07-07-2009 01:45 AM - edited 03-06-2019 06:37 AM
Hello,
I am trying to configure a Cisco 3750 to act as a "transparent multicast bridge". i.e. I don't want to enable pim on its interfaces and no igmp packets will go trough the interfaces as well.
I only want that multicast packets coming to the interface f1/0/1 are automatically sent to f1/0/2 and f1/0/3.
I hope I made myself clear :)
Thanks a lot.
Solved! Go to Solution.
07-07-2009 04:07 AM
Somehow I knew you were going to say that. ;)
The "normal" solution is to do multicast routing. Is there a particular reason why this is unacceptable?
No "easy" solution comes to my mind for what you're asking beyond it should be possible to physically link subnets (i.e. connect one VLAN port with another) and use ACLs to only permit multicast packets to flow across the link. (NB: w/o ACLs, you have something similar to what's described next.) One concern with this approach, switch would see same MAC on different ports.
Another (better/safer vs. the physical link) approach would be to combine VLANs that need to share the multicast traffic, but continue to use your subnets. I.e. instead of the usual one subnet per VLAN, multiple subnets per VLAN. You would still route unicast between subnets on the same VLAN.
[edit]
BTW, just saw Giuseppe's and your response posts. Now you're describing WANs and encryption, when you asked about multicast across 3750 ports. You might want to post all the details of what your network looks like, what you're trying to accomplish, and what you see as issues.
07-07-2009 03:06 AM
If IGMP snooping is disabled, at L2 (same VLAN), received multicast packets should be forwarded to other ports (like broadcast).
07-07-2009 03:34 AM
IGMP snooping is disabled, but my switch is configured to do the IP routing and the physical ports are not in the same vlan.
thanks !
07-07-2009 03:56 AM
Hello Jacques,
between different IP subnets/vlan you need to enable multicast routing and PIM on the interfaces.
It is still a routing action.
Hope to help
Giuseppe
07-07-2009 04:02 AM
Hello Giuseppe,
Yes, I feared you would answer that. but it is useless to activate PIM on my WAN interface because the switch wouldn't be able to communicate in PIM with the other routers because there is a encryption unit between them... That's why I need the switch to act as a "simple" L2 switch and forward the multicast stream...
07-07-2009 04:46 AM
Hello Jacques,
>> because there is a encryption unit between them
It is between so they encrypt and decrypt all packets there shouldn't be no specific issue for PIM rather then other traffic types.
Hope to help
Giuseppe
07-07-2009 04:07 AM
Somehow I knew you were going to say that. ;)
The "normal" solution is to do multicast routing. Is there a particular reason why this is unacceptable?
No "easy" solution comes to my mind for what you're asking beyond it should be possible to physically link subnets (i.e. connect one VLAN port with another) and use ACLs to only permit multicast packets to flow across the link. (NB: w/o ACLs, you have something similar to what's described next.) One concern with this approach, switch would see same MAC on different ports.
Another (better/safer vs. the physical link) approach would be to combine VLANs that need to share the multicast traffic, but continue to use your subnets. I.e. instead of the usual one subnet per VLAN, multiple subnets per VLAN. You would still route unicast between subnets on the same VLAN.
[edit]
BTW, just saw Giuseppe's and your response posts. Now you're describing WANs and encryption, when you asked about multicast across 3750 ports. You might want to post all the details of what your network looks like, what you're trying to accomplish, and what you see as issues.
07-07-2009 04:13 AM
Ok, I will try your second approach and will come back to you.
Thanks!
07-08-2009 02:55 AM
I works!
many thanks !!
07-08-2009 03:37 AM
I'm glad it did, and thanks for letting me know.
However, do keep in mind when you do this you increase multicast/broadcast traffic to all hosts (mulitcast if no IGMP snooping) on the shared segment and you decrease possible security when hosts share a common segment but are using different subnets.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide