Fortinet 5003 Switch User Manual


 
FortiGate-5050 fabric backplane communication Fabric channel layer-2 link aggregation
FortiSwitch-5003A and 5003 Fabric and Base Backplane Communications Guide
01-30000-85717-20081205 57
Because the FortiGate-5000 boards in a link aggregation configuration operate in
transparent mode, any routing, VPN or NAT requirements should be handed by
an external device (such as a router), before or after the traffic reaches the
FortiSwitch-5003A board.
If the traffic that you are distributing contains VLAN-tagged packets, you must add
the VLAN tags to the FortiSwitch-5003A interfaces and to the trunks that will
handle the VLAN-tagged traffic.
Figure 21 shows a basic link aggregation configuration using a single
FortiSwitch-5003A board. In this configuration the external switch is connected to
the FortiSwitch-5003A F5 front panel interface. The external switch adds VLAN
tags to traffic from the internal and external networks. Packets from the internal
network are tagged as 100 and packets from the external network are tagged as
101.
Figure 21: Fabric channel layer-2 link aggregation configuration
Note: Due to the way the hash algorithm works, FortiGate-5000 boards in the lower
numbered chassis slots in a trunk may receive more traffic. The order of the interfaces in
the trunk does not matter, the numerically lowest slots will always be the ones to receive
more traffic if the number of interfaces in the trunk is not a power of 2.
Note: LInk aggregation does not require FortiGate-RTM-XB2 modules. If the example in
Figure 21 did not include FortiGate-RTM-XB2 modules the configuration steps would be the
same and link aggregation would still function the same way. The only difference is
communication on the fabric channel would be 1 Gbps instead of 10 Gbps without the
FortiGate-RTM-XB2 modules.
1
2
2
3
4
5
SMC
1
SMC
POWER
5050SAP
SERIAL
1
SERIAL
2
ALARM
10/100
link/Act
ETH0
Service
RESET
STATUS
Hot Swap
link/Act
ETH0
ETH1
10/100
5000SM
10/100
link/Act
ETH0
Service
RESET
STATUS
Hot Swap
link/Act
ETH0
ETH1
10/100
5000SM
Distributed 10-gigabit
data communication
on fabric channel 2
Three FortiGate-RTM-XB2
modules installed in RTM
slots 3, 4, and 5 to
provide 10-gigabit
fabric interfaces and
NP2 acceleration for each
FortiGate-5001A board.
Internal and external
10-gigabit networks
connected to
FortiSwitch-5003A
front panel interface F5
and to fabric channel 2
External switch
VLAN
tagged
traffic
External
Network
Internal Network