Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

"Multicast" Across a Trunk port

I have a pair of Nokia firewalls connected to two 4006 switches running 7.6.3 code. The firewalls have a multicast virutal address that doesn't seem to pass across an etherchannel trunk between the switches even though the vlan they are in is being forwarded across the trunk. Do you know if a dot1q trunk would block a multicast packet from a Nokia firewall from passing ?


Re: "Multicast" Across a Trunk port

Hi :

Basically , by default multicast is only forwarded to the router ports or where an IGMP request is received. Now you have a Cat4000 and it has CGMP turned on by default . As long as it does not detect any router ports , multicast should basically be flooded in the entire vlan. In your case , multicast not being flooded makes me think the switch is detecting a multicast router at some other port other then the trunk port and certainly not receiving a CGMP join from that router for this particular group.

Here is a hack that you can use.

set multicast router

where mod/port is a trunk port .

Second thing is youc an disable CGMP only if you do not have other multicast traffic in your network and only traffic is this low volume keepalive traffic between the firewalls so that this traffic will be flooded in the entire vlan on both switches.

set cgmp disable

Hope this helps.

Salman Z.

Community Member

Re: "Multicast" Across a Trunk port

Thanks. CGMP is already disabled but maybe I will try the multicast router command to see if it will forward if over the trunk that way. I've even added static cam entries pointing to the trunk and it wouldn't pass over the trunk. Makes me think that the Nokia "multicast" mac address on a unicast IP really isn't being detected as a multicast.

Community Member

Re: "Multicast" Across a Trunk port

This is in case so. The way Nokia (and other FW manufacturers) try to trick the switches to add multicast MAC entries to CAM tables is a non-standard implementation of IP multicast. In new hardware (I know already of the 3750) the forwarding of IP multicast traffic will not be based on the MAC address anymore but on the IP multicast group address. And then the concept of Nokia will fail completely.

The multicast router interface you can configure is a workaround you can use to make it work but by doing that you possibly endanger the CPU of your switch. That one will be overloaded if any high volume traffic is sent to the multicast MAC address (because of the IGMP snooping mechanism that looks at each frame with the multicast MAC address).

I am not aware that Nokia has yet a solution for the problem but I know that they should know about the problem itself.



CreatePlease to create content