Skip to main content
AlexFerenX
AlexFerenX
Visitor III
December 8, 2025
Question

"port_ha" drop count is increasing, ha1 and ha2 drop show 0 - why?

  • December 8, 2025
  • 1 reply
  • 477 views

Hi!

As I understand, "port_ha" is virtual manifestation of physical "ha1" or "ha2" (depending on priority), so, why am I seeing its drops counter increasing but not either of latter?

<node_redacted> (root) # diagnose netlink device list | grep port Inter-|Receive                                                                     |Transmit  face |bytes             packets     errs drop      fifo frame compressed multicast|bytes          packets     errs drop fifo colls carrier compressed : port_ha:  59307243213    183676419   0    268802671 0     0    0          0        |2695447833533  2029323361  0    1    0    0     0       0 :										   |    ha2:   442088029516   531221403   0    0         0     2    0          4059668  |2709586459181  2051768332  0    0    0    0     0       0    ha1:   43740481445    77620950    0    0         0     0    0          2989697  |13166888759    21729664    0    0    0    0     0       0 :										   |

Thanks!

1 reply

BillH_FTNT
Staff
BillH_FTNT
Staff
December 9, 2025

Hi @AlexFerenX 

Could you please share the information of your device? together with the configuration of HA and snapshot of output of the errs. Thank you

Bill

AlexFerenX
AlexFerenXAuthor
Visitor III
December 9, 2025

Hi @BillH_FTNT 

 

I'm seeing this on both of our HA clusters - a "Border" HA cluster 2200E (with "set group_id 60") and a "LAN" HA 2200E cluster (with "set group_id 50"), former v7.2.11, latter v7.4.8.

 

Primary and Subordinate's HA1 and HA2 interfaces aren't back-to-back connected - they're geographically disparate and follow diverse paths - HA1 one via North path, HA2 via South path.

 

Perhaps something noteworthy: both clusters share HA1 and HA2 paths - so, "Border" HA1 and "LAN" HA1 are in same collision domain; and "Border" HA2 and "LAN" HA2 are in same collision domain. Each cluster has different HA Group Id, so, their HA are not conflated, however, it may cause the drop count we're seeing?

 

Alex.

princes
Staff
princes
Staff
December 9, 2025

Hi AlexFerenX,

 

Kindly check the CPU usage for the device and verify if any particular core is going HIGH, if yes then it might cause similar issue.

 

Refer below article for more detail:

 

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-How-to-troubleshoot-HA-Heartbeat-packet-lost/ta-p/267767

 

 

 

 

 

 

Terms & ConditionsAccessibility statement