About high availability
FortiMail units can operate in one of two HA modes, active-passive or config-only.
Table 19: Comparison of HA modes
Active-passive HA | Config-only HA |
2 FortiMail units in the HA group | 2-25 FortiMail units in the HA group |
Typically deployed behind a switch | Typically deployed behind a load balancer |
Both configuration* and data synchronized | Only configuration* synchronized |
Only primary unit processes email | All units process email |
No data loss when hardware fails | Data loss when hardware fails |
Failover protection, but no increased processing capacity | Increased processing capacity, but no failover protection |
* For exceptions to synchronized configuration items, see
“Configuration settings that are not synchronized”.
Figure 13: Active-passive HA group operating in gateway mode
Figure 14: Config-only HA group operating in gateway mode
| If the config-only HA group is installed behind a load balancer, the load balancer stops sending email to failed FortiMail units. All sessions being processed by the failed FortiMail unit must be restarted and will be re-directed by the load balancer to other FortiMail units in the config-only HA group. |
You can mix different FortiMail models in the same HA group. However, all units in the HA group must have the same firmware version.
| When mixing FortiMail models, the HA group is limited by the capacity and configuration limits of the least powerful model. |
Communications between HA cluster members occur through the heartbeat and synchronization connection. For details, see
“About the heartbeat and synchronization”.
To configure FortiMail units operating in HA mode, you usually connect only to the primary unit (master). The primary unit’s configuration is almost entirely synchronized to secondary units (slave), so that changes made to the primary unit are propagated to the secondary units.
Exceptions to this rule include connecting to a secondary unit in order to view log messages recorded about the secondary unit itself on its own hard disk, and connecting to a secondary unit to configure settings that are not synchronized. For details, see
“Configuration settings that are not synchronized”.
| To use FortiGuard Antivirus or FortiGuard Antispam with HA, license all FortiMail units in the cluster. If you license only the primary unit in an active-passive HA group, after a failover, the secondary unit cannot connect to the FortiGuard Antispam service. For FortiMail units in a config-only HA group, only the licensed unit can use the subscription services. |
For instructions of how to enable and configure HA, see
“How to use HA”.
