From https://forum.fortinet.com/tm.aspx?m=149333 it sounds like LAG for the inter-switch link (ISL) should work. Per the admin docs, it says that the inter-switch link is "created automatically" once the switches are connected to the FGT by a FortiLink connection. The FortiSwitch 3.4.0 CLI reference, under "config sys trunk", mentions this obliquely in its definition of "auto-isl" as "Automatically forms an ISL-encapsulated trunk, up to the specified maximum size".
From what I understand from the way it's described, MC-LAG is used if you have 2 or more switches and you have a server with multiple network cards.
Instead of using LAG/LACP from the server to ONE of the switches to have higher total throughput, you set one of the active server network interfaces on each switch to limit the number of hops (and bottle necks) to get to the server
So if I have 2 switches FS-A FS-B and a server S that has 4 network interfaces
if I LAG S -> FS-A then all devices plugged in all 44 ports on FS-A can share the 4Gb/s trunk (one port is capped at 1Gps but this is fine)
if FS-B -> FS-A with a single port, then all 47 devices on FS-B share a SINGLE 1Gbps connection to FS-A so there is a bottleneck for the NAS
if I MCLAG S -> FS-A and S -> FS-B then the ports on each switch will share a 2Gps max to the nas
Now, What i want is (and I've done this with other vendors),
S -> FS-A
FS-B [1234...] -> FS-A
All devices on FS-A can share 4Gps and All devices on FS-B can also share the 4Gps to the NAS.
This last option allows for the max utilisation of the ressources.
yes, it's possible to use LAG between FSW and FGT, the FGT interface type is configured as "aggregate". For the links between FSW - ISL (Inter Switch Links), it's also possible to have LAG, they are automatically configured once the cable is plugged.
Rafael Gracioli | Consulting Systems Engineer, ADC and Switching
m: +31 6 50 28 72 99 | skype: rgracioli | e: firstname.lastname@example.org
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.