3750x L3 Switch configuration Issue(s)

[bill2455]

Is this setup of devices on vlan 63 going to have to talk to the rest of the network or are these devices all going to reside on this specific switch? If they need to be able to communicate data outside of the switch you are playing around on, then you will need to configure your uplink port on this switch to be a trunk port, otherwise the only traffic that will pass is (by default) vlan 1. I assume that your vlan1 is your native traffic/internet access vlan and that vlan 63 is setup for communicating/receiving data from the sensors.

the initial testing between both (Vlan 1 and Vlan 63) are on the same switch; the reader devices on Vlan63 (10.10.63.2 and 3 - 10.10.63.1) connected to ports 5 & 6 configured will be routing UDP/IP traffic to Vlan 1(128.1.1.100 - 128.1.1.161) configured for port #10 on the same L3 switch.

The next phase Vlan 63 will reamin as is although Vlan 1 will be configured as an the uplink allowing the reader devices to forward their (TCP or UDP frame/packets) traffic up to the app server, which will need to be routed through a series of switches and routers within the network.

 

[bill2455]

DO us a favor and post a real config of the switch. not some cliff note version. We need to see the real config. Also your 3750 router will pass data between subnets no problem unless you have some kind of ACL blocking xyz....

By default a Cisco switch/router will pass EVERYTHING between VLANS. It will not block crap until you tell it to.

Telnet will not establish a session on anything with port 4200 since telnet uses port 23.

The switch doesnt have an "address" so to say. It will answer any SVI that is assigned an IP and the VLAN/SVI has an IP.

For instance you can
int vlan 1
ip address 10.1.1.1. 255.255.255.0

int vlan 500
ip address 10.2.1.2 255.255.255.248

whatever the switch is technically IP'd to answer on address 10.1.1.1 and 10.2.1.2. Unless you are using a dedicated management interface then the switch has multiple addresses.

I would tell you run certain debug commands but without an actual config I am not sure what to tell you to run and if it is even necessary.

see if that helps but that is all I can do for now.

Also try and see if you can place like 2-3 ports in the same subnet and have your PC and reader device be on the same subnet and see how the traffic passes. Just eliminate inter-Vlan routing for a minute and see if you get better results? Have you ensured there is no operating system firewall running that is blocking certain traffic? 2455 - We did and no problems "traffic flows" well when device and app server are on the same subnet and there was no firewalls

Back when I was testing the L3 switch connected on the network - we later found out there was an routing table and access list connected to issue of (UDP) traffic being blocked (as it was being considered broadcasting and denied) - as a security measure to block any possibility of getting DoS attacks.

So we ordered a 3750 L3 switch for our test bench in our lab, just out of the box we're starting with default factory settings: In our test switch - we're just working with the basic configuration: Vlan2 (reader device) on 10.0.0.0 network forwarding UDP/IP packets to the Primary Vlan on the switch, where our App Server is connected to port # 3, which is configured on different subnet (128.1.1.100. - 255.255.0.0) from the reader device.
Switch's IP address is (128.1.1.161) native as its the gateway for Vlan1 and the App Server.

In this test we'll be setting-up the L3 switch in the above configuration - I'll keep you posted.

2455

 

[/usr/home]

When I was testing the L3 switch connected to the network - we found there is an ACL connected to (TCP and USD) broadcast blocking - as a security measure to block DoS attacks.

Now I'm working with a new switch - just out of the box with default factory settings - I've never set-up a L3 switch like this - I need some help on this please!

2455

I think you need to consult someone on this... No offense, but this sounds over your head.

 

[bill2455]

There is nothing in your config I can see that is causing your issue. Something is telling me that your problem is with the device or the PC that you are trying to use.

You do not need an IP or an interface or VLAN 1. Dont worry about that.

Also to answer your question ...
If a switch port is not configured on a 3750 the port is basically dead and the route processor will just ignore it for traffic reasons.

Have you run a show interface on those two gig ports to ensure you are not getting any layer 1 CRC errors i.e. a bad cable?

Also you are not leaving something out are you? Like you are uplinking switches rather than trunking? That will cause problems too. If you are linking your cisco switch up to the dell then you need to establish a dot1q encapsulated trunk between the two in order to pass vlan information.

Is it possible that you can just elminate the vlan 63 and just use native vlan 1? you dont have to configure vlan 1 other than an IP for the SVI i.e.

int vlan 1
ip addre etc...

then just use two non shutdown raw non configured switch ports as they are defaulted to vlan 1 when no switchport access vlan is specified.

