Created on 03-27-2008 12:00 AM
Description | HA remote IP monitoring (also called HA ping server) is similar to HA port monitoring. Port monitoring causes a cluster to failover if a monitored primary unit interface fails or is disconnected. Remote IP monitoring uses ping servers configured on FortiGate interfaces on the primary unit to test connectivity with one or more IP addresses of network devices. Usually these would be IP addresses of network devices not directly connected to the cluster. Remote IP monitoring can cause a failover if one or more of these remote IP addresses does not respond to a ping server. |
Components | FortiOS v3.0 MR6 |
Steps or Commands | By being able to detect failures in network equipment not connected directly to the cluster, remote IP monitoring can be useful in a number of ways depending on your network configuration. In the simplified example topology shown in Figure 1, the switch connected directly to the primary unit is operating normally but the link on the other side of the switch has failed. As a result of the failure, traffic can no longer connect between the primary unit and the Internet. To detect this failure you can create a remote IP monitoring configuration consisting of a ping server on port2 of the cluster. The primary unit tests connectivity to 192.168.20.20. If the ping server cannot connect to 192.268.20.20 the cluster to fails over and the subordinate unit becomes the new primary unit. The remote HA monitoring ping server on the new primary unit can connect to 192.168.20.20. As well, the new primary unit can connect to the Internet; so the failover maintains connectivity between the internal network and the Internet through the cluster. Figure 1: Example HA remote IP monitoring topology To configure remote IP monitoring
Note: If you add two IP addresses to the Ping server priority and the failover thresholdWhen one HA ping servers fails, its priority is compared with the failover threshold. If the priority is greater than or equal to the failover threshold, HA remote IP monitoring triggers an HA failover. If the priority is less than the failover threshold, a failover does not occur. If an HA remote IP monitoring configuration includes only one HA ping server, its priority should be the same as or higher than the failover threshold. When more than one ping server fails, the total of the priorities of the failed ping servers is compared with the failover threshold. An HA failover is triggered only if the total of the priorities is greater than or equal to the failover threshold. If you have configured two HA ping servers both with priorities of 10 and if the failover threshold is 20, an HA failover occurs only when both ping servers fail. If you have configured three ping servers all with priorities of 10 and if the failover threshold is 20, a failover occurs if any two ping servers fail. And so on. By adding multiple ping servers to the remote HA monitoring configuration and setting the HA priorities for each, you can fine tune remote IP monitoring. For example, if it is more important to maintain connections to some remote IP addresses you can set the HA priorities higher for these important IP addresses. And if it is less important to maintain connections to other remote IP addresses you can set the HA priorities lower for these. You can also adjust the failover threshold so that if the cluster cannot connect to one or two high priority IP addresses a failover occurs. But a failover will not occur if the cluster cannot connect to one or two low priority IP addresses. Flip timeoutThe HA remote IP monitoring configuration also involves setting a flip timeout. The flip timeout is required to reduce the frequency of failovers if, after a failover, HA remote IP monitoring on the new primary unit also causes a failover. This can happen if the new primary unit cannot connect to one or more of the monitored remote IP addresses. The result could be that until you fix the network problem that blocks connections to the remote IP addresses, the cluster will experience repeated failovers. You can control how often the failovers occur by setting the flip timeout. The flip timeout stops HA remote IP monitoring from causing a failover until the primary unit has been operating for the duration of the flip timeout. If you set the flip timeout to a relatively high number of minutes you can find and repair the network problem that prevented the cluster from connecting to the remote IP address without the cluster experiencing very many failovers. Even if it takes a while to detect the problem, repeated failovers at relatively long time intervals do not usually disrupt network traffic. Detecting HA remote IP monitoring failoversJust as with any HA failover, you can detect HA remote IP monitoring failovers by using SNMP to monitor for HA traps. You can also use alert email to receive notifications of HA status changes and monitor log messages for HA failover log messages. In addition, FortiGate units send the critical log message |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.