Help
FortiSwitch
FortiSwitch: secure, simple and scalable Ethernet solutions
riteshpv
Staff
Staff

Created on ‎09-22-2023 07:24 AM Edited on ‎01-04-2024 11:33 PM By Community Manager

Article Id 269044

Technical Tip: Cannot get more than 8 FortiSwitches managed on a FortiGate

Description This article describes why just 8 FortiSwitches can be managed by a FortiGate and how to solve it.
Scope FortiSwitch v6.4.x and above.
Solution

The topology connection is as follows:

 

 

                                                     topology-KB.jpg

 

Note.

Here the Fortiswitch1 is a 100 series FortiSwitch (i.e. FortiSwitch Rugged-112D-POE, FortiSwitch Rugged-124D, or any 1xxE, 1xxF Series).

 

  • With this scenario, only eight FortiSwitches are present on a FortiGate. If trying to bring the 9th FortiSwitch, it does not come up.
  • The problem only arises if, as shown above (Fortiswitch1), is linked between FortiGate and other FortiSwitch.


Reason:

  • This is related to the maximum number of Link Aggregation Groups that a FortiSwitch can support. The lower-end FortiSwitches have a limit of 8 (Total Link Aggregation Groups), hence this limitation is breached in this example. But other FortiSwitches have 16, or no limitation (up to the number of ports), so check this limit before starting the design.
  • Upon the FortiSwitch's joining to form FortiLink, FortiLink trunk creation happens automatically.
  • In this scenario, the Fortiswitch1 will form a trunk to each FortiSwitch and also towards FortiGate. So one trunk (From Fortiswitch1) towards FortiGate and 7 FortiLinks trunks (Fortiswitch2-Fortiswitch8)) towards other FortiSwitches.
  • The 9th FortiSwitch (Fortiswitch9) cannot form a trunk on Fortiswitch1 and thus will not come up on FortiGate.


Note:

  1. Before connecting any downlink FortiSwitch to FortiSwitch1, if a manual trunk is established on FortiSwitch1, the number of FortiLink trunks that can be formed will be reduced. This limitation is specific to these models, allowing only 8 trunks to be formed, leading to a decrease in the number of FortiSwitches coming online.
  2. Depends on which trunk formed first. The first 8 trunks that were created will be considered regardless it was an automatic FortiLink trunk or a manually created trunk.

 

Solution:

  • It is better to use the higher-end model FortiSwitch to support more trunks. Refer to the FortiSwitch datasheet under 'Link Aggregation Group Size'.
  •  If it is not possible to have a higher model then change the design of the connection to avoid connection via single FortiSwitch.
535
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.