09-13-2018 03:27 AM
Hello,
we have the attached design in our DataCenter. The 6509 function as the L3 core, which has L2 connectivity to the N5K. A microsoft multicast NLB cluster is created on the ESXi host.
On the 6509 we have configured the appropriate static entries (static arp and static mac entries pointing to Po10, Po20 and Po254). We would like to understand if the static mac entries are also needed on the Nexus. If so, do the entries need to be pointing only to the vPC of the ESXi host (Po40)? Does the peerlink need to be included? An explanation would be highly appreciated.
Thank you!
09-16-2018 04:58 AM
Hello Katerina,
As far as I know multicast NLB was not well supported on Nexus devices. The reason for this is that you cannot add to the CAM table a static entry for a multicast/broadcast mac address. This actually goes against their documentation (https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/layer2/7x/b_Cisco_Nexus_3000_Layer_2_Switching_Config_7x/b_Cisco_Nexus_3000_Layer_2_Switching_Config_7x_chapter_01010.html) where they say:
"In addition, you can enter a non-IP multicast address as a statically configured MAC address. A non-IP multicast address can accept more than one interface as its destination."
To solve this you might need to open a TAC case as online there is no much about this..
Regarding the other point, if you need to set a mac address statically out of a VPC Port-Channel you do not need to set it via the peer-link as well. The important think is that you have the static entry on both VPC peers and pointing at the same Port-Channel. If the PO goes down on one peer the traffic towards that mac will be shifted on the peer-link immediately as the peers do know which port-channel is up on each side.
VLAN MAC Address Type age Secure NTFY Ports/SWID.SSID.LID ---------+-----------------+--------+---------+------+----+------------------ * 1748 02aa.bbbb.cccc static - F F Po1702 #sh vpc 1702 vPC status ---------------------------------------------------------------------- id Port Status Consistency Reason Active vlans -- ---- ------ ----------- ------ ------------ 1702 Po1702 down* success success -
You can see here above that even if the PO is down the mac address is still active in the CAM table. Given the fact that the PO is up on the other VPC peer the traffic will be forwarded over the peer-link.
HTH,
ADP
09-17-2018 12:21 AM
Thank you for the info!
I see that our NX-OS does not support "static multicast" and the static mac entries that are configured do not show in the CAM table. Hopefully TAC will shed some light.
Thanks!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: