Cisco newby, but I am managing pretty good so far. However, I do need a little direction on this one.
I am implementing a Watchguard "FireCluster" in an Active/Active configuration. From the Watchguard doc's, they say the following:
""All switches and routers in an active/active FireCluster broadcast domain must meet these requirements.
All switches and routers in the broadcast domain must not block ARP requests if the response contains a multicast MAC address.
This is the default behavior for most layer 2 switches.
For routers and layer 3 switches, the default behavior is to follow RFC 1812, which says that the router must not believe any ARP reply that claims that the Link Layer address of another host or router is a broadcast or multcast address. If possible, disable this behavior. If you are unable to block RFC 1812 support, you might need to configure static MAC and static ARP entries on your routing device.""
One one side of this Watchguard is my Cisco switches (PLC network) and the other side is my HP switches (Corp Network).
Cisco side has: (all Lan Base)
2 x 2960x (v15.0(2a)EX5-UniversalK9 - Stacked
2 x IE5000 (v15.2(2)EB1 (Cryto) Universal
23 x IE2000 (v15.0(2)EA-1-UniversalK9
HP side has: 20 or so more switches but the Core is:
4 x A5500-4SFP-HI (IRF)
Would someone like to elaborate on how this can be accomplished? Do I have to create entries on each and every switch in the broadcast domain manually, once I get pointed in the right direction and know what I need to do?
Any input or advice would be much appreciated.
I'm not too familiar with the Watchguard FireCluster, but after reading a little bit about this cluster it seems that it uses a Multicast MAC address assisgned to a Unicast IP address, similar to another solution like the Microsoft's NLB.
Based on this behavior, you will encounter two inconvinients:
In order to modify this behavior, you can statically configure the ARP and MAC entries within your broadcast domain. The following commands and link can be a good reference: