I have a pair of Nokia firewalls connected to two 4006 switches running 7.6.3 code. The firewalls have a multicast virutal address that doesn't seem to pass across an etherchannel trunk between the switches even though the vlan they are in is being forwarded across the trunk. Do you know if a dot1q trunk would block a multicast packet from a Nokia firewall from passing ?
Basically , by default multicast is only forwarded to the router ports or where an IGMP request is received. Now you have a Cat4000 and it has CGMP turned on by default . As long as it does not detect any router ports , multicast should basically be flooded in the entire vlan. In your case , multicast not being flooded makes me think the switch is detecting a multicast router at some other port other then the trunk port and certainly not receiving a CGMP join from that router for this particular group.
Here is a hack that you can use.
set multicast router
where mod/port is a trunk port .
Second thing is youc an disable CGMP only if you do not have other multicast traffic in your network and only traffic is this low volume keepalive traffic between the firewalls so that this traffic will be flooded in the entire vlan on both switches.
Thanks. CGMP is already disabled but maybe I will try the multicast router command to see if it will forward if over the trunk that way. I've even added static cam entries pointing to the trunk and it wouldn't pass over the trunk. Makes me think that the Nokia "multicast" mac address on a unicast IP really isn't being detected as a multicast.
This is in case so. The way Nokia (and other FW manufacturers) try to trick the switches to add multicast MAC entries to CAM tables is a non-standard implementation of IP multicast. In new hardware (I know already of the 3750) the forwarding of IP multicast traffic will not be based on the MAC address anymore but on the IP multicast group address. And then the concept of Nokia will fail completely.
The multicast router interface you can configure is a workaround you can use to make it work but by doing that you possibly endanger the CPU of your switch. That one will be overloaded if any high volume traffic is sent to the multicast MAC address (because of the IGMP snooping mechanism that looks at each frame with the multicast MAC address).
I am not aware that Nokia has yet a solution for the problem but I know that they should know about the problem itself.
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...