Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ksolovjova
Staff
Staff

Created on ‎11-29-2022 08:54 AM Edited on ‎02-03-2025 02:09 AM By Moderator

Article Id 231356

Technical Tip: Changes in Forward Error Correct (FEC) settings

Description

 

This article describes how to cover the changes in FEC settings for some FortiGates.

It is important to keep FEC settings the same on both FortiGate and switch sides, otherwise, ports will not get up due to mismatch.

 

It is especially important to keep in mind the changes when upgrading the setup to newer FortiOS versions from 6.2 and 6.4.

 

Scope

 

FortiGate, FortiOS.

Interfaces with speed or if the speed is set manually in the interfaces to 1000M, 10G, and 40G do not support the forward-error-correction and the default value will be set to disabled. Only the interface that supports 25G and 100G or manually set, supports the forward-error-correction, and the default value will be set to 'cl91-rs-fec' but can be changed as below.

 

Solution

 

In v7.0.3:

 

FG22E1-2 (port25) # set forward-error-correction ?
enable             <----- Enable forward error correction (FEC).
disable            <----- Disable forward error correction (FEC).

 

'Enable' was forked into two options - Reed-Solomon (FEC CL91) and Fire-Code (FEC CL74).

 

From v7.0.4:

 

FG22E1-2 (port25) # set forward-error-correction ?
disable             <----- Disable forward error correction (FEC).
cl91-rs-fec         <----- Reed-Solomon (FEC CL91).
cl74-fc-fec         <----- Fire-Code (FEC CL74).

 

By default, this setting has the 'cl91-rs-fec' function enabled.

 

It is possible to see the FEC type in the output of 'diagnose hardware deviceinfo nic <port number>' in the Link Settings section:

 

FG22E1-2 # diag hardware deviceinfo nic port25
<omitted>
======== Link Settings ==========
link_autonego :0
link_setting :1
link_speed :25000
link_duplex :1
link_fec :RS (0x3) ---> Current value, Reed-Solomon.
link_fec_cap :Off,RS,BaseR (0x1c) ---> Possible values: off, Reed-Solomon and Fire-Code.
link_serdes_if :SR
serdes_if_cap :GMII,SGMII,SR,LR,CR (0x3e)
serdes_dflt :3
pm_mode_setting :2
pm_mode :0x6
pm_mode_dflt :2
pm_port :Yes
medium_mode :0
========== Link Status ==========
<omitted>

 

In case the port does not support FEC, the link_fec and link_fec_cap values are None (0x0).

5180
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.