Virtual Server & Server Load Balancing Load Balancing & Fault Tolerance
FortiWAN has built in virtual server and is capable of supporting various virtual server mapping methods. For example,
different public IP addresses can be mapped to various real servers in LAN or DMZ. Or ports can be mapped to public
IP address on different servers.
Virtual server are configured by designating and adjusting virtual server rules. Each rule specifies a mapping condition.
It maps WAN IP address and a service (port or ports) to an internal server IP. The order of virtual server rules is like any
other rule tables in FortiWAN as it also uses the “first match scheme”, viz. the first rule of request matched is the rule
to take effect.
For example, a public IP address 211.21.48.196 and wants a web server on 192.168.123.16 to handle all the web
page requests coming to this public IP address. To do this, a virtual server rule must be created with 211.21.48.196 to
be its WAN IP, 192.168.123.16 to be its Server IP, and HTTP(80) to be its Service.
Virtual Server makes intranet (LAN) servers accessible for the internet (WAN). The private IP addresses assigned to
intranet servers will become invisible to the external environment, making services accessible for users outside the
network. Then FortiWAN is available to redirect these external requests to the servers in LAN or DMZ. Whenever an
external request arrives, FortiWAN will consult the Virtual Server table and redirect the packet to the corresponding
server in LAN or DMZ. The rules of Virtual Server tables are prioritized top down. If one rule is similar to another in the
table, only the higher ranked one will be applied, and the rest will be ignored. In addition, Virtual Server enables to
balance load on multiple servers, which is to distribute traffic over a group of servers (server cluster), making services
highly accessible.
FortiWAN provides mechanisms to record, notify and analysis on events refer to the Virtual Server service, see "Log",
"Statistics: Virtual Server Status" and "Report: Virtual Server".
IPv4 Virtual Server
E : Check the box to enable the rule
When :
Options: Busy hour, Idle hour, and All-Time (See "Busyhour Settings").
WAN IP : For external internet users, the virtual server is presented as a public IP (IPv4) on WAN port.
This WAN IP is the "visible" IP for the virtual server in external environment. Select a public IP,
and in "Routing Mode", either enter the IP manually or select the IP obtained from WAN link; In
"Bridge Mode One Static IP", insert WAN IP and the public IP assigned by ISP; Or choose
"dynamic IP at WAN#", if WAN type is none of the above.
Service : The type of TCP/UDP service to be matched. Select matching criteria from publicly known ser-
vice types, or choose port number from TCP/UDP packets. To specify a range of port numbers,
type starting port number plus hyphen “-“and ending port number, e.g. “TCP@123-234” (See
"Using the web UI").
Algorithm :
Algorithms for server load balancing (See "Load Balancing & Fault Tolerance")
l Round-Robin: routes connections to virtual server by weight.
l By Connection: compares the number of connections on each virtual server and routes
data based on specified connection ratio.
l By Response Time: compares the average response time on each virtual server and
routes data based on the lowest response time.
l Hash: routes connections to the virtual server by the hash algorithm
Keep Session : Check the box to keep session after a connection has been established. If the session is to be
stored, then enter a time period. Default value is 30s
FortiWAN Handbook
Fortinet Technologies Inc.
112
To Next Page
Loading...
