Fortinet black logo

Administration Guide

High availability (HA) tuning

High availability (HA) tuning

  • Isolate HA interface connections from your overall network. Heartbeat and synchronization packets contain sensitive configuration information and can consume considerable network bandwidth. For an active-passive or a config-only HA group consisting of only two FortiMail units, directly connect the HA interfaces using a crossover cable. For a config-only HA group consisting of more than two FortiMail units, connect the HA interfaces to a switch and do not connect this switch to your overall network.
  • Use FortiMail active-passive HA to provide failover protection so that if your primary FortiMail unit fails, the backup FortiMail unit can continue processing email with only a minor interruption to your email traffic.
  • Use config-only HA if you want to create a mail server farm for a large organization. You can also install a FortiMail config-only HA group behind a load balancer. The load balancer can balance the mail processing load to all FortiMail units in the config-only HA group, improving mail processing capacity.
  • Maintain the HA heartbeat connection between HA members. If HA heartbeat communication is interrupted and no remote services are detected, HA synchronization is disrupted and, for active-passive HA groups, the backup unit will assume that the primary unit has failed and become the new primary unit.
  • License all FortiMail units in the HA group for the FortiGuard Antispam and FortiGuard Antivirus services. If you only license the primary unit in an active-passive HA group, after a failover the backup unit cannot connect to the FortiGuard Antispam service. Also, antivirus engine and antivirus definition versions are not synchronized between the primary and backup units.
  • Configure HA to synchronize the system mail directory and the user home directory so that no email messages in these directories are lost when a failover occurs.
  • Do not synchronize/back up the MTA spool directories. Because the content of the MTA spool directories is very dynamic, synchronizing MTA spool directories between FortiMail units may not be effective and may use a lot of bandwidth. In addition, it is usually not necessary because, if the former primary unit can restart, the MTA spool directories will synchronize after a failover. For details, see Using high availability (HA).
  • Store mail data on a NAS server while operating an HA group. For example, backing up your NAS server regularly can help prevent loss of FortiMail mail data. Also, if your FortiMail unit experiences a temporary failure you can still access the mail data on the NAS server.
  • If you are using a NAS server, disable mail data synchronization. If mail data synchronization is enabled for a FortiMail active-passive HA group that is using a NAS server for remote storage of mail data, both the primary and backup units store the mail data to the NAS server, resulting in duplicate traffic. Disable mail data synchronization to conserve system resources and network bandwidth.
  • Use SNMP, syslog, or email alerts to monitor a cluster for failover messages. These alert messages may aid in quick discovery and diagnosis of network problems. SNMP can be configured in System > Configuration > SNMP v1/v2c. Syslog output can be configured in Log and Report > Log Settings > Remote. Email alerts can be configured in Log and Report > Alert Email.
  • If you configure an HA virtual IP in active-passive mode, configure one IP address but both host names in your DNS records.

High availability (HA) tuning

  • Isolate HA interface connections from your overall network. Heartbeat and synchronization packets contain sensitive configuration information and can consume considerable network bandwidth. For an active-passive or a config-only HA group consisting of only two FortiMail units, directly connect the HA interfaces using a crossover cable. For a config-only HA group consisting of more than two FortiMail units, connect the HA interfaces to a switch and do not connect this switch to your overall network.
  • Use FortiMail active-passive HA to provide failover protection so that if your primary FortiMail unit fails, the backup FortiMail unit can continue processing email with only a minor interruption to your email traffic.
  • Use config-only HA if you want to create a mail server farm for a large organization. You can also install a FortiMail config-only HA group behind a load balancer. The load balancer can balance the mail processing load to all FortiMail units in the config-only HA group, improving mail processing capacity.
  • Maintain the HA heartbeat connection between HA members. If HA heartbeat communication is interrupted and no remote services are detected, HA synchronization is disrupted and, for active-passive HA groups, the backup unit will assume that the primary unit has failed and become the new primary unit.
  • License all FortiMail units in the HA group for the FortiGuard Antispam and FortiGuard Antivirus services. If you only license the primary unit in an active-passive HA group, after a failover the backup unit cannot connect to the FortiGuard Antispam service. Also, antivirus engine and antivirus definition versions are not synchronized between the primary and backup units.
  • Configure HA to synchronize the system mail directory and the user home directory so that no email messages in these directories are lost when a failover occurs.
  • Do not synchronize/back up the MTA spool directories. Because the content of the MTA spool directories is very dynamic, synchronizing MTA spool directories between FortiMail units may not be effective and may use a lot of bandwidth. In addition, it is usually not necessary because, if the former primary unit can restart, the MTA spool directories will synchronize after a failover. For details, see Using high availability (HA).
  • Store mail data on a NAS server while operating an HA group. For example, backing up your NAS server regularly can help prevent loss of FortiMail mail data. Also, if your FortiMail unit experiences a temporary failure you can still access the mail data on the NAS server.
  • If you are using a NAS server, disable mail data synchronization. If mail data synchronization is enabled for a FortiMail active-passive HA group that is using a NAS server for remote storage of mail data, both the primary and backup units store the mail data to the NAS server, resulting in duplicate traffic. Disable mail data synchronization to conserve system resources and network bandwidth.
  • Use SNMP, syslog, or email alerts to monitor a cluster for failover messages. These alert messages may aid in quick discovery and diagnosis of network problems. SNMP can be configured in System > Configuration > SNMP v1/v2c. Syslog output can be configured in Log and Report > Log Settings > Remote. Email alerts can be configured in Log and Report > Alert Email.
  • If you configure an HA virtual IP in active-passive mode, configure one IP address but both host names in your DNS records.