External switch configuration – Fortinet 5003 User Manual
Page 61
FortiGate-5050 fabric backplane communication
Example active-passive redundant link configuration
FortiSwitch-5003A and 5003 Fabric and Base Backplane Communications Guide
01-30000-85717-20081205
61
Figure 22: Redundant link aggregation configuration
External switch configuration
The external switch requires the following configuration settings. Example
commands are shown for an HP procurve 3500yl switch with interfaces A1 and A4
connected to the FortiSwitch-5003A boards. This external switch acts as the root
for spanning tree instance 0.
1
Create an MSTP configuration that includes a name and a revision. For example,
if the name is tree_1 and the revision is 11:
spanning-tree config-name "tree_1"
spanning-tree config-revision 1
2
Configure the switch to add VLAN tag 100 to packets from the internal network
and VLAN tag 101 to packets from the external network and to send packets from
both networks to the FortiSwitch-5003A board.
vlan 100
name "VLAN100"
tagged 6,8,19,A1,A4
exit
vlan 101
name "VLAN101"
tagged 5,7,20,A1,A4
no ip address
exit
3
Add spanning tree instance 3 for packets from the internal network. Add VLAN tag
100 to this spanning tree instance. Set the priority of this spanning tree instance to
5.
spanning-tree instance 3 vlan 100
spanning-tree instance 3 priority 5
1
2
2
3
4
5
SMC
1
SMC
POWER
5050SAP
SERIAL
1
SERIAL
2
ALARM
10/100
link/Act
ETH0 Service
RESET
ST
ATUS
Hot Swap
link/Act
ETH0
ETH1
10/100
5000SM
10/100
link/Act
ETH0 Service
RESET
ST
ATUS
Hot Swap
link/Act
ETH0
ETH1
10/100
5000SM
Distributed 10-gigabit
data communication
on fabric channels 2
and 3
Three FortiGate-RTM-XB2
modules installed in RTM
slots 3, 4, and 5 to
provide 10-gigabit
fabric interfaces and
NP2 acceleration for each
FortiGate-5001A board.
External switch
VLAN
tagged
traffic
Internal and external
10-gigabit networks
connected to
FortiSwitch-5003A
front panel interface F5
and to fabric channels
1 and 2
External
Network
Internal Network