Description
This article describes the meaning of values assigned to 'auto-isl'.
FortiLink and 'isl-fortilink' in FortiLink trunk config that gets automatically in managed FortiSwitch (FSW).
Solution
When FortiSwitch is managed by FortiGate, FortiLink trunk is configured automatically in FortiSwitch.
The FortiLink trunk config does not have to be changed.
Refer to below example:
This article describes the meaning of values assigned to 'auto-isl'.
FortiLink and 'isl-fortilink' in FortiLink trunk config that gets automatically in managed FortiSwitch (FSW).
Solution
When FortiSwitch is managed by FortiGate, FortiLink trunk is configured automatically in FortiSwitch.
The FortiLink trunk config does not have to be changed.
Refer to below example:
- Referring to the diagram, there will be FortiLink trunks created on each switch automatically:
On switch S248*****00075: There is 3 FortiLink trunks: one to FGT, one to S248*****02609 and one to S248*****00001.
On switch S248*****00001: There is 1 FortiLink trunk connected to S248*****00075.
On switch S248*****02609: There is 1 FortiLink trunk connected to S248*****00075.
- Now, lets verify this by taking CLI access to the switches:
This is also configured automatically on all FortiSwitches. For example:
FortiLink: Set the FortiLink trunk.
set FortiLink 0 (FortiLink trunk NOT connected to FortiGate), 1 (FortiLink trunk connected to FortiGate)
'0' value is set on trunk if the port (mapped to this trunk) is not directly connected to FortiGate.
'1' value is set on trunk if the port (mapped to this trunk) is directly connected to FortiGate.
Refer the example above.
isl-fortilink : Set the isl-fortiLink trunk.
set isl-fortilink 0 (FortiLink NOT detected by LLDP), 1 (Detect Fortilink by LLDP)
'set isl-fortilink' value is based on FortiLink-neighbor-detect configuration in FortiLink interface on FortiGate. For eg:-
If FortiLink is set, then in the FortiSwitch, the FortiLink trunk value will be: 'set isl-fortilink 0' and 'set fortilink to 1'.
On switch S248*****00075: There is 3 FortiLink trunks: one to FGT, one to S248*****02609 and one to S248*****00001.
On switch S248*****00001: There is 1 FortiLink trunk connected to S248*****00075.
On switch S248*****02609: There is 1 FortiLink trunk connected to S248*****00075.
- Now, lets verify this by taking CLI access to the switches:
FGT# execute ssh admin@<switchip>If 'show full-configuration switch trunk' is executed, notice one more parameter 'isl-fortilink'.
S248*****00075 # show switch trunk
# config switch trunk
edit "8******00001-0" <----- Trunk created between FortiSwitch.
set mode lacp-active
set auto-isl 1
set mclag-icl enable
set members "port23"
next
edit "8*****02609-0" <----- Trunk created between FortiSwitch.
set mode lacp-active
set auto-isl 1
set mclag enable
set members "port25"
next
edit "G200E********" <----- Trunk created between FortiGate and FortiSwitch (direct link between FortiGate and FortiSwitch).
set auto-isl 1
set fortilink 1
set mclag enable
set members "port48"
next
end
S248*****00001 # show switch trunk
config switch trunk
edit "8******00075-0" <----- Trunk created between FortiSwitch.
set mode lacp-active
set auto-isl 1
set mclag-icl enable
set members "port23"
end
S248*****02609 # show switch trunk
config switch trunk
edit "_FlInK1_MLAG0_" <----- Trunk created between FortiSwitch.
set mode lacp-active
set auto-isl 1
set mclag enable
set members "port26"
next
end
This is also configured automatically on all FortiSwitches. For example:
S248*****00001 # show full-configuration switch trunk'1' value is set if its auto-configured FortiLink trunk.
# config switch trunk
edit "8*******00075-0"
set port-selection-criteria src-dst-ip
set description ''
set mode lacp-active
set member-withdrawal-behavior block
set bundle disable
set auto-isl 1
set fortilink 0
set isl-fortilink 0
set mclag-icl enable
set members "port23"
set lacp-speed slow
next
- Now, see the values assigned to auto-isl. FortiLink and isl-fortilink by default.
auto-isl :- Automatically forms an ISL-encapsulated trunk, upto the specified maximum size.
set auto-isl 0 (not ISL trunk), 1 (ISL trunk)
'0' value is set when you manually create a trunk. For example:# show full-configuration switch trunk
edit "test"
set port-selection-criteria src-dst-ip
set description ''
set mode lacp-active
set member-withdrawal-behavior block
set bundle disable
set auto-isl 0
set fortilink 0
set isl-fortilink 0
set mclag enable
set members "port2"
set lacp-speed slow
next
end
FortiLink: Set the FortiLink trunk.
set FortiLink 0 (FortiLink trunk NOT connected to FortiGate), 1 (FortiLink trunk connected to FortiGate)
'0' value is set on trunk if the port (mapped to this trunk) is not directly connected to FortiGate.
'1' value is set on trunk if the port (mapped to this trunk) is directly connected to FortiGate.
Refer the example above.
isl-fortilink : Set the isl-fortiLink trunk.
set isl-fortilink 0 (FortiLink NOT detected by LLDP), 1 (Detect Fortilink by LLDP)
'set isl-fortilink' value is based on FortiLink-neighbor-detect configuration in FortiLink interface on FortiGate. For eg:-
FG100D3GXXXXXXXX # config system interfaceIf lldp is set, then in the FortiSwitch, the FortiLinktrunk value will be: 'set isl-fortilink 1” and 'set fortilink to 0'.
FG100D3GXXXXXXXX (interface) edit flink-lag <----- 'flink-lag' is the name of the fortlink interface (dedicated to FortiSwitch) created on FortiGate.
FG100D3GXXXXXXXX (flink-lag) set fortilink-neighbor-detect ?
lldp <----- Detect FortiLink neighbors using LLDP protocol.
fortilink <----- Detect FortiLink neighbors using FortiLink protocol.
If FortiLink is set, then in the FortiSwitch, the FortiLink trunk value will be: 'set isl-fortilink 0' and 'set fortilink to 1'.
