Hello,
When we create a new interface, what's the different between VLAN Switch, Software Switch and Hardware Switch ?!
Thanks for your reply.
Hello,
Software Switch:
- You can bind different physical interfaces together and want all of them to be on the same subnet.
For example, if your FortiGate unit has interfaces : 4-port switch, WAN1, WAN2 and DMZ
- You need one more port, then you can create a soft switch that can include the 4-port switch and the DMZ interface all on the same subnet. These types of applications also apply to wireless interfaces and virtual wireless interfaces and physical interfaces such as those with FortiWiFi and FortiAP unit. Similar to a hardware switch, a software switch functions like a single interface. A software switch has one IP address; all of the interfaces in the software switch are on the same subnet. Traffic between devices connected to each interface are not regulated by security policies, and traffic passing in and out of the switch are affected by the same policy. Virtual Switch: Virtual switch feature enables you create virtual switches on top of the physical switch(es) with designated interfaces/ports so that a virtual switch can build up its forwarding table through learning and forward traffic accordingly. When traffic is forwarded among interfaces belonging to the same virtual switch, the traffic doesn't need to go up to the software stack, but forwarded directly by the switch. When traffic has to be relayed to interfaces not on the virtual switch, the traffic will go through the normal data path
Hardware Switch:
- It is just a L2 switch which is used for reference in comparing the above
Cheers!
Sorry, missed about the vlan switch.
VLAN switch is the term used for the actual switch which is configured with complete vlan database
On the Fortigate, you can configure a sub-interface (VLAN interface) with the VLAN ID(depending on the vlan's you have)
Cheers!
Hello,
Just want to know if we can configure aggregated interface in redundancy or not?
As I have checked, Redundant interface passes traffic through only one interface at a time.
So is it possible to have 2 different pairs of interfaces which we can add in redundant interface.
Thanks
Keep in mind a software switch allows you to bind multiple and different interfaces types ( PHY+WLAN ) where a hardware switch is a group of interfaces.
Vlan.SWITCH just supports vlan.id in the switch profile and not all units have hardware switch and in some units, you can group 2 or more hardware switches iirc.
Ken
PCNSE
NSE
StrongSwan
Hello,
I also want to know does software / hardware switch setup can function as redundancy use? It is because lower end model (under 100D) did not support LACP mode running.
Thanks!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.