| Description |
The article explains how to adjust Health-check parameters according to the latency of a production environment when Server Pools are randomly flapping on FortiWeb. |
| Scope |
FortiWeb. |
| Solution |
The solution is applicable assuming no issue on the real server-side and network latency is the reason for the server pool flapping on FortiWeb logs.
Check the output of health check debug. In the example below the real server is not replying to FortiWeb within the time intervals set on the Health-check policy. This will cause the Server Pool to flap and interrupt the services.
[HLCK][DEBUG] resolve [example.com] to [10.0.0.1] [HLCK][DEBUG] [2225310] https server[example.com:443][0] connect, evts: 2 [HLCK][DEBUG] https server[example.com:443][0] set status to down. [HLCK][DEBUG] [2225320] https server[example.com:443][0] connect, evts: 1 [HLCK][DEBUG] [2225330] https server[example.com:443][0] connect, evts: 1 [HLCK][DEBUG] resolve [example.com] to [10.0.0.1] [HLCK][DEBUG] [2225340] https server[example.com:443][0] connect, evts: 2 [HLCK][DEBUG] https server[example.com:443][0] set status to down.
The Health-check parameters can be adjusted as below instead of the default ones.
The parameters can be also fine-tuned according to the latency of the network, and if the issue persists, Fortinet support can be contacted for further investigations. |
