Description

This article describes how to check the MAC address table in Transparent mode.

Scope

FortiGate.

Solution

In Transparent mode, FortiGate forwards Layer 2 traffic using its Layer 2 forwarding database (FDB). The FDB can be displayed with the following command:

diagnose netlink brctl name host root.b

This command applies to the root VDOM. The ARP table is used only for IP communications initiated or terminated by the FortiGate unit.

ARP and GARP packets received from external devices are used to populate the Layer 2 FDB and to update destination MAC addresses for existing sessions if a MAC address changes.

The following commands display the Layer 2 forwarding table for each VDOM bridge instance:

config global
diagnose netlink brctl name host <VDOM_name>.b

Example for the root VDOM:

diagnose netlink brctl name host root.b
diagnose netlink brctl list

Sample output of the above commands:

FGT # diagnose netlink brctl name host root.b

show bridge control interface root.b.host
fdb: size=256, used=6, num=7, depth=2, simple=no
Bridge root.b host table

port no device devname mac_addr ttl attributes
2 7 wan1 02:09:0f:74:12:01 0 Local Static
5 6 wan2 02:09:0f:74:12:02 0 Local Static
3 8 mgmt 02:09:0f:74:12:03 0 Local Static

FGT # diagnose netlink brctl list

list bridge information

1. root.b fdb: size=256 used=6 num=7 depth=2 simple=no

Total 1 bridges