Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
685
Views
0
Helpful
9
Replies

Multicast transparent forwarding on 3750 L3 Swicth

Go to solution
jacques_henry696
Level 1
Level 1

‎07-07-2009 01:45 AM - edited ‎03-06-2019 06:37 AM

Hello,

I am trying to configure a Cisco 3750 to act as a "transparent multicast bridge". i.e. I don't want to enable pim on its interfaces and no igmp packets will go trough the interfaces as well.

I only want that multicast packets coming to the interface f1/0/1 are automatically sent to f1/0/2 and f1/0/3.

I hope I made myself clear :)

Thanks a lot.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to jacques_henry696

‎07-07-2009 04:07 AM

Somehow I knew you were going to say that. ;)

The "normal" solution is to do multicast routing. Is there a particular reason why this is unacceptable?

No "easy" solution comes to my mind for what you're asking beyond it should be possible to physically link subnets (i.e. connect one VLAN port with another) and use ACLs to only permit multicast packets to flow across the link. (NB: w/o ACLs, you have something similar to what's described next.) One concern with this approach, switch would see same MAC on different ports.

Another (better/safer vs. the physical link) approach would be to combine VLANs that need to share the multicast traffic, but continue to use your subnets. I.e. instead of the usual one subnet per VLAN, multiple subnets per VLAN. You would still route unicast between subnets on the same VLAN.

[edit]

BTW, just saw Giuseppe's and your response posts. Now you're describing WANs and encryption, when you asked about multicast across 3750 ports. You might want to post all the details of what your network looks like, what you're trying to accomplish, and what you see as issues.

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎07-07-2009 03:06 AM

If IGMP snooping is disabled, at L2 (same VLAN), received multicast packets should be forwarded to other ports (like broadcast).

0 Helpful

Go to solution
jacques_henry696
Level 1
Level 1
In response to Joseph W. Doherty

‎07-07-2009 03:34 AM

IGMP snooping is disabled, but my switch is configured to do the IP routing and the physical ports are not in the same vlan.

thanks !

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to jacques_henry696

‎07-07-2009 03:56 AM

Hello Jacques,

between different IP subnets/vlan you need to enable multicast routing and PIM on the interfaces.

It is still a routing action.

Hope to help

Giuseppe

0 Helpful

Go to solution
jacques_henry696
Level 1
Level 1
In response to Giuseppe Larosa

‎07-07-2009 04:02 AM

Hello Giuseppe,

Yes, I feared you would answer that. but it is useless to activate PIM on my WAN interface because the switch wouldn't be able to communicate in PIM with the other routers because there is a encryption unit between them... That's why I need the switch to act as a "simple" L2 switch and forward the multicast stream...

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to jacques_henry696

‎07-07-2009 04:46 AM

Hello Jacques,

>> because there is a encryption unit between them

It is between so they encrypt and decrypt all packets there shouldn't be no specific issue for PIM rather then other traffic types.

Hope to help

Giuseppe

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to jacques_henry696

‎07-07-2009 04:07 AM

Somehow I knew you were going to say that. ;)

The "normal" solution is to do multicast routing. Is there a particular reason why this is unacceptable?

No "easy" solution comes to my mind for what you're asking beyond it should be possible to physically link subnets (i.e. connect one VLAN port with another) and use ACLs to only permit multicast packets to flow across the link. (NB: w/o ACLs, you have something similar to what's described next.) One concern with this approach, switch would see same MAC on different ports.

Another (better/safer vs. the physical link) approach would be to combine VLANs that need to share the multicast traffic, but continue to use your subnets. I.e. instead of the usual one subnet per VLAN, multiple subnets per VLAN. You would still route unicast between subnets on the same VLAN.

[edit]

BTW, just saw Giuseppe's and your response posts. Now you're describing WANs and encryption, when you asked about multicast across 3750 ports. You might want to post all the details of what your network looks like, what you're trying to accomplish, and what you see as issues.

0 Helpful

Go to solution
jacques_henry696
Level 1
Level 1
In response to Joseph W. Doherty

‎07-07-2009 04:13 AM

Ok, I will try your second approach and will come back to you.

Thanks!

0 Helpful

Go to solution
jacques_henry696
Level 1
Level 1
In response to jacques_henry696

‎07-08-2009 02:55 AM

I works!

many thanks !!

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to jacques_henry696

‎07-08-2009 03:37 AM

I'm glad it did, and thanks for letting me know.

However, do keep in mind when you do this you increase multicast/broadcast traffic to all hosts (mulitcast if no IGMP snooping) on the shared segment and you decrease possible security when hosts share a common segment but are using different subnets.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card