Team i am still facing Broadcast storm on my network.

Can any one help out?

As per referenced document.

i moved my NLB cluster behind a dedicated switch.

now on my CORE switch i have statically mentioned NLB Virtual MAC and physical MAC addresses towards trumk port of dedicated switch where NLB is connected.

but still any traffic for NLB Multicast address is hitting my complete VLAN. and causing over all network degradation.

for example attached is output of a simple host in VLAN. and you can see lots of packets towards NLB of mail server hitting this standalone server.

FYI 10.80.10.64 is my Domain controller and 10.80.10.127 is part of CAS NLB cluser.

It works exactly as designed. NLB in unicast mode is an euphemism for unrestricted unicast flooding across the whole vlan, because the NLB mac address will never be seen in a mac address table. Put the cluster in a seperated and small vlan or switch to multicast mode.

Its email server, and i am fraid my system admin not going this route easily to move on separate vlan or shorten it, since this vlan has many more servers.

my question is. since i have moved NLB machines on dedicated Switch and educated my core switch that ALL MAC addresses NLB/Physical live across particular trunk port statically.

then why its still flooding? i mean shouldnt it learn MAC from its static mac table?

i am able to narrow down the issue.

Actually there were few domain controller that were connected on a tail switch and they need to communicate with NLB CAS server. my Test machine was also on that tail switch. so traffic from DC to NLB was locally broadcasting in that Tail switch only and hitting my test machine, so i need to put Static MAC entry for NLB on my tail switch Trunk port, so that local brodcast on that tail switch also stop.

so now i will have to do it on my all tail switches and all should be good:)