By default, gtp-enhanced mode is disabled, and a flow rule is configured for the DP processor to send all GTP-C traffic to the Master FPC.

Default Settings:

FGT (global) # config load-balance setting

FGT (setting) # get | grep gtp
gtp-load-balance : disable

FGT(global) # config load-balance flow-rule

.

.

edit 17
set ether-type ipv4
set protocol udp
set dst-l4port 2123-2123
set comment "gtp-c to primary blade"
next

In some cases, this can cause the master blade CPU usage will be very busy and could cause some GTP traffic issues.

Follow this document on how to load-balance the GTP traffic to multiple FPC modules, which can handle the GTP traffic evenly and avoid high CPU utilization on the Master blade.

Step 1: Enable 'gtp-enhanced-mode', which improves FortiOS GTP performance, and 'gtp-enhanced-cpu-range 0' to let all CPUs process the GTP-U traffic.

config system npu
    set gtp-enhanced-mode enable
    set gtp-enhanced-cpu-range 0
end

Step 2: Disable the default flow rule for GTP traffic sent to the  Master FPC.

FGT(global) # config load-balance flow-rule

.

.

edit 17

set status disable
set ether-type ipv4
set protocol udp
set dst-l4port 2123-2123
set comment "gtp-c to primary blade"
next

Step 3:  Enable 'gtp-load-balance' for GTP traffic to be load-balanced.

config load-balance setting
    set gtp-load-balance enable
end

Note:

 After entering this command, a restart of FortiGate is required to initialize the changes.

This issue is identified under the Known Issue ID 0763965 and has been fixed in v6.4.7.