[c-nsp] Are multicast MAC addresses allowed in the source field?

John Neiberger jneiberger at gmail.com
Fri Oct 15 16:06:08 EDT 2010


We have an application involving a firewall cluster where the cluster
has a VIP associated with it, but the VIP apparently replies to ARP
requests with a multicast MAC address. The idea, ultimately, is that
both firewalls in the cluster will receive the same traffic all the
time. To make this work, the router would have to accept an ARP reply
that had a multicast source address (I have no idea if that's
technically a problem or not) and the switches would have to populate
their MAC address tables properly.

It seems to me that this ought to work as long as we're not running
IGMP snooping or anything like that on the switches.

What do you think?


More information about the cisco-nsp mailing list