Flow rules for sessions that cannot be load balanced
Some traffic types cannot be load balanced. Sessions for traffic types that cannot be load balanced should normally be sent to the primary FPM by configuring flow rules for that traffic. You can also configure flow rules to send traffic that cannot be load balanced to specific FPMs.
Create flow rules using the config load-balance flow-rule
command. The default configuration uses this command to send Kerberos, BGP, RIP, IPv4 and IPv6 DHCP, PPTP, BFD, IPv4 and IPv6 multicast, GTP, and HTTP and HTTPS authd sessions to the primary FPM. The default configuration also sends VRRP traffic to all FPMs. You can view the default configuration of the config load-balance flow-rule
command to see how this is all configured, or see Default configuration for traffic that cannot be load balanced.
For example, the following configuration sends BGP source and destination sessions to the primary FPM:
config load-balance flow-rule
edit 3
set status enable
set vlan 0
set ether-type ip
set protocol tcp
set src-l4port 179-179
set dst-l4port 0-0
set tcp-flag any
set action forward
set forward-slot master
set priority 5
set comment "bgp src"
next
edit 4
set status enable
set vlan 0
set ether-type ip
set protocol tcp
set src-l4port 0-0
set dst-l4port 179-179
set tcp-flag any
set action forward
set forward-slot master
set priority 5
set comment "bgp dst"
end