Fortinet white logo
Fortinet white logo

FortiGate-7000E Handbook

Distributed clustering

Distributed clustering

FortiGate-7000E HA supports separating the FortiGate-7000Es in an HA cluster to different physical locations. Distributed FortiGate-7000E HA clustering (or geographically distributed FortiGate-7000E HA or geo clustering) can involve two FortiGate-7000Es in different rooms in the same building, different buildings in the same location, or even different geographical sites such as different cities, countries or continents.

Just like any FortiGate-7000E HA configuration, distributed FortiGate-7000E HA requires heartbeat communication between the FortiGate-7000Es over the M1 and M2 interfaces. In a distributed FortiGate-7000E HA configuration this heartbeat communication can take place over the Internet or over other transmission methods including satellite linkups.

Most Data Center Interconnect (DCI) or MPLS-based solutions that support layer 2 extensions and VLAN tags between the remote data centers should also support HA heartbeat communication between the FortiGates in the distributed locations. Using VLANs and switches in promiscuous mode to pass all traffic between the locations can also be helpful.

You cannot change HA heartbeat IP addresses, so the heartbeat interfaces have to be able to communication over the same subnet.

The M1 and M2 interface traffic must be separated. You can do this by using separate channels for each interface or by configuring the M1 and M2 interfaces to use different VLANs.

Example FortiGate-7000E distributed clustering configuration

Because of the possible distance between sites, it may take a relatively long time for heartbeat packets to be transmitted between the FortiGate-7000Es. This could lead to a split brain scenario. To avoid a split brain scenario you can modify heartbeat timing so that the cluster expects extra time between heartbeat packets. As a general rule, set the heartbeat failover time (hb-interval) to be longer than the max latency or round trip time (RTT). You could also increase the hb-lost-threshold to tolerate losing heartbeat packets if the network connection is less reliable.

In addition you could use different link paths for heartbeat packets to optimize HA heartbeat communication. You could also configure QoS on the links used for HA heartbeat traffic to make sure heartbeat communication has the highest priority.

For information about changing the heartbeat interval and other heartbeat timing related settings, see Modifying heartbeat timing.

Distributed clustering

Distributed clustering

FortiGate-7000E HA supports separating the FortiGate-7000Es in an HA cluster to different physical locations. Distributed FortiGate-7000E HA clustering (or geographically distributed FortiGate-7000E HA or geo clustering) can involve two FortiGate-7000Es in different rooms in the same building, different buildings in the same location, or even different geographical sites such as different cities, countries or continents.

Just like any FortiGate-7000E HA configuration, distributed FortiGate-7000E HA requires heartbeat communication between the FortiGate-7000Es over the M1 and M2 interfaces. In a distributed FortiGate-7000E HA configuration this heartbeat communication can take place over the Internet or over other transmission methods including satellite linkups.

Most Data Center Interconnect (DCI) or MPLS-based solutions that support layer 2 extensions and VLAN tags between the remote data centers should also support HA heartbeat communication between the FortiGates in the distributed locations. Using VLANs and switches in promiscuous mode to pass all traffic between the locations can also be helpful.

You cannot change HA heartbeat IP addresses, so the heartbeat interfaces have to be able to communication over the same subnet.

The M1 and M2 interface traffic must be separated. You can do this by using separate channels for each interface or by configuring the M1 and M2 interfaces to use different VLANs.

Example FortiGate-7000E distributed clustering configuration

Because of the possible distance between sites, it may take a relatively long time for heartbeat packets to be transmitted between the FortiGate-7000Es. This could lead to a split brain scenario. To avoid a split brain scenario you can modify heartbeat timing so that the cluster expects extra time between heartbeat packets. As a general rule, set the heartbeat failover time (hb-interval) to be longer than the max latency or round trip time (RTT). You could also increase the hb-lost-threshold to tolerate losing heartbeat packets if the network connection is less reliable.

In addition you could use different link paths for heartbeat packets to optimize HA heartbeat communication. You could also configure QoS on the links used for HA heartbeat traffic to make sure heartbeat communication has the highest priority.

For information about changing the heartbeat interval and other heartbeat timing related settings, see Modifying heartbeat timing.