FortiMail HA: Connection Failure Recovery

Facebooktwittergoogle_plusredditpinterestlinkedinFacebooktwittergoogle_plusredditpinterestlinkedin

A more complex network configuration could include a number of network devices between the primary (P1) and secondary (S2) unit’s non-heartbeat network interfaces. In any configuration, remote service monitoring can only detect a communication failure. Remote service monitoring cannot determine where the failure occurred or the reason for the failure.

In this scenario, remote service monitoring has been configured to make sure that the secondary unit can connect to the primary unit. The On failure setting, located in the HA main configuration section, is set to “wait for recovery then restore slave role”.

For more information on the on failure settings, see “On failure” on page 299 of the FortiMail Administrator Guide.

For information about remote service monitoring, see “Configuring service-based failover” on page 305.

The failure occurs when power to the switch that connects the P1 and S2 port1 interfaces is disconnected. Remote service monitoring detects the failure of the network connection between the primary and secondary units. Because of the On failure setting, P1 changes its effective HA operating mode to failed. When the failure is corrected, P1 detects the correction because while operating in failed mode P1 has been attempting to connect to S2 using the port1 interface. When P1 can connect to S2, the effective HA operating mode of P1 changes to slave and the mail data on P1 will be synchronized to S2. S2 can now deliver this mail. The HA group continues to operate in this manner until an administrator resets the effective HA modes of operation of the FortiMail units.

Network Connection Failure

To recover from a network connection failure:

Reconnect the power to the switch.

Connect to the web-based manager of the primary unit and navigate to System > High Availability > Status.

Check for synchronization messages. Do not proceed to the next step until the primary unit has synchronized with the secondary unit.

Connect to the web-based manager of S2, go to System > High Availability > Status and select “click HERE to restore configured operating mode”.

Connect to the web-based manager of P1, go to System > High Availability > Status and select “click HERE to restore configured operating mode”.

P1 should return to operating as the primary unit and S2 should return to operating as the secondary unit.

  • Was this helpful?
  • Yes   No