Description
This article describes the expected topologies with LACP bundles in a FortiGate HA cluster.
Scope
FortiGate.
Solution
It is a question that is often asked when LACP connections to the local switches are not coming up as expected.
These are the most common and expected topologies (valid for both A-P and A-A clusters), while the most common mistakes are shown below.
Notes:
- If the switches are deployed in an MCLAG topology, the dual-homed connection for LACP will work, and each FortiGate will have its own LACP bundle.
Reference: Deploying MCLAG topologies.
- For version 7.2.1 onwards, lacp-ha-slave has been replaced with lacp-ha-secondary.
When it comes to LACP, each unit must have its own LACP bundle on the switch.
HA with 802.3ad aggregate interfaces
'Link aggregation, HA failover performance, and HA mode'.
Related documents:
Technical Tip: High Availability basic deployment design
HA with 802.3ad aggregate interfaces
Technical Tip: Initial troubleshooting steps for LACP (Link Aggregation - 802.3ad)
Technical Tip: HA Cluster virtual MAC addresses
Troubleshooting Tip: Verifying physical and HA Virtual MAC addresses of FortiGate interfaces
Technical Tip: FortiGate HA A-P (Active-Passive) cluster connected to a L2 switch with LACP (802.3ad...
Aggregation and redundancy
