Hello,
I have problems with a cluster after adding an additional VLAN (106) to an aggregated interface:
[ul]
edit "LACP-Port2" set vdom "root" set ip 10.41.1.1 255.255.255.0 set allowaccess ping https ssh snmp fgfm set type aggregate set member "port5" "port6" "port7" "port8" set device-identification enable
This is the first VLAN I added to the "LACP-Port2": edit "vlan106" set vdom "root" set dhcp-relay-service enable set ip 10.41.106.1 255.255.255.0 set allowaccess ping set subst enable set snmp-index 15 set interface "LACP-Port2" set vlanid 106
Let´s look at switch S. It show the same cluster mac-address from the (master cluster) member A and the (slave cluster) member B on different VLANs:
0009-0f09-0005 1 Learned Bridge-Aggregation3 AGING 0009-0f09-0005 106 Learned Bridge-Aggregation3 AGING 0009-0fd1-8da7 1 Learned Bridge-Aggregation2 AGING 0009-0fd1-8da7 246 Learned Bridge-Aggregation2 AGING Can someone explain why this happens at all?
Regards
Michael
Hi,
A Fortigate will always use the MAC address of the parent interface for all VLAN sub-interfaces. For standalone operation as well as for virtual cluster MAC addresses.
Where do you encounter a problem - a MAC address has only to be unique in a broadcast domain...
Br,
Roman
And should not cause a problem at layer2 switch forward table. this is normal behavior and function BTW
Ken
PCNSE
NSE
StrongSwan
Well, thanks guys. I thought about bridged ports within the Fortigate cluster...
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.