Modify Ping Retry Count

The Secondary Server polls the status of the Primary Server every 30 seconds to determine whether the primary is still in control. If the secondary does not receive a response from a poll, it will re-attempt to communicate 5 additional times (every 30 seconds) by default. The Ping Retry Count defines the number of re-attempts FortiNAC makes after the first poll failure.

The Ping Retry Count can be modified to a higher or lower number. Setting the value lower will cause the Secondary Server to wait fewer ping retries before executing the failover process. Depending on where the failure occurs in the 30 second poll cycle, a failover minimum time is somewhere between 31 and 60 seconds when the Ping Retry Count = 1.

Important: Care should be taken when modifying this value. Setting the value too low can cause an unnecessary failover. Consider the following when determining how low to change the count:

• A brief interruption of communication (like a restart of network equipment for maintenance purposes) between the appliances

• Intermittent ping loss due to the bandwidth between appliances

• Rebooting the FortiNAC Primary Server

The Ping Retry Count should be high enough to allow for the above conditions to occur without triggering a failover. In order to determine if there is intermittent ping loss, a review of the Secondary Server output.processManager log for failed ping attempts should be done prior to the change.

Example:

**** Failed to talk to Primary **** PingRetryCnt = 1 pingRetries = 5

**** Failed to talk to Primary **** PingRetryCnt = 2 pingRetries = 5

Contact Support for assistance.

Procedure

1. Log in to the Secondary Server CLI and type

   execute enter-shell

   cd /bsc/campusMgr/bin/

2. Modify .networkConfig and add the following line:

   PingRetries=x

   Where "x" is the number of desired retries. The default value is 5.

   Example:

   NetworkApplicationServerPrimary=192.168.8.24

   yamsrc=/bsc/campusMgr/master_loader/.yamsrc

   PrimaryServer=192.168.8.23

   logFile=/bsc/logs/processManager/output.processManager

   NetworkApplicationServerSecondary=192.168.8.27

   NetworkControlServerSecondary=192.168.8.26

   Status=1

   Gateway=192.168.8.1

   NetworkControlManagerPrimary=

   Debug=true

   NetworkControlServerPrimary=192.168.8.23

   StandbyServer=192.168.8.26

   NetworkControlManagerSecondary=

   PingRetries=3

3. Save the file.

4. Restart management processes on the Secondary Server for the changes to take affect

   shutdownNAC –kill

5. Wait 30 seconds then type

   startupNAC

6. Test to verify failover occurs after x number of retries based upon the new value. See Failover Test.

   Example of entries printed in output.processManager log based upon new entry “PingRetries=3”:

   sendPacket() <Primary Server IP> verb Ping retval = null

   **** Failed to talk to Primary **** PingRetryCnt = 1 pingRetries = 5

   **** Failed to talk to Primary **** PingRetryCnt = 2 pingRetries = 5

   **** Failed to talk to Primary **** PingRetryCnt = 3 pingRetries = 5

   **** Failed to talk to Primary **** PingRetryCnt exceeded!

7. Resume control of the Primary Server.

8. Reboot FortiNAC Primary Server and verify a failover does not occur.

9. Restart an infrastructure device within the path between the Primary and Secondary Server and verify a failover does not occur.

10. If a failover occurs as a result of either step 8 or 9, increase the PingRetries value in .networkConfig and retest.