ARP requests if the response contains a multicast MAC address.
Cisco newby, but I am managing pretty good so far. However, I do need a little direction on this one.
I am implementing a Watchguard "FireCluster" in an Active/Active configuration. From the Watchguard doc's, they say the following:
""All switches and routers in an active/active FireCluster broadcast domain must meet these requirements.
All switches and routers in the broadcast domain must not block ARP requests if the response contains a multicast MAC address. This is the default behavior for most layer 2 switches. For routers and layer 3 switches, the default behavior is to follow RFC 1812, which says that the router must not believe any ARP reply that claims that the Link Layer address of another host or router is a broadcast or multcast address. If possible, disable this behavior. If you are unable to block RFC 1812 support, you might need to configure static MAC and static ARP entries on your routing device.""
One one side of this Watchguard is my Cisco switches (PLC network) and the other side is my HP switches (Corp Network).
Cisco side has: (all Lan Base)
2 x 2960x (v15.0(2a)EX5-UniversalK9 - Stacked
2 x IE5000 (v15.2(2)EB1 (Cryto) Universal
23 x IE2000 (v15.0(2)EA-1-UniversalK9
HP side has: 20 or so more switches but the Core is:
4 x A5500-4SFP-HI (IRF)
Would someone like to elaborate on how this can be accomplished? Do I have to create entries on each and every switch in the broadcast domain manually, once I get pointed in the right direction and know what I need to do?
I'm not too familiar with the Watchguard FireCluster, but after reading a little bit about this cluster it seems that it uses a Multicast MAC address assisgned to a Unicast IP address, similar to another solution like the Microsoft's NLB.
Based on this behavior, you will encounter two inconvinients:
A multicast MAC address is never used as source address for a packet. Such addresses do not appear in the MAC address table, and the switch has no method for learning them.
As you mentioned previosly, devices do not accept an ARP reply for a unicast IP address that contains a multicast MAC address.
In order to modify this behavior, you can statically configure the ARP and MAC entries within your broadcast domain. The following commands and link can be a good reference:
“Use Serviceability Features to Troubleshoot your Cat9K as a Cisco TAC Engineer”
This special event is open only to Cisco Customers and Partners.
Many pages in the Cisco Community are accessible only to Cisco customers, partners, or logged in ...
Cisco Champion Radio · S7|E40 From SD-WAN to SASE: Speed Up and Secure SaaS Internet Apps
The changing global environment has transformed how enterprise users connect to applications. The SASE architecture delivers important networking and securit...
Hi guys,Have a question regarding spanning tree and way its supposed to work when there is a redundant path in fiber daisy-chained switches. Root switch for all vlans is connected via fiber link to the first of the daisy-chained switches. Below is same co...
Hi Experts, I am designing a Ring topology to connect all all DRs and back to CR sites. Do I need to consider what is the maximum DRs which I am able to connect in the Ring and I am thinking does the latency will be affected if more sites will j...
HiI have an issue with a pppoe command in a subinterface. I'm using a c1841-advipservicesk9-mz.124-25f.bin IOSand I have a problem with the command pppoe-client dial-pool-number6. I can configure in a interface but I can't in a subinterface. Any...