The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document describes how to configure Cisco Catalyst switches to interact with Microsoft Network Load Balancing (NLB).
There are no specific requirements for this document.
The information in this document is based and configured on these software and hardware versions:
Note: Consult the appropriate configuration guide for the commands that are used in order to enable these features on other Cisco platforms.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
The NLB technology can be used in order to distribute client requests across a set of servers. In order to ensure that clients always experience acceptable performance levels, Microsoft Windows NLB provides the ability to add additional servers so that you can scale out stateless applications, such as IIS-based web servers, as client load increases. In addition, it reduces downtime that is caused by servers that malfunction.
Microsoft Windows NLB is a clustering technology that is offered as a part of all Windows 2000 Server and Windows 2003 Server family operating systems. It provides a single virtual IP address for all clients as the destination IP address for the entire cluster.
You can configure NLB to work in one of these three modes:
Here are some notes about the use of NLB in Unicast mode:
Here are some notes about the use of NLB in Multicast mode:
arp 10.100.1.99 0300.5e01.0101
mac address-table static 0300.5e01.0101 vlan 200 interface TenGigabitEthernet1/4 TenGigabitEthernet1/5 disable-snooping
Note: When you statically map a MAC address to multiple ports, it is only supported by the software on the Cisco Catalyst 4500 Series switch. Also, the use of this configuration on the Catalyst 4500 Series switch might cause high CPU. In order to avoid this problem, you can isolate the NLB to a specific VLAN, add only the static ARP entries, and allow flooding on that VLAN.
Note: For Cisco Catalyst 6000/6500 Series switches, you must add the disable-snooping parameter to constrain traffic to the specified ports only. When you configure a static connection, enter the disable-snooping keyword to prevent multicast traffic addressed to the statically configured multicast MAC address from also being sent to other ports in the same VLAN. (This command is not required on other platforms).
Here are some notes about the use of NLB in IGMP mode:
arp 10.100.1.99 0100.5e01.0101
Here are important notes to keep in mind when you use NLB in IGMP mode:
Note: As tracked by Cisco bug ID CSCsw72680 you cannot use PIM on the NLB VLANSwitch Virtual Interface (SVI) with certain versions of code. View the bug details for the code releases that address this issue or use the IGMP snooping querier feature.
Note: As tracked by Cisco bug ID CSCsy62709 packets are duplicated for all of the traffic thats is routed to the NLB servers in IGMP mode. View the bug details for the affected code versions.
Note: Due to a hardware limitation that is tracked by Cisco nug ID CSCug49149 NLB traffic cannot be sent across a Distributed Etherchannel on the same 6708 line card when switch is running in either PFC3B or PFC3C mode. The port-channel must be cabled so all member links are on the same forwarding engine.
This section describes how to configure NLB for the Cisco Catalyst 6500 and 4948 Series platforms that run in Multicast or IGMP mode.
This section describes how to configure NLB for the Cisco Catalyst 6500 and 4948 Series platforms that run in Multicast mode:
6500-1#show running-config
Building configuration...
!
hostname 6500-1
!
boot system flash disk0:s2t54-adventerprisek9-mz.SPA.151-1.SY1
!
interface TenGigabitEthernet1/4
switchport
switchport trunk allowed vlan 1,100,200
switchport mode trunk
!
interface TenGigabitEthernet1/5
switchport
switchport trunk allowed vlan 1,100,200
switchport mode trunk
!
interface Vlan100
ip address 10.100.1.1 255.255.255.0
!
!
interface Vlan200
ip address 10.200.1.1 255.255.255.0
!
!
arp 10.100.1.88 0300.5e01.0101 ARPA
!
!
mac address-table static 0300.5e01.0101 vlan 200 interface TenGigabitEthernet1/4
TenGigabitEthernet1/5 TenGigabitEthernet5/5
!
Here are some important notes about this configuration:
Note: Ensure that you use Multicast mode on the NLB cluster. Cisco recommends that you do not use multicast MAC addresses that begin with 01 because they are known to have a conflict with the IGMP setup.
4948-1#show running-config
Building configuration...
