Fortinet black logo

New Features

FortiLink Auto Network Configuration Policy

Copy Link
Copy Doc ID 761d83e3-4a7b-11e9-94bf-00505692583a:764059
Download PDF

FortiLink Auto Network Configuration Policy

In 6.0, FortiLink supports automatic network detection and configuration. As links can automatically appear and disappear, this presents challenges for customization because administrators can only select the default QoS policy which is applied to all FortiSwitch units in the network. In some cases, this is enough, but larger and more complex topologies require more flexibility.

In 6.2, the Switch Controller introduces a network auto-config option, which contains configurable defaults, policy customization, and an individual interface override. This gives administrators simple and flexible control.

Following is a description of these options:

auto-config default Provides the default actions for the first hop (fgt-policy) and lower-tier devices (isl-policy).
auto-config policy A database containing policies that can be applied as a system-wide default or to a specific interface.
auto-config custom Allows for the override of the auto-config default on a specific interface. This information is retained and is reapplied if an interface leaves and then is rediscovered.
To configure automatic network detection:
  1. Create or modify an auto-config policy:
    config switch-controller auto-config  policy 
        edit test123 
            get
                name                : test123
                qos-policy          : default      <== leverage the default qos-policy
                storm-control-policy: auto-config  <== leverage auto-config storm-control-policy by default
                poe-status          : enable       <== If target of auto-config is poe port, keep poe-status enabled by default
        next
    end
  2. Designate an auto-config policy to FortiLink, ISL, or ICL on Managed FortiSwitches.
    config switch-controller auto-config default 
        get
            fgt-policy          : test123 
            isl-policy          : test123 
            icl-policy          : test123 
        set  ?
            fgt-policy    Default FortiLink auto-config policy.
            isl-policy    Default ISL auto-config policy.
            icl-policy    Default ICL auto-config policy.
    end
  3. Customize an auto-config policy for a specific FGT, ICL, or ISL interface.
    config switch-controller auto-config custom 
        edit ? 
          *name    Auto-Config FortiLink or ISL/ICL interface name.
        edit G5H0E391790XXXX
          new entry 'G5H0E391790XXXX' added
            config switch-binding 
                edit ?
                  *switch-id    Switch name.
                edit S524DN4K1500XXXX
                  new entry 'S524DN4K1500XXXX' added
                    get
                        switch-id           : S524DN4K1500XXXX
                        policy              : default 
                next
            end
        next
    end

FortiLink Auto Network Configuration Policy

In 6.0, FortiLink supports automatic network detection and configuration. As links can automatically appear and disappear, this presents challenges for customization because administrators can only select the default QoS policy which is applied to all FortiSwitch units in the network. In some cases, this is enough, but larger and more complex topologies require more flexibility.

In 6.2, the Switch Controller introduces a network auto-config option, which contains configurable defaults, policy customization, and an individual interface override. This gives administrators simple and flexible control.

Following is a description of these options:

auto-config default Provides the default actions for the first hop (fgt-policy) and lower-tier devices (isl-policy).
auto-config policy A database containing policies that can be applied as a system-wide default or to a specific interface.
auto-config custom Allows for the override of the auto-config default on a specific interface. This information is retained and is reapplied if an interface leaves and then is rediscovered.
To configure automatic network detection:
  1. Create or modify an auto-config policy:
    config switch-controller auto-config  policy 
        edit test123 
            get
                name                : test123
                qos-policy          : default      <== leverage the default qos-policy
                storm-control-policy: auto-config  <== leverage auto-config storm-control-policy by default
                poe-status          : enable       <== If target of auto-config is poe port, keep poe-status enabled by default
        next
    end
  2. Designate an auto-config policy to FortiLink, ISL, or ICL on Managed FortiSwitches.
    config switch-controller auto-config default 
        get
            fgt-policy          : test123 
            isl-policy          : test123 
            icl-policy          : test123 
        set  ?
            fgt-policy    Default FortiLink auto-config policy.
            isl-policy    Default ISL auto-config policy.
            icl-policy    Default ICL auto-config policy.
    end
  3. Customize an auto-config policy for a specific FGT, ICL, or ISL interface.
    config switch-controller auto-config custom 
        edit ? 
          *name    Auto-Config FortiLink or ISL/ICL interface name.
        edit G5H0E391790XXXX
          new entry 'G5H0E391790XXXX' added
            config switch-binding 
                edit ?
                  *switch-id    Switch name.
                edit S524DN4K1500XXXX
                  new entry 'S524DN4K1500XXXX' added
                    get
                        switch-id           : S524DN4K1500XXXX
                        policy              : default 
                next
            end
        next
    end