Also IOS has a version 15 update for that switch with a ton of bug fixes etc... you may want to look into installing the ver15 ios image. I run it on all my devices.

But I am not seeing how the IOS version matters here.

Have you tired different ethernet cables? COnfigure other ports and try them? maybe you have physically bad switch port. I wish I could play with your switch in person.

Ill post my config for my 3750 for you-- which might be a little dirty as I was labbing around with last night but I havent cleaned it up as I just woke up not too long ago. It works fine for all vlans etc...

version 15.0
no service pad
service timestamps debug uptime
service timestamps log datetime
no service password-encryption
service sequence-numbers
no service dhcp
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
username XXXXXXXXXX privilege 15 secret 5 XXXXXXXXXX
no aaa new-model
clock timezone EST -5 0
clock summer-time EDT recurring
switch 1 provision ws-c3750e-24td
system mtu routing 1500
ip routing
!
!
no ip domain-lookup
vtp domain SED.local
vtp mode transparent
!
!
I DELETED ALL THE CRYPTO STUFF
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 2-3,9 priority 0
!
!
!
!
vlan internal allocation policy ascending
!
vlan 2
 name core
!
vlan 3
 name Core2
!
vlan 8
 name UverseTV
!
vlan 9
 name Guest
!
!
!
!
!
!
interface Port-channel1
 switchport access vlan 3
 switchport mode access
!
interface FastEthernet0
 no ip address
 no ip route-cache
 shutdown
!
interface GigabitEthernet1/0/1
 description Trunk-to-1921
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 2
 switchport trunk allowed vlan 2,3,8,9
 switchport mode trunk
!
interface GigabitEthernet1/0/2
 description HP LJ 300
 switchport access vlan 2
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/3
 description Dev-Line
 switchport access vlan 2
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/4
 description NAS-IPMI-KVM
 switchport access vlan 2
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/5
 switchport access vlan 2
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/6
 switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/7
 switchport mode access
 shutdown
 spanning-tree portfast
!
interface GigabitEthernet1/0/8
 switchport mode access
 shutdown
 spanning-tree portfast
!
interface GigabitEthernet1/0/9
 description BackupNAS
 switchport access vlan 3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/10
 description BIG-PC-GigNIC
 switchport access vlan 3
 switchport mode access
 shutdown
 spanning-tree portfast
!
interface GigabitEthernet1/0/11
 description NAS-NIC1-LACP
 switchport access vlan 3
 switchport mode access
 channel-group 1 mode active
!
interface GigabitEthernet1/0/12
 description NAS-NIC2-LACP
 switchport access vlan 3
 switchport mode access
 channel-group 1 mode active
!
interface GigabitEthernet1/0/13
 description TV-Mainline
 switchport access vlan 8
 switchport mode access
 speed 100
 duplex full
!
interface GigabitEthernet1/0/14
 description TV-Bedroom
 switchport access vlan 8
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/15
 description TV-Office
 switchport access vlan 8
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/16
 switchport mode access
 shutdown
 spanning-tree portfast
!
interface GigabitEthernet1/0/17
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/18
 switchport mode access
 shutdown
 spanning-tree portfast
!
interface GigabitEthernet1/0/19
 switchport mode access
 shutdown
 spanning-tree portfast
!
interface GigabitEthernet1/0/20
 switchport mode access
 shutdown
 spanning-tree portfast
!
interface GigabitEthernet1/0/21
 switchport mode access
 shutdown
 spanning-tree portfast
!
interface GigabitEthernet1/0/22
 no switchport
 ip address 172.16.1.1 255.255.255.0
 shutdown
!
interface GigabitEthernet1/0/23
 description Trunk-to-WAP
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 2,3,8,9
 switchport mode trunk
!
interface GigabitEthernet1/0/24
 description Trunk-to-LivRM
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 2
 switchport trunk allowed vlan 2,3,8,9
 switchport mode trunk
!
interface GigabitEthernet1/0/25
 shutdown
!
interface GigabitEthernet1/0/26
 shutdown
!
interface GigabitEthernet1/0/27
 shutdown
!
interface GigabitEthernet1/0/28
 shutdown
!
interface TenGigabitEthernet1/0/1
 description Big-PC-10gbNIC
 switchport access vlan 2
 switchport mode access
 spanning-tree portfast
!
interface TenGigabitEthernet1/0/2
 description NAS-10GB-SR
 switchport access vlan 2
 spanning-tree portfast
!
interface Vlan1
 no ip address
!
interface Vlan2
 description Core
 ip address 10.1.1.2 255.255.255.0
 ip helper-address 10.1.1.1
 ip directed-broadcast 101
!
interface Vlan3
 description Core-Sec-Brdcst-Domain
 ip address 10.2.1.2 255.255.255.0
 ip helper-address 10.2.1.1
 ip directed-broadcast 100
!
interface Vlan9
 no ip address
!
ip forward-protocol udp echo
ip http server
ip http authentication local
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.1.1.1
!
!
line con 0
 logging synchronous
 login local
line vty 0 4
 login local
 length 0
line vty 5 15
 login local
!
end

