About kenhagen

Hello, We are having a multicast problem with our PA.  It is an informacast application that needs to use multicast. Our server is in the data center on Nexus.   We saw that Multicast FIB on the Palo Alto FW was not being created. We saw that multicast packets coming from the source to multicast group were not being marked with an egress interface, this probably is because we do not have the S,G FIB entry to determine the outgoing interface the FW must sent these packets   A Device will create S,G state once a PIM S,G join is received. We did a packet capture on the PA Firewall and on the cisco Nexus7700 C7706 device, which is outside the PA.   We see the pim join arrive to the PALO alto on the capture we took on the PA. We see that  for Group: mcast group address a Join to source (S) was done to source addres. This PIM join is intended for upstream-neighbor  which is the ip of the PA FW on the outside vlan. We also see this packet arrived on the correct vlan, with a valid neighbor on the PA.   Is there a reason why is the device not creating mcast FIB entry once the PIM join is received? ... View more