Version:

Version:

Version:

Version:

Version:


Table of Contents

FortiGate-7000E Handbook

Session failover

FortiGate-7000E session synchronization involves the primary FortiGate-7000E informing the secondary FortiGate-7000E of changes to the primary FortiGate-7000E connection and state tables, keeping the secondary FortiGate-7000E up-to-date with the traffic currently being processed by the cluster.

Session synchronization traffic uses the M1 and M2 interfaces. FortiGate-7000E does not support using the session-sync-dev option to use data interfaces for session synchronization. The M1 and M2 interfaces provide enough bandwidth for both HA heartbeat and session synchronization traffic, so additional session synchronization devices are not required. As well, keeping session synchronization traffic on the M1 and M2 interfaces separates session synchronization traffic from data traffic.

After an HA failover, because of session synchronization the new primary FortiGate-7000E recognizes open sessions that were being handled by the cluster. The sessions continue to be processed by the new primary FortiGate-7000E and are handled according to their last known state.

Session failover

FortiGate-7000E session synchronization involves the primary FortiGate-7000E informing the secondary FortiGate-7000E of changes to the primary FortiGate-7000E connection and state tables, keeping the secondary FortiGate-7000E up-to-date with the traffic currently being processed by the cluster.

Session synchronization traffic uses the M1 and M2 interfaces. FortiGate-7000E does not support using the session-sync-dev option to use data interfaces for session synchronization. The M1 and M2 interfaces provide enough bandwidth for both HA heartbeat and session synchronization traffic, so additional session synchronization devices are not required. As well, keeping session synchronization traffic on the M1 and M2 interfaces separates session synchronization traffic from data traffic.

After an HA failover, because of session synchronization the new primary FortiGate-7000E recognizes open sessions that were being handled by the cluster. The sessions continue to be processed by the new primary FortiGate-7000E and are handled according to their last known state.