Fortinet black logo

FortiGate-7000F Handbook

Optimizing NAT IP pool allocation on FortiGate-7000F systems with empty FPM slots

Copy Link
Copy Doc ID fd130345-bc33-11ec-9fd1-fa163e15d75b:578355
Download PDF

Optimizing NAT IP pool allocation on FortiGate-7000F systems with empty FPM slots

FortiOS allocates IP pool addresses evenly among all of the FPMs in a FortiGate-7000F chassis. However, if the chassis has empty FPM slots, IP pool addresses are allocated to the empty slots as well as the operating slots, resulting in fewer IP addresses being available for the operating FPMs.

You can use the following command to disable the empty slots. When the empty slots are disabled, all IP pool addresses are allocated to the operating FPMs; resulting in all of the addresses in the IP pool being available.

For example, if you are operating an FortiGate-7121F with FPMs in slots 3 to 8 only, use the following command to disable slots 9 to 12:

config load-balance setting

config workers

edit 9

set status disable

next

edit 10

set status disable

end

edit 11

set status disable

end

edit 12

set status disable

end

Note

Enabling or disabling FPM slots causes the FortiGate-7000F to re-partition all NAT pools among the currently active FPMs. This might disrupt currently running sessions, so Fortinet recommends enabling or disabling FPMs during a maintenance window.

Optimizing NAT IP pool allocation on FortiGate-7000F systems with empty FPM slots

FortiOS allocates IP pool addresses evenly among all of the FPMs in a FortiGate-7000F chassis. However, if the chassis has empty FPM slots, IP pool addresses are allocated to the empty slots as well as the operating slots, resulting in fewer IP addresses being available for the operating FPMs.

You can use the following command to disable the empty slots. When the empty slots are disabled, all IP pool addresses are allocated to the operating FPMs; resulting in all of the addresses in the IP pool being available.

For example, if you are operating an FortiGate-7121F with FPMs in slots 3 to 8 only, use the following command to disable slots 9 to 12:

config load-balance setting

config workers

edit 9

set status disable

next

edit 10

set status disable

end

edit 11

set status disable

end

edit 12

set status disable

end

Note

Enabling or disabling FPM slots causes the FortiGate-7000F to re-partition all NAT pools among the currently active FPMs. This might disrupt currently running sessions, so Fortinet recommends enabling or disabling FPMs during a maintenance window.