How to set up an active-passive HA in FortiMail


FortiMail supports  two types of HA modes: active-passive HA pairs and config-only HA clusters. This recipe describes how to set up an active passive HA.

Before beginning these procedures, be sure to register all FortiMail units in the HA group on the FortiNet Technical Support website.

Configuring HA

To configure HA options

 1.  Navigate to System > High Availability > Configuration.

1-1 HA
Accessing HA options.

 2.  Select Master if the FortiMail unit is the primary unit in the active-passive group or Slave if the FortiMail unit is the secondary unit in the active-passive group from the Mode of operation dropdown menu.

 3.  Select wait for recovery then restore slave role from the On failure dropdown menu.

For more information on the other choices, see “Configuring the primary HA options”in the administrator guide.

 4.  Enter an HA password for the HA group in the Shared password You must use the same password for both the primary and secondary units.

 5.  Configure the Backup options.

Note: The backup options only appear if you’ve selected master or slave from the Mode of operation dropdown menu.
Note: Because the backup settings are not synchronized, to use this feature you must enable it on both the master and slave units.

Configuring the backup options.
Configuring the backup options.

 6.  Enter the HA base port value under Advanced options.

Enter the first of four TCP port numbers that will be used for:
– the heartbeat signal
– synchronization control
– data synchronization
– configuration synchronization

Note: For active-passive groups, in addition to configuring the heartbeat, you can configure service monitoring. For more details, see “Configuring service-based failover” in the administrator guide.

 7.  In the Heartbeat lost threshold textbox, enter the total span of time in seconds that the primary unit can be unresponsive before it triggers a failover and the secondary unit assumes the role of the primary unit.

Note: If the failure detection time is too short, the secondary unit may falsely detect a failure during periods of high load.
Caution: If the failure detection time is too long the primary unit could fail and a delay in detecting the failure could mean that email is delayed or lost. Decrease the failure detection time if email is delayed or lost because of an HA failover. 

 8.  Enable Remote services as heartbeat to use remote services monitoring as a secondary HA heartbeat.

 9.  Select Apply.

Configuring interface monitoring

Interface monitoring checks the local interfaces on the primary unit. If a malfunctioning interface is detected, a failover triggers.

To configure interface monitoring

 1.  Navigate to System > High Availability > Configuration.

 2.  Expand the Interface

 3.  Select the port/interface name to configure the interface. For more details, see “Configuring the network interfaces” in the administrator guide.

Note: The interface IP address must be different from, but on the same subnet as, the IP addresses of the other heartbeat network interfaces of other members in the HA group.

 4.  Select a row in the table and select Edit.

Accessing the interface section.
Accessing the interface section.

 5.  Select the Enable port monitor

 6.  Select your desired status from the Heartbeat status dropdown menu.

For detailed information on each selection, see “configuring interface monitoring” in the administrator guide.

 7.  Enter the IP address of the matching heartbeat network interface of the other member of the HA group. For example, if you are configuring the primary unit’s primary heartbeat network interface, enter the IP address of the secondary unit’s primary heartbeat network interface.

 8.  Enter the peer IPv6 address in the active-passive HA group.

 9.  Select whether and how to configure the IP addresses and netmasks of the FortiMail unit whose effective HA mode of operation is currently master.

For example, a primary unit might be configured to receive email traffic through port1 and receive heartbeat and synchronization traffic through port5 and port6. In that case, you would configure the primary unit to set the IP addresses or add virtual IP addresses for port1 of the secondary unit on failover in order to mimic that of the primary unit.

 10.  Enter the virtual IPv4 address for this interface.

 11.  Enter the virtual IPv6 address for this interface.

Configuring service monitoring

HA service monitoring settings are not synchronized and must be configured separately on each primary and secondary unit.

With remote service monitoring, the secondary unit confirms that it can connect to the primary unit over the network using SMTP service, POP service (POP3), and Web service (HTTP) connections. If you configure the HA pair in server mode, the IMAP service can also be checked.

To configure service monitoring

 1.  Navigate to System > High Availability > Configuration.

 2.  Select a row in the Service Monitor section select the Edit.

Editing the service monitor section.
Editing the service monitor section.

 3.  Select Enable.

 4.  Enter a name and the peer IP address.

 5.  Enter the port number of the peer SMTP service.

 6.  Enter the timeout period for one connection test.

 7.  Enter the frequency of the tests in the Interval

 8.  Enter the number of consecutively failed tests that are allowed before the primary unit is deemed unresponsive and failover occurs.