When using the 1000-Base-T RJ45 copper SFP module, the port shows as 'up' or online even when there is no UTP (Unshielded Twisted Pair) cable connected to the Transceivers.

The 1000-Base-T RJ45 copper SFP module is a particular module which requires the use of 1000auto speed configuration.

Using other speed configs like 1000full or auto-module may cause the link to not come online or could cause the issue in the example below.

This example assumes the following setup:

• Laptop1 using port43 through FortiSwitch FSW1 (port47, 48 in LACP).
• FortiSwitch FSW2 using port43 to connect to Laptop2.
• Port47 and port48 are in LACP, using a 1000-Base-T copper SFP module. The default port speed setting is auto-module.

Upon disconnecting the RJ-45 cable on FSW1 or FSW2 on port47 or port48, the traffic between the laptops is lost for 20-30 seconds.

When the SFP module is disconnected, less than 2 seconds of drop are visible.

This occurs because, according to the switch, the Mac layer port is still up when a cable is disconnected. Therefore, the LACP trunk relies on LACP protocol to detect when a member port is down instead of when a physical port is down, meaning the process takes longer.

Solution:

Change the speed on port47 and port48 on both switches to 1000auto.

Run the following command to do this:

config switch physical-port

    edit port#

        set speed 1000auto

    end

To push the speed configuration from FortiGate for managed FortiSwitches, run the below command on FortiGate:

FGT# config switch-controller managed-switch

FGT(managed-switch) # edit <SWITCH-ID>

FGT(SWITCH-ID) # config ports

FGT(ports) # edit port#

FGT(port#) # set speed 1000auto

FGT(port#) # end

FGT(SWITCH-ID) # end

Note that auto-module is not auto-negotiation. 1000auto simply enables auto-negotiation.

Additionally, auto-module means disabling the auto-negotiation and auto-detect speed based on the module, meaning it will not negotiate speed with the remote side.