Microsoft Network Load Balancing - multicast mode, VIP not reachable

Unanswered Question
Jan 30th, 2009
User Badges:

Hi all,


I've run into the issue as described in http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a0080a07203.shtml however the work-around recommended does not work. I'm trying to configure it on a cat 6509 ios 12.2(18)sxf12a so add the "disable-snooping" to the "mac-address-table static" but still can't reach the VIP from anywhere outside its own subnet.


Any ideas? Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
Loading.
dave.keith Fri, 01/30/2009 - 08:09
User Badges:
  • Bronze, 100 points or more

Check your routers ARP table to see if it knows the MAC of the NLB VIP. You may need to add a static ARP entry to correlate the VIP to the multicast-MAC. Cisco devices do not accept a multicast MAC in reply to an ARP for a unicast IP. That may be why you can get to the VIP from within its subnet but not from outside. Good luck.


Dave

graham-lewis Fri, 01/30/2009 - 08:20
User Badges:

Hi Dave,


Thanks for the reply. I've tried a static ARP & MAC_Address entry and also disabled IGRP snooping on the interfaces, e.g.


arp 10.17.61.106 03bf.0a11.3d6a arpa

!

mac-address-table static 03bf.0a11.3d6a vlan 61 interface g4/3 g4/4 disable-snooping


This is what what my ARP cache and MAC address tables look like:


cat6#sh ip arp

Protocol Address Age (min) Hardware Addr Type Interface

Internet 10.17.61.1 - 0000.0c07.ac3d ARPA Vlan61

Internet 10.17.61.2 - 0022.bebd.1400 ARPA Vlan61

Internet 10.17.4.10 0 001b.38c2.f4c0 ARPA GigabitEthernet4/5

Internet 10.17.4.1 - 0022.bebd.1400 ARPA GigabitEthernet4/5

Internet 10.17.61.106 - 03bf.ac11.3d6a ARPA

cat6#sh mac-add static

Legend: * - primary entry

age - seconds since last seen

n/a - not available


vlan mac address type learn age ports

------+----------------+--------+-----+----------+--------------------------

* 61 0022.bebd.1400 static No - Router

* --- 0000.0000.aaaa static No - Switch

* 61 3333.0000.000d static Yes - Gi4/4,Gi4/5,Router,Switch

Stby-Switch

* 61 3333.0000.0001 static Yes - Switch,Stby-Switch

* 61 0000.0c07.ac3d static No - Router

* --- 0022.bebd.1400 static No - Router

* 61 03bf.0a11.3d6a static No - Gi4/4

* 61 3333.0000.0016 static Yes - Switch,Stby-Switch


Graham

dave.keith Fri, 01/30/2009 - 08:37
User Badges:
  • Bronze, 100 points or more

Hmmmm ... it looks like the MAC was typo'd. In your initial static ARP entry command it is 03bf.0a11.3d6a , while in the sho arp it is 03bf.ac11.3d6a . Could that be the problem ?


Dave

graham-lewis Fri, 01/30/2009 - 09:21
User Badges:

No one is from the "real" config and the other from my testbed - I changed the IP address from 172.x.x.x (hex ac) to 10.x.x.x (hex oa). The last four octets in the MS NLB multicast address represents the IP address of the VIP. Good spot though!


Graham

bbouchaiba Thu, 02/12/2009 - 07:34
User Badges:

Hi Lewis,


Were you able to fix your issue, I'm in the same situation.

graham-lewis Thu, 02/12/2009 - 07:43
User Badges:

Yes, the fix worked in the "real" network. It looks like the problem was that I couldn't fully replicate the server's multicast behaviour in test.

bbouchaiba Thu, 02/12/2009 - 14:44
User Badges:

Thanks Lewis



hummm


My NLB is still not working, are you running windows 2003 or 2008 ?

Actions

This Discussion