PFCP load balancing
FortiGate 7000E includes support for load balancing the Packet Forwarding Control Protocol (PFCP). PFCP is a new addition to 3GPP that provides 4G Control plane and User Plane Separation (CUPS) and 5G signaling evolution. When PFCP is used as the control plane, the user plane employs GTP-U encapsulation. PFCP takes many of the roles that are provided by GTP-C in 3G/4G networks today and provides session awareness and tracking of GTP-U user plane traffic while also providing control plane initiation.
FortiGate 7000E PFCP support includes supporting PFCP session synchronization for FGCP HA.
You can use the following command to enable or disable FortiGate 7000E PFCP load balancing.
config load-balance setting
set pfcp-load-balance {disable | enable}
end
The following flow rule is also available to direct PFCP control plane traffic to the primary FPM.
edit 21
set status disable
set vlan 0
set ether-type ipv4
set src-addr-ipv4 0.0.0.0 0.0.0.0
set dst-addr-ipv4 0.0.0.0 0.0.0.0
set protocol udp
set src-l4port 0-0
set dst-l4port 8805-8805
set action forward
set forward-slot master
set priority 5
set comment "pfcp to primary blade"
end
By default, both of these configurations are disabled and PFCP control plane and user plane traffic is not load balanced. The DP sends all PFCP control plane and user plane traffic to the primary FPM.
To load balance PFCP user plane traffic to multiple FPMs, you can set pfcp-load-balance
to enable
. This also enables the PFCP flow rule. PFCP user plane traffic is then load balanced across all FPMs while PFCP control plane traffic is still handled by the primary FPM. This is the recommended configuration for load balancing PFCP traffic.
These options are also available if your FortiGate 7000E is licensed for FortiOS Carrier. For more information about PFCP and FortiOS Carrier, see FortiOS Carrier PFCP protection.