FortiGate PIM-SM debugging examples

Leave a reply

(*,*,RP) Entries

This state may be reached by general joins for all groups served by a specified RP.

(*,G) Entries  State that maintains the RP tree for a given group.

(S,G) Entries  State that maintains a source-specific tree for source S and group G.

(S,G,rpt) Entries

State that maintains source-specific information about source s on the RP tree for G. For example, if a source is being received on the source-specific tree, it will normally have been pruned off the RP tree.

FCR             The FCR state entries are for tracking the sources in the <*, G> when <S, G> is not available for any reason, the stream would typically be flowing when this state exists.

Breaking down each entry in detail:

(*, 239.255.255.1) RP: 192.168.1.1

RPF nbr: 10.132.0.156

RPF idx: port2

Upstream State: JOINED Local:

port3

Joined: Asserted: FCR:

The RP will always be listed in a *,G entry, the RPF neighbor and interface index will also be shown. In this topology these are the same in all downstream PIM routers. The state is active so the upstream state is joined.

In this case FGT-3 is the last hop router so the IGMP join is received locally on port3. There is no PIM outgoing interface listed for this entry as it is used for the upstream PIM join.

(10.166.0.11, 239.255.255.1) RPF nbr: 10.132.0.156

RPF idx: port2

SPT bit: 1

Upstream State: JOINED Local:

Joined: Asserted: Outgoing: port3

This is the entry for the SPT, no RP IS listed. The S,G stream will be forwarded out of the stated outgoing interface.

(10.166.0.11, 239.255.255.1, rpt) RP: 192.168.1.1

RPF nbr: 10.132.0.156

RPF idx: port2

Upstream State: NOT PRUNED Local:

Pruned: Outgoing:

The above S,G,RPT state is created for all streams that have both a S,G and a *,G entry on the router. This is not pruned in this case because of the topology, the RP and source are reachable over the same interface.

Although not seen in this scenario, assert states may be seen when multiple PIM routers exist on the same LAN which can lead to more than one upstream router having a valid forwarding state. Assert messages are used to elect a single forwarder from the upstream devices.

Pages: 1 2 3 4 5
This entry was posted in FortiOS 5.4 Handbook and tagged , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.