Improving fault tolerance
To enhance availability, set up two FortiADC appliances to act as an active-passive high availability (HA) pair. If your main FortiADC appliance fails, the standby FortiADC appliance can continue processing web traffic with only a minor interruption. For details, see
“Configuring a high availability (HA) FortiADC cluster”.
Keep these points in mind when setting up an HA pair:
• Isolate HA interface connections from your overall network.
Heartbeat and synchronization packets contain sensitive configuration information and can consume considerable network bandwidth. For best results, directly connect the two HA interfaces using a crossover cable. If your system uses switches instead of crossover cables to connect the HA heartbeat interfaces, those interfaces must be reachable by Layer 2 multicast.
The FortiADC appliance broadcasts ARP packets to the network to ensure timely failover. Delayed broadcast intervals can slow performance. Set the value of
ARP Packet Numbers no higher than needed.
When the FortiADC appliance broadcasts ARP packets, it does so at regular intervals. For performance reasons, set the value for
ARP Packet Interval no greater than required.
Some experimentation may be needed to set these options at their optimum value. See
“Configuring a high availability (HA) FortiADC cluster”.
Alerting the SNMP manager when HA switches the primary appliance
Use SNMP to generate a message if the HA heartbeat fails.
Configure an SNMP community and enable the
HA heartbeat failed option. For details, see
“Configuring an SNMP community”.
