Fortigate sees incorrect bandwidth on outbound application

Forum|Forum|8 years ago
November 12, 2017
1 reply
5347 views

I am doing a youtube live stream. TCP/1935. The IPv4 rules page bandwidth used section is accurate but if I try to traffic shape or view logs in any other place, I am getting 3-6kbps reported speed. All logging is enabled. I am running v5.4.1,build5577. Anyone run into this before?

NetworkEngineer509Author

New Member

Upgraded to FortiOS v5.6.2 build1486 (GA). No improvement. Maybe I am doing something wrong? Here is what I am talking about.

AtiT

New Member

Hi,

It is because the session is offloaded to network processor (NP). Only the beginning and end of the session will be logged and it is a small amount of data.

When I tested this behaviour on OS 5.2 we found out that also SNMP interface statistics are also "affected" which is a huge problem in datacenter to get correct data.

If you have an NP6 you can enable session logging - I am not sure how it will affect the unit perfomance. Be careful with this.

See the documentation: http://help.fortinet.com/cli/fos50hlp/56/index.htm#FortiOS/fortiOS-cli-ref-56/config/system/np6.htm%3FTocPath%3Dsystem%7C_____52

config system np6 edit { name } set per-session-accounting { disable | enable-by-log | all-enable } Enable/disable per-session accounting. disable Disable per-session accounting. enable-by-log Per-session accounting only for sessions with traffic logging enabled in firewall policy. all-enable Per-session accounting for all sessions.

We have it enabled on FortiGate-1500D running 5.2 without any issue so far.

We need correct traffic data also for reporting.

NetworkEngineer509Author

New Member

How would this affect traffic shaping?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded