MultiChassis Etherchannel between Nexus 9364 and Fortigate 1200D v.5.6

MambaRod16 · ‎06-15-2020

Hello,

We want to know if its possible to create a port-channel between two Nexus 9364 and a fortigate using the vPC feature.

In case that is it possible,

What we have to take in consideration in order to implement this design?

It can be a Layer 3 Port Channel?

Do we have to make any change at Spanning tree protocol?

Is it recommended?? or it can be better to implement two Layer 3 link from the fortigate to each Nexus??

BelowI share what the physical topology would look like and how the connections would look logically.

PHYSICAL TOPOLOGY

LOGICAL TOPOLOGY

Reza Sharifi · ‎06-15-2020

Hi,

Not sure if this is possible using a PO. Depending on what Fortigate supports, you may want to aggregate the 2 interfaces together and than use a transit vlan with a /28 subnet spanning both Nexus and the Fortigate switch.

So, Fortigate switch one IP and each Nexus one IP for a total of 3.

HTH

MambaRod16 · ‎06-25-2020

In that scenario the fortigate would form adjacency with each nexus Switch creating ECMP routing what I think is good.

Reza Sharifi · ‎06-26-2020

In that scenario the fortigate would form adjacency with each nexus Switch creating ECMP routing what I think is good.

That is correct. The Fortigate peers with both Nexus switches.

HTH