FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
cskuan
Staff
Staff
Description
This article describes how to identify the hbdev(heartbeat port) that is used for session sync and config sync in 6/7K Chassis.

Solution
Both 6K and 7K Chassis have multiple hbdev(heartbeat port) which are fixed and built-in.
Below is an example of hbdev in 7K chassis:
# show sys ha
# config system ha
    set group-id 19
    set group-name "7K"
    set mode a-p
    set hbdev "1-M1" 100 "1-M2" 100 "2-M1" 100 "2-M2" 100  < -----------
    set session-pickup enable
    set override enable
    set priority 200
end
Heartbeat packets will be send out on both M1 and M2 hbdev (heartbeat port);
Session-sync only utilized the (active/highest priority) hbdev and will fall back to 2nd highest priority hbdev, if the previous hbdev failed.

To identify which heartbeat port was use for the session-sync, kindly run the following command:
# diag sys ha dump-by group

[FIM01] (global) # diag sys ha dump-by group
<hatalk>             HA information.
group-id=19, group-name='7K'

gmember_nr=2

board-failover-tolerance=0, best_hbdev=1-M1, dp_rsync_hbdev=1-M1, slave_fim_dp_rsync_hbdev=2-M1
'FG76Exxxxxxxxxx': ha_ip_idx=1, hb_packet_version=14, last_hb_jiffies=66823254, last_hb_jiffies_xfim=66823254, linkfails=0, weight/o=0/0
        hbdev_nr=2:
                1-M1(mac=704c..eb, last_hb_jiffies=66823254, last_hb_jiffies_xfim=66823254, hb_lost=0, good_hb_rcvd=1, xfim_hb_rcvd=1)
                2-M1(mac=224c..e0, last_hb_jiffies=66823254, last_hb_jiffies_xfim=66823254, hb_lost=0, good_hb_rcvd=1, xfim_hb_rcvd=1)
'FG76Exxxxxxxxxx': ha_ip_idx=0, hb_packet_version=15, last_hb_jiffies=0, last_hb_jiffies_xfim=0, linkfails=0, weight/o=0/0

vcluster_nr=1
vcluster_0: start_time=1592213243(2020-06-15 02:27:23), state/o/chg_time=2(work)/1(helo)/1592213245(2020-06-15 02:27:25)
        'FG76Exxxxxxxxxx': ha_prio/o=1/1, link_failure=0, pingsvr_failure=0, flag=0x00000000, uptime/reset_cnt=177/0, active_worker=0/4, chassis_id=2
        'FG76Exxxxxxxxxx': ha_prio/o=0/0, link_failure=0, pingsvr_failure=0, flag=0x00000001, uptime/reset_cnt=0/0, active_worker=4/4, chassis_id=1
'Best_hbdev': show the hbdev that is use for both session sync and config sync.
'Dp_rsync_hbdev': between FIM in cross chassis.
'slave_fim_dp_rsync_hbdev': between FIM in intra chassis.

Contributors