beautypg.com

External switch configuration – Fortinet 5003 User Manual

Page 38

background image

FortiSwitch-5003A and 5003 Fabric and Base Backplane Communications Guide

38

01-30000-85717-20081205

Example active-passive redundant link configuration

FortiGate-5140 fabric backplane communication

All of the FortiGate-5001A boards must be operating in transparent mode and all
must have the same configuration. In this redundant configuration, traffic can be
re-directed from one fabric channel to another after a FortiSwitch-5003A fails or if
you change the MSTP configuration. To make sure the FortiGate-5001A boards
can continue to process traffic after a failure or MSTP configuration change you
must add redundant configurations to both fabric interfaces. This means adding 4
VLAN interfaces to each fabric interface (one for each VLAN tag) and configuring
duplicate firewall policies and routing for both sets of VLAN interfaces.

Figure 15: Redundant link aggregation configuration

External switch configuration

The external switch requires the following configuration settings. Example
commands are shown for an HP procurve 3500yl switch with interfaces A1 and A4
connected to the FortiSwitch-5003A boards. The external switch acts as the root
for spanning tree instance 0.

1

Create an MSTP configuration that includes a name and a revision. For example,
if the name is tree_1 and the revision is 1:

spanning-tree config-name "tree_1"
spanning-tree config-revision 1

Distributed 10-gigabit
data communication
on fabric channel 1

Distributed 10-gigabit
data communication
on fabric channel 2

Six FortiGate-RTM-XB2
modules installed in RTM
slots 6, 8, 9, 10, 11, and 13 to
provide 10-gigabit
fabric interfaces and
NP2 acceleration for each
FortiGate-5001A board.

Internal and external

10-gigabit networks

connected to

FortiSwitch-5003A

front panel interface F7

and to fabric channels

1 and 2

External Switch

VLAN
Tagged
Traffic

FA N T R AY

FA N T R AY

FA N T R AY

13

11

9

7

5

3

1

2

4

6

8

10

12

14

5140

CR

ITIC

AL

RES

ET

MA

JOR MINO

R

USE

R1

USE

R2

USE

R3

5140SAP

SERIAL 1

SERIAL 2

ALARM

FILTER

1 2

0

1

2

10/100

link/Act

ETH0

Service

RESET

STATUS

Hot Swap

link/Act

ETH0 ETH1

10/100

5000SM

10/100

link/Act

ETH0

Service

RESET

STATUS

Hot Swap

link/Act

ETH0 ETH1

10/100

5000SM

External Networks

Internal Networks

See also other documents in the category Fortinet Computer Accessories: