Hi,
We have a Fortigate HA with load balance all enabled, and we are monitoring the behavior, and I can see many retransmissions between slave and master, just when the slave unit process the packet, see this picture:
Anyone known if this is normal? when we have load balance all enabled?
Regars
Lucas
Hello Lucas,
Yes, it is possible if the traffic is high. load-balance-all option will make the primary unit load balance all TCP sessions.
It really doesn't help to improve the throughput because of extra overhead required for load balancing. So load-balance-all is disabled by default.
Hi vjoshi,
Thanks.
The strange thing is that this environment is lab, has no charge. :(
Regards
Lucas
vjoshi wrote:Hello Lucas,
Yes, it is possible if the traffic is high. load-balance-all option will make the primary unit load balance all TCP sessions.
It really doesn't help to improve the throughput because of extra overhead required for load balancing. So load-balance-all is disabled by default.
Hello Lucas,
Sorry, what do you mean by 'no charge'?
If it is in lab and you are testing this, fine.
If this is just a test bed and you are planning for a production setup, and if you really want to use the HA for optimum load balancing, I would suggest virtual clustering with VDOMs.
This is possible in a-p mode where each device will be master for specific VDOMs and other device will serve as Slave unit.
Cheers,
lpiris wrote:Hi vjoshi,
Thanks.
The strange thing is that this environment is lab, has no charge. :(
Regards
Lucas
Hi Joshi,
Sorry, I wanted to talk without load.
Actually we have a HA in production, And we have this behavior.
So, We made lab with two 110C FG and we can see the same behavior.
Regards
Lucas
vjoshi wrote:Hello Lucas,
Sorry, what do you mean by 'no charge'?
If it is in lab and you are testing this, fine.
If this is just a test bed and you are planning for a production setup, and if you really want to use the HA for optimum load balancing, I would suggest virtual clustering with VDOMs.
This is possible in a-p mode where each device will be master for specific VDOMs and other device will serve as Slave unit.
Cheers,
lpiris wrote:Hi vjoshi,
Thanks.
The strange thing is that this environment is lab, has no charge. :(
Regards
Lucas
Hello Lucas,
I got it. It is strange it happens without load.
Is it causing any specific issue to the application?
Hi Josh,
Yes! this customer have an internal application that are impacted.
We had to change ha mode to a-p, and it works fine.
I will monitoring anothers HA, To see if I can find the same behavior.
Cheers
Lucas
vjoshi wrote:Hello Lucas,
I got it. It is strange it happens without load.
Is it causing any specific issue to the application?
Hello Lucas,
Do you see the same behavior in your lab setup as well?
Hi Josh,
yes.
vjoshi wrote:Hello Lucas,
Do you see the same behavior in your lab setup as well?
Hello Lucas,
Weird, I expect it to happen, but without any traffic doesn't seem to be correct.
I would recommend not to use the load balance all, instead use the virtual cluster for effective load sharing.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.