Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Bruce7x2
New Contributor III

What the relationship of update-static-route of Link Monitor and VRRP Failover

Topology:
HQFG(WAN1,10.100.100.6)----PE(10.100.100.21)--(WAN1)Remote-FG2(VRRP,172.100.10.254)
 
When I set "update-static-route" in the "link-monitor" configuration of Remote-FG2 to "disable," the VRRP Failover fails to switch, and the priority remains unchanged until I set "update-static-route" to "enable." However, I don't want my static routes to disappear as a result. How should I configure it?
 
Certainly, when I checked the status of the link-monitor using "diagnose sys link-monitor status," I confirmed that the link-monitor is in a "die" state.
 
Please assist me in clarifying and improving this issue. Thank you.
 
My VRRP config as the following:
config router static
    edit 1
        set gateway 10.100.100.21
        set device "port1"
        set link-monitor-exempt enable
    next
    edit 2
        set dst 10.100.100.6 255.255.255.255
        set gateway 10.100.100.21
        set device "port1"
    next
end
 
config system interface
    edit "port2"
        set vdom "root"
        config vrrp
            edit 24
                set vrgrp 24
                set vrip 172.100.10.254
                set priority 150
                set vrdst 10.100.100.6
                set vrdst-priority 75
            next
        end
config system link-monitor
    edit "monitor-fghq-port1"
        set srcintf "port1"
        set server "10.100.100.6"
        set failtime 3
set update-static-route enable
    next
end

 

Bruce Liu
Bruce Liu
1 Solution
knagaraju
Staff
Staff

Hi Bruce Liu,

The Link Monitor updates static routes depending on changes in link availability, while VRRP Failover updates static routes when the master router in a VRRP group changes. Verify that you are monitoring the same interface in Link Monitor and VRRP!!

Regards
Nagaraju.


View solution in original post

2 REPLIES 2
knagaraju
Staff
Staff

Hi Bruce Liu,

The Link Monitor updates static routes depending on changes in link availability, while VRRP Failover updates static routes when the master router in a VRRP group changes. Verify that you are monitoring the same interface in Link Monitor and VRRP!!

Regards
Nagaraju.


knagaraju
Staff
Staff

If link monitoring configured for Port1 fails it removes the corresponding routes in FIB, in your setup the VRRP destination is "10.100.100.6" so it's possible. 

Regards
Nagaraju.

Top Kudoed Authors