Created on 08-27-2008 11:23 AM
Description | This article discusses issues with using or not using auto-negotiation with Fortinet product 1000BaseT gigabit ethernet interfaces. |
Components |
|
Issue Description | Today, all Ethernet devices have a default setting of auto-negotiation enabled because as a requirement for the IEEE 802.3 standard (802.3u, 802.3z, 802.3ab, and so on.) and the auto-negotiation function SHALL BE USED for 1000BaseT. Gigabit transceivers at the physical layer (PHY) of the Open Systems Interconnection (OSI) model use auto-negotiation to advertise the following modes of operation:
Although auto-negotiation can be disabled for 100BaseTX or 10BaseT connectivity, it is always required for normal 1000BaseT operation. Auto-negotiation is defined in Clause 28 of the 1998 edition of the IEEE Standard (Std) 802.3. Clause 28 defines a standard to address the following goals:
In addition, the 1999 standard for Gigabit over copper cabling, IEEE Std 802.3ab (Clause 40 (1000BASE-T), sub-clause 40.5.1 of 802.), added the following enhancements to the Auto-Negotiation standard:
Auto-Negotiation link partner abilities are negotiated and use a priority resolution algorithm to establish the best mode of operation. The following example is a normal priority scheme (from highest to lowest) for the auto-negotiation link if a device has all the capabilities advertised and advertisement is enabled:
The IEEE 802.3 standard default is to run with auto-negotiation enabled. Technology improvements and better interoperation of auto-negotiation make it the preferred mode of operation, and is required on new technologies such as 1000BaseT (802.3ab). While the standard on Fast Ethernet allows the ability to disable auto-negotiation, it is neither required nor recommended for vendors to implement it. The IEEE 802.3 standard states that you must support and test auto-negotiation enabled to certify a product IEEE 802.3 compliant, and for multivendor interoperability (for example, testing at the UNH Interoperability Laboratory). There are no requirements in the standard to support locked down or forced configurations using auto-negotiation disabled. As a result, there are no requirements for vendors to test multivendor interoperability between products with auto-negotiation disabled. The IEEE 802.3ab specification does not allow for forced mode 1000BaseT with auto-negotiation disabled running at 1000 Mbps. As a result, many switch vendors do not support forced mode. Although some vendors’ Giga transceivers can be configurable for the 1000 Mbps forced mode but it does not work under certain circumstances. Auto-Negotiation is performed as part of the initial set-up of the link, and allows the PHYs at each end to advertise their capabilities (speed, PHY type, half or full duplex) and to automatically select the operating mode for communication on the link. Auto-negotiation signaling is used for the following two primary purposes for 1000BASE-T:
What this means is that although auto-negotiation (Clauses 22 and 28) is optional for most variants of Ethernet and manual configuration (forced mode) is allowed, this is not the case for Gigabit copper (1000BASE-T). Locked-down port policies (forcing speed, duplex, and link capabilities with auto-negotiation disabled) are outdated. Legacy and historical reasons for forced setup with auto-negotiation disabled date back many years when the technology was new. Due to the maturity of the technology today, it no longer has the same issues of 10 years ago when 802.3u Fast Ethernet and 802.3z Gigabit Ethernet were new technology and many vendors had standard compliance issues. The UNH Interoperability Laboratory is used to ensure vendor compliance. These issues were resolved with NIC-driver patches, switch-firmware, and multiple generations of new product releases over many years. The notion of “auto-negotiation is unreliable” can no longer be substantiated. Not all network devices have the ability to force link capabilities for disabled auto-negotiation policies. Some switches and drivers use auto-negotiation (enabled) only and its usage is not optional. In the absence of auto-negotiation (for example, using forced mode), link syncing between link partners may not occur and the link may not come up. Even though the standard allows the ability to disable auto-negotiation on Fast Ethernet 802.3u and Gigabit Ethernet 802.3z (fiber) technologies, it is neither required nor recommended. Do not disable auto-negotiation between switches or NICs unless absolutely required, as physical layer problems may go undetected and result in spanning tree loops. Disabling auto-negotiation should only be used as a troubleshooting aid or temporary workaround until the auto-negotiation problem is resolved. The alternative to disabling auto-negotiation is contacting the vendor for a software or hardware upgrade for IEEE 802.3 compliant Ethernet auto-negotiation support. Old policies from years past for locked-down forced auto-negotiation disabled should be discouraged today. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.