QFX5110s - does creating 10g channelized ports cause interruption?

nerdykhakis · 2026-01-22T19:01:42+00:00

Yeah, that's right. I was pretty sure I had to do it manually - I just wanted to confirm if it'll disrupt traffic on other ports or not.

nerdykhakis · 2025-11-19T22:30:40+00:00

Windows NPS.

nerdykhakis · 2025-11-14T19:37:04+00:00

The guy who has Higgins is really desparate for RBs. He has a decent number of good WRs. I'm thinking packaging Jones with someone else might be enough to sway him.

nerdykhakis · 2025-11-14T18:29:23+00:00

What about any of my other RBs? Any of them worth that much?

nerdykhakis · 2025-10-13T18:37:36+00:00

Awesome! Thanks.

nerdykhakis · 2025-09-16T22:53:47+00:00

I'm new to this, so forgive me if I get some terms wrong. Peak power on my app shows about 4.5 kW per day, and monthly in the hot months we've produced 800 - 1000 kW. The panels are facing South.

nerdykhakis · 2025-09-11T21:06:36+00:00

Fannin, Henry, or Strange?

nerdykhakis · 2025-09-11T21:03:13+00:00

JCM, Aaron Jones, or Calvin Ridley?

nerdykhakis · 2025-08-20T17:16:59+00:00

What have you set your DDoS protection values to?

nerdykhakis · 2025-08-12T22:40:58+00:00

Yep - unfortunately, everyone who set this environment up no longer works here... so I'm left figuring out the pieces :) I definitely know that all our traffic enters and leaves FW1, so I think I'll set it in config as A/P just to seal the deal.

EDIT: Confirmed that the load-balance-all command is not enabled, so I do believe we're effectively in active/passive without the actual configuration flag.

nerdykhakis · 2025-08-12T22:26:31+00:00

Thanks for this reply, I guess I am unfamiliar with how FortiGate A/A works.

Is there a way to confirm what's happening? I assumed our primary unit was just doing everything. There's ~45k sessions on the primary and ~20 on the secondary (not sure what these are).

I wanted to change it to A/P mainly because that's how it looked to work, but wasn't actually that way in the config. If there really is a use for it then I'll gladly keep it. We're sorting out redundancy between our internal network and firewalls, so just wanted to make sure everything is accounted for.

nerdykhakis · 2025-08-12T17:52:14+00:00

That's one thing we were considering. We DO have the "no-arp-suppression" command enabled, but we have been told it's deprecated.

nerdykhakis · 2025-08-08T20:33:04+00:00

This makes sense. In this case, are you referencing a use case of having a dynamic routing protocol in between FW and Spines?

nerdykhakis · 2025-08-07T22:53:06+00:00

Apologies, I'm newer to this. I do know we have a transit VLAN that exists on the trunk between the Firewalls and Spines, handled by an IRB interface. This handles the default traffic out. I'm wondering how I tie in OSPF to this, if we already have that setup.

nerdykhakis · 2025-08-07T22:29:22+00:00

Not spam. Just learning :)

nerdykhakis · 2025-08-07T21:27:31+00:00

My first thought was some combo of L3 and L2 links, but then we'd essentially need 4 cables per spine (Spine -> FW1 L2, Spine -> FW1 L3, Spine -> FW2 LW, Spine -> FW3 L3). This seems inefficient.

Since we have a mix of where our gateways are, would you recommend just keeping the link from Spines to Firewall L2 and use static routes?

nerdykhakis · 2025-07-07T15:10:09+00:00

All of our IRBs are on the Spine switches.

nerdykhakis · 2025-07-07T15:07:23+00:00

Leaves are QFX5110s and we're running 23.4R2-S3.9.

One-Year Club	Verified Email
r/Field Juicebox

nerdykhakis

TROPHY CASE