Description | This article describes a known issue on FortiGate devices running Linux kernel 4.19.13 where the IGMP Membership report with source IP 0.0.0.0 is dropped. |
Scope | FortiGate devices running Linux kernel 4.19.13. |
Solution |
IGMP Membership report sent with a source IP of 0.0.0.0 is getting dropped/discarded by the FortiGate devices running kernel 4.19.13.
In order to find out the kernel version on FortiGate, run the below command:
FGT # fnsysctl cat /proc/version
Due to this behavior, the servers do not receive the multicast stream. The packet with source IP 0.0.0.0 can be seen in packet capture, but the IGMP daemon does not process the packet.
FGT # diag sniff packet any 'igmp' 4
FGT # get router info multicast igmp groups
The debug flow reports that the packet is discarded due to the reason 'ip_sessoin_handle_no_dst'.
id=65308 trace_id=1 func=print_pkt_detail line=5862 msg="vd-root:0 received a packet(proto=2, 0.0.0.0:0->239.100.100.100:0) tun_id=0.0.0.0 from port1 . "
Note that the IGMP membership table is updated correctly if the request comes from a source IP other than 0.0.0.0.
FGT # get router info multicast igmp groups
This is a known issue and has been resolved in FortiOS 7.2.11, 7.4.6, and 7.6.1 versions. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.