Fortinet FortiGate FortiGate-5001 Administration Manual page 96
Fortigate 5000 series
Hide thumbs
Also See for FortiGate FortiGate-5001:
- Quick start manual (2 pages) ,
- Introduction manual (77 pages) ,
- Quick manual (37 pages)
Table of Contents
Advertisement
HA
96
IP
Load balancing according to IP address. If the cluster units are connected
using switches, select IP to distribute traffic to cluster units based on the
Source IP and Destination IP of the packet.
IP Port
Load balancing according to IP address and port. If the cluster units are
connected using switches, select IP Port to distribute traffic to cluster units
based on the source IP, source port, destination IP, and destination port of
the packet.
By default a FortiGate HA active-active cluster load balances virus scanning sessions
among all cluster units. All other traffic is processed by the primary unit. Using the CLI,
you can configure the cluster to load balance all network traffic among all cluster units.
See
"To switch between load balancing virus scanning sessions and all sessions" on
page
102.
Priorities of Heartbeat Device
Enable or disable HA heartbeat communication and set the heartbeat priority for each
interface in the cluster.
By default, HA heartbeat communication is set for two interfaces. You can disable the
HA heartbeat for either of these interfaces or enable HA heartbeat for other interfaces.
In most cases you can maintain the default heartbeat device configuration as long as
you can connect the heartbeat device interfaces together.
The heartbeat priority must be set for at least one cluster interface. If heartbeat
communication is interrupted the cluster stops processing traffic.
To enable HA heartbeat communication for an interface, enter a priority for the
interface. To disable HA heartbeat communication for an interface, delete the priority
for the interface.
The HA heartbeat priority range is 0 to 512. The interface with the highest priority
handles all HA heartbeat traffic. If this interface fails or becomes disconnected, the
interface with the next highest priority handles all HA heartbeat traffic.
The cluster units use the ethernet interfaces configured with HA heartbeat priorities for
HA heartbeat communication. The HA heartbeat communicates cluster session
information, synchronizes the cluster configuration, synchronizes the cluster routing
table, and reports individual cluster member status. The HA heartbeat constantly
communicates HA status information to make sure that the cluster is operating
properly.
You can enable heartbeat communications for physical interfaces, but not for VLAN
subinterfaces.
Enabling the HA heartbeat for more interfaces increases reliability. If an interface fails,
the HA heartbeat can be diverted to another interface.
HA heartbeat traffic can use a considerable amount of network bandwidth. If possible,
enable HA heartbeat traffic on interfaces only used for HA heartbeat traffic or on
interfaces connected to less busy networks.
01-28008-0013-20050204
System Config
Fortinet Inc.
Advertisement
Table of Contents
