Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
chrismes
New Contributor

PIM-SM routing

The PIM-SM routing examples in the "Networking handbook" are not very clear. Why is there added an access-list, which is never used int the config? Has anyone a really working PIM-routing example from practice?

Thanks.

2 REPLIES 2
ericli_FTNT
Staff
Staff

On Fortigate, to enable multicast routing, you will need to:

1.

config system settings
set multicast-forward enable
end

 

2.

config router multicast
set multicast-routing enable
end

 

3.

config router multicast
config pim-sm-global
config rp-address
...
set ip-address x.x.x.x

 

4.

config router multicast
config interface
edit xx
set pim-mode sparse-mode
end

 

5.

config firewall multicast-policy

 

Here are some trouble shooting commands:

 

get router info multicast pim sparse-mode table x.x.x.x
get router info multicast pim sparse-mode neighbour
diagnose ip multicast mroute
get router info multicast igmp groups
get router info multicast pim sparse-mode interface
get router info multicast pim sparse-mode rp-mapping
get router info multicast pim sparse-mode bsr-info
diagnose sys mcast-session list

 

Follow up with this thread with any question please. Thanks!

topcu
New Contributor II

chrismes wrote:

Why is there added an access-list, which is never used int the config?

Hi, chrismes asked for the purpose of the access-list in the fortinet configuraion guide. Honestly, this was also not absolutely clear for me, because the ACL ist not referenced somewhere else in one documentation.

 

http://help.fortinet.com/...%20a%20static%20RP.htm

 

But I know, that an RP can be restricted to specific Multicastgroups via an ACL. I found another configuration Guide with the following configuration example:

 

https://pub.kb.fortinet.com/ksmcontent/Fortinet-Public/current/Fortigate_v4.0/From_TD/FortiGate_Mult...

 

The ACL defines a filter to the multicastgroup 233.254.200.0

config router access-list  edit "Source-RP"   config rule    edit 1     set prefix 233.254.200.0 255.255.255.0     set exact-match disable next

 

In another step, the ACL is bound to teh RP:

config router multicast  config interface   edit "internal"    set pim-mode sparse-mode     config igmp      set version 2  end next  edit "external"   set pim-mode sparse-mode    config igmp    set version 2  end next end  set multicast-routing enable   config pim-sm-global    config rp-address     edit 1      set ip-address 169.254.100.1      set group "Source-RP" next