Link-local multicast on autonomous APs

Hi,
I have a 877 which I am troubleshooting some mDNS (224.0.0.251:5353) issues.
One client sends a mDNS request, the router sees it (packet debug) but the packet is not received by any other client on the wireless LAN.
Given it is link local I don't believe that enabling PIM (which I have done anyway).
I have investigated if there is anything that I would have to do to enable multicast for my wireless clients, on WLCs there is a multicast and broadcast config command which explicitly enables it.
Any directions would be appreciated.
Regards
Adam

Make sure that do not use the 239.0.0.X address range or the 239.128.0.X address range. Addresses in these ranges overlap with the link local MAC addresses and will flood out all switch ports even with IGMP snooping turned on.
Use the show network command to verify the multicast mode on the controller and show lwapp mcast to verify the group on the AP. I hope it may help you

Similar Messages

  • Link Local Unicast Addresses and Link Local Multicast Addresses

    I am trying to get a hold on Link Local Multicast addressing.  I know that Link Local Unicast Addressing is the equivalent of an APIPA address but can anyone tell me what Local Link Multicast addressing is used for and hopefully provide an example of
    it's use?  Beg your pardon if this is a stupid question.  Thanks.
    Michael T. Glenn

    Hi Michael,
    Obviously, this is not a stupid question.
    The link local multicast addresses are the equivalent of 224.0.0.0/24, which are reserved for the local subnet and are not forwarded by IP routers regardless of the Time to Live (TTL) in the IP header.
    They are used for routing protocol or other well-known multicast based communication.
    For detailed information, please refer to the link below,
    IPv6 Multicast Address Assignments
    http://tools.ietf.org/html/rfc2375
    Best Regards.
    Steven Lee
    TechNet Community Support

  • Link-local multicasting

    I'm trying to do multicast imaging in an environment without practical access to a DHCP server.
    I have a 48-port switch which I'm assured is configured as a "flat" switch.
    If I connect two or more computers to this switch (without connecting the switch to an uplink), boot them to the ZENworks Imaging Preboot Environment, and run 'dhcpcd -d -t 1 eth0' to get them link-local IP addresses, they can ping one another without issues.
    After having confirmed that the pings succeed, if I attempt to initiate a multicast via 'img s flat m' on one computer and 'img s flat cl' on the others, img exits almost instantly with a "network is unreachable" / "could not contact the server" message and an elapsed-time report of 00:00. This happens as soon as the command is issued, not when the clients connect or when the "start multicast" button is pressed.
    If I instead attempt to initiate the multicast via the menus of the curses interface to the 'img' program, as soon as I hit Next after selecting the "master" role, img segfaults. (I haven't yet tested selecting the 'client' role, but I expect it would be much the same.) I got a similar segfault on master machine for the first try with the command-line variant, but haven't been able to reproduce it since.
    This is with ZENworks 11.2.2, and a preboot environment manually updated to use a more recent version of the Linux kernel (3.8 or later, I think - I haven't checked lately), which is needed for driver support.
    Is multicast imaging across a "flat" switch using link-local IP addresses expected to work?
    If it is, any idea what may be going wrong (or how to figure out the same), and/or how to get this working?
    If it is not, is there any means of multicast imaging without an available DHCP server which *is* expected to work?

    This turns out to be another manifestation of the problem described in TID 7011873.
    The workaround described in that TID appears to assume that there is an available DHCP server, and that it just isn't handing out a default-gateway address when it hands out IP addresses to its clients.
    In our scenario, there is no DHCP server at all, and no gateway as far as I'm aware; this is an entirely isolated network. It might be possible to get things working by specifying a default-gateway address anyway, but I have no idea what address to specify, since in that situation there is no machine with any special role (except for the multicast master itself, which is special for a different reason); I tried specifying 0.0.0.0, as a known-unused address, and the route command quite reasonably rejected it. There might be an IP address for the "flat" switch itself, but if so I don't know what it is and don't have any apparent way of finding out.
    I managed to get this working anyway, at least to the point of the clients getting multicast-session numbers. To do that, I booted the SLAMPP live-CD server environment on a spare machine connected to the "flat" switch (from a USB drive), brought up the installed DHCP server in that live-CD environment, and specified the IP address of the live-CD machine (192.168.0.1) as the default gateway on the clients using the command described in that TID.
    (The SLAMPP DHCP server does not appear to have any option to specify a default gateway address, so it still has to be specified manually as far as I've been able to tell.)
    This approach means we have to have two machines connected to the switch in addition to the ones actually being imaged (the DHCP-server machine and the multicast master), but at least it should mean we can get imaging done outside of the realm of our normal network.
    That TID is a year and a half old, and is still listed as "Reported to Engineering". Is there any indication of possible progress towards a fix?
    At the least, I'd like to see some acknowledgement of the fact that this also applies to environments with no DHCP server, rather than just to ones where the DHCP server doesn't behave as the imaging client expects.

