Fortinet FortiGate FortiGate-1000A Administration Manual page 94
Fortinet fortigate fortigate-1000a: user guide
Hide thumbs
Also See for FortiGate FortiGate-1000A:
- Install manual (58 pages) ,
- Quick start manual (2 pages) ,
- Administration manual (458 pages)
Table of Contents
Advertisement
HA
94
HA modes
FortiGate units can be configured to operate in active-passive (A-P) or active-active
(A-A) HA mode. Active-active and active-passive clusters can run in either NAT/Route
or Transparent mode.
An active-passive (A-P) HA cluster, also referred to as failover HA, consists of a
primary unit that processes traffic, and one or more subordinate units. The
subordinate units are connected to the network and to the primary unit but do not
process traffic.
When a cluster is operating in active-passive mode, in addition to the operating mode
(NAT or Transparent) the front panel LCD of all cluster units displays (a-p). On the
primary unit the LCD displays primary. One the subordinate units, the LCD displays
slave <priority_id>. The priority_id is the priority that the subordinate unit
has in the cluster. If there are three units in the Cluster the LCD displays are:
• primary (a-p)
• slave 1 (a-p)
• slave 2 (a-p)
Active-active (A-A) HA load balances network traffic to all of the cluster units. An
active-active HA cluster consists of a primary unit that processes traffic and one or
more subordinate units that also process traffic. The primary unit uses a load
balancing algorithm to distribute processing to all of the cluster units in the HA cluster.
By default a FortiGate HA active-active cluster load balances virus scanning sessions
among all cluster units. All other traffic is processed by the primary unit. Using the CLI,
you can configure the cluster to load balance TCP traffic and virus scanning traffic
among all cluster units. See
traffic" on page
104.
When a cluster is operating in active-active mode, in addition to the operating mode
(NAT or Transparent) the front panel LCD of all cluster units displays (a-a). On the
primary unit the LCD displays primary. One the subordinate units, the LCD displays
slave <priority_id>. The priority_id is the priority that the subordinate unit
has in the cluster. If there are three units in the Cluster the LCD displays are:
• primary (a-a)
• slave 1 (a-a)
• slave 2 (a-a)
For more information about FortiGate HA and the FGCP, see the
Availability Guide
and the
FortiGate HA compatibility with DHCP and PPPoE
FortiGate HA is not compatible with PPP protocols such as DHCP or PPPoE. If one or
more FortiGate unit interfaces is dynamically configured using DHCP or PPPoE you
cannot switch to operating in HA mode. Also, if you are operating a FortiGate HA
cluster, you cannot change a FortiGate interface in the cluster to be configured
dynamically using DHCP or PPPoE.
Configuring a FortiGate interface to be a DHCP server or a DHCP relay agent is not
affect by HA operation. For information about DHCP server and relay, see
DHCP" on page
81.
01-28011-0254-20051115
"To configure load balancing TCP and virus scanning
Fortinet Knowledge
Center.
System Config
FortiGate High
"System
Fortinet Inc.
Advertisement
Table of Contents
