beautypg.com

System fail_close, Command syntax pattern – Fortinet Version 3.0 User Manual

Page 64

background image

FortiBridge Version 3.0 Administration Guide

64

09-30000-0163-20061109

system fail_close

config CLI commands

system fail_close

Use this command to configure the fail close feature.

Command syntax pattern

config system fail_close

set

end

config system fail_close

unset

end

get system fail_close

show system fail_close

Keywords and variables

Description

Default

status {disable |

fail_close |

fail_bypass

}

The fail_bypass option is only available on the
FBG-1000F.
When the FortiBridge detects an upstream or downstream
network disconnection (whether due to a cut/disconnected
cable, failure of the connected device, or failure of the
FortiBridge unit’s own interface), it will bring down its own
network interface after waiting the amount of time set for
the threshold variable. If the fail close status is set to
fail_close

and a switch connected to EXT1 fails, the

FortiBridge would bring down its own INT1. This way, the
device connected to INT1 will be able to determine there is
a problem Similarly, if a device connected to INT1 fails, the
FortiBridge would bring down its own EXT1.
When the problem is corrected, the FortiBridge will enable
its own network interface after waiting the amount of time
set for the threshold variable.
Some early FBG-1000 units will return an Not supported
by this hardware error when this command is invoked. This
is normal as hardware support for fail_close was only
added in later units.
When using a FBG-1000F, some fiber-connected
equipment doesn’t properly detect the status of a
FortiBridge interface brought down by the fail_close
option. To prevent this problem, use fail_bypass
instead. If a network problem is detected with
fail_bypass

set, the FortiBridge will switch to bypass

mode. This way, the network devices can detect the
problem directly through the FortiBridge. Note that
fail_bypass

causes the FortiBridge to remove itself

from the network when a problem is detected so manual
intervention is required to switch back to normal mode.

disable

threshold

Enter how long, in seconds, the FortiBridge will wait after
detecting a network problem before activating the fail close
feature. Except when fail_bypass is set, the FortiBridge
will wait the specified time before deactivating the fail close
feature when the problem is corrected.

3

See also other documents in the category Fortinet Hardware: