Skip to content
Any configuration changes made locally on the switch won't be synchronized with Sophos Central. We recommend making changes from the Sophos Central control panel instead.

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/nsg/switch/help/en-us/index.html?contextId=user-guide-features-configure-l3P

L3 Protocols

Sophos Switch supports Layer 3 network protocols, including IGMP snooping, MLD snooping, DHCP snooping, and DHCP relay. You can also configure static routes for both IPv4 and IPv6. All Sophos Switch models are Layer 2 switches and don't support dynamic routing protocols such as RIP, OSPF, and BGP.

IGMP snooping

Internet Group Management Protocol (IGMP) snooping allows Sophos Switch to identify multicast groups and intelligently forward multicast traffic. Multicast groups are endpoint devices that simultaneously receive the same data stream, typically multimedia.

There are three different versions of IGMP, all of which are backward-compatible with previous versions.

  • IGMPv1: Join messages are sent to the switch, and a timeout determines when hosts leave a group.
  • IGMPv2: Uses join and leave messages, allowing the switch to determine when a group has no interested listeners on a connected LAN.
  • IGMPv3: Supports source filtering, allowing endpoints to request multicast traffic from specific sources.

Global settings

Use the Global settings tab to turn IGMP snooping on or off.

You can configure the following IGMP snooping settings:

  • Status: Select Turned on or Turned off to turn IGMP snooping on or off. The default setting is Turned off.
  • Report Suppression: Enter the report suppression value. The report suppression feature limits the number of membership reports a member sends to multicast-capable routers. The default value is 5. The range is from 1 to 25.

Click Apply to save your changes.

VLAN settings

On the VLAN settings tab, you can configure IGMP snooping settings for VLANs on the switch. The switch performs IGMP snooping on VLANs that send IGMP packets. You can specify the VLANs on which the switch performs IGMP snooping.

You can see the following information for each VLAN on the switch:

  • VLAN ID: The VLAN to which the settings apply.
  • IGMP snooping status: Shows whether IGMP snooping is turned on or off for the VLAN.
  • Version: The IGMP version for the VLAN.

  • Fast leave: Shows whether Fast leave is turned on or off for the VLAN.

    • On: The switch immediately stops forwarding multicast traffic when it receives a leave message. So, only turn on Fast leave for a port connected to a single IGMP-enabled device.
    • Off: The switch sends a group-specific query when it receives a leave message. It only stops forwarding traffic for that group if no endpoint replies to the query within the specified timeout period.

Click Edit next to the VLAN to change its settings.

Click Apply to save your changes.

Querier settings

An IGMP querier is a single switch that periodically queries all endpoint devices on the network to confirm their multicast membership.

The Querier settings tab shows the following information about IGMP queriers for each VLAN on the switch:

  • VLAN ID: The VLAN to which the settings apply.

  • Querier status: Shows whether the switch is an IGMP querier for the specified VLAN.

    • On: The switch is an IGMP querier.
    • Off: The switch isn't an IGMP querier.

  • Querier version: The IGMP version for the VLAN.

  • Querier type: Shows whether the switch is a Querier or a Non-Querier for the VLAN.
  • Querier IP address: The IP address of the IGMP querier device for the VLAN.
  • Interval: The seconds between general queries. The default is 125.

You can select additional information to show on the Querier settings tab. Click the ellipsis Ellipsis. and select the options you want to show. You can select from the following options:

  • Maximum response interval: The maximum response time used in the queries that the snooping querier sends. The default is 12.
  • Startup query counter: Shows the number of "General Membership Query" messages sent by the router when it first becomes an IGMP querier. The default is 2.
  • Startup query interval: Shows the number of seconds between "General Membership Query" message transmissions. The default is 15.
  • Actions: Shows the Edit buttons for the VLANs.

Click Edit next to the VLAN to change its settings.

Click Apply to save your changes.

Group list

The Group list shows information about IGMP groups on the switch. You can see the following information:

  • VLAN ID: The VLAN to which the group information applies.
  • Group address: The IP address of the group.
  • Member ports: The ports on the switch participating in the group.

Router settings

The Router settings tab shows active VLANs and ports with multicast routers attached. The switch forwards all IGMP packets it snoops to the multicast router on the designated ports.

  • VLAN ID: The VLAN to which the settings apply.
  • Dynamic port list: Shows ports connected to multicast-enabled routers that the switch has automatically configured. You can't configure these manually.
  • Static port list: Shows ports connected to multicast-enabled routers that you've manually configured.
  • Forbidden port list: Shows ports disconnected from multicast-enabled routers. The switch doesn't send routing packets out of these ports.

Click Edit next to the VLAN to change its settings.