  • Route IGMP link-local groups

    There are two VLANs in network:
    VLAN 30: 192.168.1.0/24
    VLAN 40: 192.168.2.0/24
    A IGMP multicast group 224.0.0.251 is used for devices in both VLANs.
    I try to configure the router to enable the multicast routing, but it seems the router cannot join that multicast group:
    ip multicast-routing distributed
    3560g-client(config-if)#ip igmp join-group 224.0.0.251
    Illegal multicast group address
    So is there anyway to make that multicast group routable?
    Thank you.

    The multicast address, you are trying to join is a link-local multicast address and does not follow normal procedures of join. Any multicast address which belongs to 224.0.0.x is link-local address and few are reserved for protocols which runs over a link, like 224.0.0.9 is used for RIP and 224.0.0.10 is for EIGRP. and similarly 224.0.0.251 is used of mDNS. We will same error message for all these groups.
    R6_ASR6(config-if)#ip igmp join-group 224.0.0.9
    Illegal multicast group address
    R6_ASR6(config-if)#ip igmp join-group 224.0.0.10
    Illegal multicast group address
    R6_ASR6(config-if)#
    http://en.wikipedia.org/wiki/Multicast_address
    http://en.wikipedia.org/wiki/Multicast_DNS
    --- Please don't forget to rate helpful posts -----
    Regards,
    Akash

  • Mulitple SSIDs and ACLs on Autonomous APs

    This is an unusual situation:
    I have the need to run a few autonomous APs (1262) for some sites on satellite links.
    At a bare minimum I need to run two WLANs.
    One is wide open, and the other with an ACL that heavily restricts access.
    Is there any way to tie two WLANs to a single VLAN, while applying an ACL to just one WLAN?
    Any ideas?

    On autonomous, you cans have multiple ssid pointing to one vlan.  You can on a WLC.
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • Link Local BGP peering between Cisco and Juniper (M-Series)

