Multicast Storm

[rossbird]

Hi all,

I am currently having an issue with our firewalls creating mutlicast storms on our switches. We have clustering enabled using a muticast address and have statically entered arp entries into all of our switches so that they accept the multicast address, but when I sniff on any port on the switch I see all traffic being sent to the fw as if I'm on a hub. I've read that enabling multicast mac with IGMP in voyager and IGMP snooping on the switch might resolve the issue. I've also read that muticast mac with IGMP snooping on voyager is a bad idea. My question is how do I resolve the issue of muticast storms on the swtich while still maintaining a clustered environment?

IPSO fwserver1 3.9-BUILD041
This is Check Point VPN-1(TM) & FireWall-1(R) NG with Application Intelligence (R55) HFA_17, Hotfix 670 - Build 005

Any help would be appricated.

[dbedit]

It's also possible to run in broadcast mode if you are still having issues. Don't know the exact command anymore, check CLI guide!If you cannot find it let me know.

[david]

cphaconf set_ccp broadcast

need to do a cprestart afterwards for the change to take effect

can then run the command below to verify

cphaprob -a if