Multicast traffic flooding
Hi
We are using Network Load Balancing on some Windows 2003 servers which is configured as IGMP multicast.
The servers are connected to a 3550 SMI switch which is connected to a HP4108.
Before I configured either of these switches I connected a packet sniffer and saw the multicast traffic appearing on all ports on both switches.
I configured the HP switch as a Multicast querier and now on the 3550 I see the multicast mac addresses logged against the server ports. The 3550 also detects the muticast router as you can see:
prod-3550#sh mac-address-table mult
Vlan Mac Address Type Ports
1 0100.5e7f.4601 IGMP Fa0/10, Fa0/12, Gi0/1
1 0100.5e7f.4602 IGMP Fa0/9, Fa0/11, Gi0/1
prod-3550#
prod-3550#sh ip igmp snoo mrouter
Vlan ports
1 Gi0/1(dynamic)
The 3550 is still spamming the multicast traffic to all ports whereas the HP switch is only replicating thisto ports that are part of the multicast group.
Can anyone tell me why the 3550 is doing this or what else I need to check?
Thanks in advance.
Kate
You do not tell us much about how the 3550 is configured. From your description of the problem I am going to assume that you do not have IGMP snooping configured. This link will show you how to configure IGMP on the 3550:
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12225sec/3550scg/swigmp.htm
If my assumption is not correct and you do have IGMP snooping configured, then you will need to tell us more about how the 3550 is configured so we can determine why it is propagating multicast to all ports.
HTH
Rick
Similar Messages
-
Multicast trafficis being flooded on igmp snooping enabled switch
I have two devices connected to the same switch, S streams video using multicast, H doesn't send join request, but the multicast is being sent to H, actually it is being flooded. Both hosts are in the same vlan.
Distribution-1#show ver | in WS
cisco WS-C2960-24TT-L (PowerPC405) processor (revision E0) with 65536K bytes of memory.
Model number : WS-C2960-24TT-L
* 1 26 WS-C2960-24TT-L 15.0(1)SE2 C2960-LANBASEK9-MDuplicate post.
Go here: https://supportforums.cisco.com/discussion/12218811/multicast-trafficis-being-flooded-igmp-snooping-enabled-switch -
Cisco devices that support Multicast traffic?
Folks,
I am looking for list of Cisco devices that support Multicast traffic. Does anyone know how to get this information?
Thanks,
NageshCisco Feature Navigator
-
MPLS to support multicast traffic
Dear Gurus,
Does EoMPLS passes multicast traffic? Before my customer can pass multicast traffic (video) thru our Metro-Ethernet network. What we did is migrate the connection to our EoMPLS network, and then suddenly the video is not working.
Thanks.
JeffHi Laurent,
Its just modulator that converts some analog videos to digital but uses multicast, the multicast data are transmiited by the modulator and received on the other end by the demod. Below is the topology
Before:
Modulator----metro-ethernet----metro-ethernet----demodulator
Current Setup:
Modulator----metro-ethernet---MPLS-ROUTER-----------------MPLS-ROUTER---metro-ethernet----demodulator
tia. -
Cisco outdoor AP 1300 - OSPF multicast traffic
Hi everybody,
I have a basic question but i really do not know the answer.
So,
I want to know if i can talk OSPF through a wireless connection formed by 2 cisco aironet 1300?
I mean i am not sure if the access point is going to pass the OSPF's multicast traffic.
best regardsDuplicate post.
I'm posting my response to your other post. -
RSPAN does not put IPv6 multicast traffic into port
Hi.
