Hi,
I am considering the following configuration: implementing OSPF between the core and FortiGate. However, the core switches lack support for multihoming, featuring only a layer 3 connection. In the current topology, there is no aggregation on either the FortiGate or the switch sides. I am exploring the possibility of aggregation on the switch sides and also wondering if there is an option to use aggregate interfaces in FortiGate (excluding LACP). I would like to understand the pros and cons of such a setup. Thank you.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello
As per my knowledge there is no other choice for aggregation between FG and Core except LACP.
But since you are connected to both core switches and use OSPF, this is already a good redundant design, so LACP os optional here.
Also you can enhance the resiliency speed on FG HA failover by enabling the graceful restart feature. This will allow almost zero second OSPF downtime.
Hi,
What if the below topology ? Here i have added aggregation at switch level .
Please advise ?
Created on 01-05-2024 10:01 AM Edited on 01-05-2024 10:09 AM
Don't see any added benefit. Just only one of two legs is active. You can test it though which would be faster for OSFP to change the topology.
Toshi
Hello
I'm not sure if the suggested LACP with A-P HA FG is correct.
What if you make gi0/1 & gi0/2 as L2 interfaces in the same VLAN, and assign the IP (172.16.10.4) to the interface VLAN.
I mean simply like that:
interface vlan 10
ip address 172.16.10.4/30
interface range gi0/1-2
switch port mode access
switchport access vlan 10
Then it is the interface VLAN who will participate to OSPF.
The real challenge is how to have a minimum time for OSPF convergence after FG failover.
So I think this design combined with graceful restart feature it should give you almost zero second downtime.
Hi ,
As mentioned in the document does it require a helper router
Thanks
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.