Filter
Top Products
Fortinet 106 FortiWeb 5.0 Patch 6 Administration Guide
9. To monitor the HA cluster for failover, you can use SNMP (see “Configuring an SNMP
community” on page 581), log messages, and alert email (see “Configuring logging” on
page 545).
If failover time is too long, adjust the following:
Setting name Description
ARP Packet
Numbers
Type the number of times that the FortiWeb appliance will broadcast
extra address resolution protocol (ARP) packets when it takes on the
main role. (Even though a new NIC has not actually been connected
to the network, FortiWeb does this to notify the network that a new
physical port has become associated with the IP address and virtual
MAC of the HA pair.) This is sometimes called “using gratuitous ARP
packets to train the network,” and can occur when the main
appliance is starting up, or during a failover. Also configure ARP
Packet Interval.
Normally, you do not need to change this setting. Exceptions include:
• Increase the number of times the main appliance sends gratuitous
ARP packets if your HA pair takes a long time to fail over or to train
the network. Sending more gratuitous ARP packets may help the
failover to happen faster.
• Decrease the number of times the main appliance sends
gratuitous ARP packets if your HA pair has a large number of
VLAN interfaces and virtual domains. Because gratuitous ARP
packets are broadcast, sending them may generate a large
amount of network traffic. As long as the HA pair still fails over
successfully, you could reduce the number of times gratuitous
ARP packets are sent to reduce the amount of traffic produced by
a failover.
The valid range is 1 to 16.
ARP Packet
Interval
Type the number of seconds to wait between each broadcast of ARP
packets.
Normally, you do not need to change this setting. Exceptions include:
• Decrease the interval if your HA pair takes a long time to fail over
or to train the network. Sending ARP packets more frequently may
help the failover to happen faster.
• Increase the interval if your HA pair has a large number of VLAN
interfaces and virtual domains. Because gratuitous ARP packets
are broadcast, sending them may generate a large amount of
network traffic. As long as the HA pair still fails over successfully,
you could increase the interval between when gratuitous ARP
packets are sent to reduce the rate of traffic produced by a
failover.
The valid range is from 1 to 20.
If your HA link passes through switches and/or routers, and inadvertent failovers occur when
rebooting the HA pair, you can increase the maximum time to wait for a heartbeat signal after a
reboot by configuring boot-time <limit_int>. See the FortiWeb CLI Reference.