Re: Multicast traffic not forwarded on Catalyst 6506 VSS Supervi

s-durando · ‎12-01-2009

Hi all,

I have two Catalyst 6506 in VSS mode with VS-S720-10G running 12.2(33)SXI1 IP SERVICES.

I have two firewalls that communicate on to the other through a dedicated VLAN created on Catalyst 6506.

One firewall is able to ping the other one on this dedicated VLAN but if I send multicast traffic from firewall-1 I didn't receive it on firewall-2.

I found a bug related to multicast issues on Cisco WS-C6509-E with VS-S720-10G. The bug ID is CSCtc59038.

Does anybody could confirm that I'm affected by this bug?

Many thanks

Stefano

Giuseppe Larosa · ‎12-01-2009

Hello Stefano,

the bug description doesn't mention FWSM service modules, and first seen says

1st Found-In
12.2(33)SXI2a
Known Affected Versions

but list of known affected versions includes your IOS image.

I only wonder if you have all the necessary components configured.

We haven't a VSS with FWSM modules, but on standalone C6500 we have found that multicast forwarding via a FWSM requires a special monitor session like the following:

Session 2
---------
Type                   : Service Module Session
Modules allowed        : 1-9
Modules active         : 8
BPDUs allowed          : Yes

where module 8 is the FWSM.

without this session working our FWSMs are not able to forward multicast traffic.

Hope to help

Giuseppe

s-durando · ‎12-01-2009

Hi Giuseppe,

the firewalls I mentioned are other vendor's standalone firewalls.

Regards

Stefano

Giuseppe Larosa · ‎12-01-2009

Hello Stefano,

sorry for my misunderstanding.

I would consider an IOS upgrade to a version where the aforementioned bug is fixed

Hope to help

Giuseppe

s-durando · ‎12-01-2009

Hello,

bug status is still Open.

Is it a good idea to upgrade to 12.2(33)SXI3?

Many thanks

Stefano

Namsys · ‎02-10-2010

Hi You Guys,

I,ve got the same issue as you describe in your posting. Meaning the ip multicast traffic of two firewalls are not forwarded through the VSS in same L2-VLAN. The network topopology looks like: FW----CAT3750-------VSS------CAT3750---FW. It seems the VSS has a problem with frowarding multicast traffic in a L2-VLAN.

Current IOS is: s72033-ipservicesk9_wan-mz.122-33.SXI3

Did you got a solution for this issue?

Many Thanks in advanced

Naser

s-durando · ‎02-10-2010

Hi Naser,

the issue was caused by firewall not by cat6500.

The firewall did not send igmp report in order to join multicast group and cat6500 didn't forward multicast traffic to firewall because igmp snooping is enabled by default.

Regards

Stefano

Namsys · ‎02-10-2010

Hi Stefano,

it explanes the current behavior. I better ask the firewall guys for igmp...

Best Regards

Naser

Giuseppe Larosa · ‎02-10-2010

Hello Stefano,

thanks for having provided feedback on this it makes this a complete story.

Your answer makes sense perfectly.

Hope to help

Giuseppe

cisco_tno · ‎04-10-2012

Hi guys,

I got the same problem.

I have two 6509 in VSS and two JBoss servers connected to them. Both JBoss servers are configured in cluster using multicast mode. I had to configure "mac-address-table static" to make then working. Without that command, 6509 broadcast JBoss cluster traffic.

Before that, I had two 4509 connected to JBoss Servers and no special command was neccesary.

Is there any difference regarding IGMP between 4509 (12.2.53 SG4) and 6509 VSS (12.2.33 SXI7)?

Multicast traffic not forwarded on Catalyst 6506 VSS Supervisor Engine 720 10GE