Skip to main content
DTR
DTR
New Member
October 18, 2019
Question

VxRails on FortiSwitch

  • October 18, 2019
  • 1 reply
  • 5718 views

Has anyone run into communication issues with VxRails (vSAN) on FortiSwitches?   The setup is technically a "stretch cluster" in the vSAN world.  

 

We have a two node VxRail cluster connected at 10G on SPF+ ports on a FortiSwitch.  The switch is managed by the FortiGate which has a VPN to a remote FortiGate.  We are having issues passing traffic from the nodes to a remote node (called a Witness).  I suspect an MTU issue but we are getting inconsistent results.  Ping of various sizes pass as well as other http traffic but the "Witness" traffic does not.  We see fragments and we have tried changing the MTU within the vSan environment.  We just have not found the right settings.  Or this could be some other issue.  

 

VxRail E560F running 4.7.211

FortiGate 100E running v6.0.6 build0272 (GA)

FortiSwitch 448D running S448DP-v6.0.4-build0064

 

    1 reply

    Richard_Colley
    Richard_Colley
    New Member
    November 22, 2019

    Is the vSAN old enough (or configured) to require multicast support?  If so, have you enabled IGMP snooping on the switch?

    gboykin
    gboykin
    New Member
    January 25, 2021

    I realize this is an older link, but wanted to check to see if anyone else has had any experience with VXRail nodes on Fortiswitch?  We currently are migrating our switch infrastructure from Ruckus/Brocade models to Fortinet.  We ran into an issue when moving our VXRail cluster nodes from the current Brocade 7750 to the new Fortiswitch 1048E.  I believe it has something to do with us needing to configure the multicast requirement needs for VSAN and the nodes to communicate to each other.  Below are the original specifications from Dell/EMC when we configured the Ruckus/Brocade devices.  Please let me know if you have any experience or can link me to documentation on configuring the requirements.

     

    • No port aggregation on any of the 10Gb ports the VxRail nodes will use • IPv4 and IPv6 Multicast must be enabled on the management vlan  • IPv4 Multicast must be enabled on the VSAN VLAN • MLD Snooper and querier may be used to limit the scope of the IPv6 Multicast. • If used, you must use both snooping and querier not one or the other • IGMP snooper and querier may be used to limit the scope of IPv4 multicast • If used, you must use both snooping and querier not one or the other • All 10Gb ports used by the VxRail must be trunk ports and see all vlans  • All VLANs must traverse ISL’s between the switches • The management VLAN must traverse the uplink to the rest of your network • Port aggregation is permitted on ISL and uplinks

    anis_bhuiyan
    anis_bhuiyan
    New Member
    October 9, 2021

    Hello @gboykin,

     

    Though you did not received any update in this regards, I want to know your feedback on this experiance. Can you share please?

    Terms & ConditionsAccessibility statement