Fortinet black logo

FortiGate-7000E Handbook

Home FortiGate-7000 7.0.14 FortiGate-7000E Handbook
7.0.14
7.0.15
7.0.14
7.0.13
7.0.12
7.0.10
7.0.5
6.4.15
6.4.14
6.4.13
6.4.12
6.4.10
6.4.8
6.4.6
6.4.2
6.2.16
6.2.16
6.2.15
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.7
6.2.6
6.2.4
6.0.18
6.0.17
6.0.16
6.0.15
6.0.14
6.0.13
6.0.12

Link failure

Link failure

If your HA configuration includes HA interface monitoring, if a primary FortiGate 7000E interface fails or is disconnected while a cluster is operating, a link failure occurs. When a link failure occurs, the FortiGate 7000Es in the cluster negotiate to select a new primary FortiGate 7000E. The link failure means that a that primary FortiGate 7000E with the most link failures will become the secondary and the FortiGate 7000E with the fewest link failures becomes the primary FortiGate 7000E.

Just as for a device failover, the new primary FortiGate 7000E sends gratuitous arp packets out all of its connected interfaces to inform attached switches to send traffic to it. Sessions then resume with the new primary FortiGate 7000E.

If the secondary FortiGate 7000E experiences a link failure, its status in the cluster does not change. However, in future negotiations a FortiGate 7000E with a link failure is less likely to become the primary FortiGate 7000E.

If one of the FortiGate 7000Es experiences an FIM or FPM failure and the other experiences a link failure, the FortiGate 7000E with the most operating FIMs or FPMs becomes the primary FortiGate 7000E, even if it is also experiencing a link failure.

Previous
Next

Link failure

If your HA configuration includes HA interface monitoring, if a primary FortiGate 7000E interface fails or is disconnected while a cluster is operating, a link failure occurs. When a link failure occurs, the FortiGate 7000Es in the cluster negotiate to select a new primary FortiGate 7000E. The link failure means that a that primary FortiGate 7000E with the most link failures will become the secondary and the FortiGate 7000E with the fewest link failures becomes the primary FortiGate 7000E.

Just as for a device failover, the new primary FortiGate 7000E sends gratuitous arp packets out all of its connected interfaces to inform attached switches to send traffic to it. Sessions then resume with the new primary FortiGate 7000E.

If the secondary FortiGate 7000E experiences a link failure, its status in the cluster does not change. However, in future negotiations a FortiGate 7000E with a link failure is less likely to become the primary FortiGate 7000E.

If one of the FortiGate 7000Es experiences an FIM or FPM failure and the other experiences a link failure, the FortiGate 7000E with the most operating FIMs or FPMs becomes the primary FortiGate 7000E, even if it is also experiencing a link failure.

Previous
Next