Link failover (port monitoring or interface monitoring)
Link failover means that if a monitored interface fails, the FortiGate-7000F cluster reorganizes to reestablish a link to the network that the monitored interface was connected to and to continue operating with minimal or no disruption of network traffic.
You configure monitored interfaces (also called interface monitoring or port monitoring) by selecting FIM or FPM front panel interfaces to monitor as part of the HA configuration. You can monitor mgmt interfaces and data interfaces.
You can monitor up to 64 interfaces. The FGCP synchronizes the interface monitoring configurations to both FortiGate-7000Fs in the cluster.
The interfaces that you can monitor appear on the HA GUI page Monitor Interfaces list. You can monitor any mgmt interfaces and data interfaces including redundant interfaces and 802.3ad aggregate interfaces.
You cannot monitor the following types of interfaces (you cannot select these types of interfaces on the Monitor Interfaces list):
- VLAN subinterfaces.
- IPsec VPN interfaces.
- Individual physical interfaces that have been added to a redundant or 802.3ad aggregate interface.
- M1 to M4 interfaces.
You should only monitor interfaces that are connected to networks, because a failover may occur if you monitor an unconnected interface. For this reason, you should also wait until your FortiGate-7000F HA setup has been configured and connected and is operating as expected before enabling interface monitoring. |
To enable interface monitoring
From the GUI, go to System > HA and add interfaces to the Monitor Interfaces list.
From the CLI, enter the following command to monitor the 1-P10 and 2-P12 interfaces:
config system ha
set monitor 1-P10 2-P12
end
With interface monitoring enabled, during FortiGate-7000F cluster operation, the cluster monitors each FIM and FPM in the cluster to determine if the monitored interfaces are operating and connected. Each FIM and FPM can detect a failure of its network interface hardware.
FIMs and FPMs cannot determine if the switches that their interfaces are connected to are still connected to networks. However, you can use remote IP monitoring to make sure that the cluster unit can connect to downstream network devices. See Remote link failover. |
If a monitored interface on the primary FortiGate-7000F fails
Because the primary FortiGate-7000F receives all traffic processed by the cluster, a FortiGate-7000F cluster can only process traffic from a network if the primary FortiGate-7000F can connect to it. So, if the link between a network and the primary FortiGate-7000F fails, to maintain communication with this network, the cluster must set the FortiGate-7000F that is still connected to this network to become the primary FortiGate-7000F. Unless another link failure has occurred, the new primary FortiGate-7000F will have an active link to the network and will be able to maintain communication with it.
To support link failover, the FortiGate-7000Fs store link state information for all monitored interfaces in a link state database. If one of the monitored interfaces on one of the FortiGate-7000Fs becomes disconnected or fails, this information is immediately shared with the other FortiGate-7000F in the cluster.
If a monitored interface on the primary FortiGate-7000F fails, the cluster renegotiates to select the primary FortiGate-7000F using the process described in Primary FortiGate-7000F selection. Because the FortiGate-7000F with the failed monitored interface has the lowest monitor priority, the other FortiGate-7000F becomes the primary FortiGate-7000F. The new primary FortiGate-7000F should have fewer link failures.
If a monitored interface on the secondary FortiGate-7000F fails
If a monitored interface on a the secondary FortiGate-7000F fails, this information is shared with the primary FortiGate-7000F. The cluster does not renegotiate. The secondary FortiGate-7000F with the failed monitored interface continues to function in the cluster.