Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
hmiranda
New Contributor II

Show the forwarding table on FortiGate

Hi all,

 

Does any one know a command to show the forwarding table (also known as mac address table) of a software switch or hardware switch on a FortiGate? People reply to this question on similar post with the get system arp but, as the command clearly show, is the arp table (relation between an IP and its MAC address). The forwarding table shows the relation between a port and the mac addresses that are known through it.

2 REPLIES 2
SMabille
Contributor

Hi,

 

Try "diag switch-controller dump mac-hosts-switch-port" (you can have lot more info and other options after "diag switch-controller dump ?".

This will work on Fortigate with ISF (roughly all current and previous generation models afaik).

 

But it won't give you a straight mac / port forwarding table.

Prab
New Contributor

hmiranda wrote:

Hi all,

 

Does any one know a command to show the forwarding table (also known as mac address table) of a software switch or hardware switch on a FortiGate? People reply to this question on similar post with the get system arp but, as the command clearly show, is the arp table (relation between an IP and its MAC address). The forwarding table shows the relation between a port and the mac addresses that are known through it.

FortiOS 5.6 If the operating mode is Transparent then yes, you could use the following command to view the mappings:

diagnose netlink brctl ?

 

Unfortunately, I don't know how to get this info in case of NAT operation mode.

A side note, in NAT mode, the FGT is working as a layer 3 device & it generally works based on layer-3 information and sometimes replaces/changes the source MAC addresses too from the frames because of the routing purposes.

 

In case of a virtual switch, some FGTs will create forwarding table. https://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-networking/Interfaces/Virtual%20Swit...

 

EDIT:

get sys arp command will also show the interface.

 

Regards,

Prab

Labels
Top Kudoed Authors