Confirming that the FortiGate-7000E is synchronized
In addition to viewing configuration synchronization status from the Security Fabric dashboard widget, you can use the following command to confirm that the configurations of the FIMs and FPMs are synchronized:
diagnose sys confsync status
The command shows the HA and configuration synchronization (confsync) status of the FIMs and FPMs. For t each FIM and FPM, in_sync=1
means the component is synchronized and can operate normally. If any component is out of sync, the command output will include in_sync=0
. All components must be synchronized for the FortiGate-7000E to operate normally.
To confirm the configuration synchronization status of an HA cluster, see Confirming that the FortiGate-7000E HA cluster is synchronized . |
FIM confsync status
The diagnose sys confsync status
command output begins with the confsync status for each FPM. In the following example for a FortiGate-7040E, the output begins with the confsync status if the FPM in slot 3. The two lines that begin with serial numbers and end with in_sync=1
indicate that the FPM (serial number FPM20E3E17900511) is synchronized with the primary FIM (serial number
FIM01E3E17000165) and the primary FIM is synchronized with the FPM.
diagnose sys confsync status ... Slot: 3 Module SN: FPM20E3E17900511 ELBC: svcgrp_id=1, chassis=1, slot_id=3 ELBC HB devs: elbc-ctrl/1: active=1, hb_count=70932 elbc-ctrl/2: active=1, hb_count=70936 ELBC mgmt devs: elbc-b-chassis: mgmtip_set=1 zone: self_idx:2, master_idx:0, ha_master_idx:255, members:3 FPM20E3E17900511, Slave, uptime=70940.69, priority=19, slot_id=1:3, idx=2, flag=0x4, in_sync=0 FIM01E3E17000165, Master, uptime=70947.53, priority=1, slot_id=1:1, idx=0, flag=0x10, in_sync=1 elbc-b-chassis: state=3(connected), ip=169.254.2.15, last_hb_time=71158.62, hb_nr=338046 FIM04E3E16000102, Slave, uptime=70948.25, priority=2, slot_id=1:2, idx=1, flag=0x10, in_sync=0 elbc-b-chassis: state=3(connected), ip=169.254.2.16, last_hb_time=71158.62, hb_nr=338131
Primary FIM confsync status
The diagnose sys confsync status
command output ends with the confsync status of the primary FIM, which shows the configuration status between the primary FIM and the other FIM and FPMs:
Current slot: 1 Module SN: FIM01E3E17000165 ELBC: svcgrp_id=1, chassis=1, slot_id=1 ha zone: ha_master_sn:FIM01E3E17000165, ha_master_idx:1 Ha Member: FG74E43E17000073, mode=a-p, role=Master, slot_id=1:1, idx=1, in_sync=1 Ha Member: FG74E43E17000065, mode=a-p, role=Slave, slot_id=2:1, idx=0, in_sync=0 zone: self_idx:1, master_idx:1, ha_master_idx:1, members:4 ha_member:1 FIM01E3E17000165, Master, uptime=70947.53, priority=1, slot_id=1:1, idx=1, flag=0x10, in_sync=1 FIM04E3E16000102, Slave, uptime=70948.25, priority=2, slot_id=1:2, idx=2, flag=0x10, in_sync=0 elbc-b-chassis: state=3(connected), ip=169.254.2.16, last_hb_time=71057.67, hb_nr=338183 FPM20E3E17900506, Slave, uptime=70940.78, priority=20, slot_id=1:4, idx=3, flag=0x64, in_sync=0 elbc-b-chassis: state=3(connected), ip=169.254.2.4, last_hb_time=71057.78, hb_nr=338387 FPM20E3E17900511, Slave, uptime=70940.69, priority=19, slot_id=1:3, idx=4, flag=0x64, in_sync=0 elbc-b-chassis: state=3(connected), ip=169.254.2.3, last_hb_time=71057.62, hb_nr=338456