Description
This article describes how to configure and validate HA failover due to memory utilization.
The new feature is included in FortiOS 7.0.0 onward and 7.2.0 onward (but not available in 6.4.x) to allow HA failover due to memory utilization.
In the scenario where the existing master’s memory utilization exceeds the threshold configured by the administrator for a specific amount of time.
Note :
The value used is a demonstration purpose, a higher threshold shall be configured in a production environment to prevent frequent failover of the HA master.
Important :
Override must be disabled on BOTH Primary and Secondary. Otherwise, there will be another failover immediately based on priority and the old primary will become master again with high memory usage:
Primary unit selection with override enabled.
Scope
FortiGate.
Solution
Initial Configuration.
In the existing environment, a HA pair with an A-P setup is configured with FortiOS 7.0.0. As visible from the following print screen, FortiGate with hostname Kancil-kvm39 is selected as the master as it was configured with higher priority:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.