Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
refer
New Contributor

Software switch with VLANs vs Interface with subinterfaces

Assuming a Fortigate doesn't have capacity to configure a hardware switch...

What is the difference between creating an interface as a Software Switch (with multiple IP'd VLANs), and an interface as interface with IP'd subinterfaces?

Is either considered better practice?

If so, any reason why one solution is preferred over the other?

Thanks

router login 192.168.l.l
4 REPLIES 4
AEK
SuperUser
SuperUser

Software switch with multiple VLANs allows you to use a set of ports just like a LAN switch. It means the connected equipment that are on the same VLAN can communicated on L2 layer just like if they where on the same switch and same VLAN. Others that are in different VLANs will naturally be routed and filtered by FG.

This can be useful for some cases where you don't have a separate L2 switch.

While single interface with multiple VLANs is just a trunk on one port, where there is no multiple connected devices communicating on L2 layer through FG.

Note that HW switch is better in performance and consume less FG CPU resources than software switch.

AEK
AEK
hbac
Staff
Staff

Hi @refer,

 

Software switch is similar to hardware switch. It allows you to put multiple physical interfaces in the same subnet. However, software switch processes traffic using CPU instead of SPU. For more information, please refer to https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/277799/software-switch

 

Regards,

Toshi_Esumi
SuperUser
SuperUser

Remember, with both hardswitch and softswitch, once those interfaces are bount in them, you can not have IPs on each member interface. Only the hardswitch and softswitch can have an IP(s).

 

Toshi

Dhruvin_patel

Hello refer,

 

This community article discusses the comparison between software and hardware switch, https://community.fortinet.com/t5/FortiGate/Technical-Tip-Setup-comparison-between-FortiGate-Hardwar...

 

Regards!

If you have found a solution, please like and accept it to make it easily accessible to others.

Dhruvin Patel
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors