1

I'm new to firewall configuration and I've been reading some theory and studying example configurations. One thing that I noticed is that many of those examples allow IGMP packets.

The Wikipedia article is a bit vague on that:

IGMP is vulnerable to some attacks,[2][3][4][5] and firewalls commonly allow the user to disable it if not needed.

Should I allow IGMP traffic if I don't have any deployed software that explicitly insists on it being allowed? As far as I understand, blocking ICMP is a terrible idea and it harms network performance, but what about IGMP? Do home routers rely on it for stable day-to-day operations? What about virtual private servers in data centers?

Igor Bubelov
  • 111
  • 3
  • IGMP is non-routable (as anything in 224.0.0.0/24). So it's a LAN issue, not an Internet issue. In a LAN it's useful when you don't want multicast to have the (bandwidth resource consumption) effect of broadcast, and this usually requires support from (smart) switches with IGMP snooping. – A.B Jul 09 '21 at 11:40
  • Really it's all there: https://en.wikipedia.org/wiki/Internet_Group_Management_Protocol#/media/File:IGMP_basic_architecture.png – A.B Jul 09 '21 at 11:48
  • In one of your links: "When a computer running Windows 95 or Windows 98 receives a fragmented Internet Group Management Protocol (IGMP) packet," [...]. An other of the links: "Affected Software: • Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2". Last readable link: IRIX and most Linux systems from before 2006. So I'd say the answer is [mu](https://csarven.ca/mu) – A.B Jul 09 '21 at 11:57

0 Answers0