20:24 - Friday, 18 April 2014

MS NLB: Why Are Multicast Packets Received By All Servers On The LAN, Not Just Members Of The Cluster

#Topics: ms-nlb-virtserver-multicast

I have a MS NLB cluster (Win 2003) which includes just two hosts. The cluster is configured to use Multicast operation mode (not IGMP).

For some reason I am seeing packets intended for the NLB cluster

Destination: MS-NLB-VirtServer-Multicast_bd:1a:0f:04 (03:ce:bd:1a:0f:04)

landing on all the servers on the LAN. Is it normal? Can something be done to get rid of them?
We don’t control the switch, but I could ask the guys to tweak it, if I knew what to ask

This is perfectly normal. From a general standpoint, multicast traffic is analogous to broadcast traffic. Multicast traffic is sent to all switch ports. Hosts that aren’t interested in the multicast traffic ignore it. In order to “scope” the multicast traffic to only those hosts that are interested you’ll need to configure IGMP snooping.

If you don’t use IGMP, then the switch doesn’t know which ports are members of the multicast group. Therefore, the packets are flooded to all ports. You need to get IGMP turned on and configured with the virtual MAC of the NLB cluster.