Fortinet black logo

Link aggregation groups

Copy Link
Copy Doc ID 1f363a36-ba24-11ea-8b7d-00505692583a:352388
Download PDF

Link aggregation groups

This chapter provides information on how to configure a link aggregation group (LAG). For LAG control, the FortiSwitch unit supports the industry-standard Link Aggregation Control Protocol (LACP). The FortiSwitch unit supports LACP in active and passive modes. In active mode, you can optionally specify the minimum and maximum number of active members in a trunk group.

You can also use the CLI to specify how an aggregator groups ports when the trunk is in LACP mode. Ports can be grouped into the aggregator with the largest bandwidth or the aggregator with the most ports.

The FortiSwitch unit supports flap-guard protection for switch ports in a LAG.

This chapter covers the following topics:

Configuring the trunk and LAG ports

It is important to configure the trunk to prevent loops.
Using the GUI:
  1. Go to Switch > Port > Trunk and select Add Trunk.
  2. Give the trunk an appropriate name.
  3. For the mode, select Static, LACP Active, LACP Passive, or Fortinet Trunk.
  4. Add the required ports to the Included list.
  5. Select Create.
Using the CLI:

config switch trunk

edit <trunk name>

set aggregator-mode {bandwidth | count}

set description <description_string>

set members <ports>

set mode {lacp-active | lacp-passive | static}

set member-withdrawal-behavior {block | forward}

set lacp-speed {fast | slow}

set bundle [enable|disable]

set min_bundle <integer>

set max_bundle <integer>

set port-selection-criteria
{src-ip | src-mac | dst-ip |dst-mac | src-dst-ip |src-dst-mac}

end

end

Example configuration

The following is an example CLI configurations for trunk/LAG ports:

Trunk/LAG ports

  1. Configure the trunk 1 interface and assign member ports as a LAG group:

    config switch trunk

    edit trunk1

    set members "port1" "port2" "port3"

    set description test

    set mode lacp-passive

    set port-selection-criteria src-dst-ip

    end

  2. Configure the switch ports to have native VLAN assignments and allow those VLANs on the port that will be the uplink port:

    config switch interface

    edit port1

    set native-vlan 1

    next

    edit port2

    set native-vlan 2

    next

    edit port3

    set native-vlan 3

    next

    edit port4

    set native-vlan 4

    set allowed vlans 1 2 3

    next

    edit port5

    set native-vlan 5

    set allowed-vlans 1 2 3

    end

    end

  3. Configure the trunk 2 interface and assign member ports as a LAG group:

    config switch trunk

    edit trunk2

    set members "port4" "port5"

    set description test

    set mode lacp-passive

    set port-selection criteria src-dst-ip

    end

    end

Checking the trunk configuration

Using the GUI:

Go to Switch > Port > Trunk or Switch > Monitor > Trunks.

Using the CLI:

diagnose switch trunk list

Link aggregation groups

This chapter provides information on how to configure a link aggregation group (LAG). For LAG control, the FortiSwitch unit supports the industry-standard Link Aggregation Control Protocol (LACP). The FortiSwitch unit supports LACP in active and passive modes. In active mode, you can optionally specify the minimum and maximum number of active members in a trunk group.

You can also use the CLI to specify how an aggregator groups ports when the trunk is in LACP mode. Ports can be grouped into the aggregator with the largest bandwidth or the aggregator with the most ports.

The FortiSwitch unit supports flap-guard protection for switch ports in a LAG.

This chapter covers the following topics:

Configuring the trunk and LAG ports

It is important to configure the trunk to prevent loops.
Using the GUI:
  1. Go to Switch > Port > Trunk and select Add Trunk.
  2. Give the trunk an appropriate name.
  3. For the mode, select Static, LACP Active, LACP Passive, or Fortinet Trunk.
  4. Add the required ports to the Included list.
  5. Select Create.
Using the CLI:

config switch trunk

edit <trunk name>

set aggregator-mode {bandwidth | count}

set description <description_string>

set members <ports>

set mode {lacp-active | lacp-passive | static}

set member-withdrawal-behavior {block | forward}

set lacp-speed {fast | slow}

set bundle [enable|disable]

set min_bundle <integer>

set max_bundle <integer>

set port-selection-criteria
{src-ip | src-mac | dst-ip |dst-mac | src-dst-ip |src-dst-mac}

end

end

Example configuration

The following is an example CLI configurations for trunk/LAG ports:

Trunk/LAG ports

  1. Configure the trunk 1 interface and assign member ports as a LAG group:

    config switch trunk

    edit trunk1

    set members "port1" "port2" "port3"

    set description test

    set mode lacp-passive

    set port-selection-criteria src-dst-ip

    end

  2. Configure the switch ports to have native VLAN assignments and allow those VLANs on the port that will be the uplink port:

    config switch interface

    edit port1

    set native-vlan 1

    next

    edit port2

    set native-vlan 2

    next

    edit port3

    set native-vlan 3

    next

    edit port4

    set native-vlan 4

    set allowed vlans 1 2 3

    next

    edit port5

    set native-vlan 5

    set allowed-vlans 1 2 3

    end

    end

  3. Configure the trunk 2 interface and assign member ports as a LAG group:

    config switch trunk

    edit trunk2

    set members "port4" "port5"

    set description test

    set mode lacp-passive

    set port-selection criteria src-dst-ip

    end

    end

Checking the trunk configuration

Using the GUI:

Go to Switch > Port > Trunk or Switch > Monitor > Trunks.

Using the CLI:

diagnose switch trunk list