“This slide shows the different criteria that a cluster considers during the primary FortiGate election process. The criteria order evaluation depends on the HA override setting.”
For the default case shown in the guide:
“1. The cluster compares the number of monitored interfaces that have a status of up. The member with the most available monitored interfaces becomes the primary.
2. The cluster compares the HA uptime of each member...
3. The member with the highest priority becomes the primary.
4. The member with the highest serial number becomes the primary.”
For this question’s case:
“If the HA override setting is enabled, the priority is considered before the HA uptime .”
Technical Deep Dive:
Because override is enabled , the election order changes from the default sequence. The first criterion is still Connected monitored ports , because interface health is evaluated first. After that, Priority moves ahead of HA uptime . If those still do not decide the winner, FortiGate uses the serial number as the final tie-breaker. Therefore the correct order is:
1. Connected monitored ports
2. Priority
3. HA uptime
4. FortiGate serial number
This distinction matters in production. With set override enable, you are effectively making HA priority authoritative over uptime, so the preferred unit will reclaim the primary role when it comes back online. That is useful for deterministic primary selection, but it can also cause an additional failover event when the preferred chassis returns to service. The guide explicitly notes this tradeoff.
In practice, the relevant HA checks and verification commands are:
show system ha
get system ha status
diagnose sys ha status
These let you confirm override status, device priority, monitored interfaces, and recent election results. From a control-plane perspective, FGCP election logic is handled by FortiOS over heartbeat links, while data-plane forwarding after election continues using the cluster’s virtual MAC behavior and synchronized HA state.
