cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
690
Views
15
Helpful
2
Replies

MAC Static entries on Nexus 5K with 6509 as L3

Hello,

we have the attached design in our DataCenter. The 6509 function as the L3 core, which has L2 connectivity to the N5K. A microsoft multicast NLB cluster is created on the ESXi host.

On the 6509 we have configured the appropriate static entries (static arp and static mac entries pointing to Po10, Po20 and Po254). We would like to understand if the static mac entries are also needed on the Nexus. If so, do the entries need to be pointing only to the vPC of the ESXi host (Po40)? Does the peerlink need to be included? An explanation would be highly appreciated.

 

Thank you!

2 Replies 2

ADP_89
Level 1
Level 1

Hello Katerina,

 

As far as I know multicast NLB was not well supported on Nexus devices. The reason for this is that you cannot add to the CAM table a static entry for a multicast/broadcast mac address. This actually goes against their documentation (https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/layer2/7x/b_Cisco_Nexus_3000_Layer_2_Switching_Config_7x/b_Cisco_Nexus_3000_Layer_2_Switching_Config_7x_chapter_01010.html) where they say:

 

"In addition, you can enter a non-IP multicast address as a statically configured MAC address. A non-IP multicast address can accept more than one interface as its destination."

 

To solve this you might need to open a TAC case as online there is no much about this..

 

Regarding the other point, if you need to set a mac address statically out of a VPC Port-Channel you do not need to set it via the peer-link as well. The important think is that you have the static entry on both VPC peers and pointing at the same Port-Channel. If the PO goes down on one peer the traffic towards that mac will be shifted on the peer-link immediately as the peers do know which port-channel is up on each side.

 

   VLAN     MAC Address      Type      age     Secure NTFY Ports/SWID.SSID.LID
---------+-----------------+--------+---------+------+----+------------------
* 1748     02aa.bbbb.cccc    static       -       F    F  Po1702
#sh vpc 1702
vPC status
----------------------------------------------------------------------
id   Port      Status Consistency Reason                  Active vlans
--   ----      ------ ----------- ------                  ------------
1702 Po1702    down*  success     success                    -        

You can see here above that even if the PO is down the mac address is still active in the CAM table. Given the fact that the PO is up on the other VPC peer the traffic will be forwarded over the peer-link.

 

HTH,

ADP

Thank you for the info!

I see that our NX-OS does not support "static multicast" and the static mac entries that are configured do not show in the CAM table. Hopefully TAC will shed some light.

 

Thanks!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: