Multicast from DMZ to DMZ, HQ site to DR site

Unanswered Question
Jul 12th, 2007

If I wanted to configure two servers in DMZ's in two seperate locations to allow multicasting end to end, is this possible?

Can I enable multicasting on a single switchport port to another port end to end?

Do all routers inbetween the two servers need to allow multicasting?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
wilson_1234_2 Thu, 07/12/2007 - 16:49

Thanks sundar for your reply.

I guess I have some more basic questions:

What all is needed on the intermediate devices?

If I wanted to allow multicasting on a 6509 switch between say 10 ports for ghosting of computers,

What all is needed on the sswitchports to do this?

Is it enabled by default?

Jon Marshall Thu, 07/12/2007 - 18:10


I don't believe any of the intermediate devices need to participate in multicast because it is a GRE tunnel from one end to the other. I suspect that is what Sundar meant to say, just a typo.

If you want to allow multicasting on a 6500. There are a couple of things here. If all the computers are within the same vlan then you need to

1) turn on IGMP snooping

2) make the 6500 an "igmp querier". You need top do this because IGMP snooping listens for answers to queries but something has to make the query. Usually it is a router but some Catalyst switches can perform this function.

Alternatively you could just turn on pim under the relevant vlan interface on the 6500. "ip pim dense-mode". You still need IGMP snooping and you need to turn on "ip multicast-routing"

If the computers are on different vlans then do as above with pim on the vlan interface and ip multicast-routing turned on.



wilson_1234_2 Thu, 07/12/2007 - 18:21

Thanks jon,

If I were not using the gre tunnel and just wanted to do the multicasting from end to end, does everything have to be able to do the mutlicast routing as:

1. Turn on IGMP snooping

2. ip multicast-routing

Also, if I were wanting to do the multicasting in a VLAN but not all interfaces in the vlan, can I just configure individual interfaces?

Jon Marshall Thu, 07/12/2007 - 18:36


1) You only need IGMP snooping on switches and i guess most of the end to end network would be made up of routers. So if the entire end to end network is under your control yes you would need to enable multicast routing on all the intermediate routers. You would very probably look to use pim sparse-mode rather than pim dense-mode.

To be honest if you just want multicast between the 2 DMZ's Sundar's example is probably the way to go.

If you were doing the multicast on a vlan but not all interfaces: - that is what IGMP snooping is for. You can configure IGMP snooping globally on the switch or under the relevant layer 3 SVI but you don't configure it on individual switch ports. You don't need to.



sundar.palaniappan Thu, 07/12/2007 - 18:50

oops yes Jon that indeed was a typo. I responded to the post quickly and didn't double check it as I had to leave somewhere.

Wilson just follow the example in the link and as Jon advised the switch shouldn't need much configuration for multicast to work.



wilson_1234_2 Thu, 07/12/2007 - 19:39

Thanks for the excellent answer.

Take a look at the "two NICs one subnet" post


This Discussion