| Description | This article describes how to disable FortiADC Global Load Balance port 5858 and not impacting the local SLB server object. |
| Scope | FortiADC. |
| Solution |
FortiADC GLB Server: FortiADC GLB (Global Load Balance) uses TCP port 5858 to communicate with FortiADC SLB instances. GLB retrieves the status updates, health checks and Virtual Server configuration information from the service port 5858. This applies to both local FortiADC SLB (Server Load Balance) and remote FortiADC SLB.
Example: FortiADC GLB Server:
DEFAULT_DNS_SERVER:
This is the pre-configured default server; it has the default IP '0.0.0.0' configured, which it will be connecting to localhost 127.0.0.1 for the local FortiADC SLB instance. The port is configured with a default value too, with the number 5858.
FortiADC Global Load Balance GLB Setting: In the GLB Setting page, it has a configurable option for the service port 5858 and the interfaces of the service port to be listened to.
Configure port 5858 to not listen to all interfaces or only to specific interfaces. Toggle to disable the option 'Listen on All Interfaces'. Select the specific interfaces or deselect all the interfaces so that the port 5858 only listens to the localhost 127.0.0.1 host.
Impact: With all the interfaces being deselected from the port 5858 listen interface, only the local FortiADC GLB can connect and check the SLB status. If there is any remote FortiADC GLB in another datacenter requiring connecting to the FortiADC for the SLB instance status sync, it will fail to connect and check/update the SLB Virtual Server list and status.
If there’s only one FortiADC instance without any remote datacenter FortiADC instances, the GLB port 5858 can be disabled from listening to all interfaces, and the GLB Server has to be configured to connect to the localhost IP address 127.0.0.1 or the default 0.0.0.0, which translates the connection to 127.0.0.1.
Related documents: Configuring GLB Servers |
