Fortinet black logo

Alibaba Cloud Deployment Guide

Home FortiADC Public Cloud Alibaba Cloud Deployment Guide

Setting up the HAVIPs for L4 VS

Setting up the HAVIPs for L4 VS

To deploy HA with L4 VS, you will need to create two HAVIPs (high-availability virtual IP address) and associate one of the HAVIPs with an EIP (elastic IP address). An HAVIP is a private IP address that can be created and released as an independent resource. After an HAVIP is associated with an EIP, the HAVIP can use the EIP to provide services over the Internet.

You will need to create two HAVIPs:

  • An HAVIP with an EIP. The HAVIP’s public IP address will be the IP address that clients use to access your application.
  • An HAVIP without an EIP. This HAVIP will be the IP address that backend servers use to access FortiADC.
Before you begin:
  • You must already have an EIP. If you do not have an EIP, you can create an EIP in VPC > Access to Internet > Elastic IP Address.
To create the first HAVIP and bind it to an EIP:
  1. Navigate to the VPC page and click HaVIp.
  2. On the HaVIp page, click Create HaVIp to display the configuration editor.
  3. Configure the following HAVIP settings:

    Setting

    Description

    Resource Group

    		Select the Resource Group you have created.

    Name

    		Enter a name for the HAVIP.

    VPC

    Select the VPC you have created previously.

    vSwitch

    Select the vSwitch you have created previously for the Internet Access.

    vSwitch CIDR Block

    		Displays the CIDR block of the vSwitch.

    Whether to automatically assign private IP addresses

    Select whether to automatically allocate a private IP address.

    • Yes — The system automatically allocates an idle private IP address from the vSwitch CIDR block.
    • No — Manually enter an idle private IP address from the vSwitch CIDR block.
  4. Click OK.
    Once the HAVIP is created, take note of the Internal IP address. The Internal IP address will be the virtual server IP of your L4 VS configuration.
  5. Select the newly created HAVIP and click Bind EIP Address.
  6. Click the name of the HAVIP and click Bind to bind the FortiADC-VM instances you have created with this HAVIP.
    Traffic destined for the HAVIP's public IP address will be forwarded to the primary FortiADC-VM.
Create the second HAVIP:
  1. Navigate to the VPC page and click HaVIp.
  2. On the HaVIp page, click Create HaVIp to display the configuration editor.
  3. Configure the following HAVIP settings:

    Setting

    Description

    Resource Group

    		Select the Resource Group you have created.

    Name

    		Enter a name for the HAVIP.

    VPC

    Select the VPC you have created previously.

    vSwitch

    Select the vSwitch you have created previously for the connection between FortiADC and the back-end server.

    vSwitch CIDR Block

    		Displays the CIDR block of the vSwitch.

    Whether to automatically assign private IP addresses

    Select whether to automatically allocate a private IP address.

    • Yes — The system automatically allocates an idle private IP address from the vSwitch CIDR block.
    • No — Manually enter an idle private IP address from the vSwitch CIDR block.
  4. Click OK.
    Once the HAVIP is created, take note of the Internal IP address. The Internal IP address will be the Full NAT IP pool of your L4 VS configuration.
  5. Click the name of the HAVIP and click Bind to bind the FortiADC-VM instances you have created with this HAVIP.
    Traffic destined for the HAVIP's public IP address will be forwarded to the primary FortiADC-VM.

After you have set up your FortiADC-VM instance and the required HAVIPs, the next step is to log into FortiADC through GUI or CLI to configure the HA cluster. For detailed steps, see Accessing the FortiADC GUI and CLI.

Previous
Next

Setting up the HAVIPs for L4 VS

To deploy HA with L4 VS, you will need to create two HAVIPs (high-availability virtual IP address) and associate one of the HAVIPs with an EIP (elastic IP address). An HAVIP is a private IP address that can be created and released as an independent resource. After an HAVIP is associated with an EIP, the HAVIP can use the EIP to provide services over the Internet.

You will need to create two HAVIPs:

  • An HAVIP with an EIP. The HAVIP’s public IP address will be the IP address that clients use to access your application.
  • An HAVIP without an EIP. This HAVIP will be the IP address that backend servers use to access FortiADC.
Before you begin:
  • You must already have an EIP. If you do not have an EIP, you can create an EIP in VPC > Access to Internet > Elastic IP Address.
To create the first HAVIP and bind it to an EIP:
  1. Navigate to the VPC page and click HaVIp.
  2. On the HaVIp page, click Create HaVIp to display the configuration editor.
  3. Configure the following HAVIP settings:

    Setting

    Description

    Resource Group

    		Select the Resource Group you have created.

    Name

    		Enter a name for the HAVIP.

    VPC

    Select the VPC you have created previously.

    vSwitch

    Select the vSwitch you have created previously for the Internet Access.

    vSwitch CIDR Block

    		Displays the CIDR block of the vSwitch.

    Whether to automatically assign private IP addresses

    Select whether to automatically allocate a private IP address.

    • Yes — The system automatically allocates an idle private IP address from the vSwitch CIDR block.
    • No — Manually enter an idle private IP address from the vSwitch CIDR block.
  4. Click OK.
    Once the HAVIP is created, take note of the Internal IP address. The Internal IP address will be the virtual server IP of your L4 VS configuration.
  5. Select the newly created HAVIP and click Bind EIP Address.
  6. Click the name of the HAVIP and click Bind to bind the FortiADC-VM instances you have created with this HAVIP.
    Traffic destined for the HAVIP's public IP address will be forwarded to the primary FortiADC-VM.
Create the second HAVIP:
  1. Navigate to the VPC page and click HaVIp.
  2. On the HaVIp page, click Create HaVIp to display the configuration editor.
  3. Configure the following HAVIP settings:

    Setting

    Description

    Resource Group

    		Select the Resource Group you have created.

    Name

    		Enter a name for the HAVIP.

    VPC

    Select the VPC you have created previously.

    vSwitch

    Select the vSwitch you have created previously for the connection between FortiADC and the back-end server.

    vSwitch CIDR Block

    		Displays the CIDR block of the vSwitch.

    Whether to automatically assign private IP addresses

    Select whether to automatically allocate a private IP address.

    • Yes — The system automatically allocates an idle private IP address from the vSwitch CIDR block.
    • No — Manually enter an idle private IP address from the vSwitch CIDR block.
  4. Click OK.
    Once the HAVIP is created, take note of the Internal IP address. The Internal IP address will be the Full NAT IP pool of your L4 VS configuration.
  5. Click the name of the HAVIP and click Bind to bind the FortiADC-VM instances you have created with this HAVIP.
    Traffic destined for the HAVIP's public IP address will be forwarded to the primary FortiADC-VM.

After you have set up your FortiADC-VM instance and the required HAVIPs, the next step is to log into FortiADC through GUI or CLI to configure the HA cluster. For detailed steps, see Accessing the FortiADC GUI and CLI.

Previous
Next