    Hi,
    has anybody successfully managed to get a working IPv6 session between a Cisco and a Juniper router using Link Local IPs?
    I got it working between two cisco routers and two Juniper Routers but not with the two different vendors.
    Configuration on the Juniper site:
       family inet6 {
           address FE80::1/64;
      protocols {
          bgp {
              group customer_ipv6 {
                  neighbor fe80::2 {
                      local-interface at-2/0/0.119;
                      peer-as 65300;
                      as-override;
    Configuration on the Cisco site:
    interface ATM0/0/0.1 point-to-point
    bandwidth 2033
    ip address 10.194.235.42 255.255.255.252
    ip access-group AL-SECURITY-WAN out
    ip mtu 1500
    ipv6 address FE80::2 link-local
    ipv6 enable
    bfd interval 999 min_rx 999 multiplier 15
    pvc 1/32
      vbr-nrt 2244 2244 1
      tx-ring-limit 3
      encapsulation aal5snap
    router bgp 65300
    bgp router-id 10.213.58.185
    bgp log-neighbor-changes
    no bgp default ipv4-unicast
    neighbor FE80::1%ATM0/0/0.1 remote-as 65300
    neighbor FE80::1%ATM0/0/0.1 version 4
    neighbor FE80::2%GigabitEthernet0/1 remote-as 65300
    neighbor FE80::2%GigabitEthernet0/1 version 4
    address-family ipv4
    exit-address-family
    address-family ipv6
      neighbor FE80::1%ATM0/0/0.1 activate
      neighbor FE80::1%ATM0/0/0.1 advertisement-interval 5
      neighbor FE80::1%ATM0/0/0.1 soft-reconfiguration inbound
      neighbor FE80::1%ATM0/0/0.1 route-map NH6 out
      neighbor FE80::2%GigabitEthernet0/1 activate
      neighbor FE80::2%GigabitEthernet0/1 advertisement-interval 5
      neighbor FE80::2%GigabitEthernet0/1 soft-reconfiguration inbound
      neighbor FE80::2%GigabitEthernet0/1 route-map NH6 out
    exit-address-family
    CE_HOSTNAME# show ip bgp ipv6 uni su
    BGP router identifier 10.213.58.185, local AS number 65300
    BGP table version is 7, main routing table version 7
    4 network entries using 656 bytes of memory
    4 path entries using 320 bytes of memory
    1/1 BGP path/bestpath attribute entries using 128 bytes of memory
    2 BGP AS-PATH entries using 48 bytes of memory
    2 BGP community entries using 48 bytes of memory
    0 BGP route-map cache entries using 0 bytes of memory
    0 BGP filter-list cache entries using 0 bytes of memory
    BGP using 1200 total bytes of memory
    BGP activity 34/12 prefixes, 38/12 paths, scan interval 60 secs
    Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
    FE80::1%ATM0/0/0.1
                    4        65300       0       0        1    0    0 never    Idle
    FE80::2%GigabitEthernet0/1
                    4        65300      15      16        7    0    0 00:10:59        4
    CE_HOSTNAME#
    The console monitoring states the following:
    Nov 10 06:30:33.023 MET: %BGP-3-NOTIFICATION: sent to neighbor FE80::1%ATM0/0/0.1 active 2/7 (unsupported/disjoint capability) 0 bytes
    Nov 10 06:30:33.023 MET: %BGP-4-MSGDUMP: unsupported or mal-formatted message received from FE80::1%ATM0/0/0.1:
    FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 001D 0104 505A 005A 52D2 C023 00
    Nov 10 06:30:33.023 MET: %BGP-3-NOTIFICATION: received from neighbor FE80::1%ATM0/0/0.1 active 2/5 (authentication failure) 0 bytes
    de-ipc-ulmdon-ce-02#
    Nov 10 06:30:33.023 MET: %BGP_SESSION-5-ADJCHANGE: neighbor FE80::1%ATM0/0/0.1 IPv6 Unicast topology base removed from session  BGP Notification sent
    The Cisco Router is running IOS 15.2, the Juniper Site JunOS 10.4
    Any Ideas how I can get this to work?
    Thanks in advance!

