I have an IBM blade with a Nortel Switch in it. On the blade are 2 CAS servers
configured with Windows NLB set to multicast. I need to isolate the Multicast
traffic
In cisco land I would follow the below directions. Customer will not let me do
that in their world and is pushing me to make the changes on the Nortel. Anyone
ever done this on a Nortel switch want to show me how to do it?
Multicast Mode
Another solution is to use multicast mode in MS NLB configuration GUI instead
of Unicast mode. In Multicast Mode, the system admin clicks the IGMP Multicast
button in the MS NLB configuration GUI. This choice instructs the cluster
members to respond to ARPs for their virtual address using a multicast MAC
address for example 0300.5e11.1111 and to send IGMP Membership Report packets.
If IGMP snooping is enabled on the local switch, it snoops the IGMP packets
that pass through it. In this way, when a client ARPs for the cluster's virtual
IP address, the cluster responds with multicast MAC for example 0300.5e11.1111.
When the client sends the packet to 0300.5e11.1111, the local switch forwards
the packet out each of the ports connected to the cluster members. In this
case, there is no chance of flooding the ARP packet out of all the ports. The
issue with the multicast mode is virtual IP address becomes unreachable when
accessed from outside the local subnet because Cisco devices do not accept an
arp reply for a unicast IP address that contains a multicast MAC address. So
the MAC portion of the ARP entry shows as incomplete. (Issue the command show
arp to view the output.) As there is no MAC portion in the arp reply, the ARP
entry never appeared in the ARP table. It eventually quit ARPing and returned
an ICMP Host unreachable to the clients. In order to override this, use static
ARP entry to populate the ARP table as given below. In theory, this allows the
Cisco device to populate its mac-address-table. For example, if the virtual ip
address is 172.16.63.241 and multicast mac address is 0300.5e11.1111, use this
command in order to populate the ARP table statically:
arp 172.16.63.241 0300.5e11.1111
However, since the incoming packets have a unicast destination IP address and
multicast destination MAC the Cisco device ignores this entry and
process-switches each cluster-bound packets. In order to avoid this process
switching, insert a static mac-address-table entry as given below in order to
switch cluster-bound packets in hardware.
mac-address-table static 0300.5e11.1111 vlan 200 interface
fa2/3 fa2/4
Note: For Cisco Catalyst 6000/6500 series switches, you must add the
disable-snopping parameter. For example:
mac-address-table static 0300.5e11.1111 vlan 200
interface fa2/3 fa2/4 disable-snooping
The disable-snooping parameter is essential and applicable only for Cisco
Catalyst 6000/6500 series switches. Without this statement, the behavior is not
affected.
