SIP and HA–session failover and geographic redundancy

FortiGate active-passive high availability (HA) supports SIP UDP session failover (also called stateful failover) if the SIP sessions are processed by the SIP ALG. To support SIP UDP session failover, create a standard HA configuration and select the enable Session Pick-up option.

SIP session failover replicates SIP states to all cluster units. If an HA failover occurs, all in-progress SIP UDP calls (setup complete) and their RTP flows are maintained and the calls continue after the failover with minimal or no interruption.

SIP calls being set up at the time of a failover may lose signaling messages. In most cases the SIP clients and servers should use message retransmission to complete the call setup after the failover has completed. As a result, SIP users may experience a delay if their calls are being set up when an HA failover occurs. But in most cases the call setup should be able to continue after the failover.

SIP HA session failover

In some cases, failover during call tear down can result in hanging RTP connections that can accumulate over time and use up system memory. If this becomes a problem, you can set a time for the call-keepalive SIP VoIP profile setting. This setting causes the FortiGate to terminate calls with no activity after the time limit has exceeded. Range is 1 to 10,080 seconds. This options should be used with caution because it results in extra FortiGate CPU overhead and can cause delay and jitter for the VoIP call. Also, the FortiGate terminates the call without sending SIP messages to end the call. And if the SIP endpoints send SIP messages to terminate the call they will be blocked by the FortiGate if they are sent after the FortiGate terminates the call.