Link failure
If your HA configuration includes HA interface monitoring, if a primary FortiGate 7000F interface fails or is disconnected while a cluster is operating, a link failure occurs. When a link failure occurs, the FortiGate 7000Fs in the cluster negotiate to select a new primary FortiGate 7000F. The link failure means that a that primary FortiGate 7000F with the most link failures will become the secondary and the FortiGate 7000F with the fewest link failures becomes the primary FortiGate 7000F.
Just as for a device failover, the new primary FortiGate 7000F sends gratuitous arp packets out all of its connected interfaces to inform attached switches to send traffic to it. Sessions then resume with the new primary FortiGate 7000F.
If the secondary FortiGate 7000F experiences a link failure, its status in the cluster does not change. However, in future negotiations a FortiGate 7000F with a link failure is less likely to become the primary FortiGate 7000F.
If one of the FortiGate 7000Fs experiences an FIM or FPM failure and the other experiences a link failure, the FortiGate 7000F with the most operating FIMs or FPMs becomes the primary FortiGate 7000F, even if it is also experiencing a link failure.