When there are multiple FortiSwitches managed in the FortiGate, during troubleshooting (or monitoring) there could be scenarios where we might need to collect certain diagnostic CLI outputs from all the FortiSwitches in one go, instead of connecting to each FortiSwitch and collecting the CLI outputs. For example, CLI commands to pull the PSU status, fan status, port status, LLDP status, etc on all the FortiSwitches.
For these scenarios 'diagnose switch-controller switch-info' and 'custom-commands' can be used to run the request one time on the FortiGate to pull the required CLI outputs from all the FortiSwitches in the Fabric.
Part 1: switch-info.
Here are a few examples of possible diagnostic CLI outputs that can be gathered using the 'diagnose switch-controller switch-info' command.
diagnose switch-controller switch-info <one-of-available-options>
Examples:
- To collect the interface module summary outputs of all the Fortiswitches with one command on FortiGate use the command below. This output can be used to quickly identify which modules/ports are in Error states if any.
FortiGate # diagnose switch-controller switch-info modules summary
- To collect the output of poe status of all the ports of each Fortiswitch with one command on FortiGate.
FortiGate # diagnose switch-controller switch-info poe summary
- To collect the LLDP neighbor summary outputs from each of the Fortiswitches with one command on FortiGate.
FortiGate # diagnose switch-controller switch-info lldp neighbors-summary
Similarly, there are many other most commonly used CLI outputs with this syntax that can be explored as shown below (note that the switch-info option does not contain all the FortiSwitch CLI commands, for the commands not in this list, it is possible to use the custom-command option discussed in the next section):
FortiGate # diagnose switch-controller switch-info ?
poe PoE-related information.
lldp LLDP-related information.
mclag Dumps MCLAG related information from FortiSwitch.
trunk Trunk information.
. . .
Part 2: custom-command.
For additional diagnostic FortiSwitch CLI commands that are not already available with 'diagnose switch-controller switch-info ?' discussed in the previous section, it is possible to use the custom commands as shown below.
config switch-controller custom-command
edit <cmd-name>
set command "<FortiSwitch_command>"
end
Note:
FortiGate v7.0 and later is needed for custom-command to show the outputs of all the FortiSwitches in one go. In the older versions, custom-command will require the serial number of FortiSwitch as an argument, one at a time.
Examples:
- Collect the status of fans and sensors of all FortiSwitches in the Fabric.
In the example below with the custom-command option on the FortiGate, we can retrieve the fan and PCB sensor statuses of all the FortiSwitches, then use this output to analyze if any of the FortiSwitches have fan or sensors in Alarm or Bad status, and take remedial actions as necessary.
Fortigate # config switch-controller custom-command
FortiGate (custom-command) # edit fan-status
new entry (fan-status) added
FortiGate (fan-status) # set command "diagnose sys fan status"
FortiGate (fan-status) # next
FortiGate (custom-command) # edit sensor-status
new entry (sensor-status) added
FortiGate (sensor-status) # set command "diagnose sys pcb temp"
FortiGate (sensor-status) # end
FortiGate #
FortiGate # show switch-controller custom-command
config switch-controller custom-command
edit "fan-status"
set command "diagnose sys fan status"
next
edit "sensor-status"
set command "diagnose sys pcb temp"
next
end
########### Example output ##############
FortiGate # execute switch-controller custom-command fan-status
Sending custom-command 'fan-status' to FortiSwitch: S148EXYXYXYXY-01
Module Status
___________________________________
FAN OK(14.3 %)
Sending custom-command 'fan-status' to FortiSwitch: S148EXYXYXYXY-02
Module Status
___________________________________
Fan alarmed Last status(50.2 %)
.
.
.
Sending custom-command 'fan-status' to FortiSwitch: S148EXYXYXYX-214
Module Status
___________________________________
FAN OK(15.4 %)
FortiGate #
FortiGate # execute switch-controller custom-command sensor-status
Sending custom-command 'sensor-status' to FortiSwitch: S148EXYXYXYXY-01
Module Status
___________________________________
Sensor1 42.0 C
Sending custom-command 'sensor-status' to FortiSwitch: S148EXYXYXYXY-02
Module Status
___________________________________
Sensor1 37.0 C
.
.
.
Sending custom-command 'sensor-status' to FortiSwitch: S148EXYXYXYX-214
Module Status
___________________________________
Sensor1 41.0 C
- Collect the power supply status of all the PSUs of all the FortiSwitches in the Fabric.
In the example below with the custom-command option on the FortiGate, it is possible to retrieve the PSU statuses of all the FortiSwitches, then use this output to analyze if any of the FortiSwitches have one or both PSUs in Bad state, and take remedial actions as necessary.
Fortigate # config switch-controller custom-command
FortiGate (custom-command) # edit psu-status
new entry 'psu-status' added
FortiGate (psu-status) # set command "diagnose sys psu status"
FortiGate (psu-status) # end
FortiGate #
FortiGate # show switch-controller custom-command
config switch-controller custom-command
edit "psu-status"
set command "diagnose sys psu status"
next
end
FortiGate #
########### Example output ##############
FortiGate # execute switch-controller custom-command psu-status
Sending custom-command 'psu-status' to FortiSwitch: S448EXYXYXYXYX01
PSU1 is OK.
PSU2 is not present.
Sending custom-command 'psu-status' to FortiSwitch: S448EXYXYXYXYX02
PSU1 is OK.
PSU2 is OK
.
.
.
Sending custom-command 'psu-status' to FortiSwitch: S448EXYXYXYXY214
PSU1 is OK.
PSU2 is not present.
Note:
Before running any diagnostic FortiSwitch CLI command with a custom-command option on the FortiGate, be cautious to verify the syntax of that FortiSwitch CLI and run it directly on a FortiSwitch, and only after confirming it - build the custom command configuration on the FortiGate.
Related documents:
Executing custom FortiSwitch scripts
Technical Tip: FortiSwitch FAN failure