Created on 06-24-2023 09:44 AM Edited on 06-26-2023 02:42 AM By Jean-Philippe_P
Description | This article discusses Virtual Server Load Balancer's behavior when using IP-based load-balancing on Active-Passive Real servers. |
Scope | FortiGate. |
Solution | The original behavior for a server-load-balance VIP that has both active and standby real servers is if the active server is down and traffic is being forwarded to the standby server and when the active server is re-activated (or comes back up), traffic does not go (move) to the active server immediately because traffic matches an existing firewall session and would still forward traffic to the standby server. This behavior is changed in and after firmware 7.2.4 and 7.4.0 GA. The change is that the old firewall session is marked dirty and re-validated after the active server is re-activated. All the existing sessions pointing to the standby server will be moved over to the original active server after re-validation. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.