Hi Community,
So I have a question whether this LACP will work or not. I need your views on this also is there any other way on how I can improve this redundancy.
I have 2 Cisco Switches (Stacked) acting as a link switch.
FGT is in HA (Active and Passive).
Here there are 4 ports that are members of a single port-channel in Cisco switch.
And whereas in FortiGate there are 2 ports each in LACP.
Will it work?
Regards,
Shailesh
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
The LACP link will be up, but there will be traffic issues. For example the switch can forward the traffic to passive node as part of load balancing , but passive node will drop the packets.
We can use "set lacp-ha-slave disable" on FGT, and make the LACP down on passive node, but this will influence the failover time and can cause traffic disruption.
Ideal would be to use 2 separate port channels on switch and fortigate nodes.
Ref: https://community.fortinet.com/t5/FortiGate/Technical-Tip-LACP-behavior-in-an-HA-cluster/ta-p/195163
The LACP link will be up, but there will be traffic issues. For example the switch can forward the traffic to passive node as part of load balancing , but passive node will drop the packets.
We can use "set lacp-ha-slave disable" on FGT, and make the LACP down on passive node, but this will influence the failover time and can cause traffic disruption.
Ideal would be to use 2 separate port channels on switch and fortigate nodes.
Ref: https://community.fortinet.com/t5/FortiGate/Technical-Tip-LACP-behavior-in-an-HA-cluster/ta-p/195163
Ahh okay!
So I should be using 2 port-channels.
Example: In port-channel 1 both links for active FGT while port-channel 2 both links to slave FGT.
Regards,
Shailesh
Hi@ShaileshMdr , that is correct.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1631 | |
1063 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.