1. Home
  2. Cisco Systems
  3. Checkpoint HA Cluster w/ multicast

Checkpoint HA Cluster w/ multicast

I am relatively new to multicast and I am in the process of bringing up a new Checkpoint HA solution. The checkpoint will have cisco on all sides. In a layer two envirnment, everything works well.

I have not yet configured the cisco routers, and am somewhat confused with all the terminoligy. The router will need to send to a non multicast IP address that uses a multicast mac. All the examples show multicast IP, which I am not using.

I think all I need to do is:

1) Turn on multicast routing 2) enable pim dense mode on the interfaces facing the checkpoints.

This seems to be too simple to be correct. What am I missing?

As I said, I am new to multicast, so any help would definately be appreciated.

Todd snipped-for-privacy@routers.com

Reply to
Todd Adamson
Loading thread data ...

I don't think you don't need to enable mult-cast on the routers, nor do any configuration on the router to support this. It doesn't matter that the MAC is a multicast address. Multicast routing is to support Layer 3 multicast. This is just a mac address that happens to be in the multicast range. By convention and standard, multicast layer 3 addresses are mapped to specific mac addresses. Multicast MAC addresses ARE NOT mapped to specific multicast IP addresses. If A then B, does not necessarily mean if B then A.

Scott

Reply to
thrill5

Todd,

you don't really need to enable multicast on routers at all. There is a multicast on L2 only and it is used just to reach all cluster members if they are connected to switch. If they are connected to hub, then you would not need multicast at all.

The only thing you have to do is to make static arp entry which will "connect" your multicast L2 (MAC) address with your virtual IP address. Why? Because router can't accept a multicast MAC address as an valid ARP reply due to RFC1812 (Requirements for IP Version 4 Routers):

3.3.2 Address Resolution Protocol - ARP [snip] A router MUST not believe any ARP reply that claims that the Link Layer address of another host or router is a broadcast or multicast address.

HTH,

Reply to
ba

I had a wrong contact info on this post (probably my News reader gone crazy for a while). In this post there are real ones in case you would like to discuss this further.

Reply to
Ivan Ostres

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.