    Marcin,
    I updated the debugging log, the previous one was created using override-capability-neg on the neighbor (experimental).
    >>0) Do you see similar scenario for working session? (Between two Cisco routers)
    The working connection between two cisco routers doesn't show any output
    >>1) What verion of IOS are you running? Something failrly recent I hope?
    Show Version:
    Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.2(1)T1, RELEASE SOFTWARE (fc1)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2011 by Cisco Systems, Inc.
    Compiled Mon 19-Sep-11 16:24 by prod_rel_team
    ROM: System Bootstrap, Version 15.0(1r)M9, RELEASE SOFTWARE (fc1)
    CE_HOSTNAME uptime is 2 weeks, 5 days, 21 hours, 35 minutes
    System returned to ROM by reload at 18:43:21 MET(S) Fri Oct 21 2011
    System restarted at 18:44:50 MET(S) Fri Oct 21 2011
    System image file is "flash:c1900-universalk9-mz.SPA.152-1.T1.bin"
    Last reload type: Normal Reload
    Last reload reason: Reload Command
    This product contains cryptographic features and is subject to United
    States and local country laws governing import, export, transfer and
    use. Delivery of Cisco cryptographic products does not imply
    third-party authority to import, export, distribute or use encryption.
    Importers, exporters, distributors and users are responsible for
    compliance with U.S. and local country laws. By using this product you
    agree to comply with applicable laws and regulations. If you are unable
    to comply with U.S. and local laws, return this product immediately.
    A summary of U.S. laws governing Cisco cryptographic products may be found at:
    http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
    If you require further assistance please contact us by sending email to
    [email protected].
    Cisco CISCO1941/K9 (revision 1.0) with 446464K/77824K bytes of memory.
    Processor board ID FCZ1504C0G8
    1 DSL controller
    2 Gigabit Ethernet interfaces
    1 ATM interface
    1 terminal line
    DRAM configuration is 64 bits wide with parity disabled.
    255K bytes of non-volatile configuration memory.
    250880K bytes of ATA System CompactFlash 0 (Read/Write)
    License Info:
    License UDI:
    Device#   PID                   SN
    *0        CISCO1941/K9          FCZ1504C0G8
    Technology Package License Information for Module:'c1900'
    Technology    Technology-package           Technology-package
                  Current       Type           Next reboot
    ipbase        ipbasek9      Permanent      ipbasek9
    security      None          None           None
    data          datak9        Permanent      datak9
    Configuration register is 0x2102
    >>2) Can we have some more info from Juniper side (logs/debugs).
    Sadly not. The Juniper Traceoptions don't show anything
    All I can offer you at this point is the neighbor show command:
    user@Juniper> show bgp neighbor fe80::2 instance vrf-test
    Peer: fe80::2 AS 65300         Local: unspecified AS 20570
      Type: External    State: Idle           Flags:
      Last State: NoState       Last Event: NoEvent
      Last Error: None
      Export: [ pol-standard-bgp-export ] Import: [ pol-standard-bgp-import ]
      Options:
      Options:
      Address families configured: inet6-unicast
      Path-attributes dropped:  128
      Holdtime: 90 Preference: 170
      Number of flaps: 0
      Trace options:  all
      Trace file: /var/log/bgp_ipv6_ll_20111110 size 131072 files 10
    user@Juniper> show bgp summary instance vrf-test
    Groups: 2 Peers: 2 Down peers: 1
    Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
    vrf-2.inet.0          37         16          0          0          0          0
    vrf-.inet6.0           0          0          0          0          0          0
    vrf-24.mdt.0           0          0          0          0          0          0
    Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
    10.194.235.42         65300       1149       1076       0       1     8:44:00 Establ
      vrf-test.inet.0: 6/7/7/0
    fe80::2               65300          0          0       0       0     9:38:32 Idle
    >>3)
    CE_HOSTNAME#
    Nov 10 15:35:49.574 MET: BGP: ses global 10.194.235.41 (0x2970EDA4:1) Keep alive timer fired.
    Nov 10 15:35:49.574 MET: BGP: 10.194.235.41 KEEPALIVE requested (bgp_keepalive_timer_expired)
    Nov 10 15:35:49.574 MET: BGP: ses global 10.194.235.41 (0x2970EDA4:1) service keepalive IO request.
    Nov 10 15:35:49.574 MET: BGP: 10.194.235.41 KEEPALIVE write request serviced in BGP_IO
    CE_HOSTNAME#
    Nov 10 15:35:50.598 MET: BGP: ses global FE80::2%GigabitEthernet0/1 (0x316FBDDC:1) Keep alive timer fired.
    Nov 10 15:35:50.598 MET: BGP: FE80::2%GigabitEthernet0/1 KEEPALIVE requested (bgp_keepalive_timer_expired)
    Nov 10 15:35:50.598 MET: BGP: ses global FE80::2%GigabitEthernet0/1 (0x316FBDDC:1) service keepalive IO request.
    Nov 10 15:35:50.598 MET: BGP: FE80::2%GigabitEthernet0/1 KEEPALIVE write request serviced in BGP_IO
    CE_HOSTNAME#
    Nov 10 15:35:52.850 MET: BGP: 10.194.235.41 received KEEPALIVE, length (excl. header) 0
    CE_HOSTNAME#
    Nov 10 15:35:54.694 MET: BGP: FE80::1%ATM0/0/0.1 active went from Idle to Active
    Nov 10 15:35:54.694 MET: BGP: FE80::1%ATM0/0/0.1 open active, local address FE80::2
    Nov 10 15:35:54.698 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Adding topology IPv6 Unicast:base
    Nov 10 15:35:54.698 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Send OPEN
    Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active went from Active to OpenSent
    Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active sending OPEN, version 4, my as: 65300, holdtime 180 seconds, ID AD53AB9
    Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active KEEPALIVE write request serviced in BGP_IO
    Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active service 2 read request in BGP_IO
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active KEEPALIVE write request serviced in BGP_IO
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active service 2 read request in BGP_IO
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active service 2 read request in BGP_IO
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv message type 1, length (excl. header) 10
    Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Receive OPEN
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv OPEN, version 4, holdtime 90 seconds
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv OPEN w/ OPTION parameter len: 0
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active went from OpenSent to Closing
    Nov 10 15:35:54.702 MET: %BGP-3-NOTIFICATION: sent to neighbor FE80::1%ATM0/0/0.1 active 2/7 (unsupported/disjoint capability) 0 bytes
    Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Send NOTIFICATION 2/7 (unsupported/disjoint capability) 0 bytes
    Nov 10 15:35:54.702 MET: %BGP-4-MSGDUMP: unsupported or mal-formatted message received from FE80::1%ATM0/0/0.1:
    FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 001D 0104 505A 005A 52D2 C023 00
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv message type 3, length (excl. header) 2
    Nov 10 15:35:54.702 MET: %BGP-3-NOTIFICATION: received from neighbor FE80::1%ATM0/0/0.1 active 2/5 (authentication failure) 0 bytes
    Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Receive NOTIFICATION 2/5 (authentication failure) 0 bytes
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active bad state change from Closing to Closing
    Nov 10 15:35:54.702 MET: -Traceback= 21B3370Cz 21B33C74z 21B34258z
    Nov 10 15:35:54.702 MET: BGP: tbl IPv4 Unicast:base Service reset requests
    Nov 10 15:35:54.702 MET: BGP: tbl IPv6 Unicast:base Service reset requests
    Nov 10 15:35:54.702 MET: BGP: tbl VPNv4 Unicast:base Service reset requests
    Nov 10 15:35:54.702 MET: BGP: tbl VPNv6 Unicast:base Service reset requests
    Nov 10 15:35:54.702 MET: BGP: tbl IPv4 Multicast:base Service reset requests
    Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) NSF delete stale NSF not active
    Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) NSF no stale paths state is NSF not active
    Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) Resetting ALL counters.
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active closing
    Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Session close and reset neighbor FE80::1%ATM0/0/0.1 topostate
    Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) Resetting ALL counters.
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active went from Closing to Idle
    Nov 10 15:35:54.702 MET: %BGP_SESSION-5-ADJCHANGE: neighbor FE80::1%ATM0/0/0.1 IPv6 Unicast topology base removed from session  BGP Notification sent
    CE_HOSTNAME#CE_HOSTNAME#
    Nov 10 15:35:49.574 MET: BGP: ses global 10.194.235.41 (0x2970EDA4:1) Keep alive timer fired.
    Nov 10 15:35:49.574 MET: BGP: 10.194.235.41 KEEPALIVE requested (bgp_keepalive_timer_expired)
    Nov 10 15:35:49.574 MET: BGP: ses global 10.194.235.41 (0x2970EDA4:1) service keepalive IO request.
    Nov 10 15:35:49.574 MET: BGP: 10.194.235.41 KEEPALIVE write request serviced in BGP_IO
    CE_HOSTNAME#
    Nov 10 15:35:50.598 MET: BGP: ses global FE80::2%GigabitEthernet0/1 (0x316FBDDC:1) Keep alive timer fired.
    Nov 10 15:35:50.598 MET: BGP: FE80::2%GigabitEthernet0/1 KEEPALIVE requested (bgp_keepalive_timer_expired)
    Nov 10 15:35:50.598 MET: BGP: ses global FE80::2%GigabitEthernet0/1 (0x316FBDDC:1) service keepalive IO request.
    Nov 10 15:35:50.598 MET: BGP: FE80::2%GigabitEthernet0/1 KEEPALIVE write request serviced in BGP_IO
    CE_HOSTNAME#
    Nov 10 15:35:52.850 MET: BGP: 10.194.235.41 received KEEPALIVE, length (excl. header) 0
    CE_HOSTNAME#
    Nov 10 15:35:54.694 MET: BGP: FE80::1%ATM0/0/0.1 active went from Idle to Active
    Nov 10 15:35:54.694 MET: BGP: FE80::1%ATM0/0/0.1 open active, local address FE80::2
    Nov 10 15:35:54.698 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Adding topology IPv6 Unicast:base
    Nov 10 15:35:54.698 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Send OPEN
    Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active went from Active to OpenSent
    Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active sending OPEN, version 4, my as: 65300, holdtime 180 seconds, ID AD53AB9
    Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active KEEPALIVE write request serviced in BGP_IO
    Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active service 2 read request in BGP_IO
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active KEEPALIVE write request serviced in BGP_IO
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active service 2 read request in BGP_IO
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active service 2 read request in BGP_IO
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv message type 1, length (excl. header) 10
    Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Receive OPEN
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv OPEN, version 4, holdtime 90 seconds
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv OPEN w/ OPTION parameter len: 0
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active went from OpenSent to Closing
    Nov 10 15:35:54.702 MET: %BGP-3-NOTIFICATION: sent to neighbor FE80::1%ATM0/0/0.1 active 2/7 (unsupported/disjoint capability) 0 bytes
    Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Send NOTIFICATION 2/7 (unsupported/disjoint capability) 0 bytes
    Nov 10 15:35:54.702 MET: %BGP-4-MSGDUMP: unsupported or mal-formatted message received from FE80::1%ATM0/0/0.1:
    FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 001D 0104 505A 005A 52D2 C023 00
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv message type 3, length (excl. header) 2
    Nov 10 15:35:54.702 MET: %BGP-3-NOTIFICATION: received from neighbor FE80::1%ATM0/0/0.1 active 2/5 (authentication failure) 0 bytes
    Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Receive NOTIFICATION 2/5 (authentication failure) 0 bytes
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active bad state change from Closing to Closing
    Nov 10 15:35:54.702 MET: -Traceback= 21B3370Cz 21B33C74z 21B34258z
    Nov 10 15:35:54.702 MET: BGP: tbl IPv4 Unicast:base Service reset requests
    Nov 10 15:35:54.702 MET: BGP: tbl IPv6 Unicast:base Service reset requests
    Nov 10 15:35:54.702 MET: BGP: tbl VPNv4 Unicast:base Service reset requests
    Nov 10 15:35:54.702 MET: BGP: tbl VPNv6 Unicast:base Service reset requests
    Nov 10 15:35:54.702 MET: BGP: tbl IPv4 Multicast:base Service reset requests
    Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) NSF delete stale NSF not active
    Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) NSF no stale paths state is NSF not active
    Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) Resetting ALL counters.
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active closing
    Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Session close and reset neighbor FE80::1%ATM0/0/0.1 topostate
    Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) Resetting ALL counters.
    Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active went from Closing to Idle
    Nov 10 15:35:54.702 MET: %BGP_SESSION-5-ADJCHANGE: neighbor FE80::1%ATM0/0/0.1 IPv6 Unicast topology base removed from session  BGP Notification sent
    CE_HOSTNAME#

