Fortinet white logo
Fortinet white logo

FortiGate-7000E Handbook

PFCP load balancing

PFCP load balancing

FortiGate 7000E includes support for load balancing the Packet Forwarding Control Protocol (PFCP). PFCP is a new addition to 3GPP that provides 4G Control plane and User Plane Separation (CUPS) and 5G signaling evolution. When PFCP is used as the control plane, the user plane is GTP-U. PFCP takes many of the roles that are provided by GTP-C in 3G/4G networks today and provides session awareness and tracking of GTP-U user plane traffic while also providing control plane initiation.

FortiGate 7000E PFCP support includes supporting PFCP session synchronization for FGCP HA.

You can use the following command to enable or disable FortiGate 7000E PFCP load balancing.

config load-balance setting

set pfcp-load-balance {disable | enable}

end

The following flow rule is also available to direct PFCP control plane traffic to the primary FPM.

edit 21

set status disable

set vlan 0

set ether-type ipv4

set src-addr-ipv4 0.0.0.0 0.0.0.0

set dst-addr-ipv4 0.0.0.0 0.0.0.0

set protocol udp

set src-l4port 0-0

set dst-l4port 8805-8805

set action forward

set forward-slot master

set priority 5

set comment "pfcp to primary blade"

end

By default, both of these configurations are disabled and PFCP control plane and user plane traffic is not load balanced. The DP sends all PFCP control plane and user plane traffic to the primary FPM.

To load balance PFCP user plane traffic to multiple FPMs, you can set pfcp-load-balance to enable. This also enables the PFCP flow rule. PFCP user plane traffic is then load balanced across all FPMs while PFCP control plane traffic is still handled by the primary FPM. This is the recommended configuration for load balancing PFCP traffic.

PFCP load balancing

PFCP load balancing

FortiGate 7000E includes support for load balancing the Packet Forwarding Control Protocol (PFCP). PFCP is a new addition to 3GPP that provides 4G Control plane and User Plane Separation (CUPS) and 5G signaling evolution. When PFCP is used as the control plane, the user plane is GTP-U. PFCP takes many of the roles that are provided by GTP-C in 3G/4G networks today and provides session awareness and tracking of GTP-U user plane traffic while also providing control plane initiation.

FortiGate 7000E PFCP support includes supporting PFCP session synchronization for FGCP HA.

You can use the following command to enable or disable FortiGate 7000E PFCP load balancing.

config load-balance setting

set pfcp-load-balance {disable | enable}

end

The following flow rule is also available to direct PFCP control plane traffic to the primary FPM.

edit 21

set status disable

set vlan 0

set ether-type ipv4

set src-addr-ipv4 0.0.0.0 0.0.0.0

set dst-addr-ipv4 0.0.0.0 0.0.0.0

set protocol udp

set src-l4port 0-0

set dst-l4port 8805-8805

set action forward

set forward-slot master

set priority 5

set comment "pfcp to primary blade"

end

By default, both of these configurations are disabled and PFCP control plane and user plane traffic is not load balanced. The DP sends all PFCP control plane and user plane traffic to the primary FPM.

To load balance PFCP user plane traffic to multiple FPMs, you can set pfcp-load-balance to enable. This also enables the PFCP flow rule. PFCP user plane traffic is then load balanced across all FPMs while PFCP control plane traffic is still handled by the primary FPM. This is the recommended configuration for load balancing PFCP traffic.