Multicast traffic not forwarded on Catalyst 6506 VSS Supervisor Engine 720 10GE

Unanswered Question
Dec 1st, 2009

Hi all,

I have two Catalyst 6506 in VSS mode with VS-S720-10G running 12.2(33)SXI1 IP SERVICES.

I have two firewalls that communicate on to the other through a dedicated VLAN created on Catalyst 6506.

One firewall is able to ping the other one on this dedicated VLAN but if I send multicast traffic from firewall-1 I didn't receive it on firewall-2.

I found a bug related to multicast issues on Cisco WS-C6509-E with VS-S720-10G. The bug ID is CSCtc59038.

Does anybody could confirm that I'm affected by this bug?

Many thanks


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (2 ratings)
Giuseppe Larosa Tue, 12/01/2009 - 06:27

Hello Stefano,

the bug description doesn't mention FWSM service modules, and first seen says

1st Found-In
      CSCtc59038">Known Affected Versions This link will launch a new window.

but list of known affected versions includes your IOS image.

I only wonder if you have all the necessary components configured.

We haven't a VSS with FWSM modules, but on standalone C6500 we have found that multicast forwarding via a FWSM requires a special monitor session like the following:

Session 2
Type                   : Service Module Session
Modules allowed        : 1-9
Modules active         : 8
BPDUs allowed          : Yes

where module 8 is the FWSM.

without this session working our FWSMs are not able to forward multicast traffic.

Hope to help


s-durando Tue, 12/01/2009 - 06:36

Hi Giuseppe,

the firewalls I mentioned are other vendor's standalone firewalls.



Giuseppe Larosa Tue, 12/01/2009 - 06:46

Hello Stefano,

sorry for my misunderstanding.

I would consider an IOS upgrade to a version where the aforementioned bug is fixed

Hope to help


s-durando Tue, 12/01/2009 - 07:34


bug status is still Open.

Is it a good idea to upgrade to 12.2(33)SXI3?

Many thanks


amanolahi Wed, 02/10/2010 - 07:34

Hi You Guys,

I,ve got the same issue as you describe in your posting. Meaning the ip multicast traffic of two firewalls are not forwarded through the VSS in same L2-VLAN. The network topopology looks like: FW----CAT3750-------VSS------CAT3750---FW. It seems the VSS has a problem with frowarding multicast traffic in a L2-VLAN.

Current IOS is: s72033-ipservicesk9_wan-mz.122-33.SXI3

Did you got a solution for this issue?

Many Thanks in advanced


s-durando Wed, 02/10/2010 - 08:23

Hi Naser,

the issue was caused by firewall not by cat6500.

The firewall did not send igmp report in order to join multicast group and cat6500 didn't forward multicast traffic to firewall because igmp snooping is enabled by default.



amanolahi Wed, 02/10/2010 - 09:00

Hi Stefano,

it explanes the current behavior. I better ask the firewall guys for igmp...

Best Regards


Giuseppe Larosa Wed, 02/10/2010 - 13:35

Hello Stefano,

thanks for having provided feedback  on this it  makes this a complete story.

Your answer makes sense perfectly.

Hope to help


cisco_tno Tue, 04/10/2012 - 08:07

Hi guys,

I got the same problem.

I have two 6509 in VSS and two JBoss servers connected to them. Both JBoss servers are configured in cluster using multicast mode. I had to configure "mac-address-table static" to make then working. Without that command, 6509 broadcast JBoss cluster traffic.

Before that, I had two 4509 connected to JBoss Servers and no special command was neccesary.

Is there any difference regarding IGMP between 4509 (12.2.53 SG4) and 6509 VSS (12.2.33 SXI7)?


This Discussion