Description
This article describes the limitation of maximum interfaces supported by a FortiGate.
Solution
The 802.3ad standard and Fortinet allow a maximum of eight interfaces to be aggregated.
However, at this time the number of physical interfaces available on FortiGate may limit this further because of the hash algorithm used to distribute the traffic in the link.
The recommendation is to use either 2, 4 or 8 physical ports in the aggregate.
In order to define an interface as a member of an aggregate interface, there should be no references to it.
This can be checked via GUI and CLI both.
GUI -> Dashboard -> Network -> Interfaces - portx -> check the reference column
CLI:
diagnose sys cmdb refcnt show system.interface.name portx ---> where x is the interface, e.g., port1
(The output should be blank which indicates no references)
Limitations :
1) A physical interface may belong to no more than 1 aggregated interface.
2) An aggregated interface has to be specified as a non tagged interface in no more than one VLAN (there are no limitations for aggregated interfaces used as tagged interfaces; in other words, an aggregated interface has to be specified as a tagged interface in multiple VLANs).
3) When assigning interfaces (physical or aggregated) to a VLAN, only one interface (physical or aggregated) can be assigned to a VLAN.
To assign two physical interfaces to the same VLAN, create an aggregated interface containing those two physical interfaces, and then assign the aggregated interface to the VLAN.
Related link:
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/207052/ha-with-802-3ad-aggregate-interfa...
Related Articles
Technical Note / FAQ: FortiGate and FortiOS support for 802.3ad (LACP - Link Aggregation)
