The VLAN optimization feature is available for FortiSwitch units managed by FortiGate and is applicable only to inter-switch link (ISL/ICL) trunk ports.

Note: ISL trunk ports are automatically formed between FortiSwitch units when they are managed by FortiGate.

The VLAN optimization feature can be configured on FortiGate by following the instructions in Enabling VLAN optimization - FortiSwitch v7.6.3 FortiLink guide.

Topology:

Config for the above topology:

VLANs configured (see Configuring VLANs - FortiSwitch FortiLink guide) under FortiLink: 10, 20, 30, 40, 50, and 4093

• PC1 is on VLAN 10.
• PC2 is on VLAN 20.
• PC3 is on VLAN 30.
• PC4 is on VLAN 40.
• PC5 is on VLAN 50.

VLAN Optimization Modes:

1. 'none': All VLANs on All ISL Ports (Legacy Behavior).

When set to none, all VLANs (1–4093) are allowed on all ISL trunk ports (T1 to T12).

This results in FortiSwitch units unnecessarily processing traffic from all VLANs, including those not locally used. This can affect performance due to unnecessary broadcast/multicast traffic processing.

2. 'configured': Only Configured VLANs on FortiLink Are Assigned to ISLs (Default Behavior)

When set to configured, only VLANs explicitly configured under the FortiLink interface are assigned to all ISL trunk ports.

As per the above topology, all ISL trunk ports (T1 to T12) will include VLANs 10, 20, 30, 40, 50, and 4093.

Note: VLAN 4093 will appear if a quarantine VLAN is configured. See Quarantines - FortiSwitch 7.6.3 FortiLink guide.

3. 'prune': Only VLANs required along the Path between destinations are assigned. This option is introduced in FortiOS v7.6.1 with FortiSwitchOS v7.6.1.

When set to prune, VLANs are dynamically assigned only to ISL trunk ports that are part of the communication path between destinations using those VLANs.

VLAN assignment on trunks with pruning enabled:

Trunk         VLANs Assigned

T1–T6         10, 20, 30, 40, 50, 4093

T8              20, 30, 40, 4093

T10, T12     30, 40, 4093

T7              10, 50, 4093

T9,T11        50, 4093

Note: VLAN 4093 will be included if a quarantine VLAN is configured. See Quarantines - FortiSwitch 7.6.3 FortiLink guide.

Benefits of VLAN Pruning:

VLAN pruning helps optimize the flooding domain for Broadcast, Unknown Unicast, and Multicast traffic. This is especially beneficial in large VLANs where this traffic could degrade performance.

Note: VLAN registration is propagated regardless of STP state. Some network topologies benefit from pruning, while others may not. Network administrators must evaluate based on network goals and design.

To verify the VLAN assignment, run the following command on the FortiSwitch:

show switch trunk <----- This command will give all trunks. Verify which ones are the ISL trunks and use the command below to verify the VLANs assigned on the trunk.

show switch interface <ISL-trunk-name>

diagnose switch vlan-pruning dynamic-vlan list <ISL-trunk-name>