  Why does EXOS filter IGMP ingressing via VXLAN?

    Posted 11-30-2018 09:48

    I have noticed a problem regarding IP multicast, IGMP and VXLAN on EXOS: IGMP packets are not forwarded when they enter the switch via VXLAN VTEP. All other tested multicast packets (VRRP, OSPF, custom UDP traffic for both the local network control block ( and other address ranges) are forwarded without problems.

    The MAC address of the IGMP sender (e.g. the querier or an end-system requesting a multicast group) is shown in the FDB as learned via VTEP on the decapsulating switch, but decapsulated IGMP packet (that should be just an Ethernet frame to the switch acting as VXLAN endpoint) is dropped instead of flooded in the VLAN. Of course IGMP snooping is disabled for all VLANs extended via VXLAN.

    A probably related problem is documented for S-Series switches: S-Series L2 IGMP multicast not working over vxlan, without a real explanation or references to other switch series, e.g. EXOS based switches.

    For normal switch ports, the command configure ipmcforwarding to-cpu off ports PORTS can be used to always flood multicasts received from a port without CPU processing. In my opinion, that should be the default for L2 VXLAN gateways, but does not seem to be the case on EXOS currently.

    Current EXOS behavior (reproduced with EXOS 22.4 and 22.6 on X690 and X870) breaks the use of IGMP snooping for VLANs extended over an IP core via VXLAN. The end-systems are not directly connected to the VXLAN enabled switches.