Why do i have downtime during an HA cluster upgrade.
Hello everyone, When I upgrade my Ha clusters "fortigate appliance" I have downtime twice for about 40/30 sec. The ha is configured as active-passive. I am using gui to start the upgrade process from fortimanager. Is that normal behaviour?
Thanks for your update, as while upgrading the devices in HA cluster the secondary upgrades first and then the secondary reboots and come up, then the up-gradation takes place for the Primary device.
So when the device is switching the role it sends the Gratuitous ARP to let the network know that now all the traffic has to be sent to that particular device.to notify the network that a new physical port has become associated with the IP address and virtual MAC of the HA cluster.
This is sometimes called “using gratuitous ARP packets to train the network,” and can occur when the primary node is starting up, or during a failover. Also configure ARP Packet Interval.
The valid range is 1 to 60. The default is 5 for the arp packets
So might be your are having cluster that has a large number of VLAN interfaces and virtual domains.
It can be switch also taking the time to guide the network about the new device.
You can change the arp setting in the HA configuration, but normally, you do not need to change this setting.
Refer the below document for the same if it helps:
I assume you're talking about a circuit failover like from wan1 to wan2 as a "failover", that changes just an outgoing interface on the same FGT. HA is a whole FGT swap so all sessions have to be in sync to minimize the down time. You can't simply compare between them.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.