|
The Remote IP Monitor feature is use to monitor the path availability and the failover of the HA should the condition is met.
This is useful in the situation when the FortiADC is connected to a switch, but if the switch hangs or becomes unresponsive, the respective FortiADC interface is still UP but the connectivity through the switch is not available.
The Remote IP Monitor health check status is part of the HA primary node selection criteria.
Refer the documentation below for more information.
https://docs.fortinet.com/document/fortiadc/6.0.0/handbook/582105/ha-feature-overview#high-availabil...
Enable and setup the Remote IP Monitor under System - > High Availability.
From GUI:
From CLI:
# config system ha
set remote-ip-monitor enable
set remote-ip-failover-threshold 2
config remote-ip-monitor-list
edit "IP1"
set remote-address 10.131.1.207
set interface port2
next
edit "IP2"
set remote-address 10.128.3.4
set interface port2
next
edit "IP3"
set remote-address 10.164.2.122
set interface port4
next
end
end
User can monitor multiple IPs from different source interface.
Take note on the Failover Threshold. This is how many remote IPs failed the monitor health check before the unit start the HA failover. The default is 5.
For example:
| Remote IP Monitor List |
Failover Threshold |
Action |
| 3 IP |
2 |
HA will trigger when any 2 IP failed the health check |
| 3 IP |
4 |
Since the threshold is set to 4, it need 4 IP to fail the health check to trigger the HA failover |
If 3 IPs are listed for the monitor and the Failover Threshold is set to 2, the HA failover will activate when any 2 of the IPs failed the health check.
If it is set to 4, but the IP listed are 3, the HA failover condition will never meet, as it needs 4 IP to fail the health check, and the HA will not failover.
Refer to below documentation for more information on the Remote IP Monitor.
https://docs.fortinet.com/document/fortiadc/7.0.1/handbook/886000/configuring-ha-settings
|
