Load Balancing & Fault Tolerance Inbound Load Balancing and Failover (Multihoming)
Relay Mode
For the case that a DNS server already exists in you network, Relay Mode is the way to combine the existing DNS
servers with Multihoming's inbound load balance and fault tolerance. With Relay Mode enabled, FortiWAN will forward
all the DNS requests it receives to the specified name servers, in stead of processing the requests directly. Answer of
the DNS request will be responded to FortiWAN from the name server. FortiWAN's Multihoming then reprocess the
answer with appropriate IP address according to the AAAA/A records and AAAA/A policies (load balancing algorithm).
The DNS answer that contains appropriate IP address will finally responded to client, so that the inbound access could
connect via the appropriate WAN link.
Enable Backup
FortiWAN Multihoming employs Backup mechanism to provide disaster recovery approach for network across various
regions. Under this mechanism, the same backup service is set up across different regions. Therefore, when master
site is down, backup site will immediately take over to resume the service.
To deploy Multihoming Backup between two FortiWAN units for one domain, at least one of the WAN links' localhost
IPv4 addresses of each FortiWAN unit must be registered with the parent domain (so that a DNS request for the
domain can be delivered to the two FortiWAN units). Check "Enable Backup" on the Slave FortiWAN Web UI and
specify the IPv4 addresses (which are registered with parent domain) of the Master FortiWAN in "Remote Master
Servers". Configurations for Multihoming Backup deployment is only necessary on the Slave unit, please do not check
"Enable Backup" on the Master unit.
Then the Slave unit will detect the state of the Master unit periodically with its built-in Dig tool. The detect packets will
be delivered to Master unit via the IP addresses specified on the Slave unit. When the Master's Multihoming works
properly, the Slave's Multihoming will get into non-active mode (Unit that is in non-active mode will not answer to any
DNS request); when the Master's Multihoming is down, the Slave will get into active mode and take over to resume
Multihoming. After takeover, the Slave will continuously detect Master's state. Once the Master recovers, the Slave
will return Multihoming service back to Master and get into non-active mode. This is how the Backup mechanism offers
disaster recovery function. DNS database synchronization is not provided for Multihoming Backup deployment, so that
DNS database can be maintained individually on the two units for local and remote-backup services. In case that
multiple IP addresses of FortiWAN are registered with parent domain (to avoid single WAN links failure), those IP
addresses should be configured into the "Server IPv4 Address" field on the Slave unit.
Configurations
Auto-routing is a trunking technology that provides load balancing and fault tolerance for all outbound requests, but it
does not apply to inbound requests. These are handled by a unique technology called SwiftDNS, a multihoming
service which includes load balancing and fault tolerance for inbound requests. The minimum requirements for
multihoming are networks must have multiple WAN links and registered domain names for publicly accessible servers.
Note that a DNS request from client is delivered to FortiWAN via a fixed WAN link, whose the IP address is registered
with parent domain. It would be better to have multiple IP addresses registered to avoid single WAN link failure.
When FortiWAN receives a DNS query, it replies with a public IP assigned to one of the WAN links based on the
settings of the answering policies. Therefore, subsequent requests to server will be sent to a public IP of the WAN link
based on FortiWAN’s previous response. The policies are based on weight for each WAN link and are definable.
Multihoming is also capable of automatically detecting the best links by “Optimum Route”, and if WAN link failure
occurs, the public IP assigned to that failed link will not be returned even though the servers are still reachable via
other links.
FortiWAN offers two options for Multihoming: Non Relay Mode and Relay Mode. The details of will be explained in this
section.
91 FortiWAN Handbook
Fortinet Technologies Inc.
To Next Page
Loading...
