Symptom

NLB Multicast traffic blackholed on EOR switch when using router-on-stick port-channel

Conditions

* EOR switch running 10.2(x) * Multicast NLB traffic ingressing and egressing same port-channel with physical members on different ASICs (eg: different modules)

Workaround

Need to add the following to external documentation: https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/102x/configuration/multicast-routing/cisco-nexus-9000-series-nx-os-multicast-routing-configuration-guide-release-102x/m_9k_configuring_nlb_9x.html Multicast NLB with router-on-stick port-channel If you are using multicast NLB where traffic is ingressing and egressing same port-channel and you have members of that port-channel on different ASICs (eg: different modules). You will need to follow the next steps for configuration: 1. hardware profile multicast nlb 2. hardware profile multicast nlb port-Channel 3. clear ip igmp snooping groups (For ingress and egress VLANs) 4. use the same steps written in configuration guide: a. Configure a static ARP entry that maps the unicast IP address to a multicast MAC address in the IP address multicast range: interface Vlan10 no shutdown ip address 10.1.2.1/24 ip arp 10.1.2.200 0100.5E01.0101 b. Enable MAC-based Layer 2 multicast lookups in the VLAN (by default, multicast lookups are based on the destination multicast IP address): vlan configuration 10 layer-2 multicast lookup mac You must use MAC-based lookups in VLANs where you want to constrain IP address unicast packets with multicast MAC addresses. c. Configure static IGMP snooping group entries for the interfaces connected to the NLB server that needs the traffic: vlan configuration 10 ip igmp snooping static-group 239.1.1.1 interface Ethernet8/2 ip igmp snooping static-group 239.1.1.1 interface Ethernet8/4 ip igmp snooping static-group 239.1.1.1 interface Ethernet8/7

Further Problem Description