Aggregation
Link aggregation (IEEE 802.3ad) enables you to bind two or more physical interfaces together to form an aggregated (combined) link. This new link uses the total bandwidth of the functioning links in the group, up to eight. If a link in the group fails, traffic is transferred automatically to the remaining interfaces. The only noticeable effect is reduced bandwidth.
Only physical interfaces can be used in an aggregated (combined) link. You cannot aggregate VLAN interfaces, subinterfaces, or HA heartbeat interfaces. Each physical interface can belong to only one aggregated interface. If VDOM is enabled, all interfaces in the aggregated interface must be in the same VDOM.
Interfaced included in an aggregate interface are not listed under Network > Interfaces and cannot be configured individually with an IP address, DHCP, or PPPoE. They also cannot not be referenced in security policies, VIPs, IP pools, routing, or multicast policies. While you can see such interfaces in the CLI, configurations for those interfaces do not take effect.
Example configuration
This example creates an aggregate interface on a FortiProxy using ports 3-5 with an internal IP address of 10.1.1.123, as well as the administrative access to HTTPS and SSH.
To create an aggregate interface in the GUI:
- Go to Network > Interfaces and select Create New > Interface.
- Set Name to aggregate.
- Set Type to 802.3ad Aggregate.
- Set Interface members to port4, port5, and port6.
- Set Addressing mode to Manual.
- Set IP/Netmask to 10.1.1.123/24.
- For Administrative Access, select HTTPS and SSH.
- Click OK.
See Create or edit an interface for more information.
To create an aggregate interface in the CLI:
config system interface edit "aggregate" set vdom "root" set ip 10.1.1.123 255.255.255.0 set allowaccess https ssh set type aggregate set member "port4" "port5" "port6" set snmp-index 45 next end
See config system interface
for more information.