02-06-2024 11:13 PM
Have a pair of Firepower 2130 FTD's in HA, managed by Firepower Management Center. Is it possible to override the rp-mapping learned from the PIM bootstrap process with a static RP configuration?
I'm able to do it on the IOS, IOS XE, and NX-OS devices on the rest of the network with the ip pim rp-address [ip] [access-list] override command, but I can't seem to find a way to do it on the FTD's.
In the FMC, I have an RP configured with the "Use this RP for all Multicast Groups as specified below" with a standard ACL applied, but as soon as I allow bootstrap messages to reach the Firepower any established mroutes drop and I can't rejoin any of the streams.
I'll reconfigure if it's not possible, just wanted to see if I was missing anything.
02-07-2024 04:34 AM
If you have route-ftd-router and you want to pass multicast the only allow multicast dont need for ftd to run PIM for this traffic.
MHM
02-07-2024 04:54 PM
Thanks for the reply. A little more info that I realize I should have added initially:
You are correct that it is router-ftd-router, however the ftd is in routed mode and each router is connected to the ftd in a different subnet, with OSPF handling the routes (we have multiple different routers/connections coming into the ftd externally). The routers are not PIM neighbors directly, they are neighbored to the ftd.
Considering that the ftd is routing the traffic between the zones, is it still the case that we can disable PIM?
Appreciate your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide