Solved

Stop Multicast Session from flooding Network

Posted on 2003-11-21
6
2,321 Views
Last Modified: 2012-08-14
I am using Symantec Ghost 7.0. Every time I run multicast server the network performance is reduced by more than half. So i figured if can stop the multicast packets from leaving the switch where all the clients are connected I can stop the unnecessary traffic. Allow me to explain the current scenario. There is a workbench were all stations on the work bench are connected to a Cisco Catalyst 3524. Port 24 on the catalyst is connected to a parent Switch via a cross over cable. A DHCP server and the Proxy Server are connected to the PARENT Switch, which is how the computers on the workbench get their IP addressee and access the internet. NOTE!!! ONLY computers on the workbench need to access the Symantec Multicast Server. So I think I can add an access statement to the switch to stop all outgoing packets from Symantec Multicast on Switch Port 24. The question is how does Symantec Multicast server send information to their clients, and how do the clients find the Multicast Server? Is it a particular port or a particular packet or what?
0
Comment
Question by:gbarrientos
6 Comments
 
LVL 3

Expert Comment

by:MaxQ
ID: 9800040
If the switches aren't configured for IGMP/CGMP, they will forward multicasts as if they were broadcasts.
Once multicast is configured on the network devices they will only forward multicast frames to stations that join the multicast group in question.  As with most network things there is more than one way to do it, but these links should be helpful:

http://service1.symantec.com/SUPPORT/ghost.nsf/docid/2000022806431025?Open&src=&docid=2000033111503625&nsf=ghost.nsf&view=docid&dtype=&prod=&ver=&osv=&osv_lvl=

http://www.cisco.com/en/US/products/hw/switches/ps637/products_configuration_guide_chapter09186a008007d248.html#xtocid109398
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9800212
or vlan your lab
0
 
LVL 3

Expert Comment

by:MaxQ
ID: 9800263
That's true, having the lab on its own subnet would keep the multicasts contained and
allow you to do some access control between it and the rest of your network.  Not a
bad idea for security if you potentially have workstations/servers there being built that
aren't fully patched/configured/etc.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Expert Comment

by:ThePowderedToastMan
ID: 9800340
You certainly can control precisely where a multicast is sent.  An IGMP packet goes anywhere on the set of IP addresses within the LAN it is programmed on.  You can control this by programming groups for multicasting on your routers.  THis is exactly what MaxQ and Chicagoan are saying, so give me no points.  A best solution, in my never to be humble opinion is to go with CHicagoan, and VLAN, your lab, this will eliminate all unwanted traffic to your lab.,
0
 
LVL 12

Accepted Solution

by:
Scotty_cisco earned 500 total points
ID: 9800672
gbarrientos

I understand your problem we have had a similar issue... One nice thing that I wanted to bring up though is the development of IGMP snooping in 3550 switches and the 2950 switches which will do the IP IGMP joins on a port level and allow you to remain on the same switch without VLANing or messing with segmenting your network.  Let me clarify that statment --- the switch will watch for a join on a group before it floods the multicast out that port. Very low level stuff but it seems to work ... one problem is that it does cause a performance hit on the switch.

Thanks
Scott
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9814702
surgical, scotty! wtg!
now - can you get us warp 10?
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now