FortiGate PIM-SM debugging examples

Viewing the PIM next-hop table

The PIM next-hop table is also very useful for checking the various states, it can be used to quickly identify the states of multiple multicast streams

FGT-3 # get router info multicast pim sparse-mode next-hop Flags: N = New, R = RP, S = Source, U = Unreachable Destination Type Nexthop Nexthop Nexthop Metric Pref Refcnt Num Addr Ifindex

10.166.0.11 ..S. 1 10.132.0.156 9 21 110 3

192.168.1.1 .R.. 1 10.132.0.156 9 111 110 2

 

Viewing the PIM multicast forwarding table

Also you can check the multicast forwarding table showing the ingress and egress ports of the multicast stream.

FGT-3 # get router info multicast table

IP Multicast Routing Table

Flags: I – Immediate Stat, T – Timed Stat, F – Forwarder installed

Timers: Uptime/Stat Expiry

Interface State: Interface (TTL threshold)

(10.166.0.11, 239.255.255.1), uptime 04:02:55, stat expires 00:02:25

Owner PIM-SM, Flags: TF Incoming interface: port2

Outgoing interface list:

port3 (TTL threshold 1)

 

Viewing the kernel forwarding table

Also the kernel forwarding table can be verified, however this should give similar information to the above command:

FGT-3 # diag ip multicast mroute

grp=239.255.255.1 src=10.166.0.11 intf=9 flags=(0x10000000)[ ] status=resolved last_assert=2615136 bytes=1192116 pkt=14538 wrong_if=0 num_ifs=1 index(ttl)=[6(1),]


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

This entry was posted in FortiOS 5.4 Handbook and tagged , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.