Hi all,
I have 2 switches connected to 2 fortigate interfaces that forms a software switch. This software switch routes some Vlans that terminates at these ports. Both ports share layer 2 and 3 parameters. When traffic from different vlans reaches firewalls, I route traffic between then with rules.
I won't go into the details of this design, but the switches are in different locations and need to share networks/vlans.
With software switch, servers from both switches can directly reach the gateway with direct connections to the firewall. In some cases, I move virtual servers between locations (using a dedicated Fiber cable) and with this topology servers works with same network configuration in both sites.
I would like to connect a new cable between switch 1 and switch 2 to bypass traffic between same vlans but, if I do that, I'll form a layer 2 loop. (Red line diagram). What I would like if it's possible is:
1)Use 2 different ports in firewall to can route same networks/vlans (north south).
2)Add a new connection to bypass east-west traffic between same vlans (witouth routing). I don't want in any case to use spanning tree.
Is there any way to do that? Changing the software switch to another type of configuration would not be a problem.
I attach a symple diagram so you can better understand the topology. I know this is probably not possible, but I prefer to confirm with you. I can't form a LAG cause switches doesn't forms an MCLAG or stack and is not possible to form it with them.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1647 | |
1070 | |
751 | |
443 | |
214 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.