Switch#

in my config file - Vlan 1 and Vlan 63 - ip routing is configured

if the reader is connected to vlan 63/port #5 or 6 and the app server is connected to Vlan 1 any other ports other than ports 5 and 6 on the same L3 3750x 24p-switch - should be able to receive the data being sent from the reader on vlan 63 - via TCP / UDP via telnet IP#, Port# and (WinSock) Connection.

Question - New switch in default setting: are TCP and UDP traffic blocked by default? (to prevent DoS attacks) If the answer is yes. If that is the case

What's the ideal method to safely enable the L3 switch to allow forward "UDP packets" traffic from a specific (IP and Mac) address of the host which is forwarding outbound traffic to a specific and isolated Vlan1 with specific IP address on to the app server. Needs no outside internet connectivity?

I've been reading about - IP helper-address
------------------------------
UDP helper (09-UDP helper Configuration) http://www.h3c.com/portal/Technical_...221_1285_0.htm
IP helper-address - https://learningnetwork.cisco.com/thread/40075 (IP helper-addresses can direct UDP broadcasts to a unicast or broadcast IP address)
Cisco Configuring IPv4 Broadcast Packet Handling http://www.cisco.com/en/US/docs/ios-xml/ios/ipapp/configuration/12-4/iap-bph.html
-----------------

I noticed you're also using this "IP helper-address" for this type of UDP set-up in your own configuration :
!
interface Vlan2
description Core
ip address 10.1.1.2 255.255.255.0
ip helper-address 10.1.1.1 ---------------- ip helper-address
ip directed-broadcast 101 ---------------- ip directed-broadcast 101
!
----------------------------------
!
ip forward-protocol udp echo --------------- ip forward-protocol udp echo
ip http server
ip http authentication local
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.1.1.1
!
---------------------------------

In your setting what was the reason you chose this type of configuration?

2455

 

[tangoseal]

Hi Bill...

Directed Broadcast... best way to explain it without having to type a wall of text...

https://learningnetwork.cisco.com/thread/25864

and

Ip Helper Address

http://cisconet.com/tcpip/dhcp/107-how-to-use-ip-helper-address-to-connect-remote-dhcp-server.html

And to answer your question by default TCP and UDP frames/packets are not dropped/blocked discarded by the switch unless you tell it to after configuring past the default.

Hey here is a question no one has asked you yet.... Do you have a Cisco TAC agreement on that switch, personal? Business? If not you may want to consider it. Cisco TAC will allow Cisco to configure everything from basic setup to super advanced CCIE type stuff if you place a ticket with them. They are there to help you when you fail to find the solution. It may be EOL (End of Life) and therefore unqualified for a TAC but its worth looking into. If this an enterprise part you can pay cisco labor to assist you in getting to your solution. There are also a ton of businesses with highly qualified Cisco CCNA-P-IE certified personnel that can come on site to your business and in ah hour or two (100-200$) get this working for you/company.

I do not honestly know how to answer your question on how to get this reader to work because I know NOTHING about the reader device? Have you called the company that made the reader and asked them what special networking allowances have to be made in order for this device to work on certain branded devices i.e. Cisco/Juniper/Brocade etc...?

Lets ask these questions before kicking the can further down the road.

 

[bill2455]

Hi Bill...

Directed Broadcast... best way to explain it without having to type a wall of text...

https://learningnetwork.cisco.com/thread/25864 - <----------------------------------- good background data point - makes it very clear!

and

Ip Helper Address

http://cisconet.com/tcpip/dhcp/107-how-to-use-ip-helper-address-to-connect-remote-dhcp-server.html <-------------------- very useful

And to answer your question by default TCP and UDP frames/packets are not dropped/blocked discarded by the switch unless you tell it to after configuring past the default.

