[c-nsp] FWSM blocking multicast traffic between two hosts insameVlan?

Arie Vayner (avayner) avayner at cisco.com
Sun Sep 2 04:18:12 EDT 2007


David,

It is possible to create an SVI ("vlan") interface on the "inside" VLAN
of the FWSM, and configure IP functionality on this interface. This
would enable the MSFC to be the PIM router, BUT would create a major
backdoor, as hosts on the internal vlan would be reachable through the
MSFC without going through the FWSM.

This topology is actually possible to implement, and I have seen it
being implemented for complex multicast solutions, but it has to be done
only when you fully understand what you are doing, and assess all the
risks.
It's the kind of "Don't do it at home" kind of stuff...

Arie

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of David Prall
Sent: Saturday, September 01, 2007 03:24 AM
To: 'Joann Deng'; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] FWSM blocking multicast traffic between two hosts
insameVlan?

Is the FWSM your default gateway. If so you need something to act as the
PIM Router in order for IGMP Snooping to work correctly. I'm not sure if
the FWSM can do this. You could also configure your switch as an IGMP
snooping queurier if no PIM Router is present.

David

--
http://dcp.dcptech.com
  

> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net 
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Joann Deng
> Sent: Friday, August 31, 2007 5:22 PM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] FWSM blocking multicast traffic between two hosts in 
> sameVlan?
> 
> Hi,
> 
> We have hosts in the same Vlan, which connects to FWSM (routed mode). 
> These two hosts run WebLogic, which uses multicast address 
> 237.155.155.2 to communicate.
> But somehow, when run "ping 237.155.155.2" on one host, cannot see 
> response back from the other.
> So, is it possible that FWSM is doing something fancy, like blocking 
> multicast traffic, and we need to add some configs?
> Any input is highly appreciated.
> 
> Thanks,
> 
> Joann
> 
> 
>        
> ______________________________________________________________
> ______________________
> Take the Internet to Go: Yahoo!Go puts the Internet in your
> pocket: mail, news, photos & more. 
> http://mobile.yahoo.com/go?refer=1GNXIC
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list