Fortinet 5003 User Manual
Page 36
FortiSwitch-5003A and 5003 Fabric and Base Backplane Communications Guide
36
01-30000-85717-20081205
Fabric channel layer-2 link aggregation and redundancy
FortiGate-5140 fabric backplane communication
You must also enable the FortiSwitch-5003A board to listen for heartbeat packets
on all of the interfaces connected to FortiGate-5001A boards:
config switch fabric-channel physical-port
edit "slot-6"
set heartbeat enable
next
edit "slot-8"
set heartbeat enable
next
edit "slot-9"
set heartbeat enable
next
edit "slot-10"
set heartbeat enable
next
edit "slot-11"
set heartbeat enable
next
edit "slot-13"
set heartbeat enable
end
Fabric channel layer-2 link aggregation and redundancy
In addition to 802.3adstatic mode layer-2 link aggregation and 802.1q VLANs the
FortiSwitch-5003A board also supports 802.1s Multi-Spanning Tree Protocol
(MSTP) for the fabric channels. You can use MSTP to add redundancy to a link
aggregation configuration. Redundancy consists of redundant FortiSwitch-5003A
boards that both distribute traffic to multiple FortiGate-5001A or 5005FA2 boards.
To be able to use redundant FortiSwitch-5003A boards in one chassis you must
configure MSTP to eliminate loops. You can also use MSTP settings to control
traffic flow and create different kinds of redundant configurations:
• An active-passive configuration where the active FortiSwitch-5003A board
receives all traffic and distributes it to the FortiGate-5001A or 5005FA2 boards.
If the active FortiSwitch-5003A board fails, all traffic is diverted to the passive
FortiSwitch-5003A board which takes over distributing traffic to the
FortiGate-5001A or 5005FA2 boards.
• An active-active configuration where both FortiSwitch-5003A boards receive
and distribute traffic. If one of the FortiSwitch-5003A boards fails, all traffic is
diverted to the remaining FortiSwitch-5003A board which takes over
distributing all traffic to the FortiGate-5001A or 5005FA2 boards.
Redundant configurations require a third-party switch that supports MSTP and is
used to connect the FortiSwitch-5003A boards to the networks. You configure
MSTP on the third-party switch and on the FortiSwitch-5003A boards to create
spanning tree instances on all three devices. All three devices must have the
same spanning tree instances. Depending on the requirement, the spanning tree
instances can have different priorities on each device. You can also use the
third-party switch to add and remove VLAN tags from incoming and outgoing
traffic.