Hey here is a question no one has asked you yet.... Do you have a Cisco TAC agreement on that switch, personal? Business? If not you may want to consider it. Cisco TAC will allow Cisco to configure everything from basic setup to super advanced CCIE type stuff if you place a ticket with them. They are there to help you when you fail to find the solution. It may be EOL (End of Life) and therefore unqualified for a TAC but its worth looking into. If this an enterprise part you can pay cisco labor to assist you in getting to your solution. There are also a ton of businesses with highly qualified Cisco CCNA-P-IE certified personnel that can come on site to your business and in ah hour or two (100-200$) get this working for you/company.

I do not honestly know how to answer your question on how to get this reader to work because I know NOTHING about the reader device? Have you called the company that made the reader and asked them what special networking allowances have to be made in order for this device to work on certain branded devices i.e. Cisco/Juniper/Brocade etc...?

Lets ask these questions before kicking the can further down the road.

tangoseal - thanks for the reply - We just order in a switch for ourselves to work with in the lab, although we didn't get TAC. We may consider doing so in the future.

Thanks for the links - good data links -

I have a call-out for Cisco Certified "CCIE" consultant on this L3 switch subject matter - this looks more like custom configuration for internal network rather than the a hardware device issue. hence it works fine when the device and app server operates fine on 2 Vlans and same subnet.

This issue only came up when two Vlans operating on different subnets, and on different switches between routing through multiple routers came into play - With that said, it appears to be more of an internal routing configuration issue rather than a hardware transmission issue? I believe it's more of an internal routing issue through a multilayer "switch and router" topology issue, with emphasis more on "Security" for the network!

I'm simplifying this - by removing the need to interface with other switches and routers; getting this to work on two Vlans operating on separate subnets both on a single L3 switch is all I'm focusing on at this time. While at the same time, needing to be mindful of the network administrator(s) objective in regards to maintaining security and the issues surrounding that task and not add to unnecessarily.



2455

 

[bill2455]

Hi Bill...

Directed Broadcast... best way to explain it without having to type a wall of text...

https://learningnetwork.cisco.com/thread/25864 - <----------------------------------- good background data point - makes it very clear!

and

Ip Helper Address

http://cisconet.com/tcpip/dhcp/107-how-to-use-ip-helper-address-to-connect-remote-dhcp-server.html <-------------------- very useful

And to answer your question by default TCP and UDP frames/packets are not dropped/blocked discarded by the switch unless you tell it to after configuring past the default.

Hey here is a question no one has asked you yet.... Do you have a Cisco TAC agreement on that switch, personal? Business? If not you may want to consider it. Cisco TAC will allow Cisco to configure everything from basic setup to super advanced CCIE type stuff if you place a ticket with them. They are there to help you when you fail to find the solution. It may be EOL (End of Life) and therefore unqualified for a TAC but its worth looking into. If this an enterprise part you can pay cisco labor to assist you in getting to your solution. There are also a ton of businesses with highly qualified Cisco CCNA-P-IE certified personnel that can come on site to your business and in ah hour or two (100-200$) get this working for you/company.


We have consulted with the manufacture and have been working with the hardware for years now, TI's CC1100/CC2500 Dual (RF/IF) reader, pretty standard communication IEEE 802.1 ISO Layer 1-4 very robust hardware.

 

[bill2455]

I think you need to consult someone on this... No offense, but this sounds over your head.

None taken, and we have under way: I have a shoot out for an experienced L3 switch "CCIE" consultant for this implementation in the Chicago/Indianapolis area.

2455

 

[bill2455]

Bill, could you run this command on both interfaces (gi1/0/5 and gi1/0/6) and post the outputs here?

show interface gi1/0/5 | include input

and the same for gi1/0/6

this will show a number of error counters, including that of the crc error type and input error type. If these counters are high to begin with you may have a bad cable, if after you replace a cable they continue to increment at a rapid rate, then you more than likely have a bad switch port

Switch port # 5 it was indeed - tks

 

[bill2455]

No. If the reader is on VLAN63 then anything that needs to talk to it must either be:

Routed or connected to a port on VLAN63.

wouldn't Vlan 63 forward or route to Vlan 1 by default in its current config ?

 

[/usr/home]

So it was a bad port or what?

 

[bill2455]

So it was a bad port or what?

Port #5 was bad - so i used port #6 under the same config.

I have the reader Tx UDP/IP packet/frames and can receive the data on my laptop when on the same Vlan, device IP address (10.10.63.3) Vlan 63, with SVI 63 set to (10.10.63.1. - 255.255.255.0)

My objective is to receive UDP data on the primary Vlan 1, via the App server (128.1.1.100) on Vlan 1 which is the (128.1.1.161 - 255.255.0.0) network through the same L3 Switch.

 

[bill2455]

Port #5 was bad - so i used port #6 under the same config.

I have the reader Tx UDP/IP packet/frames and can receive the data on my laptop when on the same Vlan, device IP address (10.10.63.3) Vlan 63, with SVI 63 set to (10.10.63.1. - 255.255.255.0)

My objective is to receive UDP data on the primary Vlan 1, via the App server (128.1.1.100) on Vlan 1 which is the (128.1.1.161 - 255.255.0.0) network through the same L3 Switch.

I have the 10 getting everything as its should, the 128 network I'm having TTL issues. I can ping it fine from the 10 network.

any one seen this type of TTL problem when forwarding UDP traffic between two Vlans on different subnets within the same site before ?

Bill

 

[bill2455]

Hi Bill...

Directed Broadcast... best way to explain it without having to type a wall of text...

https://learningnetwork.cisco.com/thread/25864

and

Ip Helper Address

http://cisconet.com/tcpip/dhcp/107-how-to-use-ip-helper-address-to-connect-remote-dhcp-server.html

And to answer your question by default TCP and UDP frames/packets are not dropped/blocked discarded by the switch unless you tell it to after configuring past the default.

Hey here is a question no one has asked you yet.... Do you have a Cisco TAC agreement on that switch, personal? Business? If not you may want to consider it. Cisco TAC will allow Cisco to configure everything from basic setup to super advanced CCIE type stuff if you place a ticket with them. They are there to help you when you fail to find the solution. It may be EOL (End of Life) and therefore unqualified for a TAC but its worth looking into. If this an enterprise part you can pay cisco labor to assist you in getting to your solution. There are also a ton of businesses with highly qualified Cisco CCNA-P-IE certified personnel that can come on site to your business and in ah hour or two (100-200$) get this working for you/company.

I do not honestly know how to answer your question on how to get this reader to work because I know NOTHING about the reader device? Have you called the company that made the reader and asked them what special networking allowances have to be made in order for this device to work on certain branded devices i.e. Cisco/Juniper/Brocade etc...?

Lets ask these questions before kicking the can further down the road.

To answer your question: We have opened TAC agreement with Cisco on this issue now: we have a ticket open on the current TTL issue:

The current status is we are experience an TTL issue on the 128 network; we have been told we need to deploy forwarding rather than routing UDP packets between Vlans in this type of network environment.

The TTL setting was 1, we changed to 16 but still getting same results.

Any suggestions

 

[bill2455]

To answer your question: We have opened TAC agreement with Cisco on this issue now: we have a ticket open on the current TTL issue:

The current status is we are experience an TTL issue on the 128 network; we have been told we need to deploy forwarding rather than routing UDP packets between Vlans in this type of network environment.

The TTL setting was 1, we changed to 16 but still getting same results.

Any suggestions

Vlan 1 was not receiving the broadcast packets - 1st issue UDP frames where not getting through to Vlan-1, in the process of converting broadcast-to-mulitcast packets the TTL=1 settings, needed to change to TTL=254 for multicast. Packets are now seen although still being dropped by the switch.

1) The L3 switch that both (device and app server) are plugged into never created the multicast group, in order to pull from bcast (255.255.255.0) forward via mcast group (239.1.1.1) for this type of configuration?

2) The group never got created because the packets were coming from WS (Web-Service) on port 6700, off the (reader device) were not in a multicast group (i.e. 239.1.1.1)

3) broadcasting from 10.10.63.2 to 255.255.255.255 udp port 6700, there are corresponding multicast packets with source 10.10.63.2 to group 239.1.1.1 to the same port. (Broadcast-to-multicast)

Topic:
ip forward-protocol udp 6700 - This is needed because by default broadcasts are not forwarded.
ip multicast helper-map - This command tells anything coming in as broadcast, as UDP, going to port 6700 convert it to multicast and publish it on 239.1.1.1.

The next issue we are seeing - Vlan 3 (10.10.63.2) broadcast group (255.255.255.255) forwarding to Vlan1 (Native) 128.1.1.100 (255.255.0.0) as you can see this is on a completely different subnet.

We have been advise to take a look at "IP Multicast Helper Maps" - the suggested reading material from CCNP/CCIE "IT Blogtorials" published on Tuesday, March 5, 2013: http://ithitman.blogspot.com/2013/03/converting-between-broadcast-and.html titled: IP Multicast Helper-map - Converting Broadcast and Multicast

Makes the case, list out the activity required to test it in your lab:

 

[bill2455]

wouldn't Vlan 63 forward or route to Vlan 1 by default in its current config ?

