Support Center > Search Results > SecureKnowledge Details
SmartView Tracker logs show that Active member drops PIM packets from Standby member due to address spoofing
Symptoms
  • SmartView Tracker logs show that Active member drops PIM packets from Standby member due to address spoofing.

  • Kernel debug ('fw ctl debug -m fw + drop') on Active cluster shows that PIM Hello packets sent from Standby cluster member are dropped:

    • ;fw_log_drop_conn: Packet <dir 1, IP_of_Standby_Member:0 -> 224.0.0.13:0 IPP 2>, dropped by check_spoofing_befo, Reason: Address spoofing;
    • ;fw_log_drop_ex: Packet proto=103 IP_of_Standby_Member:0 -> 224.0.0.13:0 dropped by fw_cluster_ttl_anti_spoofing Reason: ttl check drop
  • Setting the TTL to 255 on Active member per (sk42652) does not resolve the issue:
    # echo 255 > /proc/sys/net/ipv4/ip_default_ttl

  • Disabling Extended Cluster Anti-Spoofing (per sk42652) resolves the issue.

Cause

By design, Active member ignores PIM packets sent by Standby member. Therefore, it drops them either with "Address spoofing" log, or with "Rejecting dynamic routing packet forwarded to wrong member" log.


Solution
Note: To view this solution you need to Sign In .