1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ghosting brings the network to a halt

Discussion in 'Routing & Switching' started by insurin, Nov 26, 2009.

  1. insurin

    insurin Bit Poster

    23
    0
    2
    We have a 6500 Catalyst running in hybrid mode along with a different array of edge switches (3500s 2950s). We have the default setting of no ip directed broadcast and have many different vlans

    When I ghost a computer using ghostcast server, the entire network is brought to a halt no matter what option of ghost method use, i.e. unicast, mulitcast etc. I can actually complete the ghostcast, so it is working although given that Ip directed broadcast is disabled, I am not sure how it is traversing vlans??

    Either way, there must be some of of storm occuring. When I say the entire network is brought to a halt, it really is, We can have a user in some other vlan who has mapped network drives, their computer will just stop responding due to them trying to access the network shares.

    I have just been playing with ip directed broadcast to allow wake on lan over vlans using an acl to only allow a specific ip address. Do I need this route for ghostcasting
     
    Last edited: Nov 26, 2009
  2. onoski

    onoski Terabyte Poster

    3,120
    51
    154
    It looks your you're using a subnet in your live network, to be honest best using a switch on the 192.168.x.x range. Best wishes and lets know how you get on.
     
    Certifications: MCSE: 2003, MCSA: 2003 Messaging, MCP, HNC BIT, ITIL Fdn V3, SDI Fdn, VCP 4 & VCP 5
    WIP: MCTS:70-236, PowerShell
  3. insurin

    insurin Bit Poster

    23
    0
    2
    you are right in saying I am using a live subnet but your solution of using a switch on 192.168.. does not help at all. For a start we are using 172.... addresses. We are in a massive network. We have about 20 class c subnets. Every now and then we have to ghost a room full of computers. Think of a school/college setup. We need to be able to ghost a classroom while not bringing down the network for eveyone else. To get around this at the moment, we schedule to ghostcast seesion to take place overnight when no-one is in.

    few extra settings we have are

    ip multicast routing enabled

    ip pim dense-mode

    igmp enabled on each vlan
     
  4. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,191
    299
    319
    Weird, it may be that the switch itself is grinding to a halt hence why anything connected to it is suffering. Is there a log file in the switch that might give a clue to whats going on here?
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  5. onoski

    onoski Terabyte Poster

    3,120
    51
    154

    I think the idea is to eradicate the issues you're currently experiencing and plus it's not going to interfer with your live network. I think changing the switch to a different one might help too to figure out what's causing the problem.

    Best wishes:)
     
    Certifications: MCSE: 2003, MCSA: 2003 Messaging, MCP, HNC BIT, ITIL Fdn V3, SDI Fdn, VCP 4 & VCP 5
    WIP: MCTS:70-236, PowerShell
  6. Spice_Weasel

    Spice_Weasel Kilobyte Poster

    254
    45
    45
    The first thing you should do is to find out why the ghostcasting is bringing down your entire network. Properly configured 6500/3500/2950's can certainly handle ghostcasting images. You should arrange for a maintenance window to troubleshoot the problem. Run ghostcast and check what is happening on the switches - are you flooding the multicast stream out every port (e.g pim dense mode)? Are prune messages being properly generated and received? Generally I wouldn't recommend using dense mode in a production network.

    Spice_Weasel
     
    Certifications: CCNA, CCNP, CCIP, JNCIA-ER, JNCIS-ER,MCP
    WIP: CCIE
  7. insurin

    insurin Bit Poster

    23
    0
    2
    we have about 60 switches all together and 2 6500s. It does not matter which switch we ghost from, we get the same results.
    We are using pim dense mode. Just a side question. If we are multicasting then how is the traffic passing over the vlans? Is this achieved via 'ip mulitcast routing enabled'

    I am going to see the result of enabling 'Ip directed broadcast' on the vlan that is being ghosted along with doing a directed broadcast on the ghost console
     
  8. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    So this definitely happens when you unicast as well as multicast & broadcast? Double-check all your multicast settings first of all, make sure they're all correct.

    Turn off pim dense-mode on the switches that it's not needed on - you're flooding the imaging traffic out of unnecessary ports

    Can you throttle back the bandwidth used by Ghost? If you can, knock it down to something like 80Mb - that should at least give you the luxury of being able to continue to image machines when necessary (though you may have to stick with unicast for now) until you can find the downtime to troubleshoot properly

    Is IGMP snooping enabled, and do you have anything generating IGMP queries? Your router upstream from the switches should be doing this - although I believe you can get a switch to do this for you. Without this, the switches won't know what ports belong to multicast groups

    When you can get downtime, start off with some packet capturing at various levels in your hierarchy to see whether stuff is being filtered out where it should be - you don't want to see random end-nodes receiving all the imaging traffic if it's not destined for them as that indicates your multicast isn't being directed correctly

    I've never been responsible for a network where I used multicasting (never used Ghost for anything more than basic dumb imaging) but I have worked at places where ghostcast has been used and it's often been a cause of frustration for the network engineers there. That said, I've not seen it cause a problem when unicast was used, only multicast
     
    Certifications: A few
    WIP: None - f*** 'em

Share This Page

Loading...