Vlan 1 was not receiving the broadcast packets - 1st issue UDP frames where not getting through to Vlan-1, in the process of receiving UDP packets the TTL=1 settings, needed to change to TTL=254 for multicast. Packets are now seen although still being dropped by the switch.

1) The L3 switch that both (device and app server) are plugged into never created the multicast group, in order to pull from bcast (255.255.255.0) and forward via to mcast group (i.e. 239.1.1.1) for this type of configuration?

2) The Mcast group never got created because the UDP packets were coming from WS (Web-Service) on port 6700, were not a multicast group (i.e. 239.1.1.1)

3) broadcasting from 10.10.63.2 - 255.255.255.255 receiving on 10.10.63.12 port 6700 works fine.

It is my understanding::
ip forward-protocol udp 6700 - This is needed because by default broadcasts are not forwarded.
ip multicast helper-map - This command tells anything coming in as broadcast, as UDP, going to port 6700 convert it to multicast and publish with an IP address (i.e. 239.1.1.1)

The next issue we are experiencing: Vlan 3 (10.10.63.2) is sending UDP broadcast packets via (255.255.255.255), the question I have should we use routing or forwarding this traffic to Vlan1 (Native) 128.1.1.100 (255.255.0.0) as you can see this is on a completely different subnet.

We have been advise to take a look at "IP Multicast Helper Maps" - the suggested reading material from CCNP/CCIE "IT Blogtorials" published on Tuesday, March 5, 2013: http://ithitman.blogspot.com/2013/03...dcast-and.html titled: IP Multicast Helper-map - Converting Broadcast and Multicast

Makes the case, list out the activity required to test it in your lab although from what I can determine; this method would require at least two routers between the switches?

Any one out there care to give input on ?

2455

 

[/usr/home]

Your posts make little sense half the time. Is that a statement or a question or what?

 

[bill2455]

Sorry about that, I was giving an update on progress. in addition to asking the question if any one had any input on this topic ?

the method from "P Multicast Helper-map - Converting Broadcast and Multicast" would require at least two routers between the two switches?

In the Lab - I only have access to the L3 Switch

 

[mct]

The purpose of IP Multicast Helper-Map is to for a router to take broadcast UDP packets and convert those packets into multicast packets so they can then be routed over the multicast network to the destination. The last hop router that is on the receiver end of things will then take those multicast packets and convert them back to broadcast packets and send those out on the network segment the receiver is on. I don't think this will work in your situation since everything is local to the one L3 switch and you do not have multicast routing configured. Both the first router in the path and the last hop router need to be configured for this to work which is why 2 devices are needed. Each end has to know how to handle the packets.

Edit: I am curious if you have configured multicast routing on the switch to see if that will actually resolve the issue? I know that the basic configuration for it was posted by someone in this thread already.

 

[bill2455]

The purpose of IP Multicast Helper-Map is for a router to take in your standard broadcast UDP packets and convert those packets into multicast packets, in order to be routed over the multicast network to the destination. In this method; the LHR (last hop router) that is on the receiver end of things will then take those multicast packets and convert them back into original broadcast packets they started as and send those on out to the network segment that the receiver in this case your app server connected to Vlan 1 (128.1.1.100-255.255.0.0). I don't think this will work in your current situation since everything is local to the one L3 switch and you do not have multicast routing configured. Both the FHR (first hop router) in the path and the LHR need to be configured for this to work which is why 2 devices are needed. Each end has to know how to handle the packets.

Thank you clearing that up for me - i had a feeling that was the case: although it might work in our production environment! - we'll have multiple switches and routers involved at that time;

mct states; I am curious if you have configured multicast routing on the switch to see if that will actually resolve the issue?

Answer #1: I do have the switch configured to support multicast routing: - Multicast works and we have confirmed

Answer #2: With that said, UDP broadcast packets being received from the reader connected to Vlan 63 (10.10.63.2-255.255.255.0) broadcast group destination which works fine for any PC or Server on the same subnet;

Although; I need to get these UDP broadcast packets to be received by the app server by either method "routing or forwarding" UDP broadcast packets to Vlan 1 which is on different IP and Subnet (128.1.1.100 - 255.255.0.0) address, at this time residing on the same L3 switch in the lab for testing purposes.

Although its not the production environment we'll be deploying: that would look more like the solution stated above involving Two L3 switches and at least one router.

any suggestions