Description
The article explains the best practices for Interface monitoring (port monitoring) in FGCP high availability.
Solution
Fortinet suggests the following practices related to interface monitoring (also called port monitoring):
- Wait until a cluster is up and running and all interfaces are connected before enabling interface monitoring.
A monitored interface can easily become disconnected during initial setup and cause failovers to occur before the cluster is fully configured and tested.
- Monitor interfaces connected to networks that process high priority traffic so that the cluster maintains connections to these networks if a failure occurs.
- Avoid configuring interface monitoring for all interfaces.
- Supplement interface monitoring with remote link failover.
Configure remote link failover to maintain packet flow if a link not directly connected to a cluster unit (for example, between a switch connected to a cluster interface and the network) fails.
