Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Multicast inside a single VLAN in FWSM.

Hi,

I am trying to make the multicast working between few hosts inside a single vlan. Host are running mysql cluster and Multicast

is used to send master/slave status  information to the IP 228.10.10.10 on port 45566.


The vlan is  defined in FWSM and the host are connected via the core-switch(6513). (hosts-->core-sws--->fwsm)
I have tried searching the documentation, but couldn't find specific info to enable multicast between hosts residing in same vlan. FWSM is running code 3.1(4). since the hosts are residing in the same vlan, I am thinking of applying the <multicast-routing> just for that SVI in FWSM,  Is this enough to make it working ?

Any advice is higly appreciated.

Thanks in Advance.
kris

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: Multicast inside a single VLAN in FWSM.

krishnadas.R wrote:

Hi Jon,

Many thanks for the Advice.

I have a question.

As per the Doc link,  To enable the IGMP Snooping Querier, <ip igmp snooping querier>  needs to

be applied on the inteface vlan and it needs to have a IP address.  But in our scenario,

the SVI is created in the FWSM, not on the Core-Switch. So I am not able to apply the

command in core switch.

I have checked if the Querier option can be enabled  globally, but seems like it is not possible,


CT-6513-CORE-I(config)#ip igmp snooping ?
  l2-entry-limit        limit on the l2 entry that can be installed by IGMP snooping
  limit                 Configure IGMP Snooping limits
  source-only-learning  source-only gce entries
 

ICT-6513-CORE-I(config)#              

so the only option  I have is to create another svi in core-switch and assign an IP address to make it working ?

Waiting for your reply.

Thanks,

kris

Kris

Very good point and deserves a rating

Apologies for that as i didn't think it through very well. You are right in what you say.

So in actual fact your orginal idea of enabling multicast-routing is the way to go. This will enable pim and igmp on all the FWSM interfaces but you can disable it per interface with

fwsm(config-ip)# no igmp

fwsm(config-ip)# no pim

Jon

6 REPLIES
Hall of Fame Super Blue

Re: Multicast inside a single VLAN in FWSM.

krishnadas.R wrote:

Hi,

I am trying to make the multicast working between few hosts inside a single vlan. Host are running mysql cluster and Multicast

is used to send master/slave status  information to the IP 228.10.10.10 on port 45566.


The vlan is  defined in FWSM and the host are connected via the core-switch(6513). (hosts-->core-sws--->fwsm)
I have tried searching the documentation, but couldn't find specific info to enable multicast between hosts residing in same vlan. FWSM is running code 3.1(4). since the hosts are residing in the same vlan, I am thinking of applying the just for that SVI in FWSM,  Is this enough to make it working ?

Any advice is higly appreciated.

Thanks in Advance.
kris

Kris

If the multicast is contained within a single vlan then you don't need to do anything to the SVI. What you will want to do is turn on the IGMP snooping querier function on the 6500 -

IGMP Snooping

Jon

Community Member

Re: Multicast inside a single VLAN in FWSM.

Hi Jon,

Many thanks for the Advice.

I have a question.

As per the Doc link,  To enable the IGMP Snooping Querier, <ip igmp snooping querier>  needs to

be applied on the inteface vlan and it needs to have a IP address.  But in our scenario,

the SVI is created in the FWSM, not on the Core-Switch. So I am not able to apply the

command in core switch.

I have checked if the Querier option can be enabled  globally, but seems like it is not possible,


CT-6513-CORE-I(config)#ip igmp snooping ?
  l2-entry-limit        limit on the l2 entry that can be installed by IGMP snooping
  limit                 Configure IGMP Snooping limits
  source-only-learning  source-only gce entries
 

ICT-6513-CORE-I(config)#              

so the only option  I have is to create another svi in core-switch and assign an IP address to make it working ?

Waiting for your reply.

Thanks,

kris

Hall of Fame Super Blue

Re: Multicast inside a single VLAN in FWSM.

krishnadas.R wrote:

Hi Jon,

Many thanks for the Advice.

I have a question.

As per the Doc link,  To enable the IGMP Snooping Querier, <ip igmp snooping querier>  needs to

be applied on the inteface vlan and it needs to have a IP address.  But in our scenario,

the SVI is created in the FWSM, not on the Core-Switch. So I am not able to apply the

command in core switch.

I have checked if the Querier option can be enabled  globally, but seems like it is not possible,


CT-6513-CORE-I(config)#ip igmp snooping ?
  l2-entry-limit        limit on the l2 entry that can be installed by IGMP snooping
  limit                 Configure IGMP Snooping limits
  source-only-learning  source-only gce entries
 

ICT-6513-CORE-I(config)#              

so the only option  I have is to create another svi in core-switch and assign an IP address to make it working ?

Waiting for your reply.

Thanks,

kris

Kris

Very good point and deserves a rating

Apologies for that as i didn't think it through very well. You are right in what you say.

So in actual fact your orginal idea of enabling multicast-routing is the way to go. This will enable pim and igmp on all the FWSM interfaces but you can disable it per interface with

fwsm(config-ip)# no igmp

fwsm(config-ip)# no pim

Jon

Community Member

Re: Multicast inside a single VLAN in FWSM.

Thanks Jon.

I have enabled multicast-routing on the SVI, shall let you know the results after the app team tests it.

Lets hope it will work

Kris

Community Member

Re: Multicast inside a single VLAN in FWSM.

It seems to be working now...

I will go ahead and open a new thread for inter-vlan multicast.

Thanks.

Community Member

Multicast inside a single VLAN in FWSM.

I have the same problem, i but i didn't understand too good how to solve it.

Do we need configure igmp and pin in the firewall svi?

3567
Views
5
Helpful
6
Replies
CreatePlease to create content