Fortinet FortiGate FortiGate-1000A Administration Manual page 93

System Config
FortiGate-1000A/FA2 Administration Guide
Inside the cluster the individual FortiGate units are called cluster units. These cluster
units share state and configuration information. If one cluster unit fails, the other units
in the cluster automatically replace that unit, taking over the work that the failed unit
was doing. The cluster continues to process network traffic and provide normal
FortiGate services with virtually no interruption.
Every cluster contains one primary cluster unit (also called primary units) and one or
more subordinate cluster units (also called subordinate units). The primary unit
controls how the cluster operates. The roles that the primary and subordinate units
play in the cluster depend on the mode in which the cluster operates. See
on page 94.
The ability of an HA cluster to continue providing firewall services after a failure, is
called failover. FortiGate HA failover means that your network does not have to rely on
one FortiGate unit to continue functioning. You can install additional units and form an
HA cluster. Other units in the cluster will take over if one of the units fails.
A second HA feature, called load balancing, can be used to increase firewall
performance. A cluster of FortiGate units can increase overall network performance
by sharing the load of processing network traffic and providing security services. The
cluster appears to your network to be a single device, adding increased performance
without changing your network configuration.
The FortiGate Clustering Protocol (FGCP)
Fortinet achieves high availability (HA) using redundant hardware and the FortiGate
Clustering Protocol (FGCP). Each FortiGate unit in an HA cluster enforces the same
overall security policy and shares the same configuration settings. You can add up to
32 FortiGate units to an HA cluster. Each FortiGate unit in an HA cluster must be the
same model and must be running the same FortiOS firmware image.
The FortiGate units in the cluster use ethernet interfaces to communicate cluster
session information, synchronize the cluster configuration, synchronize the cluster
routing table, and report individual cluster member status. In the cluster, these
ethernet interfaces are called heartbeat devices and the communication between
cluster units is called the HA heartbeat. Using the HA heartbeat, cluster units are
constantly communicating HA status information to make sure that the cluster is
operating properly.
FortiGate HA and the FGCP support link failover, device failover, and HA heartbeat
failover.
Link failover If one of the links to a FortiGate unit in an HA cluster fails, all functions, all
established firewall connections, and all IPSec VPN sessions
by the other FortiGate units in the HA cluster. For information about link
failover, see
Device failover If one of the FortiGate units in an HA cluster fails, all functions, all established
firewall connections, and all IPSec VPN sessions are maintained by the other
FortiGate units in the HA cluster.
HA heartbeat You can configure multiple interfaces to be HA heartbeat devices. If an
interface functioning as an HA heartbeat device fails, the HA heartbeat is
failover
transferred to another interface also configured as an HA heartbeat device.
a.HA does not provide session failover for PPPoE, DHCP, PPTP, and L2TP services.
01-28011-0254-20051115
"Monitor priorities" on page
"HA modes"
a
are maintained
100.
HA
93