Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Hardware Acceleration

NP7 HPE recommended configuration

The optimal way to set up the NP7 HPE is to set the all-protocol option to a maximum packet rate threshold that protects the FortiGate CPU from excessive traffic. If all-protocolis set to a value other than 0, the number of host packets received for all traffic of all packet types that the HPE shapes is controlled by the all-protocol threshold. By default all-protocol is set to 400000. This default threshold is designed to work well for most FortiGates and most networks.

You can use HPE monitoring to verify how many packets the HPE is actually dropping and adjust the all-protocol threshold. See Monitoring NP7 HPE activity. You can also use the diagnose npu np7 monitor-hpe command to monitor HPE activity without dropping packets. See Monitor HPE activity without dropping packets.

If you set all-protocol to 0, you can configure thresholds for individual traffic types, see NP7 HPE for individual traffic types.

The HPE also includes an overflow option for high-priority traffic, see NP7 HPE and high priority traffic.

NP7 HPE recommended configuration

The optimal way to set up the NP7 HPE is to set the all-protocol option to a maximum packet rate threshold that protects the FortiGate CPU from excessive traffic. If all-protocolis set to a value other than 0, the number of host packets received for all traffic of all packet types that the HPE shapes is controlled by the all-protocol threshold. By default all-protocol is set to 400000. This default threshold is designed to work well for most FortiGates and most networks.

You can use HPE monitoring to verify how many packets the HPE is actually dropping and adjust the all-protocol threshold. See Monitoring NP7 HPE activity. You can also use the diagnose npu np7 monitor-hpe command to monitor HPE activity without dropping packets. See Monitor HPE activity without dropping packets.

If you set all-protocol to 0, you can configure thresholds for individual traffic types, see NP7 HPE for individual traffic types.

The HPE also includes an overflow option for high-priority traffic, see NP7 HPE and high priority traffic.