Ip igmp snooping router-alert-option- check, Ip igmp snooping router-alert-option-check, Ip igmp snooping router – LevelOne GTL-2691 User Manual
Page 1189: Alert-option-check
C
HAPTER
42
| Multicast Filtering Commands
IGMP Snooping
– 1189 –
C
OMMAND
U
SAGE
◆
IGMP snooping querier is not supported for IGMPv3 snooping (see
◆
If enabled, the switch will serve as querier if elected. The querier is
responsible for asking hosts if they want to receive multicast traffic.
E
XAMPLE
Console(config)#ip igmp snooping querier
Console(config)#
ip igmp snooping
router-alert-option-
check
This command discards any IGMPv2/v3 packets that do not include the
Router Alert option. Use the no form to ignore the Router Alert Option
when receiving IGMP messages.
S
YNTAX
[no] ip igmp snooping router-alert-option-check
D
EFAULT
S
ETTING
Disabled
C
OMMAND
M
ODE
Global Configuration
C
OMMAND
U
SAGE
As described in Section 9.1 of RFC 3376 for IGMP Version 3, the Router
Alert Option can be used to protect against DOS attacks. One common
method of attack is launched by an intruder who takes over the role of
querier, and starts overloading multicast hosts by sending a large number
of group-and-source-specific queries, each with a large source list and the
Maximum Response Time set to a large value.
To protect against this kind of attack, (1) routers should not forward
queries. This is easier to accomplish if the query carries the Router Alert
option. (2) Also, when the switch is acting in the role of a multicast host
(such as when using proxy routing), it should ignore version 2 or 3 queries
that do not contain the Router Alert option.
E
XAMPLE
Console(config)#ip igmp snooping router-alert-option-check
Console(config)#