[c-nsp] IGMP explicit-tracking table overflow

[Peter Rathlev]

We're recently started seeing messages like these on one of our
L3-aggregation switches, a Sup720 running SXI3:

 %MCAST-SP-6-ETRACK_STATS_LIMIT_EXCEEDED: Number of entries in
    IGMP snooping explicit-tracking statistics has exceeded the
    permanent threshold (25600)

Looking at "show ip igmp snooping explicit-tracking" shows that almost
all (>90%) of the tracking entries are for 239.255.255.250 (SSDP,
probably for UPnP). Example:

VLAN 210

Source/Group             Interface     Reporter      Filter_mode
----------------------------------------------------------------
[...]
0.0.0.0/239.255.255.250  Vl210:Gi3/35  192.0.2.51  EXCLUDE    
0.0.0.0/239.255.255.250  Vl210:Gi3/35  192.0.2.52  EXCLUDE    
[...]

There are entries both for VLANs with and without a SVI. On the L3
interfaces the group is denied via "ip multicast-boundary":

! Abrigded configuration
access-list 70 deny 239.255.255.0 0.0.0.255
access-list 70 permit any
!
interface Vlan210
 ip address 192.0.2.2 255.255.255.0
 ip pim dr-priority 50
 ip pim sparse-dense-mode
 ip multicast boundary 70
 standby 26 ip 192.0.2.1
!

I can't seem to find a command to globally disable explicit-tracking.
Trying to configure "no ip igmp explicit-tracking" (which is a L3
interface command only) introduces no changes to the interface
configuration. Trying "ip igmp explicit-tracking" gives an error:

Switch(config-if)#ip igmp explicit-tracking 
Cannot enable explicit tracking, IGMPv3 not configured
Switch(config-if)#

We of course don't see the entries in the mroute table, but why does the
switch collect statistics for something that's not allowed? I know it's
just a warning, but it bothers me that the switch uses ressources (at
least CPU) for something enough to give a warning and there's little I
can do.

I guess we could disallow the relevant groups closer to the access ports
(i.e. on the access switches), but that's so much more configuration to
maintain.

What do other people do? :-)

-- 
Peter