FortiGate PIM-SM debugging examples

FortiGate PIM-SM debugging examples

Using the example topology shown below, you can trace the multicast streams and states within the three FortiGate units (FGT-1, FGT-2, and FGT-3) using the debug commands described in this section. The command output in this section is taken from FortiGate unit when the multicast stream is flowing correctly from source to receiver.


PIMSM debugging topology

Checking that the receiver has joined the required group

From the last hop router, FGT-3, you can use the following command to check that the receiver has correctly joined the required group.

FGT-3 # get router info multicast igmp groups

IGMP Connected Group Membership

Group Address Interface Uptime Expires Last Reporter port3 00:31:15 00:04:02

Only 1 receiver is displayed for a particular group, this is the device that responded to the IGMP query request from the FGT-3. If a receiver is active the expire time should drop to approximately 2 minutes before being refreshed.


Checking the PIM-SM neighbors

Next the PIM-SM neighbors should be checked. A PIM router becomes a neighbor when the PIM router receives a

PIM hello. Use the following command to display the PIM-SM neighbors of FGT-3.

FGT-3 # get router info multicast pim sparse-mode neighbour

Neighbor Interface Uptime/Expires Ver DR Address Priority/Mode port2 01:57:12/00:01:33 v2 1 /


Checking that the PIM router can reach the RP

The rendezvous point (RP) must be reachable for the PIM router (FGT-3) to be able to send the *,G join to request the stream. This can be checked for FGT-3 using the following command:

FGT-3 # get router info multicast pim sparse-mode rp-mapping

PIM Group-to-RP Mappings Group(s):, Static RP:

Uptime: 07:23:00


Viewing the multicast routing table (FGT-3)

The FGT-3 unicast routing table can be used to determine the path taken to reach the RP at You can then check the stream state entries using the following commands:

FGT-3 # get router info multicast pim sparse-mode table

IP Multicast Routing Table

(*,*,RP) Entries: 0 (*,G) Entries: 1 (S,G) Entries: 1 (S,G,rpt) Entries: 1

FCR Entries: 0

This entry was posted in FortiOS 5.4 Handbook and tagged , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.