Fortinet black logo

Handbook

High availability

High availability

We recommend that you deploy high availability (HA). Keep these points in mind when setting up a cluster:

  • Isolate HA interface connections from your overall network.
  • Heartbeat and synchronization packets contain sensitive configuration information and can consume considerable network bandwidth. For best results, directly connect the two HA interfaces using a crossover cable. If your system uses switches instead of crossover cables to connect the HA heartbeat interfaces, those interfaces must be reachable by Layer 2 multicast.

  • When configuring an HA pair, pay close attention to the options ARP Packet Numbers and ARP Packet Interval.
  • The FortiADC appliance broadcasts ARP packets to the network to ensure timely failover. Delayed broadcast intervals can slow performance. Set the value of ARP Packet Numbers no higher than needed.

    When the FortiADC appliance broadcasts ARP packets, it does so at regular intervals. For performance reasons, set the value for ARP Packet Interval no greater than required.

    Some experimentation might be needed to set these options at their optimum value.

We recommend that you configure an SNMP community and enable the HA heartbeat failed option to generate a message if the HA heartbeat fails.

High availability

High availability

We recommend that you deploy high availability (HA). Keep these points in mind when setting up a cluster:

  • Isolate HA interface connections from your overall network.
  • Heartbeat and synchronization packets contain sensitive configuration information and can consume considerable network bandwidth. For best results, directly connect the two HA interfaces using a crossover cable. If your system uses switches instead of crossover cables to connect the HA heartbeat interfaces, those interfaces must be reachable by Layer 2 multicast.

  • When configuring an HA pair, pay close attention to the options ARP Packet Numbers and ARP Packet Interval.
  • The FortiADC appliance broadcasts ARP packets to the network to ensure timely failover. Delayed broadcast intervals can slow performance. Set the value of ARP Packet Numbers no higher than needed.

    When the FortiADC appliance broadcasts ARP packets, it does so at regular intervals. For performance reasons, set the value for ARP Packet Interval no greater than required.

    Some experimentation might be needed to set these options at their optimum value.

We recommend that you configure an SNMP community and enable the HA heartbeat failed option to generate a message if the HA heartbeat fails.