A software switch is a virtual switch that is implemented at the software or firmware level. It can be used to simplify communication between devices connected to different FortiExtender interfaces. For example, using a software switch, you can place the FortiExtender interface connected to an internal network on the same subnet as your other virtual interfaces, such as VXLAN, aggregate interfaces, and so on.
Similar to a hardware switch, a software switch functions like a single interface. It has an IP address, and all the interfaces in the software switch are on the same subnet. Traffic between devices connected to each interface is not regulated by security policies, while traffic passing in and out of the switch is controlled by the same policy.
When setting up a software switch, consider the following:
- Ensure that you have a backup of your configuration.
- Ensure that you have at least one port or connection, such as the console port, to connect to the FortiExtender unit. This ensures that, if you accidentally combine too many ports, you have a way to undo the error.
- The ports that you include must not have any link or relation to any other aspect of the FortiExtender unit, such as DHCP servers, security policies, and so on.
- Go to Networking > Switch Interface.
- Click Create Switch-Interface.
- Configure the name, interface members, and all the other required fields.
- Click Save.
config system switch-interface edit <interface> set members <interface_list> set span enable | disable // enable/disable spanning tree next end
Upon execution of the above commands, the following configuration will be automatically generated:
config system interface edit <interface> set type switch set status down next end
You can update the IP, allowaccess, and the other configurations based on the switch interface. And this interface can also be used in configuring the DHCP server, firewall policies, routes, and some other modules.