There is two switches in the equation:
WS-C2960-24TT-L 12.2(55)SE5 C2960-LANBASEK9-M
and stack of
Switch Ports Model SW Version SW Image
1 12 WS-C3750G-12S 12.2(55)SE8 C3750-IPSERVICESK9-M
2 12 WS-C3750G-12S 12.2(55)SE8 C3750-IPSERVICESK9-M
* 3 24 WS-C3750G-24T 12.2(55)SE8 C3750-IPSERVICESK9-M
3 is a master
There is VTP domain with pruning off and RSPAN VLAN 1001
core#sho vlan remote-span
Remote SPAN VLANs
1001
there is RSPAN session on first:
#sho monitor session 1
Session 1
Type : Remote Source Session
Source Ports :
Both : Fa0/11
Dest RSPAN VLAN : 1001
Port Fa0/11 is in access mode, VLAN 303
and on second:
core#sho monitor session 1
Session 1
Type : Remote Destination Session
Source RSPAN VLAN : 1001
Destination Ports : Gi3/0/2
Encapsulation : Native
Ingress : Disabled
Problem is that i can't see any IPv6 multicast traffic (like ICMPv6 RA or such) on Gi3/0/2 which is absolutely sure there, because if i remove monitoring session on core switch and put Gi3/0/2 into trunk mode, i can see packets i need in vlan 1001:
# tcpdump -s0 -nnvei eth1 vlan 1001 and ip6
tcpdump: WARNING: eth1: no IPv4 address assigned
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
14:17:37.059045 50:57:a8:f0:72:1b > 33:33:ff:00:00:01, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, (class 0xe0, hlim 255, next-header ICMPv6 (58) payload length: 32) 2abc:abc:1:600b::2 > ff02::1:ff00:1: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2abc:abc:1:600b::1
source link-address option (1), length 8 (1): 50:57:a8:f0:72:1b
14:17:38.083266 50:57:a8:f0:72:1b > 33:33:ff:00:00:01, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, (class 0xe0, hlim 255, next-header ICMPv6 (58) payload length: 32) 2abc:abc:1:600b::2 > ff02::1:ff00:1: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2abc:abc:1:600b::1
source link-address option (1), length 8 (1): 50:57:a8:f0:72:1b
14:17:39.107068 50:57:a8:f0:72:1b > 33:33:ff:00:00:01, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, (class 0xe0, hlim 255, next-header ICMPv6 (58) payload length: 32) 2abc:abc:1:600b::2 > ff02::1:ff00:1: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2abc:abc:1:600b::1
source link-address option (1), length 8 (1): 50:57:a8:f0:72:1b
There is no such problem with usual unicast and broadcast traffic.
Any suggestions?Interestingly, i've found bug CSCsr64007 which i stubmbled upon on one of my switches during troubleshooting. The effect of this bug was that RSPAN took IPv6 multicast packets from unrelated VLANs and forwarded them into monitor port.
Looks like they have "fixed" it filtering IPv6 multicast completely. -
Cisco Catalyst 2950/2960/3750 Multicast Traffic Preference
Hello all,
we, as a student company act as an ISP for university dormitories. We would like to (if it's possible) deploy QoS to prefer multicast traffic over all other types of traffic.
Devices used in network:
Acces layer: Cisco Catalyst 2950, 12.1(22)EA14
Dristribution layer: Cisco Catalyst 2960G, 12.2(58)SE1
Core layer: Cisco Catalyst 3750G, 12.2(52)SE
Do you see any possibility to solve this with these devices? We have almost no experience with QoS, therefore any help would be greatly appreciated.
Thanks in advance.Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Hmm, I think it should be doable although the 2950s, if non-E variants, are especially weak in QoS features. I.e. those might create some issues.
With the 2960G and 3750G, you often will create problems when you enable QoS because QoS, by default, allocates its buffers resources for 4 egress queues per port rather than using all for 1 egress queue per port. However, this can be countered by QoS parameter tuning, but that takes some QoS expertize to match to your traffic and your overall QoS policy. -
Bridge Domain and multicast traffic
Hi All,
i am planning to build a Point to multipoint network based on ME3600X switch at the HQ and ISR 2900 routers at the Branches. i need to simulate a lan service.
i though of using EOMPLS at the ISR 2900 and closing them at the ME3600X. at the ME3600X i will use bridge domain to have this point to multipoint functionality.
at the configuration guide i saw that when i am using bridge domain i need to disable IGMP snooping on every Vlan.
my question is how the bridge domain treat Multicast traffic ?
furthermore, can i mix EOMPLS and Bridge Domain ?
Thanks,
Avi.Hi Avi,
ME3600X doesn't support VPLS yet (check with your account team for the roadmap) so I don't think your design will work here. What you can do is having a router behind the ME3600X which will have a dedicated VLAN with each remote site.
HTH
Laurent. -
Vpc bind-vrf on Nexus 7000/N7k to ensure forwarding of multicast traffic over peer-link?
In previous vPC setups with N5k (or also N6k), I had to use the 'vpc bind-vrf' command to ensure the forwarding of multicast over the vpc peer-link, especially for receivers in in non-vPC VLANs and the receivers connected to Layer 3 interfaces.
I am wondering why this command isn't available on N7k? Isn't this necessary on this platform or is it just not yet implemented?
Any hint is welcome!
Stephan StrackHey Stephan,
The 'vpc bind-vrf' command allocates a special internal VLAN for routing traffic over the vPC peer-link to ensure L3 connections on the vPC peer or orphan ports successfully receive multicast traffic on N5k/N6k platforms. This workaround is not needed on the N7K because that platform implements the vPC loop prevention rule differently in hardware.
In short, 'vpc bind-vrf' is not required on N7K.
