Fortinet black logo

FortiGate-7000 Handbook

Home FortiGate-7000 5.6.11 FortiGate-7000 Handbook

Setting the load balancing method

5.6.11
6.2.3
6.0.10
6.0.9
6.0.8
6.0.6
6.0.4
5.6.14
5.6.12
5.6.11
5.6.7
5.4.9
Copy Link
Copy Doc ID 9f4efde9-e60f-11e9-8977-00505692583a:945233
Download PDF

Setting the load balancing method

Sessions are load balanced or distributed based on the load balancing method set by the following command:

config load-balance setting

set dp-load-distribution-method {to-master | src-ip | dst-ip | src-dst-ip | src-ip-sport | dst-ip-dport | src-dst-ip-sport-dport}

end

Where:

to-master directs all session to the primary FPM. This method is for troubleshooting only and should not be used for normal operation. Directing all sessions to the primary FPM will have a negative impact on performance.

src-ip sessions are distributed across all FPMs according to their source IP address.

dst-ip sessions are statically distributed across all FPMs according to their destination IP address.

src-dst-ip sessions are distributed across all FPMs according to their source and destination IP addresses.

src-ip-sport sessions are distributed across all FPMs according to their source IP address and source port.

dst-ip-dport sessions are distributed across all FPMs according to their destination IP address and destination port.

src-dst-ip-sport-dport sessions are distributed across all FPMs according to their source and destination IP address, source port, and destination port. This is the default load balance algorithm and represents true session-aware load balancing. All session information is taken into account when deciding where to send new sessions and where to send additional packets that are part of an already established session.

The src-ip and dst-ip load balancing methods use layer 3 information (IP addresses) to identify and load balance sessions. All of the other load balancing methods (except for to-master) use both layer 3 and layer 4 information (IP addresses and port numbers) to identify a TCP and UDP session. The layer 3 and layer 4 load balancing methods only use layer 3 information for other types of traffic (SCTP, ICMP, and ESP). If GTP load balancing is enabled, Tunnel Endpoint Identifiers (TEIDs) are used to identify GTP sessions.

Previous
Next

Setting the load balancing method

Sessions are load balanced or distributed based on the load balancing method set by the following command:

config load-balance setting

set dp-load-distribution-method {to-master | src-ip | dst-ip | src-dst-ip | src-ip-sport | dst-ip-dport | src-dst-ip-sport-dport}

end

Where:

to-master directs all session to the primary FPM. This method is for troubleshooting only and should not be used for normal operation. Directing all sessions to the primary FPM will have a negative impact on performance.

src-ip sessions are distributed across all FPMs according to their source IP address.

dst-ip sessions are statically distributed across all FPMs according to their destination IP address.

src-dst-ip sessions are distributed across all FPMs according to their source and destination IP addresses.

src-ip-sport sessions are distributed across all FPMs according to their source IP address and source port.

dst-ip-dport sessions are distributed across all FPMs according to their destination IP address and destination port.

src-dst-ip-sport-dport sessions are distributed across all FPMs according to their source and destination IP address, source port, and destination port. This is the default load balance algorithm and represents true session-aware load balancing. All session information is taken into account when deciding where to send new sessions and where to send additional packets that are part of an already established session.

The src-ip and dst-ip load balancing methods use layer 3 information (IP addresses) to identify and load balance sessions. All of the other load balancing methods (except for to-master) use both layer 3 and layer 4 information (IP addresses and port numbers) to identify a TCP and UDP session. The layer 3 and layer 4 load balancing methods only use layer 3 information for other types of traffic (SCTP, ICMP, and ESP). If GTP load balancing is enabled, Tunnel Endpoint Identifiers (TEIDs) are used to identify GTP sessions.

Previous
Next