Internet Group Management Protocol

From Wikipedia, the free encyclopedia
Jump to: navigation, search

The Internet Group Management Protocol (IGMP) is a communications protocol used by hosts and adjacent routers on IP networks to establish multicast group memberships. IGMP is an integral part of IP multicast.

IGMP can be used for one-to-many networking applications such as online streaming video and gaming, and allows more efficient use of resources when supporting these types of applications.

IGMP is used on IPv4 networks. Multicast management on IPv6 networks is handled by Multicast Listener Discovery (MLD) which uses ICMPv6 messaging in contrast to IGMP's bare IP encapsulation.

Contents

[edit] Architecture

A network designed to deliver a multicast service using IGMP might use this basic architecture:

IGMP architecture example

IGMP operates between the client computer and a local multicast router. Switches featuring IGMP snooping derive useful information by observing these IGMP transactions. Protocol Independent Multicast (PIM) is then used between the local and remote multicast routers, to direct multicast traffic from the multicast server to many multicast clients.

IGMP operates above the network layer, though it does not actually act as a transport protocol.[1][not in citation given]

[edit] Standards

There are three versions of IGMP, as defined by Request for Comments (RFC) documents of the Internet Engineering Task Force (IETF). IGMPv1 is defined by RFC 1112, IGMPv2 is defined by RFC 2236 and IGMPv3 was initially defined by RFC 3376 and has been updated by RFC 4604 which defines both IGMPv3 and MLDv2. IGMPv2 improves over IGMPv1 by adding the ability for a host to signal desire to leave a multicast group. IGMPv3 improves over IGMPv2 mainly by adding the ability to listen to multicast originating from a set of source IP addresses only.[2]

[edit] Host and router implementations

The IGMP protocol is implemented on a particular host and within a router. A host requests membership to a group through its local router while a router listens for these requests and periodically sends out subscription queries.

The FreeBSD,[note 1] Linux[note 2] and Windows operating systems support IGMP at the host side.

[edit] Security

IGMP is vulnerable to some attacks,[3][4][5][6] and firewalls commonly allow the user to disable it if not needed.

[edit] Packet structure

IGMP messages are carried in bare IP packets with IP protocol number 2.[7] There is no transport layer used with IGMP messaging, similar to Internet Control Message Protocol for example.

[edit] IGMPv3 membership query

Membership Queries are sent by multicast routers to determine which multicast addresses are of interest to systems attached to its network. Routers periodically send General Queries to refresh the group membership state for all systems on its network. Group-Specific Queries are used for determining the reception state for a particular multicast address. Group-and-Source-Specific Queries allow the router to determine if any systems desire reception of messages sent to a multicast group from a source address specified in a list of unicast addresses.

IGMPv3 membership query[8]
bit offset 0–3 4 5–7 8–15 16–31
0 Type = 0x11 Max Resp Code Checksum
32 Group Address
64 Resv S QRV QQIC Number of Sources (N)
96 Source Address [1]
128 Source Address [2]
. . .
Source Address [N]

Where:

Max Resp Code 
This field specifies the maximum time (in 1/10 second) allowed before sending a responding report. If the number is below 128, the value is used directly. If the value is 128 or more, it is interpreted as an exponent and mantissa.
Checksum 
This is the 16-bit one's complement of the one's complement sum of the entire IGMP message.
Group Address 
This is the multicast address being queried when sending a Group-Specific or Group-and-Source-Specific Query. The field is zeroed when sending a General Query.
Resv 
This field is reserved. It should be zeroed when sent and ignored when received.
S (Suppress Router-side Processing) Flag 
When this flag is set, it indicates to receiving routers that they are to suppress the normal timer updates.
QRV (Querier's Robustness Variable) 
If this is non-zero, it contains the Robustness Variable value used by the sender of the Query. Routers should update their Robustness Variable to match the most recently received Query unless the value is zero.
QQIC (Querier's Query Interval Code) 
This code is used for specify the Query Interval value (in seconds) used by the querier. If the number is below 128, the value is used directly. If the value is 128 or more, it is interpreted as an exponent and mantissa.
Number of Sources (N) 
This field specifies the number of source addresses present in the Query. For General and Group-Specific Queries, this value is zero. For Group-and-Source-Specific Queries, this value is non-zero, but limited by the network's MTU.
Source Address [i] 
The Source Address [i] fields are a vector of n IP unicast addresses, where n is the value in the Number of Sources (N) field.

[edit] IGMPv2 messages

IGMPv2 packet structure[9]
+ Bits 0–7 8–15 16–31
0 Type Max Resp Time Checksum
32 Group Address

Where:

Type 
Indicates the message type as follows: Membership Query (0x11), Membership Report (IGMPv1: 0x12, IGMPv2: 0x16), Leave Group (0x17) IGMPv3 adds type Membership Report (0x22)
Max Resp Time 
Specifies the time limit for the corresponding report. The field has a resolution of 100 miliseconds, the value is taken directly. This field is meaningful only in Membership Query (0x11); in other messages it is set to 0 and ignored by the receiver.
Group Address 
This is the multicast address being queried when sending a Group-Specific or Group-and-Source-Specific Query. The field is zeroed when sending a General Query.

[edit] Notes

  1. ^ IGMPv3 was added to FreeBSD in version 8.0.
  2. ^ IGMPv3 was added in the Linux 2.5 kernel series.

[edit] See also

[edit] References

  1. ^ "IGMP, Internet Group Management Protocol". Network Sorcery. Retrieved 2010-11-18. 
  2. ^ "Internet Group Management Protocol Overview". Javvin. Retrieved 2010-11-18. 
  3. ^ Spoofed IGMP report denial of service vulnerability.
  4. ^ Fragmented IGMP packet may promote "Denial of Service" attack.
  5. ^ IGMP Security Problem Statement and Requirements.
  6. ^ Microsoft Security Bulletin MS06-007: Vulnerability in TCP/IP Could Allow Denial of Service (913446).
  7. ^ RFC 3376 Section 4
  8. ^ RFC 3376 Section 4.1
  9. ^ RFC 2236 Section 2

[edit] External links