Fortinet black logo

Devices Managed by FortiOS

Home FortiSwitch 7.0.0 Devices Managed by FortiOS

HA-mode FortiGate units using hardware-switch interfaces and STP

7.0.0
7.0.8
7.0.4
7.0.2
7.0.1
7.0.0
6.4.5
6.4.3
6.4.2
6.4.0
6.2.3
6.2.2
6.2.1
6.2.0
6.0.4
6.0.3
6.0.1
6.0.0
6.0.0
3.6.3
3.6.0
3.5.4
Copy Link
Copy Doc ID d60ec86c-919f-11eb-b70b-00505692583a:801187
Download PDF

HA-mode FortiGate units using hardware-switch interfaces and STP

In most FortiLink topologies, MCLAG or LAG configurations are used for FortiSwitch redundancy. However, some FortiGate models do not support the FortiLink aggregate interface, or some FortiSwitch models do not support MCLAG.

The following network topology uses a hardware-switch interface on each FortiGate unit. Each FortiSwitch unit is connected to a single port of the hardware-switch interface of the FortiGate unit. The inter-switch link (ISL) between the FortiSwitch units provides redundancy.

For this network topology to function, use the following commands on each FortiLink hardware-switch interface:

config system interface

edit <FortiLink_hardware_switch_interface>

set stp enable

end

NOTE:

  • The FortiLink interface uses the Link Layer Discovery Protocol (LLDP) for neighbor detection. LLDP transmission must be enabled with the set lldp-transmission enable command before enabling Spanning Tree Protocol (STP).
  • STP and STP forwarding are both supported by the FortiLink hardware-switch interface.
  • The software-switch interface is not supported.

Previous
Next

HA-mode FortiGate units using hardware-switch interfaces and STP

In most FortiLink topologies, MCLAG or LAG configurations are used for FortiSwitch redundancy. However, some FortiGate models do not support the FortiLink aggregate interface, or some FortiSwitch models do not support MCLAG.

The following network topology uses a hardware-switch interface on each FortiGate unit. Each FortiSwitch unit is connected to a single port of the hardware-switch interface of the FortiGate unit. The inter-switch link (ISL) between the FortiSwitch units provides redundancy.

For this network topology to function, use the following commands on each FortiLink hardware-switch interface:

config system interface

edit <FortiLink_hardware_switch_interface>

set stp enable

end

NOTE:

  • The FortiLink interface uses the Link Layer Discovery Protocol (LLDP) for neighbor detection. LLDP transmission must be enabled with the set lldp-transmission enable command before enabling Spanning Tree Protocol (STP).
  • STP and STP forwarding are both supported by the FortiLink hardware-switch interface.
  • The software-switch interface is not supported.

Previous
Next