  • Getting error while accessing a webpage by using link local address of ipv6

    Hello,
    I want to access my login.jsp by using ipv6 address.
    when i am accessing my web page by using loop back or localhost6(like the following) it is working.
    http://[::1]:8080/test/login.jsp //for loopback
    http://localhost6:8080/test/login.jsp
    But when i am accessing my webpage by using link local address as following i am not getting my web page.
    http://[fe80::201:6cff:fe0f:d7ae%eth0]:8080/test
    or
    http://[fe80::201:6cff:fe0f:d7ae]:8080/test
    For the above case is there any solutions????

    Whatever i have mentioned these are correct. My ipv6 address is also correct.From browser only i am accessing.>
    Not a Java issue, then. Your problem I'm afraid.
    But how do you know they're correct? Given that one of them isn't working, I'd triple check it if I were you.

  • 802.1x auth fail through WLC but OK on autonomous APs

    Hello,
    I migrate 1310 APs from Autonomous to Lightweight. Migration is OK with Cisco Upgrade Tool, and AP are registered on my 2504 WLC.
    Previously, a 802.1x network was broadcasted by autonomous APs, supplicants were identified on a freeradius server with MSCHAPv2/PEAP method.
    I send you in attachement a AP config which is OK.
    But on the WLC, supplicants can't auth on Radius server.
    I configured a WLAN with WPA/TKIP/802.1x with my radius server in AAA tab.
    When clients try to authenticate, I get these messages where xxx is login:
    AAA Authentication Failure for UserName:821 User Type: WLAN USER
    AAA Authentication Failure for UserName:200 User Type: WLAN USER
    AAA Authentication Failure for UserName:209 User Type: WLAN USER
    Security info on client page is:
    Security Policy Completed
    No
    Policy Type
    WPA
    Encryption Cipher
    TKIP-MIC
    EAP Type
    PEAP
    SNMP NAC State
    Access
    Radius NAC State
    8021X_REQD
    What is strange, there are some clients which are OK in RUN State, and 50 other % which are not.
    In attachment there is a debug client "mac-address" on a device which cannot authenticate through WLC.
    Thank you,
    Clement

