Author Topic: Multicast traffic (Read 1698 times)

dcol · « **on:** March 30, 2018, 12:31:13 am »

What is generally the best practice for IGMP Multicast traffic. Allow or block on the internal networks?
I do see occasional hits from a WiFi router, which are now blocked with a default deny rule.

dcol · « **Reply #1 on:** March 31, 2018, 08:17:34 pm »

Bump, anyone.....

elektroinside · « **Reply #2 on:** March 31, 2018, 09:54:50 pm »

Allow on the local net

It's actually a tool to improve network traffic in some cases.

dcol · « **Reply #3 on:** March 31, 2018, 09:57:53 pm »

That's what I thought. I will create a floating rule including all my internal interfaces, but not to WAN, to allow IGMP.
Thanks

elektroinside · « **Reply #4 on:** March 31, 2018, 10:15:52 pm »

You're welcome. Go ahead, although, just as a side note, in very secured setups, all (except the very minimum) TCP/IP processed stuff are disabled, including IGMP. And also worth mentioning that older OSs are vulnerable (regarding IGMP) but patches are available

mimugmail · « **Reply #5 on:** April 01, 2018, 06:53:53 am »

It only works in the local LAN if you don't use multicast routing (which is currently unsupported), so you can either create a rule for allowing or a rule for dropping with logging disabled.

Author Topic: Multicast traffic (Read 1698 times)

dcol

Multicast traffic

dcol

Re: Multicast traffic

elektroinside

Re: Multicast traffic

dcol

Re: Multicast traffic

elektroinside

Re: Multicast traffic

mimugmail

Re: Multicast traffic