Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
packetdropped
New Contributor

Does intra-vlan traffic place load on the firewall ?

Hi,

 

I've a need for high bandwidth use between two servers in a VLAN in our DMZ. One of the two hosts has an external public IP mapped to it's private address. Light traffic would be expect to/from that external access. Would traffic between two VLAN hosts place a load on the firewall in any way? What I'd like is isolated traffic unless traffic enters/leaves the VLAN.  We are runngin FG100E in HA mode, v6.2.0 with our vlans in a FortiSwitch. 

 

TIA

 

2 REPLIES 2
Toshi_Esumi
Esteemed Contributor III

If the DMZ is one port on the FGT connected to a decent switch, which accommodates both hosts, it's the switch's job not to send eth frames to FGT but only to the other host the MAC address is matching with.
saifin
New Contributor II

Hello,

 

If you are looking forwards for the communication between two hosts which are configured in same VLAN, ofcourse those traffics won't contribute any load on your firewall. It doesn't have any reason to reach the gateway.

 

Hope this will clarify.

 

Regards,

Saifin Thomas

Regards,

Saifin Thomas

Regards, Saifin Thomas
Labels
Top Kudoed Authors