FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Hassan09
Staff
Staff
Article Id 266656
Description This article describes how to configure a DNS health check monitor for improved server load balancing, ensuring seamless network performance.
Scope Any supported version of FortiOS.
Solution

By utilizing DNS health checks, which include TCP or UDP DNS probes, efficient server distribution and high availability can be achieved. Below are the steps for setting up the monitor with different IPs and domain names for demonstration purposes.

 

To optimize server load balancing using DNS health checks, follow these steps.

 

Configure the DNS health check monitor:

 

Begin by creating a new DNS health check monitor in the firewall settings.

 

config firewall ldb-monitor

edit "custom-dns-monitor"

set type dns

set interval 45

set port 53

set src-ip 10.2.2.5

set dns-request-domain <Fully qualified domain name to resolve for the DNS probe>

set dns-match-ip 10.2.2.100

next

end


Apply the monitor to a virtual server:

 

Link the DNS health check monitor to a virtual server for effective load balancing.

 

config firewall vip

edit "load-balanced-virtual-server"

set type server-load-balance

set extip 10.1.1.1

set extintf "wan1"

set server-type ip

set monitor "custom-dns-monitor"

set ldb-method round-robin

config realservers

edit 1

set ip 10.2.2.100

next

edit 2

set ip 10.2.2.101

next

end


Deploying a DNS health check monitor in the server load balancing setup ensures efficient network traffic distribution and improved performance.

Contributors