Fortinet black logo

FortiGate-7000 Handbook

Home FortiGate-7000 6.0.4 FortiGate-7000 Handbook
6.0.4
6.2.3
6.0.10
6.0.9
6.0.8
6.0.6
6.0.4
5.6.14
5.6.12
5.6.11
5.6.7
5.4.9

Load balancing and flow rules

Load balancing and flow rules

This chapter provides an overview of how FortiGate-7000 Session-Aware Load Balancing (SLBC) works and then breaks down the details and explains why you might want to change some load balancing settings.

Note

For information about IPsec load balancing, see FortiGate-7000 IPsec VPN.

FortiGate-7000 SLBC works as follows.

  1. SLBC attempts to match all incoming sessions with a configured flow rule (see Load balancing and flow rules). If a session matches a flow rule, the session is directed according to the action setting of the flow rule. Usually flow rules send traffic that can't be load balanced to a specific FPM.
  2. TCP, UDP, SCTP, ICMP (IPv4 only) and ESP (IPv4 only) sessions that do not match a flow rule are directed to the DP2 processors.
    The DP2 processors distribute sessions to the FPMs according to the load balancing method set by the dp-load-distribution-method option of the config load-balance setting command.
  3. All other sessions are sent to the primary (or master) FPM.
Previous
Next

Load balancing and flow rules

This chapter provides an overview of how FortiGate-7000 Session-Aware Load Balancing (SLBC) works and then breaks down the details and explains why you might want to change some load balancing settings.

Note

For information about IPsec load balancing, see FortiGate-7000 IPsec VPN.

FortiGate-7000 SLBC works as follows.

  1. SLBC attempts to match all incoming sessions with a configured flow rule (see Load balancing and flow rules). If a session matches a flow rule, the session is directed according to the action setting of the flow rule. Usually flow rules send traffic that can't be load balanced to a specific FPM.
  2. TCP, UDP, SCTP, ICMP (IPv4 only) and ESP (IPv4 only) sessions that do not match a flow rule are directed to the DP2 processors.
    The DP2 processors distribute sessions to the FPMs according to the load balancing method set by the dp-load-distribution-method option of the config load-balance setting command.
  3. All other sessions are sent to the primary (or master) FPM.
Previous
Next