Technical Tip: How to add or delete the Multicast Forwarding Cache (MFC) on FortiGate

Multicast Forwarding Cache (MFC) is a feature on FortiGate devices that helps optimize multicast traffic forwarding by storing information about multicast flows, including source IP, group IP, and output ports. This cache allows the FortiGate unit to efficiently forward multicast packets without having to perform complex lookups for each packet.

When to use the 'diagnose ip multicast mfc-add' command:

The 'diagnose ip multicast mfc-add' command is used to manually add entries to the Multicast Forwarding Cache. This command is helpful in scenarios where specific multicast flows need to be optimized for forwarding.

The command syntax is as follows:

diagnose ip multicast mfc-add <in-port> <src-ip> <group-ip> <out-ports-map>

<in-port>: vif index of ingress

<src-ip>: Multicast Source IP.

<group-ip>: Multicast Group IP

<out-ports-map> vif index map of egress ports, e.g. 0xff

To determine vif index, first run the 'diagnose netlink interface list' command, which helps to determine the FortiGate interface index (link_idx). Refer to the article: Troubleshooting Tip: How to identify the ingress and egress interface of traffic flow from session list.

After, run the 'diagnose ip multicast vif' command to determine the vif_index mapped with link_idx.

When to use the 'diagnose ip multicast mfc-del' command:

The 'diagnose ip multicast mfc-del' command is used to remove specific entries from the Multicast Forwarding Cache. This command can be handy when certain multicast flows are no longer needed to be cached for forwarding optimization.

Additionally, it can be used when an incorrect or outdated MFC entry is causing multicast traffic to be forwarded improperly.

The command syntax is as follows:

diagnose ip multicast mfc-del <src-ip> <group-ip>

<src-ip>: Multicast Source IP.

<group-ip>: Multicast Group IP

Related article:

Technical Tip: Restore multicast traffic after a failover