Fortinet Document Library

Version:

Version:


Table of Contents

Handbook

Download PDF
Copy Link

Create a traffic group

A traffic group is a set of VRIDs. Each VRID keeps talking with its peers using 'hello' packets via its heartbeat interface so that each VRID can be aware of its peers (master or slave) operating state and perform a VRRP fail-over in case the master node fails. The different VRIDs have no relationship with each other.

In Traffic group, both VRID1 and VRID2 use Device1 as the master. When Port2 on Device1 fails, all traffic between the client and the server can't pass through the device

Traffic group

To solve this problem, you can create a traffic group and add both VRID1 and VRID2 as its members, and set the rule that the whole traffic group to fail over to the success device when either VRID fails. In this case, if Device1’s Port2 fails, the whole traffic group will fail over to Device2.

Using the VRID concept, FortiADC allows you to add objects with floating IP address, such as interface, virtual server, IP pool, and SNA T pool, etc. to a traffic-group. With this configuration, it will trigger the whole traffic group to switch over when a resource fails.

Normally, the number of traffic groups should be same as the number of devices in an HA group for HA active-active configurations. FortiADC comes with a predefined traffic group named ‘default’. You can use this default traffic group if you only need an HA active-passive deployment. Otherwise, you must configure your own traffic groups before making HA active-active configurations, using the instructions discussed in the following paragraphs.

Create a traffic group via the command line interface

Use the following commands to create a new traffic group:

config system traffic-group

edit traffic-group-1

set preempt enable

set network-failover enable

set failover-order 1 3 5

next

end

Note: The failover sequence must be configured according to the order of node IDs. This means that if a node is dead, the next node in queue will take over handling the traffic. If you want to decide when a node should retake the traffic over from power-down to start-up, you MUST enable the Preempt option.

Create a traffic group from the Web GUI

Use the following steps to configure a traffic group from FortiADC's web interface:

  1. Click System > Traffic Group.
  2. Click Create New to open the Traffic Group dialog.
  3. Make the desired entries or selections as described in Traffic-group parameters.
  4. Click Save when done.

Traffic-group parameters

Parameter Description
Traffic Group Name Specify a unique name for the traffic group.
Preempt Disabled by default. If enabled, the node will retake control of traffic from power-down to start-up.
Remote IP Monitor Disabled by default. When enabled, the system will actively monitor the remote beacon IP addresses to determine the available network path.
Failover Order Follow the hint onscreen to set the failover sequence among the ports.

Create a traffic group

A traffic group is a set of VRIDs. Each VRID keeps talking with its peers using 'hello' packets via its heartbeat interface so that each VRID can be aware of its peers (master or slave) operating state and perform a VRRP fail-over in case the master node fails. The different VRIDs have no relationship with each other.

In Traffic group, both VRID1 and VRID2 use Device1 as the master. When Port2 on Device1 fails, all traffic between the client and the server can't pass through the device

Traffic group

To solve this problem, you can create a traffic group and add both VRID1 and VRID2 as its members, and set the rule that the whole traffic group to fail over to the success device when either VRID fails. In this case, if Device1’s Port2 fails, the whole traffic group will fail over to Device2.

Using the VRID concept, FortiADC allows you to add objects with floating IP address, such as interface, virtual server, IP pool, and SNA T pool, etc. to a traffic-group. With this configuration, it will trigger the whole traffic group to switch over when a resource fails.

Normally, the number of traffic groups should be same as the number of devices in an HA group for HA active-active configurations. FortiADC comes with a predefined traffic group named ‘default’. You can use this default traffic group if you only need an HA active-passive deployment. Otherwise, you must configure your own traffic groups before making HA active-active configurations, using the instructions discussed in the following paragraphs.

Create a traffic group via the command line interface

Use the following commands to create a new traffic group:

config system traffic-group

edit traffic-group-1

set preempt enable

set network-failover enable

set failover-order 1 3 5

next

end

Note: The failover sequence must be configured according to the order of node IDs. This means that if a node is dead, the next node in queue will take over handling the traffic. If you want to decide when a node should retake the traffic over from power-down to start-up, you MUST enable the Preempt option.

Create a traffic group from the Web GUI

Use the following steps to configure a traffic group from FortiADC's web interface:

  1. Click System > Traffic Group.
  2. Click Create New to open the Traffic Group dialog.
  3. Make the desired entries or selections as described in Traffic-group parameters.
  4. Click Save when done.

Traffic-group parameters

Parameter Description
Traffic Group Name Specify a unique name for the traffic group.
Preempt Disabled by default. If enabled, the node will retake control of traffic from power-down to start-up.
Remote IP Monitor Disabled by default. When enabled, the system will actively monitor the remote beacon IP addresses to determine the available network path.
Failover Order Follow the hint onscreen to set the failover sequence among the ports.