Explorer

Question

Why I have Multicast Looped on my Forigate even the second interface not join any Firewall switch?

Forum|Forum|1 year ago
February 19, 2025
2 replies
1196 views

Dear all,

Please have a look at the following Lab.

We have a Windows NLB using Multicast across one Server only.

The NLB virtual IP is 192.168.169.25/24, and the real server behind the NLB is 192.168.169.24

The Server just connected to a Cisco switch without special configuration, even no vlan and IP on the switch. The spanning is enabled as RSTP to prevent looped.

The Fortigate wan1 connected to the the same switch to allow access from/to the Server as well.

At this moment, everything is working fine and the ping result likes this:

Now, let's try connecting the HA1 interface to the switch:

Why numerous Dup! message come up to my Fortigate even the HA1 is a standalone interface without joining any Firewall software/hardware/Vlan switch?

Firewall interface.png

FortiGate

AEK

SuperUser

Hi Potato

What happens if you replace the Windows server by a simple client with the same address? Is it the same behavior?

AEK

Potato168Author

Explorer

Make it simple, if we ping the real server IP "192.168.169.24", there is no issue as well.

Potato168Author

Explorer

No One know the Mcast loop issue?

AEK

SuperUser

I didn't face such issue before but after some research I think it has sometming to do with multicast forwarding. I mean probably when you connect the fortigate to the same segment it forwards the multicast packet to the other interface and it creates a loop.

https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/968606/configuring-multicast-forwarding

AEK

Potato168Author

Explorer

But the multicast forwarding is disabled and never enabled.

I wonder that is NPU level issue?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded