fortimail and it's HA cluster setup.

koldun2006 · ‎08-11-2021

Hello all.

recently our fortimail v6.4.3, which is configured in active\passive cluster, hang a bit.

as result transport queue was stopped, port 25 closed, no messages was received\deliver to\from internet.

GUI was not accessible, and the only way to bring system back to life was reboot virtual machine, from hypervisor level.

And my question is regarding HA cluster, isn't it should activate passive node in such cases, to take over transport service?

dbu · ‎01-11-2024

Hello @koldun2006 ,
In an Active-Passive HA configuration when the primary unit fails, the secondary unit becomes the new primary unit and assumes the duty of email processing.

During the failover, no mail data or configuration changes are lost, but some in-progress email deliveries may be interrupted. These interrupted deliveries may need to be restarted, but most email clients and servers can gracefully handle this.
Additional failover behaviors may be configured by specifying "On Failure" to be :

Switch off immediately
Wait for recovery
Wait for recovery and switch to configured role

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.

AEK · ‎01-11-2024

Hi

Failover doesn't occur if the secondary node still receives heartbeats from primary. I guess that's what probably unfortunately happened to your cluster.

In such specific situations an active-active cluster is better, since the sending servers would redirect mails to the second MX.

Try keep your FML to the latest patch in order to fix known bugs.

AEK

fortimail and it's HA cluster setup.

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website