-Andy -
Multicast Traffic - IGMP Snooping
We are currently running a Hybrid CATOS/IOS Environment with Sup2 and MSFC2 Line Cards. The Sup Version is
8.4(3) and MSFC is 12.1(26)we want to run multicast traffic between our internal network to our external Govt Provider in the form of a particular Video Conferencing Client. We have been told that seeing we are running CATOS on our Sup2 engines we will get periodic dropouts of multicast traffic between our internal and external Depts if we don't upgrade to an Native IOS Environment. They are saying that we cannot disable igmp snooping on a per-Vlan basis under our Current Hybrid Environment unless we upgrade to Native IOS. Can we disable igmp snooping on a per-vlan basis using our current CATOS version or do we have to upgrade to a Native IOS Software set ??
Thanks Simonat the catOS level, you only have the ability to enable igmp, not per vlan.
on the msfc SVIs you should then be able to enable or disable igmp at the VLAN interface level.
this may provide the abilities you are looking for.
try this and let us know if any further issues or post your config for review. -
ASA Transparent mode multicast traffic in 8.2 and 8.4
Hi,
When i configure 8.2 in trasparent mode and deploy the a network that was wrok on EIGRP after that i found the neighborship was stop when i allow the mutlicast address and prtocol on outside interface it was start the working But when i deploy an ASA with 8.4 IOS and then allow the multicast address and protocol both the interface (Inside and outside) after that it was start working.
So i want to know that what the reasion to allow multicast address and protocol on 8.4 IOS for both interface. I am not able to find any answer for this.Hi Mahesh,
By default ASA in transparent mode do not allow any packets not having a valid EtherType greater than or equal to 0x600. As per my knowledge this concept remain same for all versions of ASA. Most control plane protocols are denied.
ASA in transparent mode only allows ARP, broadcast traffic, TCP and UDP inspected unicast traffic.
For EIGRP to work through transparent firewall, we need to open ACLs in both direction for multicast and unicast both type of EIGRP traffic on all versions of ASA Firewall. -
Which is prioritized for multicast traffic if FastSwitching and CEF is enable?
Hello
Here is the related configuration and output of show command below,
In my understanding, there are 3 swtching mode, CPU, fast-swthing and CEF swthing,
But if FastSwthing and CEF swithing are enable both, then which swithing mode is prioritized for mutlicast traffic?
interface Vlan302
ip address 10.0.20.1 255.255.255.0
3750X#sh ip int vlan 302
Vlan302 is down, line protocol is down
Internet address is 10.0.20.1/24
Broadcast address is 255.255.255.255
*omit
IP fast switching is enabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is enabled
IP route-cache flags are Fast, CEF
*omit
interface Vlan301
ip address 10.0.10.1 255.255.255.0
no ip mroute-cache
3750X#sh ip int vlan 301
Vlan301 is down, line protocol is down
Internet address is 10.0.10.1/24
Broadcast address is 255.255.255.255
*omit
IP fast switching is enabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is disabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF, No Distributed
*omit
Product : Cat3750X
IOS version : 15.0(2)SE5
Best Regards,
Masanobu HiyoshiDisclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
I'm not 100% certain, but I believe FastSwitching and CEF switching apply to unicast, not multicast. Your "IP mroute-cache" command enables/disables fast multicast switching.
On a 3750, switching should be hardware based, for unicast and multicast, unless TCAM resources are insufficient. If hardware switching falls back to non-hardware switching, you'll likely find process vs. Fast vs. CEF vs. multicast doesn't matter, all too slow. -
3750X - Dropped multicat traffic flooding on all switchport vlan interfaces
Hello forum,
I have a problem on source multicast blocking. I have a switch with a vlan interface (Ex. vlan 20 )and on that vlan interface an extended ACL is present. That ACL block specific multicast groups. Furtehrmore I have many switchport access interfaces on vlan 20 with different sources connected.
If one source start streaming with multicast destination IP blocked by ACL, dropped traffic is flooaded on all switchports on source's vlan
IGMP snooping on this vlan is enabled but seems that dropped traffic stay on L2 vlan without it.
Device used: C3750X
IOS: 15.0(2)SE5
Thank you for helpHi Michal,
thanks for your reply!
Yes, probably i've captured all lines of access-list... but I've to change my approach because my access-list is a extended "named" access-list and, on other post, I've read that "named" access-list cannot be debugged...
Now i've deleted all access-lists entries that refer to vlan2 and I've created new one "numerical":
#ip access-list extended 100
#10 ip permit 172.16.2.0 0.0.0.15 any log
In this mode the debug shows only access-list 100 traffic + bcast + mcast.
But, the strange thing is another one now...
I've bought a multifunction printer, that send scanned document to a email account, the printer haven't internal smtp, it makes a connection to hp servers that forward scans to real destination address...
I was curious to find out how this connection works because, my private/confidential documents are send on internet and, i would hope that hp use a secure connection from my printer to its server...
