NLB - Network Load Balacing Microsoft - problem with Wireless Client

Unanswered Question
Feb 11th, 2010

Hi,

I have a problem with a wireless client that it not able to ping a virtual IP of server in NLB modality.

The WLC can do a ping to the first physical, to the second physical IP and the the virtual IP correctly.

The Wireless Client can do a ping to the first physical, to the second physical IP BUT can not do a ping to the the virtual IP.

The WLC and wireless client have the same mac-table with the same mac-add of tree IP (2 physical and virtual).

When from WLC, i do a ping to the Ip virtual, I send 3 pkt and I receive 6 pkt (3 from first network lan and 3 from second network lan, I think...)

I think thet the WLC drop the pkts to wireless client to virtual IP of LNB Microsoft (NLB work correctly).

What do you think?

Regards.

Mirko S.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
dancampb Thu, 02/11/2010 - 06:47

You'll probably need a sniffer capture to see this, but typically when I've seen this type of issue the packet is sent to one of the NIC's of the server but the response comes from the other NIC.  Because of this addressing on the response packet doesn't match where the packet was sent so it doesn't look valid.

severi@vem.com Thu, 02/11/2010 - 06:58

Hi Dan,

Ok, I understand what you say, but why the WLC can do a ping to the first physical, to the second physical IP and the the virtual IP correctly and the wireless client can't ping a virtual IP?

The WLC drop the pkt, I think.

There is a specific DEBUG to monitoring the events?

I try to see the pkt with wireshark.

Regards.

Mirko S.

mj.jimenez Fri, 07/16/2010 - 05:34

Hello,

I have deployed a WLC 2112 with 7 LAP1142N for one of our clients and I have exactly the same problem.

The http proxy is the virtual ip of a windows NLB cluster, and from the wireless clients I get answer from the physicals, but not from the virtual (WLC can ping all phisycal and virtual)... the result the clients are not able to navigate thru Internet.

Did someone get the answer for this issue?

Thanks a lot in advance.

Fernando.

severi@vem.com Tue, 07/20/2010 - 00:20

Hi, Fernado.

I didn't receive any anwers.

At this moment, I still have not resolve the issue.

Regards.

Mirko Severi.

kostasp Wed, 08/03/2011 - 23:59

Hello

Hi, everyone.

I am facing the same issue with WLC2106. Did someone get any answer .

Best regards

Kostas Papachristofis.

stefan.angerer Thu, 08/04/2011 - 00:54

Generally yes, but (as always) it depends on your infrastructure.

If it is MC ready, then this should work.

AP Multicast Mode "Multicast" also means, that you need MC enabled between your WLC and your APs.

Also, you should check this document (which you probably already know), how MS NLB and Cisco Switches will work together - to make sure your wired infrastructure fully supports NLB:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a0080a07203.shtml

hope that helps,

Stefan

MotherTucker Sun, 03/25/2012 - 07:54

We just went thru this with a Cisco TAC support engineer, and we solved it by adding the "no ip igmp snooping" command to the AP and then also turning on IGMP Multicast for the NLB cluster in the Windows NLB Manager:

jkeown Mon, 03/26/2012 - 07:18

In the case of bridging wireless traffic through an internal AP801's host router (such as a 1941W), this doesn't work because the unicast ip/mcast mac traffic doesn't get passed through the bridge into vlan config.

Example config:

1941W-3#sho run int gig 0/0

Building configuration...

Current configuration : 95 bytes

!

interface GigabitEthernet0/0

no ip address

duplex auto

speed auto

bridge-group 1

!

end

1941W-3#sho run | inc bridge

bridge irb

bridge-group 1

bridge-group 1

bridge-group 1

bridge 1 protocol ieee

bridge 1 route ip

1941W-3#sho run int vlan 1

Building configuration...

Current configuration : 57 bytes

!

interface Vlan1

no ip address

bridge-group 1

!

end

1941W-3#sho span int wlan-g

1941W-3#sho span int wlan-gigabitEthernet 0/0

Port 8 (Wlan-GigabitEthernet0/0) of VLAN1 is forwarding

   Port path cost 4, Port priority 128, Port Identifier 128.8.

   Designated root has priority 32768, address 0026.0bb5.5093

   Designated bridge has priority 32768, address 0026.0bb5.5093

   Designated port id is 128.8, designated path cost 0

   Timers: message age 0, forward delay 0, hold 0

   Number of transitions to forwarding state: 1

   BPDU: sent 127707, received 0

   The port is in the portfast mode

1941W-3#show bridge 1

Total of 300 station blocks, 287 free

Codes: P - permanent, S - self

Bridge Group 1:

    Address       Action   Interface       Age   RX count   TX count

000c.29a0.3037   forward   Gi0/0             0        690        818

78e4.00b2.efda   forward   Vlan1             0       1202         53

Ways to get this to work:

1) configure IGMP snooping support on the NLB Cluster as mentioned in the previous post

2) Use cluster mode Unicast

3)  route the internal ap's traffic and not use IRB.

1941W-3(config)#no bridge irb

Please remove the BVI 1 interface first!

1941W-3(config)#no int bvi 1

1941W-3(config)#

1941W-3(config)#no bridge irb

1941W-3(config)#int vlan 2

1941W-3(config-if)#ip add 2.2.2.1 255.255.255.0

1941W-3(config)#int wlan-gigabitEthernet 0/0

1941W-3(config-if)#switch access vlan 2

1941W-3(config-if)#

1941W-3(config-if)#

1941W-3(config-if)#int gig 0/0

1941W-3(config-if)#no bridge 1

1941W-3(config)#int gig 0/0

1941W-3(config-if)#ip add 1.1.1.1 255.255.255.0

Actions

Login or Register to take actions

This Discussion

Posted February 11, 2010 at 3:26 AM
Stats:
Replies:10 Avg. Rating:
Views:2214 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard