Hardware switch
A hardware switch is a virtual switch interface that groups different ports together so that the FortiGate can use the group as a single interface. Supported FortiGate models have a default hardware switch called either internal or lan. The hardware switch is supported by the chipset at the hardware level.
Ports that are connected to the same hardware switch behave like they are on the same physical switch in the same broadcast domain. Ports can be removed from a hardware switch and assigned to another switch or used as standalone interfaces.
Some of the difference between hardware and software switches are:
|
Feature |
Hardware switch |
Software switch |
|---|---|---|
|
Processing |
Packets are processed in hardware by the hardware switch controller, or SPU where applicable. |
Packets are processed in software by the CPU. |
|
STP |
Supported |
Not Supported |
|
Wireless SSIDs |
Not Supported |
Supported |
|
Intra-switch traffic |
Allowed by default. |
Allowed by default. Can be explicitly set to require a policy. |
To change the ports in a hardware switch in the GUI:
- Go to Network > Interface and edit the hardware switch.
- Click inside the Interface members field.
- Select interfaces to add or remove them from the hardware switch, then click Close. Only available interfaces will be listed.
- Click OK.
Removed interfaces will now be listed as standalone interfaces in the Physical Interface section.
To remove ports from a hardware switch in the CLI:
config system virtual-switch
edit "internal"
config port
delete internal2
delete internal5
end
next
end
To add ports to a hardware switch in the CLI:
config system virtual-switch
edit "internal"
set physical-switch "sw0"
config port
edit "internal1"
next
edit "internal3"
next
edit "internal4"
next
edit "internal6"
next
end
next
end