Fortinet black logo

FortiGate-7000 Release Notes

Home FortiGate-7000 6.4.6 FortiGate-7000 Release Notes

FGSP with LAG session synchronization interfaces

6.4.6
7.0.15
7.0.14
7.0.13
7.0.12
7.0.10
7.0.5
6.4.15
6.4.14
6.4.13
6.4.12
6.4.10
6.4.8
6.4.6
6.4.2
6.2.16
6.2.15
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.7
6.2.6
6.2.4
6.2.3
6.0.18
6.0.17
6.0.16
6.0.15
6.0.14
6.0.13
6.0.12
6.0.10
6.0.9
6.0.8
6.0.6
6.0.4
5.6.14
5.6.12
5.6.11
5.6.7
5.6.6
5.4.9
5.4.5
5.4.3
Copy Link
Copy Doc ID 5c9b4b3d-27b2-11ec-8c53-00505692583a:745967
Download PDF

FGSP with LAG session synchronization interfaces

The FortiGate-6000 and FortiGate-7000F for FortiOS 6.4.6 supports using a LAG for FGSP session synchronization. Using a LAG for session synchronization provides redundancy and load sharing. This feature is not currently supported by the FortiGate-7000E.

The FortiGate-6000 supports creating a 20 Gbps LAG consisting of the HA1 and HA2 interfaces to improve FGSP session synchronization capacity and performance. Using a LAG for session synchronization also provides redundancy and load sharing.

Example LAG configuration:

config system interface

edit ha1-ha2

set vdom mgmt-vdom

set ip 10.1.1.1 255.255.255.0

set type aggregate

set member ha1 ha2

end

Example standalone-cluster configuration:

config system standalone-cluster

set standalone-group-id 3

set group-member-id 1

set session-sync-dev ha1-ha2

end

Example cluster sync configuration:

config system cluster-sync

edit 1

set peervd mgmt-vdom

set peerip 10.1.1.2

set syncvd <vdoms >

end

Example HA configuration:

config system ha

set session-pickup enable

set session-pickup-connectionless enable

set session-pickup-expectation enable

set session-pickup-nat enable

end

The FortiGate-7000 supports creating a LAG consisting of the M1 and M2 or the M3 and M4 interfaces of one or both FIMs to increase the FGSP session synchronization bandwidth capacity or to distribute session synchronization traffic between both FIMs and provide redundancy. You can create a LAG of 100G interfaces using the M1 and M2 interfaces of one or both FIMs. You can create a LAG of 10G interfaces using the M3 and M4 interfaces of one or both FIMs. Choose the interfaces for the LAG depending on your session synchronization bandwidth requirements and the other uses you might have for the M1 to M4 interfaces.

Example LAG configuration using the M1 interfaces of both FIMs.

config system interface

edit sess-sync-lag

set vdom mgmt-vdom

set ip 10.1.1.1 255.255.255.0

set type aggregate

set member 1-M1 2-M1

end

Example cluster sync configuration:

config system cluster-sync

edit 1

set peervd mgmt-vdom

set peerip 10.1.1.2

set syncvd <vdoms >

end

Example HA configuration:

config system ha

set session-pickup enable

set session-pickup-connectionless enable

set session-pickup-expectation enable

set session-pickup-nat enable

end

Previous
Next

FGSP with LAG session synchronization interfaces

The FortiGate-6000 and FortiGate-7000F for FortiOS 6.4.6 supports using a LAG for FGSP session synchronization. Using a LAG for session synchronization provides redundancy and load sharing. This feature is not currently supported by the FortiGate-7000E.

The FortiGate-6000 supports creating a 20 Gbps LAG consisting of the HA1 and HA2 interfaces to improve FGSP session synchronization capacity and performance. Using a LAG for session synchronization also provides redundancy and load sharing.

Example LAG configuration:

config system interface

edit ha1-ha2

set vdom mgmt-vdom

set ip 10.1.1.1 255.255.255.0

set type aggregate

set member ha1 ha2

end

Example standalone-cluster configuration:

config system standalone-cluster

set standalone-group-id 3

set group-member-id 1

set session-sync-dev ha1-ha2

end

Example cluster sync configuration:

config system cluster-sync

edit 1

set peervd mgmt-vdom

set peerip 10.1.1.2

set syncvd <vdoms >

end

Example HA configuration:

config system ha

set session-pickup enable

set session-pickup-connectionless enable

set session-pickup-expectation enable

set session-pickup-nat enable

end

The FortiGate-7000 supports creating a LAG consisting of the M1 and M2 or the M3 and M4 interfaces of one or both FIMs to increase the FGSP session synchronization bandwidth capacity or to distribute session synchronization traffic between both FIMs and provide redundancy. You can create a LAG of 100G interfaces using the M1 and M2 interfaces of one or both FIMs. You can create a LAG of 10G interfaces using the M3 and M4 interfaces of one or both FIMs. Choose the interfaces for the LAG depending on your session synchronization bandwidth requirements and the other uses you might have for the M1 to M4 interfaces.

Example LAG configuration using the M1 interfaces of both FIMs.

config system interface

edit sess-sync-lag

set vdom mgmt-vdom

set ip 10.1.1.1 255.255.255.0

set type aggregate

set member 1-M1 2-M1

end

Example cluster sync configuration:

config system cluster-sync

edit 1

set peervd mgmt-vdom

set peerip 10.1.1.2

set syncvd <vdoms >

end

Example HA configuration:

config system ha

set session-pickup enable

set session-pickup-connectionless enable

set session-pickup-expectation enable

set session-pickup-nat enable

end

Previous
Next