Technical Note: How to perform controlled chassis failover between 2 chassis in SLBC dual mode

cochoa · ‎11-08-2018

Description

This article describes how to perform a controlled chassis failover between 2 chassis in SLBC dual mode.

Solution

How to produce a chassis failover:

Step by step:

_ In the primary FortiController in chassis #1:

#diag sys ha force-slave-state by-chassis 5 1

_ Verify the chassis failover in primary FortiController in chassis #2:

#get sys status

To return primary role to FortiController in chassis #1:

Step by step:
_ Clean the flag in the new master / primary FortiController in chassis #2

#diag sys ha force-slave-state clear

_ Verify that the primary role was correctly reassigned to primary FC in chassis #1

#get sys status

Some suggested commands to be executed before and after the failover to verify correct synchronization in and between chassis are the following:

On the FortiControllers:

Command

Purpose

Expected Result

diagnose system ha status

Check blade synchronization

Check master, slave role

All blades with in_sync=1

get load-balance status

Check workers status

Both workers should be in status=Working

On the FortiGates:

Command

Purpose

Expected Result

diag sys confsync status

Check blade synchronization

All blades with in_sync=1

diag test application chlbd 1

Check hb status

last_rx < 100

diag test application chlbd 2

Check route synchronization

route_sync=2

Command	Purpose	Expected Result
diag sys confsync status	Check blade synchronization	All blades with in_sync=1
diag test application chlbd 1	Check hb status	last_rx < 100
diag test application chlbd 2	Check route synchronization	route_sync=2

Technical Note: How to perform controlled chassis failover between 2 chassis in SLBC dual mode

You are leaving our website