I think its better to first enable MCLAG ICL on both switches, and as second step enable MCLAG, then you wont lose your connection. Still very useful video!
I see u enabling mc-lag via FortiSwitch CLI, but according to Fortinet documentation, they want us to do it this way: Assign the LLDP profile “default-auto-mclag-icl” to the ports that should form the MCLAG ICL in FortiSwitch unit 1. For example: FGT_Switch_Controller # config switch-controller managed-switch FGT_Switch_Controller (managed-switch) # edit FS1E48T419000051 FGT_Switch_Controller (FS1E48T419000051) # config ports FGT_Switch_Controller (ports) # edit port49 FGT_Switch_Controller (port49) # set lldp-profile default-auto-mclag-icl FGT_Switch_Controller (port49) # end FGT_Switch_Controller (FS1E48T419000051) # end I don’t know what is the difference, because in above example I don’t see them enabling mc-lag on a switch port which is connected to Fortigate. They only doing the ICL part, but not the fortilink part where the switch connects to the Fortigate. I am little confused here.
In environment where I have windows servers with 4 NIC teamed in one Team, and 2 of them are connected to first switch, and other 2 are connected to the second switch where switches are mclaged correctly, how mac tables should look like on both switches?
If I am correct, you can only have two per MCLAG peer group. So, in my mind, you would gave two MCLAG groups. Have you found a solution? I am needing to do this with 12, which means I would need 6 MCLAG peer groups... but I may be wrong. @matt can you confirm?
@@vidmooreda - That would be accurate, MCLAG groups aren't meant as an analog for a switch stack. The whole FortiOS controlled switch architecture is meant to be a distributed "Stack" if that terminology can apply. More info here: docs.fortinet.com/document/fortiswitch/7.2.4/fortilink-guide/801194/deploying-mclag-topologies
We are looking at a full network refresh at my organization. I have many closets that are 3 or more traditional switch stacks. Each closet has redundant fiber to it running back to the data center. Like others have posted, how would I setup a closet with 6 switches in a FortiSwitch architecture. What about 7 switches?
That's going to depend on your requirements, and the number of fiber strands you have running back to the datacenter. You could set up an MCLAG pair in each closet, and have the remaining switches connect to those. You need to take the following into consideration: docs.fortinet.com/document/fortiswitch/7.2.4/fortilink-guide/801194/deploying-mclag-topologies You could have home runs back to the datacenter for each switch to go into your MCLAG Pair at the datacenter. Frankly I don't have enough information to give you a good recommendation.
Great video, thanks Matt. Was struggling a little to understand the topology of MCLAG and the split interface setting and this helped a lot. Cheers.
I think its better to first enable MCLAG ICL on both switches, and as second step enable MCLAG, then you wont lose your connection. Still very useful video!
You do this via lldp? I mean by setting the lldp profile on the ports bing used as the mclag icl?
Great video, ty very much Matt! please share more videos!
Thank you for watching! Anything you'd like to see?
I see u enabling mc-lag via FortiSwitch CLI, but according to Fortinet documentation, they want us to do it this way:
Assign the LLDP profile “default-auto-mclag-icl” to the ports that should form the MCLAG ICL in FortiSwitch unit 1. For example:
FGT_Switch_Controller # config switch-controller managed-switch
FGT_Switch_Controller (managed-switch) # edit FS1E48T419000051
FGT_Switch_Controller (FS1E48T419000051) # config ports
FGT_Switch_Controller (ports) # edit port49
FGT_Switch_Controller (port49) # set lldp-profile default-auto-mclag-icl
FGT_Switch_Controller (port49) # end
FGT_Switch_Controller (FS1E48T419000051) # end
I don’t know what is the difference, because in above example I don’t see them enabling mc-lag on a switch port which is connected to Fortigate. They only doing the ICL part, but not the fortilink part where the switch connects to the Fortigate. I am little confused here.
Also me, this made me confused.
And there is a thrid way, through the fabric rating recommendation...
In environment where I have windows servers with 4 NIC teamed in one Team, and 2 of them are connected to first switch, and other 2 are connected to the second switch where switches are mclaged correctly, how mac tables should look like on both switches?
I dont think you can have 4 switches in mclag, i am looking like crazy to find a solution for 4 switches
If I am correct, you can only have two per MCLAG peer group. So, in my mind, you would gave two MCLAG groups. Have you found a solution? I am needing to do this with 12, which means I would need 6 MCLAG peer groups... but I may be wrong. @matt can you confirm?
@@vidmooreda - That would be accurate, MCLAG groups aren't meant as an analog for a switch stack. The whole FortiOS controlled switch architecture is meant to be a distributed "Stack" if that terminology can apply.
More info here: docs.fortinet.com/document/fortiswitch/7.2.4/fortilink-guide/801194/deploying-mclag-topologies
We are looking at a full network refresh at my organization. I have many closets that are 3 or more traditional switch stacks. Each closet has redundant fiber to it running back to the data center. Like others have posted, how would I setup a closet with 6 switches in a FortiSwitch architecture. What about 7 switches?
That's going to depend on your requirements, and the number of fiber strands you have running back to the datacenter.
You could set up an MCLAG pair in each closet, and have the remaining switches connect to those. You need to take the following into consideration:
docs.fortinet.com/document/fortiswitch/7.2.4/fortilink-guide/801194/deploying-mclag-topologies
You could have home runs back to the datacenter for each switch to go into your MCLAG Pair at the datacenter.
Frankly I don't have enough information to give you a good recommendation.