Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

MS NLB w/virtual mac question

Since Cisco uses virtual mac's for it's own load balancing, I'm having trouble believing that it does not have a way to handle MS's network load balancing, which uses a virtual MAC (placing the same MAC on two ports), other than to isolate it using a VLAN. I'm guessing I am just not finding the proper way to do it, in spite of hours of searching! Probably because I am not searching for the right terminology. Argh!

So, is there a way to configure the switch so that two ports use the same MAC, and traffic gets forwarded to both ports, without setting up a separate VLAN (requiring routing)?



Re: MS NLB w/virtual mac question

Switches will not learn the same mac-address on two different ports. HSRP uses virtual ip address and virtual mac-address but even with this it does not allow the same virtual unicast mac-address be learned on two different ports. However, you can statically define the same mac-address on two different ports. I am not saying this is the solution you are looking for, but I am pointing out what you can do so that the mac-address are put in the cam table for two different ports.

Please rate helpful posts.

Community Member

Re: MS NLB w/virtual mac question

I know, it ends up treating the switch ports like they were a mini-hub, but it seems a shame to have to add a hub or router to an existing switch in order to use ISA's NLB. I really wish Cisco would add something to the IOS to allow this to be configured.

If we statically define the same MAC address on both ports, will it forward the traffic to both ports correctly?

Thank you!!

Community Member

Re: MS NLB w/virtual mac question

We use MS NLB in multicast mode, it seems easier to control. We configure a static MAC address (the 0100.5exx.xxxx MAC) on each of the ports that connect to an NLB interface, typically two ports. Note that this address cannot be learned because the port uses it's NIC hardware MAC on outgoing packets. Also, you should add the multicast MAC to any upstream switches (on the trunk port going to the distribution switch).

Another issue is that IOS will not accept a multicast MAC as a reply to an ARP for a unicast IP address, so you may also have to add a static ARP entry in the router mapping the virutal IP of the NLB to the multicast MAC addess it uses. Curiously our Checkpoint FW (under Windows) does accept this ARP response.

If you are not using NLB in multicast mode then you might want to look at the 'hub solution'. Here is a pointer to a discussion on NLB devices connected to layer 2 switches :


CreatePlease to create content