    Hi Amjad,
    I'm not using NAC.
    Clients makes a MSCHAPv2/PEAP auth on a FreeRadius server through the WLC.
    Because network is critical, I do a rollback so I passed the light APs into their autonomous original state.
    Now all clients can successfully auth on the network. I don't understand what happens when APs are in lightweight mode :/
    I have more information about the WLAN clients  :
    - Each client is an infrastructure which have a AXIS wireless modem in bridge mode, which is client of the WLAN. This modem have login/password for MSCHAPv2 auth.
    - Behind the AXIS, there is a switch on which 4 devices in static IP are connected.
    - If the AXIS is successfully authenticated on the WLAN, only one device of four is able to ping servers on the LAN. The others cannot, it seems to be a "token ring" like ?!
    The WLAN clients infrastructures are very proprietary, it's very difficult to debug.
    What I know, is all clients are OK on autonomous AP (auth 100% successfull, ping 100% successfull for 4 devices) and when the clients join a lightweight AP it is (auth 50% successfull, ping 100% successfull for 1 device, 0% successfull for 3 others devices)
    Tell me if you need specific debug logs.
    Clement

  • Can a hosts be in the same subnet yet not be link local (trouble with Bonjour) ?

    I'm trying to print through a D-Link DVA G3810 BN from the wireless side with a Macbook Pro to the wired side HP C6280 . Apparently mDNS (Bonjour} communicates with hosts that are link-local and on the same subnet ? Is there an assumption that hosts on the same subnet are link-local ? My testing suggests to me that connections from the wireless to the wired side of the D-Link are routed and the hosts are NOT link-local . It will only allow me to add hosts , regardless of being fixed or via DHCP , within the same address range and subnet . I found a statement that for hosts to be link-local , their communications cannot be routed (pass thru a router) . I can't see the HP printer in trying to set it up and always get the 'Network host is busy ; will retry in X seconds'  state if I do configure it as an IP type . I can't figureout a way around this issue with the hardware that I have to work with .

    Link-local addresses are usually the self assigned IP address that a device will set when a DHCP server cannot be found. These are the addresses with 169.254.x.x subnet.
    If the router is assigning IP addresses for your network, then they will usually have a different IP subnet, possibly 192.168.0 for D-Link. And this subnet would be for the wired and wireless connections. So it would be more a case of bridging the two network topolgies rather than routing them.
    The network host is busy message could be more to do with the driver and the IP protocol selected when creating the queue than the connection being broken between the Mac and printer. If you were to open Network Utility and select the Ping tab, enter the IP address of the HP and set the pings to 4, pressing the Ping button will soon show if there is a path through the wireless to the printer.
    If you get a response to the ping you could then open Safari and type the ip address as the URL. This would then connect to the internal web page of the printer and possibly let you enable an IP protocol like LPR so that you can use LPD on the Mac instead of Bonjour to connect to the printer.
    As for the driver, you could look at using a Gutenprint driver instead of the HP driver or the hpijs package to get past the limitations that some printer drivers have with network connections.

  • IPv6 Link-local addresses: EUI-64 or Static?

    Hello Everyone.
    What is the best practice? Configuring a static link-local address on the interface, or letting the router pick an eui-64 one?
    From a dynamic routing process point of view, does it really matter which type of link local address is used in a production network?
    I know that static addresses are more convinient for humans. But what about the IOS?
    Any other considerations?
    Thank you all.

    Hello,
    I would say that as you already know when you use a routing protocol on IPv6 the neighbor will always be the link local address from the interface from the neighbor itself,
    So I would say why to use Dynamic( Cause it's easy,it's scalable as it's based on a unique value)
    Why to use Static ( So you can create your own system to identify the neighbor, I have read that for security purposes you can use a mechanism that will create random EUI-64 based on a hash but as this is only for Link-Local address I would say it does not apply here)
    Regards

  • Why use link-local addressing for HSRP in IPv6?

    I have scoured the internet for an answer to this question, and am no closer to having it answered.  Am hoping someone here can help!
    * Why do we use link-local (or autoconfig) addresses for the standby IP in FHRPs?  If you are forwarding a packet towards a link-local destination address, wouldn't the source address then have to be a link-local address from the same prefix, which according to scope, should not route beyond the local link?  How do you route an IP packet that has a link-local address for a source address?
    Any insight would be much appreciated.
    Thank you in advance.

