Troubleshooting Tip: Load Balancer IP Unreachable in FortiPortal Scalable Cluster in an Airgap Mode
| Description | This article describes the limitations of a FortiPortal scalable cluster using FortiPortal load balancer service without access to the internet. |
| Scope | FortiPortal v7.0+. |
| Solution | When configuring a FortiPortal Scalable Cluster, adding a load balancer is optional. If enabled, the load balancer IP is automatically applied across all cluster instances.
However, in a closed network (Airgap mode), the load balancer will not function properly because it requires internet access to download the necessary components.
FPC-LB-Proxy, the service responsible for load balancing, needs an internet connection to download dependencies.
Without internet access, the daemon enters a 'Waiting' state and fails to start.
The following CLI command can be used to check the fpc-lb-proxy service status to verify the issue:
execute detail-container Containers: Since the fpc-lb-proxy depends on internet access for setup and operation, a FortiPortal Scalable Cluster using the FortiPortal load balancer service is not supported in closed networks (Airgap mode).
An external load balancer can be used in this case instead of using FortiPortal's load balancer to direct traffic to FortiPortal nodes.
In this case, all three FortiPortal nodes must be able to communicate with each other through an L3/L4 connection on port1. |