Currently I am trying to pass multicast through a sidewinder firewall using PIM Dense mode. I have an internal router on the inside of the firewall and an external router on the other side, all interfaces are configured for PIM Denseâ¦
The firewall basically forwards the PIM hello's through so the internal and external routers both appear as PIM neighbors. I am able to get multicast traffic to flow through the firewall both ways but for example: when a host on the external side leaves the group the tree does no prune back through the firewall to the internal; it stops pruning at the external router. When I do a show ip mroute 126.96.36.199 on the external router it shows the rpf neighbor as being the firewall (192.168.241.217/29) and not the pim neighbor internal router (x.x.241.214/29).
Also when I do a debug ip pim I see the external router receive the prune message but it does not forward a prune message to its upstream PIM neighbor. I believe this is because the RPF neighbor and PIM neighbor do not match. I have tried putting in a static mroute pointing to the internal router (192.168.241.214/29) but it still shows the firewall (192.168.241.217/29) as the rfp neighbor, but it does have the mroute tag next to the entryâ¦ Does anyone know of a workaround for this scenario? Any help is greatly apprrciated.