In most FortiLink topologies, MCLAG or LAG configurations are used for FortiSwitch redundancy. However, some FortiGate models do not support the FortiLink aggregate interface, or some FortiSwitch models do not support MCLAG.
The following network topology uses a hardware-switch interface on each FortiGate unit. Each FortiSwitch unit is connected to a single port of the hardware-switch interface of the FortiGate unit. The inter-switch link (ISL) between the FortiSwitch units provides redundancy.
For this network topology to function, use the following commands on each FortiLink hardware-switch interface:
config system interface
set stp enable
- The FortiLink interface uses the Link Layer Discovery Protocol (LLDP) for neighbor detection. LLDP transmission must be enabled with the
set lldp-transmission enablecommand before enabling Spanning Tree Protocol (STP).
- STP and STP forwarding are both supported by the FortiLink hardware-switch interface.
- The software-switch interface is not supported.
- If the FortiGate model does not support aggregate interfaces, you need to configure the FortiGate unit to be the Common and Internal Spanning Tree (CIST) by assigning the lowest STP priority to the FortiGate unit and placing each switch in a different region. You can assign the STP priority to the FortiGate unit with the
set switch-prioritycommand under
config system stp. You can move a switch to another region with the
set revisioncommand under