i know there is a number of configured dhcp servers per VDOM.
Does anyone know if this limitation is applied for DHCP relay agents as well?
Go to Solution.
just got the bellow answer from Fortinet TAC.
after a short consulting it seems that DHCP agent max limit supposed to be is the same as the DHCP server limit, which on the 60E unit is standing on max 32.
View solution in original post
Search for a document called the 'Maximum Values Matrix.' The limit depends on the firewall model. Larger units have larger pools, naturally. You didn't specify your model, so no one could answer that for you.
Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
ive already checked that document but it only mention DHCP server and not DHCP relay agent.
Although I don't know the aswer but I would assume dhcp relay's limit is differnt from DHCP server's, which takes memory to do stateful operation.
I read somewhere the number of server IPs you can configure in a dhcp-relay was 8. And I would guess if there is any limitation exist, it would be the number of interfaces instead.
I don't think it's written anywhere. So you need to open a TT at TAC to ask. You might get a similar answer from them.
I agree - I could not actual find any info on DHCP relay agent limit, so I would assume any configurable interface will have it as a option.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
apparently, this limitation that was approved by forti support is not real.
ive tested with FG100E (256 dhcp relay limitation)
and more than 550 relay agents worked and forward the dhcp requests.
I would open a ticket again referring the old one to confirm the fact. You might need to get it escalated to one level up than the previous tier.
That's an interesting finding. Thank you for letting all of us know.
I have a 60E with about 90 interfaces running DHCP relay. Seems that limit is not accurate.
I just tried to move all DHCP to the Fortigate and hit the 32 DHCP server limit per VDOM. Uggghh, I was excited to eliminate another device, but I guess that's not happening.