| Description | This article describes the steps to mitigate a split-brain issue of FortiGate HA that has been deployed in FortiGate Clustering Protocol (FGCP) implementation. |
| Scope | FortiOS 7.6.0. |
| Solution |
In traditional FGCP HA implementation, FortiGate relies on the heartbeat interface for heartbeat packet exchange to determine if the member devices are healthy. If the heartbeat device of the member device fails or is down, heartbeat packets will not be exchanged and split-brain will occur. Split-brain scenario would cause continuous network issues in the network as both members determine themselves to be the master of the cluster.
In the following example, port3 has been configured to exchange heartbeat packets:
When port3 is down, both FortiGates would claim the primary role as it does not receive the heartbeat packet of the other device:
Verification of HA status on both FortiGate indicates that both devices are claiming as the primary:
To mitigate the split-brain scenario when the heartbeat interface is down, a new feature has been introduced to serve as a backup heartbeat interface (backup-hbdev) in new feature tracked with feature ID 988753. The backup heartbeat interface will not process any heartbeat packet until the main heartbeat packet is deemed lost. In the following example, port4 has been configured as a backup heartbeat interface:
With this setting, port4 will be elected as the heartbeat interface when port3 is down:
Under this scenario, split-brain would not occur, and the end users' traffic would continue to flow through the primary unit:
|