    Dougles,
    next hop is used for reaching "gateway" that know where to send packets farther (read it as "next hop to the destination")... routing in IPvX is hopping between nodes where every hop is closer to destination... This is theory behind.
    So as machine that needs to send packet to "not directly connected destination" you only need to send packet to gateway leading to this destination...
    so you need to send packet so, that "gateway" will recieve this packet and gateway then send this packet farther... it is not important what IP address this gateway has.
    On ethernet you only need to know MAC address of this gateway and you send packet (with your source IPv6 address and intended destination IPv6 address) encapsulated with "destination MAC address" of gateway. When gateway recieve ethernet frame, and this frame is for it (destination MAC address is its MAC address), the gateway will proceed IP header (inside IP header the gateway see IT is not final destination for this packet, and gateway will route this packet).
    So configuring IP address as next hop is just "hleper for simpler administration".. MAC address of gateway is important. In IPv4 address resolution protocol (ARP) is used to automaticly get MAC address of gateway if you configure next hop as IP address. In IPv6 there is neighbor discovery protocol(ND) used for this task.
    conclusion: you can use link local address as nex hop address for addresses from any scope ... next hop is just next hop, it is not used just for the same scope communication.
    And question is... if we need just information about MAC address of gateway, why to ask using global address?
    We need to get MAC address... that is information important just "locally"... so to ask for local information, why not use link local address ?
    HSRP is the same case... really just need MAC address to send packets correctly.

  • It is possible ssh from a router to another, to its ipv6 link-local address?

    Hi 
    R1 and R2 are connected by serial links, with IPV6 address global unicast and link-local every link.
    I can do ping between them. When I do ping to link-local address next router, I need to specify outgoing interface, ping is succesful.
    However I can not do SSH v2 from a router to another to its link-local address. 
    OS R1 and R2: c2900-universalk9-mz.SPA.151-1.M4.bin 
    R1
    Serial0/3/0                [up/up]
        FE80::1
        2001:1200:CAFE:BEBA::1
    R2
    Serial0/3/0                [up/up]
        FE80::2
        2001:1200:CAFE:BEBA::2
    Thank you

    Hi Cesar, 
    you should be able to use "%source_itf" at the end of the target IPv6 LL address. 
    Example with telnet : 
    R1#ping FE80::302              
    Output Interface: Ethernet0/0                 
    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to FE80::302, timeout is 2 seconds:
    Packet sent with a source address of FE80::301%Ethernet0/0
    Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
    R1#telnet FE80::302%Ethernet0/0
    Trying FE80::302 ... Open
    Password required, but none set
    [Connection to FE80::302%Ethernet0/0 closed by foreign host]
    R1#

  • SG300 cant change the Link Local address for an IPv6 interface

    There seems to be no apparent way to change the Link Local address for an IPv6 interface
    If I create more than one interface they all appear to have the same Link Local address

    Never mind, I figured it out
    By adding a Link Local address to an interface, it overides the existing one on the interface

  • DreamWeaver CS3 is linking local rather than at site level

    I am using Dreamweaver CS on a Mac running OX 10.5.7.
    No add ons.
    I have several pages that have an embedded MP3 (Insert -> Media -> Plugin) followed by a link that allows the visitor to open the MP3 in another window or download the MP3.
    The problem I am having is with the link for the embedded MP3. Dreamweaver has suddenly started coding the link locally. That is, the path it codes points to my local hard drive instead of the site root.  ALL other links on my site point to the site root, including the link to the same file that follows the embedded MP3. The embedded link is the only one that is not coding correctly.
    I've been going into the code view to copy and paste the second link over the fist link to fix it.
    This is what the code ends up looking like:
    <body>
    <p>
      <embed src="/Macbook HD/Users/stevemoody/Documents/First Alliance Website/sermons/2009_q3/2009-07-19_am.mp3" width="200" height="32"></embed>
    </p>
    <p><a href="/sermons/2009_q3/2009-07-19_am.mp3" target="_blank">Right-click or Option-clink to download</a></p>
    </body>
    </html>

    Save the MP3 file to a folder in your DW site.  Then try again.
    Nancy O.
    Alt-Web Design & Publishing
    Web | Graphics | Print | Media  Specialists
    www.alt-web.com/
    www.twitter.com/altweb
    www.alt-web.com/blogspot.com

  • Autonomous APs to LWAPP

    I have a project to upgrade the current Autonomous APs 1242 running on a customer site and they want them to be converted to LWAPP and moved over to controller.Is there a way to convert them? Note the APs are about 12-15ft high in the ceiling.

    Hi
    cisco upgrade tool is available on  cisco web site you can download it and then you need to create a text file which you want to convert them.format is given below
    This is simplest way to convert.
    Helping document
    http://www.cisco.com/en/US/docs/wireless/access_point/conversion/lwapp/upgrade/guide/lwapnote.html
    thanks
    Tahir

Maybe you are looking for