Use this command to configure source address affinity and a timeout for GSLB persistence. You enable persistence per host in the GSLB host configuration.

If the DNS query is for a host that has persistence enabled, the DNS server replies with an answer that has the virtual server IP addresses listed in the order determined by the GSLB proximity algorithms, and the client source IP address (for example is recorded in the persistence table. If source address affinity is set to 24 bits, subsequent queries for the host from the network are sent an answer with the virtual servers listed in the same order (unless a server becomes unavailable and is therefore omitted from the answer).

Persistence is required for applications that include transactions across multiple hosts, so the persistence table is also used for queries for other hosts with the same domain. For example, a transaction on a banking application might include connections to and To support persistence in these cases, the GSLB persistence lookup accounts for domain as well. The first query for creates a mapping for the source address network and the domain When the DNS server receives subsequent requests, it consults the persistence table for a source network match, then a domain match and a hostname match. In this example, as long as you have created host configurations for both and, and persistence is enabled for each, the persistence table can be used to ensure the DNS answers to queries from the same network list the resource records in the same order.

Before you begin:

  • You must have read-write permission for global load balancing settings.


config global-load-balance setting

set persistence-mask-length <integer>

set persistence-mask-length6 <integer>

set persistence-timeout <integer>



Number of IPv4 netmask bits that define network affinity for the persistence table. The default is 24.


Number of IPv6 netmask bits that define network affinity for the persistence table. The default is 64.


This setting specifies the length of time in seconds for which the entry is maintained in the persistence table. The default is 86400. The valid range is 60-2,592,000 seconds.


FortiADC-docs # config global-load-balance setting

FortiADC-docs (setting) # get

password : *

proximity-detect-protocol : icmp

proximity-detect-retry-count : 3

proximity-cache-mask-length : 24

proximity-cache-mask-length6 : 64

proximity-detect-interval : 3

proximity-cache-aging-period : 86400

persistence-mask-length : 24

persistence-mask-length6 : 64

persistence-timeout : 60

FortiADC-docs (setting) # set persistence-mask-length 24

FortiADC-docs (setting) # set persistence-mask-length6 64

FortiADC-docs (setting) # set persistence-timeout 60

FortiADC-docs (setting) # end