Method 2: Multiple port number groups
Multiple port group affinity does not rely on source IP address for affinity. Instead the FortiADC is configured to route the secondary Horizon protocols based on unique port numbers assigned to each CS appliance. The primary Horizon protocol on HTTPS port 443 is load balanced to allocate the session to a specific CS appliance based on health check and load balance algorithms. The secondary connections would then be routed to the correct CS appliance based on the following FortiADC configuration table. In this method, you can select any Persistence as you need.
VIP:Port |
P/S |
Profile |
Name |
Real Servers |
---|---|---|---|---|
10.107.1.86:443 |
Primary |
LB_PROFILE_TCP |
HORIZON_VS |
10.107.10.80:443 10.107.10.81:443 |
10.107.1.86:10443 |
Secondary |
LB_PROFILE_TCP |
CS01_HTTPS |
10.107.10.80:443 |
10.107.1.86:10143 |
Secondary |
LB_PROFILE_TCP |
CS01_BLAST |
10.107.10.80:8443 |
10.107.1.86:10143 |
Secondary |
LB_PROFILE_UDP |
CS01_BLAST_UDP |
10.107.10.80:8443 |
10.107.1.86:10172 |
Secondary |
LB_PROFILE_TCP |
CS01_PCOIP |
10.107.10.80:4172 |
10.107.1.86:10172 |
Secondary |
LB_PROFILE_UDP |
CS01_PCOIP_UDP |
10.107.10.80:4172 |
10.107.1.86:11443 |
Secondary |
LB_PROFILE_TCP |
CS02_HTTPS |
10.107.10.81:443 |
10.107.1.86:10243 |
Secondary |
LB_PROFILE_TCP |
CS02_BLAST |
10.107.10.81:8443 |
10.107.1.86:10243 |
Secondary |
LB_PROFILE_UDP |
CS02_BLAST_UDP |
10.107.10.81:8443 |
10.107.1.86:10272 |
Secondary |
LB_PROFILE_TCP |
CS02_PCOIP |
10.107.10.81:4172 |
10.107.1.86:10272 |
Secondary |
LB_PROFILE_UDP |
CS02_PCOIP_UDP |
10.107.10.81:4172 |
CS Configuration for External URLs for this configuration would be as shown in this table.
CS Appliance |
Configuration Item |
Value |
---|---|---|
CS01 |
tunnelExternalURL |
https://cs.fortihorizon.com:10443 |
blastExternalURL |
https://cs.fortihorizon.com:10143 |
|
pcoipExternalURL |
10.107.1.86:10172 |
|
CS02 |
tunnelExternalURL |
https://cs.fortihorizon.com:11443 |
blastExternalURL |
https://cs.fortihorizon.com:10243 |
|
pcoipExternalURL |
10.107.1.86:10272 |
config load-balance virtual-server
edit "CS01_HTTPS"
set interface port5
set ip 10.107.1.86
set port 10443
set load-balance-profile LB_PROF_TCP
set load-balance-method LB_METHOD_ROUND_ROBIN
set load-balance-pool CS1_443
set traffic-group default
next
end
config load-balance virtual-server
edit "CS01_BLAST_UDP"
set interface port5
set ip 10.107.1.86
set port 10143
set load-balance-profile LB_PROF_UDP
set load-balance-persistence LB_PERSIS_SRC_ADDR
set load-balance-method LB_METHOD_ROUND_ROBIN
set load-balance-pool CS1_8443
set traffic-group default
next
end
config load-balance virtual-server
edit "CS01_PCOIP"
set interface port5
set ip 10.107.1.86
set port 10172
set load-balance-profile LB_PROF_TCP
set load-balance-persistence LB_PERSIS_SRC_ADDR
set load-balance-method LB_METHOD_ROUND_ROBIN
set load-balance-pool CS1_4172
set traffic-group default
next
end
config load-balance virtual-server
edit "CS01_PCOIP_UDP"
set interface port5
set ip 10.107.1.86
set port 10172
set load-balance-profile LB_PROF_UDP
set load-balance-persistence LB_PERSIS_SRC_ADDR
set load-balance-method LB_METHOD_ROUND_ROBIN
set load-balance-pool CS1_4172
set traffic-group default
next
end
config load-balance virtual-server
edit "CS01_BLAST"
set interface port5
set ip 10.107.1.86
set port 10143
set load-balance-profile LB_PROF_TCP
set load-balance-method LB_METHOD_ROUND_ROBIN
set load-balance-pool CS1_8443
set traffic-group default
next
end