Help
FortiSwitch
FortiSwitch: secure, simple and scalable Ethernet solutions
gvenkatesan
Staff
Staff

Created on ‎08-26-2024 12:05 AM

Article Id 336273

Technical Tip: How to share topology diagram for FortiSwitches managed via FortiLink for larger deployments

Description

This article describes how to convert the FortiSwitch topology derived in DOT format to a visual graph.
Scope FortiSwitches are managed by the FortiGate firewall or FortiSwitch Manager v6.4.x,v7.0.x,v7.2.x, v7.4.x and v7.6.x.
Solution

For troubleshooting STP issues or any other topology-related issues, users are required to share the topology diagram with the TAC engineers.

 

Customers with large deployments, such as managing hundreds of switches, find it difficult to share the topology diagram in PDF format.

 

Although the topology diagram can be obtained from the FortiGate firewall as shown below, things get difficult when the number of managed switches exceeds 20.

 

topology diagram.png

 

To accommodate all the switches in a single webpage, it will be necessary to zoom out quite a bit and all the details on the webpage would be pixelated when captured as PDF resulting in a loss of visual fidelity.

 

For capturing the topology large deployments use the method shown below:

 

  • Login into the FortiGate firewall and execute the command 'execute switch-controller get-physical-conn dot  <fortilink-interface-name>'.
  • The sample output is shown below:

 

FortiWiFi-40F # execute switch-controller get-physical-conn dot fortilink


This will display connectivity graph information for FortiLink from FortiGate's perspective.
Notes:

  • If FortiSwitch is not authorized, no connectivity information will be shown.
  • If FortiSwitch is in an idle state, no connectivity information will be shown.
  • If the FortiSwitch ISL peer has inconsistent info, no connectivity information will be shown.

FortiLink interface : fortilink
digraph {

graph [layout = dot, rankdir = TB]

node [shape = rectangle, style = filled, color = grey]

//fgt cluster
node [fillcolor = red]
FWF40FTK23000314

//tier 1
node [fillcolor = blue]
S148FFTF21026483

//tier 2+
node [fillcolor = green]
edge [color = grey, arrowhead=none]
FWF40FTK23000314 -> {S148FFTF21026483 }
S148FFTF21026483 -> {S124EF5918008699 }
{rank=same; FWF40FTK23000314}
{rank=same; S148FFTF21026483}

}

 

In this example, the Fortilink interface name is 'fortilink'. Now copy the command output and get them copied to an image editor that supports graphviz format such as GVEdit, so the output is displayed as a graph as shown below. If having any difficulties, share the command output on the Support ticket. The TAC team will have them converted into graphs. 

 

sample graph.png
161
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.