Well, if I add "log" switch command at the end of access-list, or I enable access-list debug, the printer stop to comunicate to hp services/server... if I turn off debug or rewrite access-list without "log" feature, incredibly the printer re-start to comunicate with hp...
Have you any idea that explain that? I'm going crazy... -
I have a controller sat on a network (10.10.10.0/24) with a management address of 10.10.10.250. There's a distant site we have at the other side of the network with a range at 192.168.0.0/24. I have 5 thin HREAP access points on this network with three WLANs from the controller and one WLAN delivered via a trunk point with VLAN 2 tagging (the 192.168.0.0/24 network is VLAN1). The VLAN2 (e.g. 172.16.0.0/24) network is basically an untrusted network to us , but I didn't think this would matter as the HREAP config would mean that none of this traffic should even leave the access point - apart from stats/client info.
However, i've recently been seeing something odd in that there must be some multicast-talking clients on this untrusted network and whatever they are talking about I can see on my management LAN (10.10.10.0). I can basically see multicast packets with source IPs from the untrusted network. How is this possible? More importantly how can I stop it?
All network numbers are just examples. Any help or ideas would be gratefully received.Hi Stuart,
Just to clarify a point:
"but I didn't think this would matter as the HREAP config would mean that none of this traffic should even leave the access point"
Keep in mind that when an ap is hreap mode, the ap essentially acts like a switch with respect to its ethernet port. When it gets a packet from the wireless side, if appropriate, it tags it and puts it on the wire.
Under ordinary circumstances (unless something is configured to stop this), if a wireless client connected to an hreap ap sends a multicast packet, it absoutely will be put on the wire by the ap, just as a broadcast would. I just confirmed this with lab equipment.
So if there isn't a routed path from the remote untrusted networks to your mgmt vlan, there may (should) be L3 multicast routing configured for the untrusted and your management routed interfaces. Is this the case?
thanks
Jeff -
Hi,
I have a scenario in which I see the multicast S,G streams are distributed not so even in the 3 interfaces between a GSR 12404 (XR 3.8.4) and a CRS1 (XR 3.6.2). The multicast mode is SSM.
The total S,G (sources and multicast groups) are 82.
The topology is as follows:
---link 1--------
Multicast sources ----- CRS1 ---link 2-------- GSR12404------- Receivers
---link 3--------
From the total of 82 S,G coming from multicast sources, I see the following S,G distribution between the three links:
Link 1: 37 S,G
Link 2: 21 S,G
Link 3: 24 S,G
The big question is why the Link 1 has very different number of S,G compared to link 2 and link 3?
Multipath is enabled on both links. I copy the multicast configuration of CRS and GSR that is the same:
multicast-routing
address-family ipv4
interface GigabitEthernet0/2/0/0
enable
interface GigabitEthernet0/2/1/1
enable
interface GigabitEthernet0/2/1/2
enable
nsf
multipath
ssm range SSM
Thanks,
Carlos.Hi Agherardi,
Did you try to disable your firewall and refer the following KB to confirm you have choose the correct Affinity and Load-Balancing Behavior of the Custom Port Rule.
Specifying the Affinity and Load-Balancing Behavior of the Custom Port Rule
https://technet.microsoft.com/en-us/library/cc759039(v=ws.10).aspx
More information:
Using NLB
https://technet.microsoft.com/en-us/library/bb687542.aspx
I’m glad to be of help to you!
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]
Maybe you are looking for
-
Urgent CFGrid-Combo-DataProvider Question
Dear all, I have this code to create combos in cfgrid. My question now is .. how to replace the hardcoded countries with query? The code is saved in AS file (.as). The full codes can be found at http://cfpim.blogspot.com/2005_08_01_cfpim_archive.html
-
Finder on my Desktop says a folder on my Laptop is Empty (when it is not)
I have a folder on my laptop (MBP) that I am accessing via WiFi from my Desktop (MacPro), that shows up as empty. When I look at it on my laptop is shows all the information that is in fact in it. This appears to have been going on for awhile and doe
-
After Effects Error: Unknown Adobe Dynamic Link Exception
I am using latest CS4 PP / OctoCore / 16 GB RAM / OS 10.5.6 I am not even using any Dynamic link references - just working within AE CS4 in a 1280 x 720 comp and every 10 minutes I get this error: "After Effects Error: Unknown Adobe Dynamic Link Exce
-
How do I install older programs?
HP P7-1326s, Windows 8, set up was done prior to my installing my personal products. My older programs get just so far and freeze up. A friend has the same computer, OS and had no trouble with installation.
-
Stocks of stock transfer material
Hi all, Pl let me know how to check for the stocks of stock transfer material for which Goods reciept is not done, MB5T stcok in transit is not fullfilling the requirement,