Discussion stats
  • 24 replies
  • 7794 views
  • 3 kudos
  • 5 in conversation
Announcements

Top Contributors
Reply
Highlighted
Aspirant

IGMP snooping drops bonjour multicast packets

Since I've enabled IGMP snooping my stations cannot discover an Iphone/Ipad or Airprinting services anymore. I've wiresharked that down and found out, that these packets are not arriving at all because of obviously getting dropped by the switch.

Is this a known bug or is there a workaround?

 

Thanks!

Model: GC728X| Insight Managed 28-port Smart Cloud Switches
Message 1 of 25
Highlighted
Guru

Re: IGMP snooping drops bonjour multicast packets

Have "Block Unknown Multicast Address" enabled? Try to disable it...

Message 2 of 25
Highlighted
Aspirant

Re: IGMP snooping drops bonjour multicast packets

That option sadly does not exist in this line of switches, but in my old netgear 16port I had this always enabled, as it was the only way to receive multicasts from uplink switches

 

There's only "Validate IGMP IP header" to choose from and this is disabled too.

 

I've tried so many things, for example, if I set the port of the listening device as "multicast router" it instantly works, but this is efficiently disabling IGMP-snooping on that port either (like it should)

Message 3 of 25
Highlighted
Guru

Re: IGMP snooping drops bonjour multicast packets

Afraid, only deploying these switches in Insight mode - there we enable IGMP support on all the production VLANs, most features including Airprint and similar Bonjour announcements and services are workable.

Message 4 of 25
Highlighted
Aspirant

Re: IGMP snooping drops bonjour multicast packets

I disabled cloud-access and configure the device web-based, wonder if this could make a difference..

 

How did you configure the ports connecting to the wifi-acesspoints? Did you disable igmp-snooping on these or is it configured flat "all-on"?

Message 5 of 25
Highlighted
Apprentice

Re: IGMP snooping drops bonjour multicast packets

I'm having exactly the same issue.  If you've got any further in resolving this I'd love to know.


@nico24 wrote:

I disabled cloud-access and configure the device web-based, wonder if this could make a difference..

 

How did you configure the ports connecting to the wifi-acesspoints? Did you disable igmp-snooping on these or is it configured flat "all-on"?


 

Model: GC728XP| Insight Managed 28-Port Gigabit Ethernet PoE+ Smart Cloud Switch
Message 6 of 25
Highlighted
Apprentice

Re: IGMP snooping drops bonjour multicast packets

Either of the protocol IGMP or MLD snooping is enabled on a VLAN or globally, both IPv4 and IPv6 unknown multicast packets will be dropped.

Workaround: Enable/disable IGMP snooping and MLD Snooping simultaneously.

 

^^^ This is the issue, I've disabled both in Standalone mode on the Switch.  If you change them don't switch it back to insight managed, as the default VLANs have IGMP snooping enabled and it will revert some of the changes breaking it again.  I hope a new firmware relase fixes it.

Message 7 of 25
Highlighted
Aspirant

Re: IGMP snooping drops bonjour multicast packets

 After long fiddling around with the configuration, I've finally found a solution for me. This was a bit hard to troubleshoot, because it partially worked for any Chromecast-device connected to my access-points, but no IOS device could be discovered, as the IOS devices could not discover any bonjour or airplay-devices on the lan and wifi-site.

 

So this was the initial problem. When I disabled IGMP/MLD-snooping, problems went away. My conclusion to that point of time was that the switch itself is behaving errornously. But since only parts of connected wifi-devices were not working, the problem had to be somewhere around the uplink config of these interfaces. The solution for me was to enable "Multicast Router" on the uplinks to the accesspoints, for each IGMP and MLD-mode. I do not know, if that is by design, but now everything works like it should.

Message 8 of 25
Highlighted
Apprentice

Re: IGMP snooping drops bonjour multicast packets

Interesting. I’ve got a case open with level 3 support for this at the moment. I’ll point them in the direction of this post
Message 9 of 25
Highlighted
Aspirant

Re: IGMP snooping drops bonjour multicast packets

Well my euphoria seemed to have settled since my last writing, as the switch became flakey after two days with bonjour packets dropping again, although the corresponding ports have been defined as router ports.

This was bugging me so much, so I delved a bit deeper in the CLI of the switch:

As you might know, if you have telnet enabled on the switch, you can connect a telnet-session to port 60000 on the switch and log on with admin/passw. The command set I found on the netgear hardware, differed only slightly from Ubiquitis and Dells CLI. This makes me strongly believe that all of these vendors use the same or similiar underlying switch-chipsets of course with varying capabilities but always with the same base subset of commands.

