Description | This article lists useful commands for initial troubleshooting steps with issues running FortiGate with Virtual Servers. |
Scope | FortiGate, FortiOS. |
Solution |
Verification and debug
Any of the following options can be supplied:
Information about Virtual Servers can also be viewed in the GUI under Monitoring -> Load Balance Monitor.
get test ipldbd 2 (where ipldbd is the load balance daemon)
Example output:
num of vf=1
The following command displays VIP filters. This is useful on FortiGates with many VIPs:
diagnose firewall vip virtual-server filter <option>
Use the following command to view virtual server stats:
diagnose firewall vip virtual-server stats
The best verification is a packet sniffer. In the sniffer, it is possible to view how packets are being forwarded based on the current load-balancing method.
diagnose sniffer packet <interface/any> ‘<filter>’ <verbose> <count>
To stop the sniffer, press Ctrl+C on the keyboard.
It is possible to change the format above to sniff for the specific traffic being forwarded towards the servers.
See the help page for more information about load balancing diagnosis commands:
To compare with configuration, refer to the following documentation: Virtual server load balance - FortiGate administration guide. Technical Tip: Configure virtual server. Troubleshooting Tip: How to fix an issue with Virtual Servers. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.