LOAD SHARING Multicast

[Sharky]

Dear Mr.
I need your help for this case, right now I have working okey a cluster on LOAD SHARING UNICAST, and I was trying to make the chance to LOAD SHARING Multicast, my question is, if there is a command wich show in the gateways the Mac address that the cluster use when it is on Multicast.
Very grateful for your collaboration

[eduardw]

Hi you can see the magic mac with
fw ctl get int fwha_mac_magic
fw ctl get int fwha_mac_forward_magic

You will get a binary answer so you have to calculate it back to hex. You could also look at the mac table of the connecting switch.

Regards
Eduard

[Sharky]

Thanks for this information

I run this comand and the result is fwha_mac_magic =254fwha_mac_forward_magic =253. Please I need the mac address multicast that the cluster use when it is on LOAD SHARING Multicast. This instalation is on SecurePlatform.

I need this information because I need configuring the Static Cam Entries In the Switch Cisco For this to work ok.

Very grateful for your collaboration

[sebastan_bach]

hi sharky even i am getting the same output as urs.

i just don;t understand when checkpoint has a feature why doesn;t it tell how to use it. i really feel their poor documentation and less of resources makes them less favourable as compared to cisco and juniper.

many things are not mentioned anywhere.
i mean for the multicast rather than calculating the multicast mac-address they could have a better way of showing it to the user.

hope they improve on this

regards

sebastan

[jaskaran224]

Hey there is another way to get the multicast mac...

On a network that has a cluster IP address of x.y.z.w :
If y<=127, the multicast MAC address would be 01:00:5e:y:z:w. For example:
01:00:5e:5A:0A:64 for 192.90.10.100
If y>127, the multicast MAC address would be 01:00:5e:(y-128):z:w. For example:
01:00:5e:28:0A:64 for 192.168.10.100 (168-128=40 = 28 in hex).
For a network x.y.z.0 that does not have a cluster IP address, such as the sync, you
would use the same procedure, and substitute fa instead of 0 for the last octet of the
MAC.
For example: 01:00:5e:00:00:fa for the 10.0.0.X network.

[sebastan_bach]

hi yes i know that method of calculating the mac. i guess checkpoint would be damn stupid to expect people to calculate mac address that way rather than showing it to users with a command.

regards

sebastan

[jaskaran224]

Yes I agree with you....

[cciesec2006]

Hi,

if you do a "tcpdump -i ethx -e" on the interface, you will
see the multicast mac address.

[sebastan_bach]

hi mate thanks a lot for ur help . i did solve the issue of multicast mac. i ran the tcpdump as u said and i also ran ethereal on the host on the internal and external network and found the multicast mac.

i didn;t have to do any kind of tuning with the cisco switch. all i did was added the static multicast arp entry on both my inside and outside routers.

thanks a lot mate. it solved my query.

regards

sebastan

[Sharky]

Thanks for help.

This command solved my problem.

tcpdump -n -e -c 100 -i <interface>

[sebastan_bach]

hi sharky u can also try to edit the virtual cluster interface in the topology of the cluster object and in the general properties u can click on the advance tab and u can see the multicast mac.out there u can also define the multicast mac of ur own.


regards

sebastan

[tkalas]

ifconfig -a will show the clustermac on unix flavoured boxes much quicker than most of the commands I am seeing