LAG FortiSwitch to Fortiswitch

JimmyMite19 · ‎11-16-2023

Hello, I am new to the community but I really like Fortinet, could you please help me, I have 2 Fortiswitches, a 424E and a 448E, I would like to create an aggregation port to increase the bandwidth, I know I can do it with LAG

But I would like to understand the LACP mode, if what I want is an aggregation interface, which mode should I use? Static, active or passive?

I tried static mode on both sides and the interfaces do not go up.

The manual indicates Active on one side and Passive on the other side, but I would like to understand why? or better understand the modes of LACP.

ebilcari · ‎11-20-2023

Starting from later version of FSW the links should be automatically build on every port ISL.

There is this part of the Administration guide that explain all the recommended topologies you can achieve depending on the requirements of your network in terms of availability, throughput etc.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

View solution in original post

ebilcari · ‎11-17-2023

I suppose you are referring to the FSW in Standalone mode (not managed by FGT). You can read more about this configurations in Administration guide. If the aggregation is built between two FSW you can also use "auto-isl" that can create trunks/aggregation links automatically.

The implementation of LACP in FSW is based in the open standard, you can find more information also by searching directly for the protocol name. The suggestion is to use at least one side as Active (both can be configured as active). The benefit of using Active is in cases of a link failure, both switches will discover in time (via LACP PDU missing) that one of the links has failed. The switch will be able to remove the fault link from the group quickly without sending packets that are destined to be dropped since the other side is not receiving them.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

JimmyMite19 · ‎11-17-2023

Hello, thanks for the answer

I tell you that in Active/Passive mode it works for me, but according to your answer the FSWs are managed by a 100F firewall, maybe that is the reason why I lose administration of one of the FortiSwitches, how could I solve that problem or another method can I configure LAG

JimmyMite19 · ‎11-18-2023

I was able to connect them in the following way, I created the fortilink interface from my FW and simply placed the cables directly and the fortilink placed them as an aggregation, am I correct? Or do I have something else to configure?

This is how my structure was left, without creating truncal links in the FSW

ebilcari · ‎11-20-2023

Starting from later version of FSW the links should be automatically build on every port ISL.

There is this part of the Administration guide that explain all the recommended topologies you can achieve depending on the requirements of your network in terms of availability, throughput etc.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.