I have found the following on Dells supportpages: https://www.dell.com/support/article/us/en/04/sln307962/appletalk-and-bonjour-services-are-not-worki...

 

So what you can extract there from, is that this behavior is by design. Because bonjour and other multicast packets do not work like IGMP was designed for (i.e. NOT forming a listener group on the switch), the design is to drop those packets to access-ports, except when setting the ports as router-ports, (as described in my former writing).

On Dell hardware, there is the following command to have igmp-snooping and bonjour co-exist, (standard out-of-box behaviour is to drop them as well!): 

console(config)#ip igmp snooping unregistered floodall

 

 

With registered igmp-group packets there is perfect behaviour, only interested members get the stream, AND if unregistered passed as well (bonjour, chromecast, etc). 

 

On the GC728 switch there is no such setting:

 

(GC728X) (Config)#set mld ?

<cr>                     Press enter to execute the command.
groupmembership-interval Configure MLD Group Membership Interval in seconds.
interfacemode            Enable/Disable MLD Snooping.
maxresponse              Configure MLD Max Response time in seconds.
mcrtrexpiretime          Sets the Multicast Router Present Expiration time in
                         seconds on the system.
querier                  Configure MLD Snooping Querier parameters.

(GC728X) (Config)#set igmp ?

<cr>                     Press enter to execute the command.
groupmembership-interval Configure IGMP Group Membership Interval in seconds.
header-validation        Enables or disables header validation for all IGMP
                         messages.
interfacemode            Enable/Disable IGMP Snooping.
maxresponse              Configure IGMP Max Response time in seconds.
mcrtrexpiretime          Sets the Multicast Router Present Expiration time in
                         seconds on the system.
querier                  Configure IGMP Snooping Querier parameters.

So the proper way would be to have a function, which does exactly as described, other would only be compromises... This has lead to believe me, that on this switch this might not be possible at all, but we need Netgear-staff to confirm this!

 

Message 10 of 25
Highlighted
Apprentice

Re: IGMP snooping drops bonjour multicast packets

I've added a link to this post to the support case I've got raised with Netgear

Message 11 of 25
Highlighted
Aspirant

Re: IGMP snooping drops bonjour multicast packets

whoa, I am very interested in a solution from the team!

 

But let me have a guess how it turns out: As most of the switching functions are hardware-level, this cannot be not implemented and be added with a firmware update. Let's see...

Message 12 of 25
Highlighted
Apprentice

Re: IGMP snooping drops bonjour multicast packets

We'll wait and see... Still no update from 3rd line.  With it taking time, I'm hoping they're working on a solution.  I'd expect a quick response if it wasn't possible.

Message 13 of 25
Highlighted
Apprentice

Re: IGMP snooping drops bonjour multicast packets

Update from Netgear:-

 

Dear Mr Amour,

 

I have received feedback from engineering. They are working on a new firmware, which will resolve the reported problem. It should be released soon(however I have no ETA at this time)

 

Best regards.

Krzysztof Pietrzak

Netgear L3 Support

Model: GC728XP| Insight Managed 28-Port Gigabit Ethernet PoE+ Smart Cloud Switch
Message 14 of 25
Aspirant

Re: IGMP snooping drops bonjour multicast packets

That's good news to hear it's a accepted problem. Though reading the changelog of their firmware-releases a while ago, with regarding "enable or disable MLD/IGMP simultaneously" to have unregistered multicast working, this has never seem to have been tested thoroughly, as this was never working in fact at all on these switches... very poorly engineered.

 

I used the switch at home, so likewise the only one complained about this was my wife and me, but imagine a small firm where you had to explain your boss, that he couldn't use bonjour-printing, and you'd have to wait, for fixes to arrive for almost a year...  I would have thrown this device out the window right after the first unsuccessfull support call.

Message 15 of 25
Highlighted
Apprentice

Re: IGMP snooping drops bonjour multicast packets

Yeah, I'd see a MacOS network being a key market share for these Netgear insight managed switches, AP's and Routers.  I suspect Muticast issues were initially accepted, not realising the impact on Bonjour.  We'll see how things go.

 

I'm running a BR500 Router, GC510PP Switch, GC728XP Switch & 3 WAP510 AP's, so I've gone pretty much all in on Insight managed network.

