Fortinet white logo
Fortinet white logo

FortiOS Carrier

FGSP GTP tunnel synchronization between FGCP clusters

FGSP GTP tunnel synchronization between FGCP clusters

You can use FGSP to synchronize GTP tunnels between two FGCP clusters of FortiGates license for FortiOS Carrier. The FGCP clusters can be at the same location or distributed to different locations (for example, each FGCP cluster can be at a different data center).

No special FGSP configuration is required for GTP tunnel synchronization between FGCP clusters. For information about configuring FGSP between FGCP clusters, see Synchronizing sessions between FGCP clusters.

In addition to GTP tunnel synchronization, in most cases you would want both of the FGCP clusters in the FGSP configuration maintain the same configuration. If you want to synchronize configuration changes, consider enabling Standalone configuration synchronization. You can also use FortiManager to manage and synchronize the configurations of all of the FGCP clusters.

FortiOS Carrier has the following limitations when synchronizing GTP tunnels between FGCP clusters using FGSP:

  • Fortinet recommends FGSP GTP tunnel synchronization between two FGCP clusters.

  • All FortiGates must have the same model and generation, hardware configuration, FortiOS version, and be licensed for FortiOS Carrier.

  • When a new FGCP cluster joins an FGSP cluster, GTP tunnels are synchronized to the new FGCP cluster in a single batch using a batch cluster synchronization process. These batch-synchronized tunnels are not synchronized to the secondary or backup FortiGate in the new FGCP cluster. Subsequent GTP tunnel synchronization updates are synchronized to the secondary or backup FortiGate.

  • When a new FGCP cluster joins an FGSP cluster, GTP tunnels currently running on the newly joined FGCP cluster are not synchronized to other peers in the FGSP cluster. New GTP tunnels started by the new FGCP cluster are synchronized to other FGSP peers after the FGCP cluster has joined the FGSP cluster.

FGSP GTP tunnel synchronization between FGCP clusters supports asymmetric routing. Enter the following command to enable asymmetric routing:

config system settings

set gtp-asym-fgsp enable

end

FGSP supports widely separated FGSP peers installed in different physical locations in the same way as FGSP between FortiGates licensed for FortiOS Carrier.

FGSP GTP tunnel synchronization between FGCP clusters

FGSP GTP tunnel synchronization between FGCP clusters

You can use FGSP to synchronize GTP tunnels between two FGCP clusters of FortiGates license for FortiOS Carrier. The FGCP clusters can be at the same location or distributed to different locations (for example, each FGCP cluster can be at a different data center).

No special FGSP configuration is required for GTP tunnel synchronization between FGCP clusters. For information about configuring FGSP between FGCP clusters, see Synchronizing sessions between FGCP clusters.

In addition to GTP tunnel synchronization, in most cases you would want both of the FGCP clusters in the FGSP configuration maintain the same configuration. If you want to synchronize configuration changes, consider enabling Standalone configuration synchronization. You can also use FortiManager to manage and synchronize the configurations of all of the FGCP clusters.

FortiOS Carrier has the following limitations when synchronizing GTP tunnels between FGCP clusters using FGSP:

  • Fortinet recommends FGSP GTP tunnel synchronization between two FGCP clusters.

  • All FortiGates must have the same model and generation, hardware configuration, FortiOS version, and be licensed for FortiOS Carrier.

  • When a new FGCP cluster joins an FGSP cluster, GTP tunnels are synchronized to the new FGCP cluster in a single batch using a batch cluster synchronization process. These batch-synchronized tunnels are not synchronized to the secondary or backup FortiGate in the new FGCP cluster. Subsequent GTP tunnel synchronization updates are synchronized to the secondary or backup FortiGate.

  • When a new FGCP cluster joins an FGSP cluster, GTP tunnels currently running on the newly joined FGCP cluster are not synchronized to other peers in the FGSP cluster. New GTP tunnels started by the new FGCP cluster are synchronized to other FGSP peers after the FGCP cluster has joined the FGSP cluster.

FGSP GTP tunnel synchronization between FGCP clusters supports asymmetric routing. Enter the following command to enable asymmetric routing:

config system settings

set gtp-asym-fgsp enable

end

FGSP supports widely separated FGSP peers installed in different physical locations in the same way as FGSP between FortiGates licensed for FortiOS Carrier.