High availability | |
|
|
During startup the members of an HA cluster negotiate to select the primary unit. The primary unit allows other FortiGate units to join the HA cluster as subordinate units and assigns each subordinate unit a priority.
The primary FortiGate unit sends session messages to the subordinate units through the FortiGate HA interfaces. All FortiGate units in the cluster maintain all session information. If the primary FortiGate unit fails, the subordinate units negotiate to select a new primary unit. All connections are resumed by the new primary unit.
During a
If a subordinate FortiGate unit fails, the primary FortiGate unit writes a message to its event log, and sends an SNMP trap and an alert email. The primary FortiGate unit also adjusts the priority of each of the remaining units in the HA cluster.
Active-active HA
In
Table 15:
Schedule | Description |
|
|
None | No load balancing. Used when the cluster interfaces are connected to |
| load balancing switches. |
|
|
Hub | Used when the cluster interfaces are connected to a hub. Distributes |
| traffic to units in the cluster based on the Source IP and Destination IP |
| of the packet. |
|
|
Distributes traffic to the cluster unit with the fewest concurrent | |
| connections. |
|
|
Round Robin | Distributes traffic to the next available cluster unit. |
|
|
Weighted Round | Similar to Round Robin but weighted values are assigned to each of |
Robin | the units in a cluster based on their capacity. For example, the primary |
| unit should have a lower weighted value because it handles scheduling |
| and forwards traffic. |
|
|
Random | Randomly distributes traffic to cluster units. |
|
|
IP | Distributes traffic to units in a cluster based on the Source IP and |
| Destination IP of the packet. |
|
|
IP Port | Distributes traffic to units in a cluster based on the Source IP, Source |
| Port, Destination IP, and Destination port of the packet. |
|
|
76 | Fortinet Inc. |
