02-11-2010 03:26 AM - edited 07-03-2021 06:30 PM
Hi,
I have a problem with a wireless client that it not able to ping a virtual IP of server in NLB modality.
The WLC can do a ping to the first physical, to the second physical IP and the the virtual IP correctly.
The Wireless Client can do a ping to the first physical, to the second physical IP BUT can not do a ping to the the virtual IP.
The WLC and wireless client have the same mac-table with the same mac-add of tree IP (2 physical and virtual).
When from WLC, i do a ping to the Ip virtual, I send 3 pkt and I receive 6 pkt (3 from first network lan and 3 from second network lan, I think...)
I think thet the WLC drop the pkts to wireless client to virtual IP of LNB Microsoft (NLB work correctly).
What do you think?
Regards.
Mirko S.
02-11-2010 06:47 AM
You'll probably need a sniffer capture to see this, but typically when I've seen this type of issue the packet is sent to one of the NIC's of the server but the response comes from the other NIC. Because of this addressing on the response packet doesn't match where the packet was sent so it doesn't look valid.
02-11-2010 06:58 AM
Hi Dan,
Ok, I understand what you say, but why the WLC can do a ping to the first physical, to the second physical IP and the the virtual IP correctly and the wireless client can't ping a virtual IP?
The WLC drop the pkt, I think.
There is a specific DEBUG to monitoring the events?
I try to see the pkt with wireshark.
Regards.
Mirko S.
07-16-2010 05:34 AM
Hello,
I have deployed a WLC 2112 with 7 LAP1142N for one of our clients and I have exactly the same problem.
The http proxy is the virtual ip of a windows NLB cluster, and from the wireless clients I get answer from the physicals, but not from the virtual (WLC can ping all phisycal and virtual)... the result the clients are not able to navigate thru Internet.
Did someone get the answer for this issue?
Thanks a lot in advance.
Fernando.
07-20-2010 12:20 AM
Hi, Fernado.
I didn't receive any anwers.
At this moment, I still have not resolve the issue.
Regards.
Mirko Severi.
08-03-2011 11:59 PM
Hello
Hi, everyone.
I am facing the same issue with WLC2106. Did someone get any answer .
Best regards
Kostas Papachristofis.
08-04-2011 12:03 AM
Hi,
you need to enable multicast on the WLC, then it will work.
Regards
Stefan
08-04-2011 12:32 AM
Hi Stefan
I found this link
Is this enough ??
http://blog.prorouting.com/2011/05/access-network-load-balancing-nlb.html
regards
K.P.
08-04-2011 12:54 AM
Generally yes, but (as always) it depends on your infrastructure.
If it is MC ready, then this should work.
AP Multicast Mode "Multicast" also means, that you need MC enabled between your WLC and your APs.
Also, you should check this document (which you probably already know), how MS NLB and Cisco Switches will work together - to make sure your wired infrastructure fully supports NLB:
hope that helps,
Stefan
03-25-2012 07:54 AM
We just went thru this with a Cisco TAC support engineer, and we solved it by adding the "no ip igmp snooping" command to the AP and then also turning on IGMP Multicast for the NLB cluster in the Windows NLB Manager:
03-26-2012 07:18 AM
In the case of bridging wireless traffic through an internal AP801's host router (such as a 1941W), this doesn't work because the unicast ip/mcast mac traffic doesn't get passed through the bridge into vlan config.
Example config:
1941W-3#sho run int gig 0/0
Building configuration...
Current configuration : 95 bytes
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
bridge-group 1
!
end
1941W-3#sho run | inc bridge
bridge irb
bridge-group 1
bridge-group 1
bridge-group 1
bridge 1 protocol ieee
bridge 1 route ip
1941W-3#sho run int vlan 1
Building configuration...
Current configuration : 57 bytes
!
interface Vlan1
no ip address
bridge-group 1
!
end
1941W-3#sho span int wlan-g
1941W-3#sho span int wlan-gigabitEthernet 0/0
Port 8 (Wlan-GigabitEthernet0/0) of VLAN1 is forwarding
Port path cost 4, Port priority 128, Port Identifier 128.8.
Designated root has priority 32768, address 0026.0bb5.5093
Designated bridge has priority 32768, address 0026.0bb5.5093
Designated port id is 128.8, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 127707, received 0
The port is in the portfast mode
1941W-3#show bridge 1
Total of 300 station blocks, 287 free
Codes: P - permanent, S - self
Bridge Group 1:
Address Action Interface Age RX count TX count
000c.29a0.3037 forward Gi0/0 0 690 818
78e4.00b2.efda forward Vlan1 0 1202 53
Ways to get this to work:
1) configure IGMP snooping support on the NLB Cluster as mentioned in the previous post
2) Use cluster mode Unicast
3) route the internal ap's traffic and not use IRB.
1941W-3(config)#no bridge irb
Please remove the BVI 1 interface first!
1941W-3(config)#no int bvi 1
1941W-3(config)#
1941W-3(config)#no bridge irb
1941W-3(config)#int vlan 2
1941W-3(config-if)#ip add 2.2.2.1 255.255.255.0
1941W-3(config)#int wlan-gigabitEthernet 0/0
1941W-3(config-if)#switch access vlan 2
1941W-3(config-if)#
1941W-3(config-if)#
1941W-3(config-if)#int gig 0/0
1941W-3(config-if)#no bridge 1
1941W-3(config)#int gig 0/0
1941W-3(config-if)#ip add 1.1.1.1 255.255.255.0
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide