 0

      Additional References

      Related Documents

      Related Topic

      Document Title

      IPv6 addressing and connectivity

      IPv6 Configuration Guide

      Cisco IOS commands

      Cisco IOS Master Commands List, All Releases

      IP multicast commands

      Cisco IOS IP Multicast Command Reference

      IPv6 commands

      Cisco IOS IPv6 Command Reference

      Cisco IOS IPv6 features

      Cisco IOS IPv6 Feature Mapping

      Standards and RFCs

      Standard/RFC

      Title

      RFCs for IPv6

      IPv6 RFCs

      MIBs

      MIB

      MIBs Link

      To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

      http:/​/​www.cisco.com/​go/​mibs

      Technical Assistance

      Description

      Link

      The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

      http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

      Feature Information for MLD Group Limits

      The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

      Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.
      Table 1 Feature Information for MLD Group Limits

      Feature Name

      Releases

      Feature Information

      MLD Group Limits

      12.2(33)SRE

      12.2(50)SY

      12.4(2)T

      15.0(1)S

      15.0(1)SY

      15.1(1)SY

      Cisco IOS XE Release 2.6

      The IPv6 MLD group limits feature provides global and per-interface MLD join limits.

      The following commands were introduced or modified: ipv6 mld limit, ipv6 mld state-limit.