ip

bridge

Configures this Bridge VLAN‘s IP components

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000

Syntax

ip [arp|dhcp|igmp]
ip [arp|dhcp] trust
ip igmp snooping {fast-leave|forward-unknown-multicast|last-member-query-count| mrouter|querier}
ip igmp snooping {fast-leave|forward-unknown-multicast|last-member-query-count <1-7>}
ip igmp snooping {mrouter [interface|learn]}
ip igmp snooping {mrouter [interface <INTERFACE-LIST>|learn pim-dvmrp]}
ip igmp snooping {querier} {address|max-response-time|timer|version}
ip igmp snooping {querier} {address <IP>|max-response-time <1-25>|timer expiry <60-300>|version <1-3>}

Parameters

ip [arp|dhcp] trust
ip Configures the VLAN bridge IP parameters
arp trust Configures the ARP trust parameter. Trusted ARP packets are used to update the DHCP snoop table to prevent IP spoof and arp-cache poisoning attacks. This option is disabled by default.
  • trust – Trusts ARP responses on the VLAN bridge
dhcp trust Configures the DHCP trust parameter. Uses DHCP packets, from a DHCP server, as trusted and permissible within the access point, wireless controller, or service platform managed network. DHCP packets are used to update the DHCP snoop table to prevent IP spoof attacks. This feature is enabled by default.
  • trust – Trusts DHCP responses on the VLAN bridge
ip igmp snooping {fast-leave|forward-unknown-multicast|last-member-query-count <1-7>}
ip Configures the VLAN bridge IP parameters
igmp snooping Configures Internet Group Management Protocol (IGMP) snooping parameters. IGMP snooping is enabled by default.

IGMP establishes and maintains multicast group memberships for interested members. Multicasting allows a networked device to listen to IGMP network traffic and forward IGMP multicast packets to radios on which the interested hosts are connected. The device also maintains a map of the links that require multicast streams, there by reducing unnecessary flooding of the network with multicast traffic.

fast-leave Optional. Enables fast leave processing. When enabled, layer 2 LAN interfaces are removed from the IGMP snooping forwarding table entry without initially sending IGMP group-specific queries to the interface. When receiving a group specific IGMPv2 leave message, IGMP snooping removes the interface from the Layer 2 forwarding table entry for that multicast group, unless a multicast router was learned on the port. Fast-leave processing enhances bandwidth management for all hosts on the network. This option is disabled by default.

This feature is supported only on the AP7502, AP8533 model access points.

forward-unknown-multicast Optional. Enables forwarding of multicast packets from unregistered multicast groups. If disabled, the unknown multicast forward feature is also disabled for individual VLANs. This option is enabled by default.
last-member-query-count <1-7> Optional. Configures the last member query count used in determining the number of group-specific queries sent before removing the snoop entry
  • <1-7> – Specify the count from 1 - 7. The default value is 2.
ip igmp snooping {mrouter [interface <INTERFACE-LIST>|learn pim-dvmrp]}
ip Configures the VLAN bridge IP parameters
igmp snooping Configures the IGMP snooping parameters
mrouter Optional. Configures the multicast router parameters
interface <INTERFACE-LIST> Configures the multicast router interfaces. This option is disabled by default.
  • <INTERFACE-LIST> – Specify a comma-separated list of interface names.
learn pim-dvmrp Configures the multicast router learning protocols. This option is disabled by default.
  • pim-dvmrp – Enables Protocol-Independent Multicast (PIM) and Distance-Vector Multicast Routing Protocol (DVMRP) snooping of packets
ip igmp snooping {querier} {address <IP>|max-response-time <1-25>| timer expiry <60-300>|version <1-3>}
ip Configures the VLAN bridge IP parameters
igmp snooping Configures the IGMP snooping parameters
querier Optional. Configures the IGMP querier parameters. This option is disabled by default.

Enables IGMP querier. IGMP snoop querier keeps host memberships alive. It is primarily used in a network where there is a multicast streaming server and hosts subscribed to the server and no IGMP querier present. The access point, wireless controller, or service platform performs the IGMP querier role. An IGMP querier sends out periodic IGMP query packets. Interested hosts reply with an IGMP report packet. IGMP snooping is only conducted on wireless radios. IGMP multicast packets are flooded on wired ports. IGMP multicast packet are not flooded on the wired port. IGMP membership is also learnt on it and only if present, then it is forwarded on that port.

address <IP> Optional. Configures the IGMP querier source IP address. This address is used as the default VLAN querier IP address.
  • <IP> – Specify the IGMP querier source IP address.
max-response-time <1-25> Optional. Configures the IGMP querier maximum response time. This option is disabled by default.
  • <1-25> – Specify the maximum response time from 1 - 25 seconds.

The access point, wireless controller, or service platform forwards multicast packets only to radios present in the snooping table. IGMP reports from wired ports are forwarded to the multicast router ports.

If no reports are received from a radio, it is removed from the snooping table. The radio then stops receiving multicast packets.

timer expiry <60-300> Optional. Configures the IGMP querier expiry time. The value specified is used as the timeout interval for other querier resources. This option is disabled by default.
  • expiry – Configures the IGMP querier timeout
    • <60-300> – Specify the IGMP querier timeout from 60 - 300 seconds.
version <1-3> Optional. Configures the IGMP version. This option is disabled by default.
  • <1-3> – Specify the IGMP version. The versions are 1- 3.

Example

nx9500-6C8809(config-profile-default-rfs4000-bridge-vlan-1)#ip arp trust

nx9500-6C8809(config-profile-default-rfs4000-bridge-vlan-1)#ip dhcp trust

nx9500-6C8809(config-profile-default-rfs4000-bridge-vlan-1)#ip igmp snooping mrouter interface ge1 ge2

nx9500-6C8809(config-profile-default-rfs4000-bridge-vlan-1)#ip igmp snooping mrouter learn pim-dvmrp

nx9500-6C8809(config-profile-default-rfs4000-bridge-vlan-1)#ip igmp snooping querier max-response-time 24

nx9500-6C8809(config-profile-default-rfs4000-bridge-vlan-1)#ip igmp snooping querier timer expiry 100

nx9500-6C8809(config-profile-default-rfs4000-bridge-vlan-1)#ip igmp snooping querier version 2

nx9500-6C8809(config-profile-default-rfs4000-bridge-vlan-1)#show context
bridge vlan 1
  description “This is a description for the bridged VLAN”
  ip arp trust
  ip dhcp trust
  ip igmp snooping
  ip igmp snooping querier
  ip igmp snooping querier version 2
  ip igmp snooping querier max-response-time 24
  ip igmp snooping querier timer expiry 100
  ip igmp snooping mrouter interface ge2 ge1
nx9500-6C8809(config-profile-default-rfs4000-bridge-vlan-1)#

Related Commands

no Disables or reverts the VLAN Ethernet bridge parameters