Which VLANs need IGMP snooping?

My approximate understanding is that switches and similar L2 devices employ IGMP snooping to prevent multicast "streams" from propagating out of ports that have no multicast clients downstream of them.

Questions:

  1. It would seem that IGMP snooping is only required on VLANs where multicast streaming is occurring?
  2. If so, what's the impact of leaving it enabled on VLANs where no multicast is occurring?

Some context (don't think this has much bearing on the questions):

  • I've recently implemented VLAN segregation in my network, with a dedicated VLAN for IPTV, which relies on multicast and IGMP.
  • I use OPNsense as a router and the os-igmp-proxy plugin to provide proxying between the IPTV VLAN and the WAN.
  • Switches are configured with IGMP snooping on all VLANs but - whilst everything works hunky-dory at present - I think it's only required on the IPTV VLAN.

Related: Should IGMP Snooping be configured on all Layer 2 switches on LAN?


Solution 1:

Answer:

  1. Yes, it's useful to limit the broadcast effects of multicast
  2. None, provided there really is no multicast

Wrt. 2, there may be other limitations depending on the actual L2 device or operating system used. E.g., some switches may block all unknown multicast traffic by default, when IGMP snooping is enabled, this may also affect MAC multicast (non-IP), which is prevalent in industrial networks, but may of course exist outside that domain as well.

So, as a recommendation I'd leave it enabled (usually the default) for all VLANs. Similar to how I'd also recommend leaving RSTP/STP enabled on a bridge, it's a safety you want to prevent loops, or as in the case of multicast, unwanted multicast is like broadcast and may slow down your overall network performance.