12-30-2005 04:58 AM - edited 03-04-2019 03:00 AM
We are having a VTP domain with three 3550 switches, 4 ports on each switch configured on VLAN for Videoconferencing.Whenever there is conferencing between two points, all the ports in the VLAN receives the traffic originated from the source port. I connected a test PC on the same VLAN & that port also receives the same trafiic.
There is no routing as its on a same network,
Any option to block this traffic or can we configure a per port VLAN for point to point communication within the VLAN,
Pls help,
Regards
Vinod.G
12-30-2005 05:25 AM
You should enable IGMP Snooping and let it take care of the flooding of the multicast-packets.
If you have a flat L2 with no multicastrouters, then you have a small problem.. you'll need to do one of several options:
- Add a mrouter on your VLAN (basically enable "ip pim sparse-dense-mode" on ONE of the 3550-switches in the 'offending' VLAN)
- Add a static mrouter-port on each switch pointing to the other switches: "ip igmp snooping vlan 1 mrouter interface fastethernet 1/24" (where the interface is the uplink)
- Configure static multicast mac entries... which is a real hassle, because you'll need to build one for each multicast-address pointing to each of the 4 ports and the uplinks on each switch.. like this: "mac-address-table static 0100.5e6f.efef vlan 1 interface fastethernet 1/20 fastethernet 1/21 fastethernet 1/22 fastethernet 1/23 fastethernet 1/24"
There are a few other options (private-vlan, VACL's etc) as well.. but you should look into the above first...
Did it help?
01-02-2006 03:18 AM
Hi,
I tried but still issue there, now i suspect the traffic as some other, not mutlicast. The show interface out pout of the port where I connected my test PC as follows ,
5 minute input rate 1000 bits/sec, 2 packets/sec
5 minute output rate 10201000 bits/sec, 3058 packets/sec
3244 packets input, 246185 bytes, 0 no buffer
Received 507 broadcasts (0 multicast)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
3290746 packets output, 811144480 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
. Without any geniun trafic or video conferencing on the VLAN, the port receives almost 10Mb trafic,
can u help to find & solve the issue,
Vinod
01-02-2006 03:27 AM
You have two "really quick" options to find this traffic:
- Use a sniffer on your Test-PC to see exactly what kind of traffic this is.. (http://www.ethereal.com/ is a good one)
- Check the counters of other ports in the same VLAN and check the "input rate" to see if any of the others match this amount of traffic...
Are you using Microsoft NLB or NIC teaming on any machines in this VLAN as well??
Did it help?
01-02-2006 03:55 AM
hi,
all ports in the VLAN recieves the same traffic, Pls see the traffic of all the ports,
Fa0/14
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 12662000 bits/sec, 1657 packets/sec
Fa0/15
5 minute input rate 1000 bits/sec, 2 packets/sec
5 minute output rate 12672000 bits/sec, 1656 packets/sec
Fa0/17
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 12675000 bits/sec, 1656 packets/sec
Fa0/19
5 minute input rate 1000 bits/sec, 2 packets/sec
5 minute output rate 12681000 bits/sec, 1656 packets/sec
Fa0/20
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 12645000 bits/sec, 1650 packets/sec
Fa0/21
30 second input rate 4246000 bits/sec, 550 packets/sec
30 second output rate 8238000 bits/sec, 1069 packets/sec
1598882 packets input, 940989274 bytes, 0 no buffer
Received 1598683 broadcasts (0 multicast)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 1598683 multicast, 3 pause input
0 input packets with dribble condition detected
3789523 packets output, 1892589387 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
Fa0/21 showing both in & out, I tried shuting the port, but still all other ports continue receiving the same trafic.
I tried with a NTOP packet monitoring tool which is showing the trafic as OSPF Multicast. Port 0/20 is connected to another router which is running OSPF, but router trafic showing normal( I dont have acces to that router). Packet flow showing is from switch to all other ports.,Pls help
vinod
01-02-2006 04:22 AM
Hi,
are you sure it is OSPF multicast traffic?? The only two things I can possibly think of is a router really going wild (never heard of this one though) or a spanning tree loop.
Can you check the port states of your switches to make sure you do not experience a loop?
Martin
01-02-2006 04:43 AM
Martin,
I also suspect it as a spanning tree loop. Can u pls tell how i can confirm this through the port status,I am hereby attaching the status of my test pc connected to the VLAN,
L3-Switch#sh interfaces fastEthernet 0/17
FastEthernet0/17 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is 0013.802a.fc11 (bia 0013.802a.fc11)
Description: *****test PC ****************
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 21/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, media type is 100BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:06, output hang never
Last clearing of "show interface" counters 01:48:38
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 1000 bits/sec, 2 packets/sec
5 minute output rate 8375000 bits/sec, 1094 packets/sec
15199 packets input, 1131775 bytes, 0 no buffer
Received 3988 broadcasts (0 multicast)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
9728723 packets output, 2720310713 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
L3-Switch#
Vinod
01-02-2006 04:55 AM
Hi again,
You should do some really basic troubleshooting..
Disable one and one port in the VLAN until the traffic stops... this includes the uplinks and any L3-SVI's... (take care to not cutting off your own branch without having a way of getting back in... :)
This should give you a hint of where the traffic enters and then let's take it from there..
Did it help?
01-02-2006 03:28 AM
Hi,
The only traffic sent to all ports except multicast will be broadcast and unknown.
How much broadcast traffic do you see in the trunk ports of your switches?
Can you get a packet analyzer like ethereal to grab some of the traffic hitting the test PC? This would make it much simpler to understand what is causing your problems.
About "unknown MAC address" traffic: I once had the problem with a backup tool streaming traffic to a backup server. Unfortunately the server had to send NO packets and eventually the MAC of the server timed out, so the backup stream was flooded everywhere.
a simple permanent ping to the gateway running on the server solved the problem.
Hope this helps
Martin
01-02-2006 04:55 AM
Hi,
you need to look for your trunk ports, attached endsystems like the PC are not interesting when troubleshooting SPT.
Have a look at
"Troubleshooting STP on Catalyst Switches Running Cisco IOS System Software"
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080136673.shtml
Hope this helps
Martin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide