beautypg.com

Fortinet 5003 User Manual

Page 57

background image

FortiGate-5050 fabric backplane communication

Fabric channel layer-2 link aggregation

FortiSwitch-5003A and 5003 Fabric and Base Backplane Communications Guide
01-30000-85717-20081205

57

Because the FortiGate-5000 boards in a link aggregation configuration operate in
transparent mode, any routing, VPN or NAT requirements should be handed by
an external device (such as a router), before or after the traffic reaches the
FortiSwitch-5003A board.

If the traffic that you are distributing contains VLAN-tagged packets, you must add
the VLAN tags to the FortiSwitch-5003A interfaces and to the trunks that will
handle the VLAN-tagged traffic.

Figure 21

shows a basic link aggregation configuration using a single

FortiSwitch-5003A board. In this configuration the external switch is connected to
the FortiSwitch-5003A F5 front panel interface. The external switch adds VLAN
tags to traffic from the internal and external networks. Packets from the internal
network are tagged as 100 and packets from the external network are tagged as
101.

Figure 21: Fabric channel layer-2 link aggregation configuration

Note: Due to the way the hash algorithm works, FortiGate-5000 boards in the lower
numbered chassis slots in a trunk may receive more traffic. The order of the interfaces in
the trunk does not matter, the numerically lowest slots will always be the ones to receive
more traffic if the number of interfaces in the trunk is not a power of 2.

Note: LInk aggregation does not require FortiGate-RTM-XB2 modules. If the example in

Figure 21

did not include FortiGate-RTM-XB2 modules the configuration steps would be the

same and link aggregation would still function the same way. The only difference is
communication on the fabric channel would be 1 Gbps instead of 10 Gbps without the
FortiGate-RTM-XB2 modules.

1

2

2

3

4

5

SMC

1

SMC

POWER

5050SAP

SERIAL

1

SERIAL

2

ALARM

10/100

link/Act

ETH0 Service

RESET

ST

ATUS

Hot Swap

link/Act

ETH0

ETH1

10/100

5000SM

10/100

link/Act

ETH0 Service

RESET

ST

ATUS

Hot Swap

link/Act

ETH0

ETH1

10/100

5000SM

Distributed 10-gigabit
data communication
on fabric channel 2

Three FortiGate-RTM-XB2
modules installed in RTM
slots 3, 4, and 5 to
provide 10-gigabit
fabric interfaces and
NP2 acceleration for each
FortiGate-5001A board.

Internal and external

10-gigabit networks

connected to

FortiSwitch-5003A

front panel interface F5

and to fabric channel 2

External switch

VLAN

tagged

traffic

External
Network

Internal Network

See also other documents in the category Fortinet Computer Accessories: