FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes the reboot requirement when enabling or disabling Enhanced load balancing for LAG interfaces on NP6-based FortiGate models.
Scope
FortiOS.
Solution
This article focuses on the reboot requirement when enabling or disabling Enhanced load balancing for LAG interfaces on NP6-based FortiGate models. While the feature improves traffic distribution across LAG member links, any change to this setting requires a system reboot.
When the command is applied, the system confirms that a reboot is required:
FG1 (global) # config system npu FG1 (npu) # set lag-out-port-select enable FG1 (npu) # end All LAG algorithm will be changed to hiding npu. The configuration will take effect after system reboot. Do you want to continue? (y/n)y
Secondary will reboot first, followed by primary reboot.
For standalone units, the device reboots immediately after confirmation.
For HA clusters, the reboot is coordinated:
The secondary unit reboots first.
The primary unit waits until the secondary has come back online and taken over the primary role, or for a maximum of 3 minutes after it boots up, whichever occurs first.
The previous primary then reboots, completing the configuration change across the cluster.
Recommendations.
Plan a maintenance window as a reboot is mandatory.
Verify model support: Available only on NP6-based FortiGates with ISF support.
Check HA health: Ensure both HA members are synchronized before applying the change.
