Multicast is a technique frequently used for the delivery of streaming media, such as video, to a group of destinations simultaneously. Instead of sending a copy of the stream to each client, clients share one copy of the information, reducing the load on the network. Multicast is an advanced feature and can cause subtle changes in your network. By default, multicast is disabled and should be enabled only for specific circumstances. Possible multicast applications include:
- Broadcast via cable or satellite to IPTV (for example, Vbrick or Video Furnace)
- Any broadcast application (for example, CEO address to company)
- Distance learning (live lectures)
- Video surveillance
- Video conferencing
For multicast to work, you need to complete these four tasks:
- Enable Virtual Port on AP400s – see “Configuring Virtual Port Support for AP400 with the CLI” on page 151 and “Configuring Probe Response Threshold” on page 153 for directions.
- Enable IGMP snooping on the controller – see “Configuring IGMP Snooping on Controllers and APs” on page 163
- Enable IGMP snooping on the network infrastructure including intermediary switches. You must do this because Forti WLC do not source multicast group membership queries. We rely (as do most controllers) on the switches to perform that task.
- Map a Virtual Cell enabled ESS with the default VLAN – see “Assigning a VLAN with the CLI” on page 156.
Configuring IGMP Snooping on Controllers and APs
Multicasting is implemented using IGMP snooping. In FortiWLC (SD) release 3.6, IGMP snooping was only done at the controller; the controller knew which clients were subscribed to specific multicast streams and sent the data for the subscribed multicast stream only to the APs with clients currently being serviced. Since the AP didn’t know which clients subscribed to the specific stream, it would send multicast streams to all clients currently being serviced by the AP. (With Virtual Port, there would be N copies, one for each client). This wasted airtime and created unnecessary traffic and contention.
In release 4.0 and later, IGMP snooping is done not only by the controller but also done by AP400s (excluding AP1000) when using Virtual Cell. The controller passes the client subscription list for multicast streams to AP400, which limits the multicast streams to only subscribed clients, reducing wireless traffic and saving time. (There are no changes in sending multicasts for stations connected to non-Virtual Cell ESS profiles.)
Commands to Configure IGMP Snooping
The following command is used to enable/disable IGMP snooping on the controller and APs: igmp-snoop state [enable, disable]
Command to show igmp-snoop status: show igmp-snoop
Command to see which multicast groups are currently active: show igmp‐snoop forwarding‐table
Command to see which stations have joined multicast groups: show igmp‐snoop subscription‐table
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!
Don't Forget To visit the YouTube Channel for the latest Fortinet Training Videos and Question / Answer sessions!
- FortinetGuru YouTube Channel
- FortiSwitch Training Videos