Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
simonf
New Contributor

Multicast stream loss

Hello,

 

I have been experiencing the following phenomenon concerning multicast streams on a FortiGate 300E :

 

- after a few hours or days of viewing multicast video streams, one stream (not always the same) will become unavailable on all firewall ports except for one port (but not always the same). The IGMP subscription and PIM route (dense mode) are still in the FortiGate's tables for all the ports requesting the stream.

 

- I tried clearing multicast routes, igmp groups, multicast sessions and the command "execute router restart", none of this will get the multicast stream back. However, if I reboot the firewall or if it goes to the failover firewall, I will get the stream back. 

 

- If I use the "diag sniffer packet" to see the multicast stream on the one port where it is still available, there are no multicast packets (and no packets dropped by kernel, I tested with auto-offload enable and disabled). However I can see the multicast packets in wireshark on the client computer connected to that port.

 

I don't understand why these multicast packets that are obviously received by the client computer are not visible with the firewall sniffer (or the packet capture feature). 

Has anyone any idea why multicast packets may become invisible to the firewall but still go through?

 

Also, there seems to be some information stored in cache in the firewall that prevents from getting the stream on all ports requesting it. Where can I find what information is stored in the firewall but flushed during a reboot? Thank you in advance, Simon.

0 REPLIES 0
Labels
Top Kudoed Authors