!
hostname 4948-1
!
boot system bootflash:cat4500-entservices-mz.150-2.SG7
!
interface GigabitEthernet1/1
switchport access vlan 200
!
interface TenGigabitEthernet1/49
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,100,200
switchport mode trunk
!
interface TenGigabitEthernet1/50
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,100,200
switchport mode trunk
!
mac address-table static 0300.5e01.0101 vlan 200 interface Gi1/1 Te1/49 Te1/50
!
!
end
Note: The mac address-table static 0300.5e01.0101 vlan 200 interface creates a static entry in the switch for the multicast virtual MAC address. It is important to remember that all of the trunk interfaces that carry NLB traffic between the switches must be added. Once a static MAC address is defined, flooding is constrained. If you forget to include an interface, the NLB cluster breaks.
This section describes how to configure NLB for the Cisco Catalyst 6500 and 4948 Series platforms that run in IGMP mode
6500-1#show running-config
Building configuration...
!
hostname 6500-1
!
boot system flash disk0:s2t54-adventerprisek9-mz.SPA.151-1.SY1
!
ip igmp snooping querier
!
vlan configuration 1,100
no ip igmp snooping querier
!
vlan configuration 200
ip igmp snooping querier address 10.200.1.1
!
interface TenGigabitEthernet1/4
switchport
switchport trunk allowed vlan 1,100,200
switchport mode trunk
!
interface TenGigabitEthernet1/5
switchport
switchport trunk allowed vlan 1,100,200
switchport mode trunk
!
interface Vlan100
ip address 10.100.1.1 255.255.255.0
!
interface Vlan200
ip address 10.200.1.1 255.255.255.0
!
arp 10.100.1.99 0100.5e01.0101 ARPA
!
end
Here are some important notes about this configuration:
4948-1#show running-config
Building configuration...
!
hostname 4948-1
!
boot system bootflash:cat4500-entservices-mz.150-2.SG7
!
interface GigabitEthernet1/1
switchport access vlan 200
!
interface TenGigabitEthernet1/49
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,100,200
switchport mode trunk
!
interface TenGigabitEthernet1/50
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,100,200
switchport mode trunk
!
end
Note: There is no need to configure static entries, as IGMP snooping does this dynamically in this mode. Also, no special configuration for this mode is required on the downstream Layer 2 (L2) switches.
Use this section to confirm that your configuration works properly.
Note: The Output Interpreter Tool (registered customers only) (OIT) supports certain show commands. Use the OIT to view an analysis of show command output.
Enter theshow ip arpcommand in order to view the ARP cache:
6500-1#sh ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.100.1.99 - 0300.5e01.0101 ARPA
Enter the show mac address-table static command in order to view a specific MAC address table static and dynamic entry or the MAC address table static and dynamic entries on a specific interface or VLAN:
6500-1#show mac address-table static add 0300.5e01.0101
vlan mac address type learn age ports
----+---------------+-------+-----+------+-----------------
200 0300.5e01.0101 static No - Te1/4 Te1/5 Te5/5
4948-1#show mac address-table static add 0300.5e01.0101
Multicast Entries
vlan mac address type ports
------+---------------+-------+--------------------
200 0300.5e01.0101 static Gi1/1,Te1/49,Te1/50
Enter theshow ip arpcommand in order to view the ARP cache:
6500-1#show ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.100.1.99 - 0100.5e01.0101 ARPA
Enter theshow ip igmp snooping mrouterin order to view the Mrouter port that is programmed by the queries received from the upstream snooping querier:
4948-1#show ip igmp snooping mrouter
Vlan ports
---- -----
200 Te1/49(dynamic)
Enter the show mac address-table multicast igmp-snooping in order to view the dynamically-added MAC address that is learned from IGMP snooping and the member ports:
4948-1#show mac address-table multicast igmp-snooping
Multicast Entries
vlan mac address type ports
------+---------------+------+-------------
200 0100.5e01.0101 igmp Gi1/1,Te1/49
Enter theshow ip igmp snooping groupsin order to view the port list of cluster members that joined the multicast group:
4948-1#show ip igmp snooping groups
Vlan Group Version Port List
-----------------------------------------
200 239.1.1.1 v2 Gi1/1
There is currently no specific troubleshooting information available for this configuration.