2 Replies Latest reply on Feb 17, 2020 7:20 AM by daniel.blackmon

    Blocking multicast traffic

    briangonyer Visitor

      How effectively can multicast traffic be blocked on a SSID that does not need other devices to communicate with each other?  Anyone offer any insights, I have included some rules I want to experiment with but wanted to hear feedback from others that may have some knowledge in this area, Or can offer something better in the way of rules. I am wanting to block IPv4 and IPv4 multicast traffic.

       

      Name  Type    Address  Netmask  Inverted *

      All Multicast              Network    224.0.0.0    224.0.0.0    No

      Multicast LLMNR      Network    224.0.0.252    255.255.255.255    No

      Multicast MDNS       Network    224.0.0.251    255.255.255.255    No

      Multicast SSDP        Network    239.255.255.250    255.255.255.255    No

        • Re: Blocking multicast traffic
          briangonyer Visitor

          Anyone? Or is this better to block at the core switch/router?

          • Re: Blocking multicast traffic
            daniel.blackmon Employee

            We have setup rules like this for instances where printers and the like spam multicast. It's pretty effective obviously depending on what you want to accomplish. I would say AP to wireless medium, it can definitely help channel utilization.

             

            However, I would recommend IGMP snooping where possible in the LAN to prevent the AP from ever getting multicast if there are no members present. And then you could try the multicast rate optimization on the SSID to improve performance if clients actually need multicast.