Configuring virtual servers Firewall Load Balance
FortiGate Version 4.0 Administration Guide
390 01-400-89802-20090424
http://docs.fortinet.com/ • Feedback
Configuring virtual servers
Configure a virtual server’s external IP address and bind it to a FortiGate unit interface.
When you bind the virtual server’s external IP address to a FortiGate unit interface, by
default, the network interface responds to ARP requests for the bound IP address. Virtual
servers use proxy ARP, as defined in RFC 1027, so that the FortiGate unit can respond to
ARP requests on a network for a real server that is actually installed on another network.
To disable ARP replies, see the FortiGate CLI Reference.
To view the virtual server list, go to Firewall > Load Balance > Virtual Server.
Figure 240: Virtual server list
Create New Select to add virtual servers. For more information, see “To create a
virtual server” on page 391.
Name Name of the virtual server. This name is not the hostname for the
FortiGate unit.
Type The communication protocol used by the virtual server.
Comments Comments on the virtual server.
Virtual Server IP The IP address of the virtual server.
Virtual server Port The port number to which the virtual server communicates.
Load Balance Method Load balancing methods include:
• Static: The traffic load is spread evenly across all servers, no
additional server is required.
• Round Robin: Directs requests to the next server, and treats all
servers as equals regardless of response time or number of
connections. Dead servers or non responsive servers are avoided. A
separate server is required.
• Weighted: Servers with a higher weight value will receive a larger
percentage of connections. Set the server weight when adding a
server.
• First Alive: Always directs requests to the first alive real server.
• Least RTT: Directs requests to the server with the least round trip
time. The round trip time is determined by a Ping monitor and is
defaulted to 0 if no Ping monitors are defined.
• Least Session: Directs requests to the server that has the least
number of current connections. This method works best in
environments where the servers or other equipment you are load
balancing have similar capabilities.
Health Check The health check monitor selected for this virtual server. For more
information, see “Health Check” on page 392.
Persistence Persistence is the process of ensuring that a user is connected to the
same server every time they make a request within the boundaries of a
single session.
Depending on the type of protocol selected for the virtual server, the
following persistence options are available:
• None: No persistence option is selected.
• HTTP Cookie: Persistence time is equal to the cookie age. Cookie
ages are set in CLI under config firewall vip.
• SSL Session ID: Persistence time is equal to the SSL sessions. SSL
session states are set in CLI under config firewall vip.
To Next Page
Loading...