Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
aneshcheret
Staff
Staff

Created on ‎09-02-2019 06:07 AM Edited on ‎01-31-2022 09:47 PM By Anonymous

Article Id 192492

Troubleshooting Tip: FortiGate interface changes its state from IGMP Querier to Non-Querier

Description
This article describes how to fix the issue when a FortiGate interface changes its state from IGMP Querier to Non-Querier.

Solution
On a FortiGate, an IGMP state change from Querier to Non-Querier which leads to the Multicast service interruption.
When a Fortigate interface IGMP state changes to Non-Querier, it means that there is some other device in the network, which is acting as Querier.
This can be seen in multi-vendor network architecture containing Cisco, Huawei, HP, Avaya, Dell devices as every device has different IGMP query interval.

IGMP STATUS WHEN MULTICAST IS WORKING:

# get router info multicast igmp interface
Interface port2 (Index 12)
IGMP Enabled, Active, Querier, Configured for version 2           <------------------ FortiGate port2 is acting as IGMP querier
Internet address is 192.168.16.1


IGMP STATUS WHEN MULTICAST IS NOT WORKING:

# get router info multicast igmp interface
Interface port2 (Index 12)
IGMP Enabled, Active, Non-Querier, Configured for version 2       <------------------------- FortiGate port2 is acting as IGMP Non-Querier
Internet address is 192.168.16.1
IGMP querying router is X.X.X.X   


DEBUG OUTPUT LOGS:

# diagnose ip router igmp all enable
# diagnose ip router igmp level info
# diagnose debug enable
2019-07-26 08:08:21 id=20301 logdesc="Routing log" msg="NSM: [IGMP-DECODE] Dec Msg: IGMP Membership Query, Max. Rsp. Code 100"
2019-07-26 08:08:21 id=20301 logdesc="Routing log" msg="NSM: [IGMP-DECODE] Dec Query: Lower IP 0.0.0.0 on port2"
2019-07-26 08:08:21 id=20301 logdesc="Routing log" msg="NSM: [IGMP-DECODE] Dec Query: Ouerier->Non-querier on port2"

To fix this problem, reduce the IGMP query-interval and query-timeout making it lower than any other device in the network is using the following commands:

# config router multicast
    config interface
        edit "port2"
            config igmp
                set query-interval 20 >>> Set value less than other device IGMP Query interval
                set query-timeout 60  >>> Set value less than other device IGMP Query timeout
            end
        next
    end
end
9135
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.