Troubleshooting Tip: HA Vlan monitor debug commands

FortiKoala · ‎11-28-2017

Purpose
This document describes the debug commands used when trouble shooting the High Availability (HA) vlan-monitor feature

Fortinet Docs > Chapter 15 - High Availability > HA and failover protection > Monitoring VLAN interf...

Expectations, Requirements
Instructions to debug HA vlan-monitor feature

Configuration

Use the following CLI command to enable monitoring VLAN interfaces:

config system ha-monitor
    set monitor-vlan enable/disable
    set vlan-hb-interval <interval_seconds>
    set vlan-hb-lost-threshold <vlan-lost-heartbeat-threshold>
end

Troubleshooting
Reset the debug settings

diagnose debug reset

IMPORTANT enable debugging diagnose debug enable, or the next command will give no output

diagnose sys ha vlan-hb-monitor

Output

2017-09-22 11:03:44 peer #1: serial_no: FGTSERIALNUMBER123, last_hb: 0 sec ago, active
2017-09-22 11:03:44 vlan_intf #2: dmz1 <-- #<VLAN>: interface
2017-09-22 11:03:44 peer #1: serial_no: FGTSERIALNUMBER123, last_hb: 0 sec ago, active
2017-09-22 11:03:44 vlan_intf #3: internal <-- #<VLAN>: interface
2017-09-22 11:03:44 peer #1: serial_no: FGTSERIALNUMBER123, last_hb: 0 sec ago, active
....
2017-09-22 11:03:44 peer #1: serial_no: FGTSERIALNUMBER123, last_hb: 4219777 sec ago, not active
2017-09-22 11:03:44 vlan_intf #9: servers <-- #<VLAN>: interface

If you need to monitor the real-time VLAN monitor messages run the following command

diagnose debug application hamonitord -1

Example Error message

2017-09-22 11:11:26 [vlan_hb_timer_func:139] sendto() failed: 100(Network is down)

Troubleshooting Tip: HA Vlan monitor debug commands

You are leaving our website