Fortigate - ARP-Issues after Upgrade 5.6.6 to 5.6.9 - Unicast flooded to all switch-ports

Hi!

I just updated my 200E-Cluster from 5.6.6 to 5.6.9. Now, I have a very strange issue:

The unicast-traffic that passes the fortigate is "acting" like broadcast-traffic.

--> The traffic is sent to every switchport

If I monitor the traffic on ANY switchport, I see all the unicast-packets, that where routed by the fortigate.

If I ping the fortigate from the destination IP, the problem stops instantly.

Do you have any idea, what happens there?

For me, the Fortigate seems to "forget" to use the ARP-table for those packets. If I have "incoming" traffic (destination=fortigate), that ARP seems to work fine.

The ARP for one test-server:

#diagnose ip arp list | grep 10.49.0.48 index=34 ifname=DMZ-HO-Bond 10.49.0.48 00:50:56:89:xx:xx state=00000004 use=369512 confirm=372713 update=368876 ref=4

Thank you for your help!

KPS