NLB Cisco Switch Issue

colinkhan used Ask the Experts™
Here is the scenario: Have 2 virtual servers on Hyper V with 1 virtual IP assigned to the NLB cluster. Cluster is running in multicast mode. The two physical ports are connected to a Catalyst 3750 which is daisy chained of another 3750 which is in turn connected to a trunk port on a 6500 Catalyst. The catalyst has numerous vlans of which the NLB machines are a member of VLAN1.
If I connect to a machine on the same VLAN as the NLB server we can communicate via ping fine. Problem is no other vlans can communicate with the NLB IP. Note that there are no security restrictions between the vlans and the other vlans can ping "normal" IPs in the NLB vlan no problem.
Followed the instructions here:

I did this config on the edge switch where the physical ports are located but this does not work.
What gives? Do I need to do this somewhere else or on the 6500?

If on the 6500 how do I define the ports that the NLB IP is assigned to?

Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Senior Network Manager
The issue with the multicast mode is virtual IP addresses become unreachable when accessed from outside the local subnet because Cisco devices do not accept an arp reply for a unicast IP address that contains a multicast MAC address. So the MAC portion of the ARP entry shows as incomplete.

do a:
show arp


show mac-address-table

for the vlan in question.
Let us know.


Would you want the commands run from the edge switch or the 6500 where the VLANS are configured? The edge switch is on the NLB VLAN btw.
Robert Sutton JrSenior Network Manager

From both please.
Learn Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

kevinhsiehNetwork Engineer
I have had good luck using NLB in unicast mode. Nothing special needs to be done with the Cisco switches. The VMs needs to have 2 NICs, and they need to be configured to allow ARP spoofing in Hyper-V.


Warlock: due to time constraints for the project we opted to try the NLB in unicast mode and this worked flawlessly.

Thanks for the input kevinhsieh.


One user explained the problem and the other user provided the workaround.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial