FortiADC
FortiADC enhances the scalability, performance, and security of your applications whether they are hosted on premises or in the cloud.
Khidzir_MN
Staff
Staff
Description

This article describes how to setup Remote IP Monitor for HA.

Scope

FortiADC version 6.0 and later.

Solution

The Remote IP Monitor feature is use to monitor the path availability and the failover of the HA should the condition is met.

This is useful in the situation when the FortiADC is connected to a switch, but if the switch hangs or becomes unresponsive, the respective FortiADC interface is still UP but the connectivity through the switch is not available.

The Remote IP Monitor health check status is part of the HA primary node selection criteria.

 

Refer the documentation below for more information.
https://docs.fortinet.com/document/fortiadc/6.0.0/handbook/582105/ha-feature-overview#high-availabil...


Enable and setup the Remote IP Monitor under System - > High Availability.

From GUI:

 

remote ip.PNG 

 

From CLI:


# config system ha
       set remote-ip-monitor enable
       set remote-ip-failover-threshold 2
       config remote-ip-monitor-list
            edit "IP1"
                set remote-address 10.131.1.207
                set interface port2
            next
            edit "IP2"
                set remote-address 10.128.3.4
                set interface port2
            next
            edit "IP3"
                set remote-address 10.164.2.122
                set interface port4
            next

       end
end

 

User can monitor multiple IPs from different source interface.

Take note on the Failover Threshold. This is how many remote IPs failed the monitor health check before the unit start the HA failover. The default is 5.

For example:

 

Remote IP Monitor List Failover Threshold Action
3 IP 2 HA will trigger when any 2 IP failed the health check
3 IP 4 Since the threshold is set to 4, it need 4 IP to fail the health check to trigger the HA failover

 

If 3 IPs are listed for the monitor and the Failover Threshold is set to 2, the HA failover will activate when any 2 of the IPs failed the health check.

If it is set to 4, but the IP listed are 3, the HA failover condition will never meet, as it needs 4 IP to fail the health check, and the HA will not failover.

Refer to below documentation for more information on the Remote IP Monitor.
https://docs.fortinet.com/document/fortiadc/7.0.1/handbook/886000/configuring-ha-settings

 

Contributors