09-13-2006 04:07 AM - edited 03-09-2019 04:10 PM
Hello
I just can't get multicast with Symantec Ghost to work over the FWSM with software version 3.1.3.
The ghost server is in a Vlan (Vlan 200) protected by the FWSM, the clients which should be ghosted are not behind the FWSM in a different Vlan (Vlan 15).
I configure the FWSM with the Security Manager CSM 3.1.
How should the correct config look?
This is what I found in the FWSM config which is probably connected to the Multicast:
multicast-routing
interface Vlan200
nameif server
security-level 50
ip address a.a.200.1 255.255.252.0 standby a.a.200.2
igmp forward interface clients
mroute a.a.224.10 255.255.255.255 transit1
mroute a.a.201.66 255.255.255.255 dozpers
Maybe there are also other lines which I missed.
Anyway, I can see the clients on the ghost server, but if I start the push, then the clients don't recieve the packets.
The hardware is a Cat 6500 with IOS 12.2 and some Gig Ethernet cards where switchs are connected to.
Thanks,
Patrick
[edit]
Here the logfile from Ghost:
Log Level Informational
4136031 GhostSrv 8.3.0.1331
Fri Aug 18 13:05:25 2006
Initialising RML
4136046 rml_get_local_interfaces found these IP addresses:
a.a.201.66
RML Initialised
RML socket send buffer size set to 549504
Setting UDP socket receive buffer size to 20034
UDP socket receive buffer size set to 20034
RML socket receive buffer size set to 17172
4136062 Throttle value:0 mb/min
Length of tick in seconds:0.001000
Ticks per throttle bucket:15
Throttle byte count limit[0] = 0
Throttle byte count limit[1] = 0
Throttle byte count limit[2] = 0
Throttle byte count limit[3] = 0
Throttle byte count limit[4] = 0
Throttle byte count limit[5] = 0
Throttle byte count limit[6] = 0
Throttle byte count limit[7] = 0
Throttle value:0 mb/min
Length of tick in seconds:0.001000
Ticks per throttle bucket:15
Throttle byte count limit[0] = 0
Throttle byte count limit[1] = 0
Throttle byte count limit[2] = 0
Throttle byte count limit[3] = 0
Throttle byte count limit[4] = 0
Throttle byte count limit[5] = 0
Throttle byte count limit[6] = 0
Throttle byte count limit[7] = 0
RML socket send buffer size set to 4194304
Server multicast address set to 224.77.52.123
Throttle value:1500 mb/min
Length of tick in seconds:0.001000
Ticks per throttle bucket:15
Throttle byte count limit[0] = 780335
Throttle byte count limit[1] = 1170503
Throttle byte count limit[2] = 1950839
Throttle byte count limit[3] = 3511510
Throttle byte count limit[4] = 6632852
Throttle byte count limit[5] = 12875537
Throttle byte count limit[6] = 25360907
Throttle byte count limit[7] = 50331648
Bound RML socket to 0.0.0.0:1228
Setting multicast scope to 16
Bound TCP socket to 0.0.0.0:1229
Bound UDP socket to 0.0.0.0:6666
Interface a.a.201.66 (0) ws2AddMembership succeeded
4323546 Telling client (a.a.25.81) to use Multicast data transfer mode
Sent second packet unicast
4324531 UDM Destination count now 1
Multicast: 224.77.52.123:7777 0.0.0.0
4490546 RML Statistics
Retransmits on Timeout: 7
End RML Statistics
Shutting down RML
RML shutdown
Log Level None
09-19-2006 05:47 AM
Does the problem lie only with Symantec Ghost.See if IGMP is enabled on the switch and also on the entire network.Also if multicasting works throughout the network.
09-19-2006 06:49 AM
Hi smahbub
Multicasting works as long as the ghost server is on the same VLAN as the clients.
The problem starts when it's being routed.
Currently I can only test it routed through the FWSM.
Patrick
09-29-2006 05:55 AM
I could solve it now with the help of a CCIE :)
Here the solution (just the config which was wrong or missing).
On the router:
int vlan22
ip pim sparse-dense-mode
int vlan24
ip pim sparse-dense-mode
int vlan32
ip pim sparse-dense-mode
int vlan40
ip pim sparse-dense-mode
int vlan192
ip pim sparse-dense-mode
int vlan220
ip pim sparse-dense-mode
int vlan224
ip pim sparse-dense-mode
int vlan229
ip pim sparse-dense-mode
int vlan900
ip pim sparse-dense-mode
ip pim rp-address 192.168.10.1
And the FWSM:
access-list transit1 remark Multicast Temp
access-list transit1 permit ip any host 229.55.150.208
access-list transit1 permit ip any host a.a.224.10
access-list transit1 permit ip any 224.77.0.0 255.255.0.0
access-list transit1 permit ip any a.a.24.0 255.255.252.0
interface Vlan200
no igmp forward interface transit1
exit
no mroute a.a.201.66 255.255.255.255 dozpers
no mroute a.a.224.10 255.255.255.255 transit1
pim old-register-checksum
pim rp-address 192.168.10.1 bidir
Hope this will help other people!
Patrick
11-03-2006 12:30 PM
I'm still gnashing my teeth with keeping Ghost from flooding.
I've got it to work semi-acceptably enabling ip multicast-routing and ip pim dense mode on the desired vlan.
Multicast Vlan Registration (see 20-13 c3550 guide doc#78-11194-09) looked promising, but I was unable to get it right: all ports still lit up and ground to halt.
Have you considered/tried/had any luck with this?
Thanks, Steve
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide