Fortinet white logo
Fortinet white logo

FortiGate-6000 Administration Guide

GTP with dynamic source port allocation

GTP with dynamic source port allocation

GTP supports dynamically allocating UDP source ports. Dynamic source port allocation can help balance the load on the network.

To support GTP with dynamic source port allocation on a FortiGate 6000F, the recommended configuration is to enable the standard GTP-C flow rule to send all GTP-C traffic to the primary FPC. This flow rule sends all traffic with destination port 2123 to the primary FPC.

config load-balance flow-rule

edit 17

set status enable

set ether-type ipv4

set src-addr-ipv4 0.0.0.0 0.0.0.0

set dst-addr-ipv4 0.0.0.0 0.0.0.0

set protocol udp

set src-l4port 0-0

set dst-l4port 2123-2123

set action forward

set forward-slot master

set priority 5

set comment "gtp-c to primary blade"

next

end

In addition, you must create a second flow rule to send all GTP-C traffic with source port 2123 to the primary FPC. For example:

config load-balance flow-rule

edit 23

set status enable

set ether-type ipv4

set src-addr-ipv4 0.0.0.0 0.0.0.0

set dst-addr-ipv4 0.0.0.0 0.0.0.0

set protocol udp

set src-l4port 2123-2123

set dst-l4port 0-0

set action forward

set forward-slot master

set priority 5

set comment "gtp-c src port to primary blade"

next

end

Note

You can also support GTP with dynamic source port allocation by setting the dp-load-distribution-method to src-dst-ip:

config load-balance setting

set dp-load-distribution-method src-dst-ip

end

Enabling GTP load balancing using the following command is supported for GTP with dynamic source port allocation:

config load-balance setting

set gtp-load-balance {disable | enable}

end

GTP with dynamic source port allocation

GTP with dynamic source port allocation

GTP supports dynamically allocating UDP source ports. Dynamic source port allocation can help balance the load on the network.

To support GTP with dynamic source port allocation on a FortiGate 6000F, the recommended configuration is to enable the standard GTP-C flow rule to send all GTP-C traffic to the primary FPC. This flow rule sends all traffic with destination port 2123 to the primary FPC.

config load-balance flow-rule

edit 17

set status enable

set ether-type ipv4

set src-addr-ipv4 0.0.0.0 0.0.0.0

set dst-addr-ipv4 0.0.0.0 0.0.0.0

set protocol udp

set src-l4port 0-0

set dst-l4port 2123-2123

set action forward

set forward-slot master

set priority 5

set comment "gtp-c to primary blade"

next

end

In addition, you must create a second flow rule to send all GTP-C traffic with source port 2123 to the primary FPC. For example:

config load-balance flow-rule

edit 23

set status enable

set ether-type ipv4

set src-addr-ipv4 0.0.0.0 0.0.0.0

set dst-addr-ipv4 0.0.0.0 0.0.0.0

set protocol udp

set src-l4port 2123-2123

set dst-l4port 0-0

set action forward

set forward-slot master

set priority 5

set comment "gtp-c src port to primary blade"

next

end

Note

You can also support GTP with dynamic source port allocation by setting the dp-load-distribution-method to src-dst-ip:

config load-balance setting

set dp-load-distribution-method src-dst-ip

end

Enabling GTP load balancing using the following command is supported for GTP with dynamic source port allocation:

config load-balance setting

set gtp-load-balance {disable | enable}

end