Multicast routing is a networking method for efficient distribution of one-to-many traffic. A multicast source, such as a live video conference, sends traffic in one stream to a multicast group. The multicast group contains receivers such as computers, devices, and IP phones.
Common uses include these technologies:
- Voice over IP (VOIP)
- Video on demand (VOD)
- Video conferencing
- IP television (IPTV)
When you enable multicast routing on your Firebox, the Firebox acts as a local multicast router. It forwards multicast traffic from the source to receivers on your network.
How It Works
Multicast routing uses the Protocol-Independent Multicast (PIM) protocol. There are different variants of this protocol. Your Firebox supports PIM Sparse Mode (PIM-SM) which is used when only a few devices subscribe to the multicast. These devices are multicast receivers. Receivers can be located anywhere in the world, on any network, and compose the multicast group logical group.
In this diagram, a server sends multicast traffic through a router and the Firebox. The Firebox forwards the multicast traffic to the multicast group on the local network.
In PIM-SM mode, the central point in the multicast domain is the Rendezvous Point (RP). The RP is a router that receives multicast traffic destined for the multicast group. All multicast traffic must pass through the RP. At least one RP candidate must exist in a multicast domain.
You must enable all Firebox interfaces as RP candidates that are involved in multicast routing, except those exposed to the multicast source or the receivers. When you enable the Firebox as an RP candidate, the Firebox periodically communicates its RP candidacy to the PIM-SM network. RP elections on the Firebox occur dynamically.
Multicast traffic must have a TTL high enough to traverse all hops between the source (server) and client.
After you enable multicast routing, the alias Any-Multicast and two new policies are added to your configuration:
In a multicast policy, you can specify only these options:
- Incoming interfaces
- Source IP addresses
- Destination IP addresses
- Protocols and ports
Multicast Routing Support
Multicast routing is supported only in Mixed Routing mode.
Multicast routing is supported for these Firebox interface types:
- Link aggregation
- BOVPN virtual interface
You can enable multicast routing for up to 31 interfaces. IPv4 is supported. IPv6 is not supported.
Multicast routing is supported for these Firebox zones:
You can enable multicast routing for an Active/Passive FireCluster.
Multicast Routing Protocols
The Firebox supports these multicast routing protocols:
- PIM Sparse Mode (PIM-SM)
- PIM Source-Specific Multicast (PIM-SSM)
- IGMP v2 and v3
For detailed information about multicast routing, see RFC 5110. For detailed information about PIM-SM, see RFC 7761.
These diagrams shows example networks with Firebox interfaces configured as RP candidates. If a switch is located between the router and receivers, the switch must support IGMP snooping.
In this example, the local network has one Firebox configured for multicast routing. The external interface, eth0, is enabled as an RP candidate. On the router, the interface connected to the Firebox, eth1, is enabled as an RP candidate.
In this example, the local network has two Fireboxes configured for multicast routing. The external interfaces on both Fireboxes, eth0, are enabled as RP candidates. The trusted interface on Firebox 1 is also enabled as an RP candidate. On the router, the interface connected to the Firebox, eth1, is also enabled as an RP candidate.
In this example, the local network has one Firebox configured for multicast routing. The multicast source and receivers are connected to the Firebox directly, and no other multicast routers are in use.
In this case, the Firebox must be the RP candidate. If you configure multiple multicast interfaces on the Firebox, you can select any of the interfaces to be the RP candidate.