FortiGate Session Life Support Protocol
FortiGate Session Life Support Protocol (FGSP) is used for traffic redundancy if a load balancer is already present in our network. Load balancing and session failover is done by the external balancer while two FortiGate units are integrated with it, to keep session synchronization (in a session table). TCP sessions (by default) and connectionless protocols like UDP and ICMP sessions (with an additional configuration) are able to failover from a unit to the other one with no data loss. Depending on the configuration of the balancer, all the network packets are sent to the primary unit and are directed to the secondary unit in case of a failure (like in the Active-Passive clusters) or the workload is balanced on both units (like in the Active-Active clusters). The configuration of the cluster units is not synchronized by default (this behavior can be modified). A basic schema of an FGSP cluster is shown as follows:
Note
The session synchronization link...
