Virtual IP can't be ping but Physical IP can be ping.

Solved
jptagana
Here to help

Virtual IP can't be ping but Physical IP can be ping.

We are doing a IPTV network setup, the guy from IPTV company setup their server and connected to a third-party switch (Aruba) and connected to our Server Farm switch MS210 via a trunk port and all the vlans are tagged.

 

The issue is, the IPTV server has a virtual IP of 192.168.182.4

  • Ping from the server farm switch (MS210) - getting a reply
  • Ping from the core switch (MS410) or other edge switches (MS210) - not getting a reply
  • Ping other IPs (physical IPs from the same server) - getting a reply

 

All uplinks from Server Farm Switch to Core Switch to Edge Switches are configured as trunk port and allowed vlan "all".

 

Note: We have MX250 but no firewall rule configured.

 

 

Thanking you in advance...

 

 

 

 

 

1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal

Get him to change it to either "Unicast" or "Multicast with IGMP" (and make sure you switch has IGMP enabled).

https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/configure-network-to-support... 

 

The only option that doesn't workk is "Multicast".  Actually, you *might* be able to make this work if you enable "flood unknown multicast" on your switches - but it is not very efficient.  It causes all traffic going to the NLB address to go out every port on every switch.

View solution in original post

7 Replies 7
alemabrahao
Kind of a big deal
Kind of a big deal

Does the switch core has a route for this network? Do you have a topology?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
jptagana
Here to help

there is no route in the core switch all vlan l3 interfaces are configured in the MX, strange why the physical IP is reachable from the core switch and edge switches and only the virtual IP from the server is not but in server farm switch I can ping both virtual and physical IPs.

 

I will prepare the topology and share it here.

 

Thanks!

PhilipDAth
Kind of a big deal
Kind of a big deal

What method is used to provide the virtual IP ?  VRRP?

If it is multicast, is the application sending proper IGMP join requests?

 

Some dumb systems like Windows NLB require static ARP in some configurations (which Meraki can not do).
https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/configure-network-to-support... 

jptagana
Here to help

@PhilipDAththank you for your inputs I think this is the culprit.

 

with regards to method used to provide virtual IP, I'm not sure what the IPTV guy configured in his server but I knew he is using a Windows 2019 and the virutal IP is used for NLB.

 

But he is totally disagreeing that the issue is from his side or let say from our side as you told Meraki can not do static ARP configuration. But funny thing is the same setup we did in other customers with the same IPTV company and the setup is working fine.

 

I will open a case now with Meraki support and we'll see what will be their input.

PhilipDAth
Kind of a big deal
Kind of a big deal

Get him to change it to either "Unicast" or "Multicast with IGMP" (and make sure you switch has IGMP enabled).

https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/configure-network-to-support... 

 

The only option that doesn't workk is "Multicast".  Actually, you *might* be able to make this work if you enable "flood unknown multicast" on your switches - but it is not very efficient.  It causes all traffic going to the NLB address to go out every port on every switch.

jptagana
Here to help

@PhilipDAthyou are correct the Meraki support suggest to enable "flood unknown multicast" because the traffic is not leaving the local switch (server farm switch) where the IPTV switch is connected. The support told me that the other switches doesn't know about that multicast traffic so the only solution is to flood the traffic.

 

Btw, NLB VIP is already set to Multicast with IGMP.

 

Thanks for your time! *cheers*  

PhilipDAth
Kind of a big deal
Kind of a big deal

That suggests the IGMP config isn't right in the network.  Check out this post which explains it in detail.

https://community.meraki.com/t5/Switching/Multicast-Basic-s/m-p/25867/highlight/true#M2125 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels