|
When a monitored interface goes down, it triggers a failover, which causes the cluster to renegotiate and re-select the primary unit.
Prerequisites:
- A Fortinet HA cluster is already configured.
- The devices in the cluster are running the same firmware version and the configuration are synchronized.
- Proper HA settings (for example heartbeat interfaces, and session synchronization) are in place.
Configuration:
To configure interface monitoring for HA failover, use the following CLI command:
config system ha
set monitor "interface_name"
end
Replace 'interface_name' with the name of the interface desired to be monitored (for example wan1, port1, etc).
To configure interface monitoring for HA failover, use the following steps in GUI:
Go to System -> HA -> Monitored Interfaces, select the interface, and save the changes.
Monitoring Interfaces and Failover:
Regardless of whether the override is enabled or disabled, the first criterion for primary unit selection will always be based on the number of operationally UP-monitored interfaces. The device with the highest UP monitored interfaces is selected as the primary, and failover occurs if the number of monitored interfaces down is higher on the Master device than on the Slave.
Best Practices:
- The heartbeat (hbdev) interface should be excluded from monitoring.
- Monitored interfaces may disconnect during setup, causing premature failovers. Configure the monitor interfaces only after the HA cluster is fully set up, synchronized, and operational.
- Monitor only critical interfaces handling high-priority traffic and avoid monitoring all interfaces.
Unfortunately, if there are multiple monitor interfaces, failover with threshold is not available. Only the ping server can have the failover with a threshold.
Related article:
|