Model: GC728XP| Insight Managed 28-Port Gigabit Ethernet PoE+ Smart Cloud Switch
Message 16 of 25
Highlighted
Apprentice

Re: IGMP snooping drops bonjour multicast packets

Netgear support have confirmed the firmware will be released to fix all GC switches
Message 17 of 25
Highlighted
Apprentice

Re: IGMP snooping drops bonjour multicast packets

Engineering have confirmed the fix will be released within a week.

Model: GC728XP| Insight Managed 28-Port Gigabit Ethernet PoE+ Smart Cloud Switch
Message 18 of 25
Highlighted
Apprentice

Re: IGMP snooping drops bonjour multicast packets

Patches are out for mDNS (Bonjour) packets being dropped


@nico24 wrote:

That's good news to hear it's a accepted problem. Though reading the changelog of their firmware-releases a while ago, with regarding "enable or disable MLD/IGMP simultaneously" to have unregistered multicast working, this has never seem to have been tested thoroughly, as this was never working in fact at all on these switches... very poorly engineered.

 

I used the switch at home, so likewise the only one complained about this was my wife and me, but imagine a small firm where you had to explain your boss, that he couldn't use bonjour-printing, and you'd have to wait, for fixes to arrive for almost a year...  I would have thrown this device out the window right after the first unsuccessfull support call.


 

https://kb.netgear.com/000060534/GC728X-GC728XP-GC752X-GC752XP-Firmware-Version-1-0-4-16

https://kb.netgear.com/000060533/GC110-GC110P-GC510P-GC510PP-Firmware-Version-1-0-4-16

Message 19 of 25
Highlighted
Apprentice

Re: IGMP snooping drops bonjour multicast packets

Unfortunately this still isn't working.  Previously it was completely dropping _device-info._tcp, now it's just dropping the definition under it.  So Time Machine is unable to resolve the Time Machine Server.  I've updated the Netgear support ticket with this detail.  We'll see what they come back with.

Model: GC510PP| 8-Port Gigabit Ethernet PoE+ High-Power App Managed Smart Cloud Switch w/2 SFP Fiber Ports, GC728XP| Insight Managed 28-Port Gigabit Ethernet PoE+ Smart Cloud Switch
Message 20 of 25
Highlighted
Aspirant

Re: IGMP snooping drops bonjour multicast packets

*facepalm* ... when you think after all this time, a fix is round the corner, just then comes another failed one...

 

My switch is decomissioned now, config wiped, packed in the box, and put on ebay...

 

My new Dell one has two more SFP+ ports, is fully passive design, and runs much cooler, and guess what, IGMP-snooping runs perfectly together with bonjour. Thanks for your contribution though!

Message 21 of 25
Highlighted
Aspirant

Re: IGMP snooping drops bonjour multicast packets

Is there any update to this issue?  Is there going to be a fix?

Message 22 of 25
Highlighted
Guru

Re: IGMP snooping drops bonjour multicast packets

There is - well, to be correct ... there was - a v1.0.5.10 build which does for us (at least on one VLAN) perform again as expected Bonjour and SSDP showed up fine again, until it was revoked due to a Web UI issue - requiring to drop the browser cache -> https://community.netgear.com/t5/Insight-Managed-Smart-Cloud/Insight-Switches-Firmware-1-0-5-10-Revo... 

 

So dear @bradleyv .. in my opinion this is a high price leaving your customers wait again for this fixed version more than half a year after the discovery - just because some are unable to read the release notes. 

 

 

Message 23 of 25
Highlighted
NETGEAR Moderator

Re: IGMP snooping drops bonjour multicast packets

@coltslaughter / @RobAmour / @nico24

 

Just want to inform you that Firmware Version 1.0.5.12 has been released for the following switches: GC110 / GC110P / GC510P / GC510PP / GC728X / GC728XP / GC752X / GC752XP.  

 

You may download it as well as read the bug fixes and the new features & enhancements included on the new firmware on the links below: 

 

GC110 / GC110P / GC510P / GC510PP Firmware Version 1.0.5.12

 

GC728X / GC728XP / GC752X / GC752XP Firmware Version 1.0.5.12

 

Kindly post here the result if it fixes the issue that is described in this forum thread.

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 24 of 25
Highlighted
NETGEAR Moderator

Re: IGMP snooping drops bonjour multicast packets

@RobAmour,

 

I got an update from the NETGEAR Support Team that your support ticket has been set to close status since the GC728XP Firmware v1.0.5.12 fixed the issue. Smiley Happy 

 

Since your concern has been resolved, I encourage you to mark the appropriate reply on this forum thread as the “Accepted Solution” so others can be confident in benefiting from the solution. The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!

 


Regards,

 

DaneA

NETGEAR Community Team

Message 25 of 25