Description

 

This article describes how to enable Jumbo frames on the FortiSwitches that are managed by the FortiGate (via FortiLink).

 

Scope

 

FortiGate v6.4, v7.0, v7.2.8 and v7.4, FortiSwitch: v6.4, v7.0, v7.2.3 and v7.4.

 

Solution

 

1. Enable Jumbo frame on the FortiLink interface:

 

config system interface
    edit "fortilink"
        set mtu-override enable
        set mtu 9000
    next
end

 

The MTU will be valid for all the VLANs defined within the FortiLink interface.

 

2. Make sure that all the physical ports are configured with max frame size where JUMBO frames are required. This needs to be enabled on the ports that are part of the FortiLink trunk and the ports where the server or SAN devices are connected.
   
   The following setting needs to be configured on the switch side, because the switch side calls the FortiLink trunk, and the FortiGate calls the FortiLink interface.

         

 

config switch physical-port
    edit "port1"
        set max-frame-size 9216
        set speed auto
        set status up
        set storm-control-mode disabled
    next
end

 

3. Configure the internal interface with a static IP address to enable the MTU override option. Then set the MTU as 9000.

config system interface
    edit "internal"
        set ip 10.255.1.3 255.255.255.0
        set allowaccess ping https ssh
        set type physical
        set snmp-index 58
        set mtu-override enable
        set mtu 9000
    next
end

After completing step 3, reboot the FortiSwitch for the changes to take effect on all the configured VLANs. (This is mandatory).

 

 

Verification for jumbo frames:

Create a VLAN called JUMBO: 192.168.15.1/24  under the FortiLink interface. Make sure to enable the Ping under the VLAN settings:

 

config system interface

    edit "JUMBO"

        set vdom "root"

        set ip 192.168.15.1 255.255.255.0

        set allowaccess ping

        set device-identification enable

        set role lan

        set snmp-index 49

        set ip-managed-by-fortiipam disable

        set interface "fortilink"

        set vlanid 301

    next

end

 

Next a virtual interface was created on the FortiSwitch with the same name as shown below:

 

S648FFTV23-----5 (JUMBO) # show

config system interface

    edit "JUMBO"

        set ip 192.168.15.10 255.255.255.0

        set snmp-index 65

        set vlanid 301

        set interface "internal"

    next

end

 

Setting up the ping options with data size 8960 and df bit set to yes:

With these settings:

 

S648FFTV23-----5 # execute ping-options data-size 8900

S648FFTV23-----5 # execute ping-options df-bit yes

 

S648FFTV23-----5 # execute ping-options view-settings

Ping Options:

        Repeat Count: 5

        Data Size: 8960

        Timeout: 2

        Interface: auto

        Interval: 1

        TTL: 64

        TOS: 0

        DF bit: set

        Source Address: auto

        Pattern:

        Pattern Size in Bytes: 0

        Validate Reply: no

        Adaptive Ping: disable

 

S648FFTV23-----5 # execute ping 192.168.15.1

PING 192.168.15.1 (192.168.15.1): 8960 data bytes

8968 bytes from 192.168.15.1: icmp_seq=0 ttl=255 time=0.5 ms

8968 bytes from 192.168.15.1: icmp_seq=1 ttl=255 time=0.4 ms

8968 bytes from 192.168.15.1: icmp_seq=2 ttl=255 time=0.4 ms

8968 bytes from 192.168.15.1: icmp_seq=3 ttl=255 time=0.4 ms

8968 bytes from 192.168.15.1: icmp_seq=4 ttl=255 time=0.3 ms

 

--- 192.168.15.1 ping statistics ---

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max = 0.3/0.4/0.5 ms

 

Reference articles:

• Technical Tip: Configure jumbo frame support
• Technical Tip: Configure Jumbo Frame in FortiSwitch