Default NP7 queue protocol prioritization configuration
The default NP queue priority configuration should result in optimal performance in most cases. An empty or incorrect NP queue priority configuration can affect performance or cause traffic disruptions. In the case of a hyperscale firewall VDOM, an empty NP queue priority configuration could cause BGP flapping or traffic interruptions when a lot of IP traffic and/or non-SYN TCP traffic is sent to the CPU.
|
After upgrading your FortiGate with NP7 processors, you should verify that the NP queue priority configuration is either your intended configuration or matches the default configuration shown below. If you are upgrading from a FortiOS version that does not support the NP queue priority feature, the NP queue priority configuration after the firmware upgrade could be empty or incorrect. |
Here is the default NP queue priority configuration:
config system npu
config np-queues
config ethernet-type
edit "ARP"
set type 806
set queue 9
next
edit "HA-SESSYNC"
set type 8892
set queue 11
next
edit "HA-DEF"
set type 8890
set queue 11
next
edit "HC-DEF"
set type 8891
set queue 11
next
edit "L2EP-DEF"
set type 8893
set queue 11
next
edit "LACP"
set type 8809
set queue 9
next
end
config ip-protocol
edit "OSPF"
set protocol 89
set queue 11
next
edit "IGMP"
set protocol 2
set queue 11
next
edit "ICMP"
set protocol 1
set queue 3
next
end
config ip-service
edit "IKE"
set protocol 17
set sport 500
set dport 500
set queue 11
next
edit "BGP"
set protocol 6
set sport 179
set dport 179
set queue 9
next
edit "BFD-single-hop"
set protocol 17
set sport 3784
set dport 3784
set queue 11
next
edit "BFD-multiple-hop"
set protocol 17
set sport 4784
set dport 4784
set queue 11
next
edit "SLBC-management"
set protocol 17
set dport 720
set queue 11
next
edit "SLBC-1"
set protocol 17
set sport 11133
set dport 11133
set queue 11
next
edit "SLBC-2"
set protocol 17
set sport 65435
set dport 65435
set queue 11
end