Load balancing and flow rules
This chapter provides an overview of how FortiGate-7000F Session-Aware Load Balancing (SLBC) works and then breaks down the details and explains why you might want to change some load balancing settings.
FortiGate-7000F SLBC works as follows.
-
The FortiGate-7000F directs all traffic that does not match a load balancing flow rule to the NP7 processors.
If a session matches a flow rule, the session skips the NP7 processors and is directed according to the action setting of the flow rule. Default flow rules send traffic that can't be load balanced to the primary FPM. See Default configuration for traffic that cannot be load balanced.
-
The NP7 processors load balance TCP, UDP, SCTP, and ICMP sessions among the FPMs according to the load balancing method set by the
dp-load-distribution-method
option of theconfig load-balance setting
command.The NP7 processors load balance ICMP sessions among FPMs according to the load balancing method set by the
dp-icmp-distribution-method
option of theconfig load-balance setting
command. See ICMP load balancing.The NP7 processors load balance GTP-U sessions if GTP load balancing is enabled. If GTP load balancing is disabled, the NP7 processors send GTP sessions to the primary FPM. For more information about GTP load balancing, see Enabling GTP load balancing.
The NP7 processors load balance PFCP-controlled GTP-U sessions if PFCP load balancing is enabled. If PFCP load balancing is disabled, the NP7 processors send PFCP-controlled GTP-U sessions to the primary FPM. For more information about PFCP load balancing, see PFCP load balancing.
To support ECMP you can change how the NP7 processors manage session tables, see ECMP support.
- The NP7 processors send other sessions that cannot be load balanced to the primary FPM.