System Config
HA
FortiGate-5000 series Administration Guide
01-28008-0013-20050204
95
Override Master
Configure a cluster unit to always override the current primary unit and become the
primary unit. Enable override master for the cluster unit that you have given the
highest unit priority. Enabling override master means that this cluster unit always
becomes the primary unit.
In a typical FortiGate cluster configuration, the primary unit is selected automatically.
In some situations, you might want to control which unit becomes the primary unit.
You can configure a FortiGate unit as the permanent primary unit by setting a high
unit priority and by selecting override master. With this configuration, the same cluster
unit always becomes the primary unit.
If override master is enabled and the primary unit fails, another cluster unit becomes
the primary unit. When the cluster unit with override master enabled rejoins the cluster
it overrides the current primary unit and becomes the new primary unit. When this
override occurs, all communication sessions through the cluster are lost and must be
re-established.
Override master is not synchronized to all cluster units.
In a functioning cluster, if you select override master for a cluster unit the cluster re-
negotiates and may select a new primary cluster unit.
Password
Enter a password for the HA cluster. The password must be the same for all cluster
units. The maximum password length is 15 characters.
If you have more than one FortiGate HA cluster on the same network, each cluster
must have a different password.
Schedule
If you are configuring an active-active cluster, select a load balancing schedule.
None
No load balancing. Select None when the cluster interfaces are connected
to load balancing switches.
Hub
Load balancing if the cluster interfaces are connected to a hub. Traffic is
distributed to cluster units based on the Source IP and Destination IP of
each packet processed by the cluster.
Least-
Connection
Least connection load balancing. If the cluster units are connected using
switches, select Least Connection to distribute network traffic to the cluster
unit currently processing the fewest connections.
Round-Robin
Round robin load balancing. If the cluster units are connected using
switches, select Round-Robin to distribute network traffic to the next
available cluster unit.
Weighted
Round-Robin
Weighted round robin load balancing. Similar to round robin, but weighted
values are assigned to each of the units in a cluster based on their capacity
and on how many connections they are currently processing. For example,
the primary unit should have a lower weighted value because it handles
scheduling and forwards traffic. Weighted round robin distributes traffic
more evenly because units that are not processing traffic will be more likely
to receive new connections than units that are very busy. To configure
weighted round robin weights, see
“To configure weighted-round-robin
weights” on page 101
.
Random
Random load balancing. If the cluster units are connected using switches,
select Random to randomly distribute traffic to cluster units.
Summary of Contents for FortiGate FortiGate-5020
Page 86: ...86 01 28008 0013 20050204 Fortinet Inc Dynamic IP System DHCP ...
Page 118: ...118 01 28008 0013 20050204 Fortinet Inc FortiManager System Config ...
Page 254: ...254 01 28008 0013 20050204 Fortinet Inc CLI configuration User ...
Page 318: ...318 01 28008 0013 20050204 Fortinet Inc CLI configuration Antivirus ...
Page 350: ...350 01 28008 0013 20050204 Fortinet Inc Using Perl regular expressions Spam filter ...
Page 370: ...370 01 28008 0013 20050204 Fortinet Inc CLI configuration Log Report ...
Page 382: ...382 01 28008 0013 20050204 Fortinet Inc Glossary ...
Page 402: ...402 01 28008 0013 20050204 Fortinet Inc Index ...