MikroTik

Hello all... as the title says, I've been struggling for the last few days setting up MikroTik HEX RB750g3 with latest RouterOS (6.42.1) and multicast with IGMP snooping enabled. The idea is to have IGMP snooping enabled, so the multicast traffic won't flood all ports, but only the ones where clients join specific multicast group. Enabling "IGMP Snooping" on LAN bridge interface, and disabling "unknown multicast flood" on all ports that are assigned to bridge LAN interface works as expected (multicast doesn't flood all ports). So far so good.

Now, the issue is, if you disable "unknown multicast flood", you by all means also disable mdns/bonjour/zeroconf announcements. For instance, NewTek NDI uses mdns for multicast device discovery (group 224.0.0.251, UDP port 5353). When "unknown multicast flood" is enabled, the device discovery of course works ok, but in this case, all ports are flooded with multicast traffic. If you disable "unknown multicast flood", the ports are not flooded anymore, but also the mdns NDI device discovery doesn't work anymore (because there are no "join" requests prior to getting the mdns list of peers...). So, you get all the multicast flood, or you don't get mdns/bonjour/zeroconf...

I tried actually everything, using different multicast filters, tried with IGMP proxy, also with PIM, but the last two seem to work only between different interfaces and not on a single bridge interface. Simply, I'm completely lost here.

Is there a solution for this, or it's simply a bug in RouterOS that needs to be fixed somehow?

Thanks in advance for any kind of useful input!

I think I can answer this, although not as any kind of expert.

I've just spent a few hours getting IGMP snooping setup on my rather large home network, which consists of a core switch, five edge switches, four WAPs, and a few 60GHz bridges. I designated an IGMP querier, and configured uplink ports for IGMP routing. Things seem to be working perfectly -- the MDB table in every device is identical.

My goal was to try to resolve a very intermittent issue with Apple devices sometimes not seeing each other (e.g. Remote app on iPhone not seeing all Apple TVs, iPad sometimes not seeing Bonjour-enabled printers, some HomeKit light switches not turning on or off with the rest of the group, etc.). I know the purpose of IGMP snooping is to reduce unecessary traffic, and so that won't fix my problem exactly, but i figured I'd try this first and see what's different.

After doing all that, I'm still doing some reading, and then I stumbled across this post...

I think the answer is that Apple's Bonjour service is basically mDNS/zeroconf, which doesn't implement the join/leave concept.

Also, there's RFC 4541 2.1.2, which says:

Packets with a destination IP (DIP) address in the 224.0.0.X range which are not IGMP must be forwarded on all ports.

This tells me that IGMP snooping would therefore ignore Bonjour/mDNS/zeroconf (and other link-local groups). And this would explain why you never see 224.0.0.251 listed in the MDB table.

The RFC also says:

Switches that do not forward unregistered packets to all ports must include a configuration option to force the flooding of unregistered packets on specified ports.

This explains why MikroTik included the "unknown multicast flood" option on bridge ports.

So, essentially, IGMP snooping would cause Bonjour/mDNS/zeroconf packets to be ignored (read: dropped), and this unknown multicast flood option is a way to ensure those packets don't get dropped. And this all explains why everything the OP and I did with IGMP snooping made no difference -- it's not a bug in RouterOS, it's just the way it works.