Troubleshooting Tip: Changing and Verifying DPDK Ports on FortiGate

vsharma · ‎11-20-2025

Description

This article describes how to modify the interfaces used by DPDK on FortiGate and how to verify that the changes have been successfully applied.

Scope

FortiOS.

Solution

DPDK (Data Plane Development Kit) is used to accelerate packet processing by bypassing the Linux kernel network stack. Changing DPDK-assigned ports requires a system reboot.

config dpdk global

(global) # show
config dpdk global
set status enable
set interface "port1"
set multiqueue disable
set sleep-on-idle disable
set elasticbuffer disable
set protects ''
set per-session-accounting traffic-log-only
set ipsec-offload disable
set hugepage-percentage 30
set mbufpool-percentage 25
set session-table-percentage 5
end

(global) # append interface port3 <-- Adding port3 to DPDK interfaces.

(global) # show
config dpdk global
set status enable
set interface "port1" "port3"
set multiqueue disable
set sleep-on-idle disable
set elasticbuffer disable
set protects ''
set per-session-accounting traffic-log-only
set ipsec-offload disable
set hugepage-percentage 30
set mbufpool-percentage 25
set session-table-percentage 5
end

(global) # end
interface change will trigger system reboot and will take effect after the reboot.
Do you want to continue? (y/n)y

Verification:

Check Active DPDK Configuration

diagnose dpdk config show

Current DPDK config in CMDB:
dpdk.global
status=enable
multiqueue=disable
sleep-on-idle=disable
elasticbuffer=disable
per-session-accounting=1
ipsec-offload=0
hugepage-percentage=30
nr_hugepages=1196
mbufpool-percentage=25
session-table-percentage=5
protects=
dpdk.cpus
en-cpus=2,3
rx-cpus=2,3
vnp-cpus=2,3
vnpsp-cpus=2,3
ips-cpus=2,3
tx-cpus=2,3
isolated-cpus= none
system.interface
Interface "port1"
dpdk=enable
Interface "port3"
dpdk=enable

Current working DPDK config:
dpdk.global
status=enable
multiqueue=disable
sleep-on-idle=disable
elasticbuffer=disable
per-session-accounting=1
ipsec-offload=0
hugepage-percentage=30
nr_hugepages=1196
mbufpool-percentage=25
session-table-percentage=5
protects=
dpdk.cpus
en-cpus=2,3
rx-cpus=2,3
vnp-cpus=2,3
vnpsp-cpus=2,3
ips-cpus=2,3
tx-cpus=2,3
isolated-cpus= none
system.interface
Interface "port1"
dpdk=enable
Interface "port3"
dpdk=enable

NO ACTION NEEDED:
Current config in CMDB contains no changes.

Check DPDK Initialization Log.

DPDK Initialization logs confirm

Correct config parsing.
Ports bound to DPDK.
Sanity test passed.

diagnose dpdk log show early-init

-----------------------------------------------------------------
DPDK early initialization starts at 2025-11-20 17:23:30(UTC)
-----------------------------------------------------------------
Content of DPDK configuration:(Use cmdb configuration)

config dpdk global
set status enable
set interface "port1" "port3"
set multiqueue disable
set sleep-on-idle disable
set elasticbuffer disable
set protects ''
set per-session-accounting traffic-log-only
set ipsec-offload disable
set hugepage-percentage 30
set mbufpool-percentage 25
set session-table-percentage 5
end
config dpdk cpus
set rx-cpus "2-3"
set vnp-cpus "2-3"
set vnpsp-cpus "2-3"
set ips-cpus "2-3"
set tx-cpus "2-3"
end

Parse config success!

VM is configured with 1 NUMA node.
Check CPU definitions 'rx-cpus'
Check CPU definitions 'vnp-cpus'
Check CPU definitions 'vnpsp-cpus'
Check CPU definitions 'ips-cpus'
Check CPU definitions 'tx-cpus'
Check CPU definitions 'isolated-cpus'
Check CPUs success!

Huge page allocation done

Ports enabled for DPDK:
port1
port3
Port name to device name mapping:
port1: eth0
port2: eth1
port3: eth2
port4: eth3
port5: eth4
port6: eth5
port7: eth6
port8: eth7
port9: eth8
port10: eth9
port11: eth10
port12: eth11
port13: eth12
port14: eth13
port15: eth14
port16: eth15
port17: eth16
port18: eth17
port19: eth18
port20: eth19
port21: eth20
port22: eth21
port23: eth22
port24: eth23

Start enabling DPDK kernel driver for port 'port1'...
Getting PCI device info for eth0...
reading pci dev /sys/class/net/eth0
link path: ../../devices/pci0000:00/0000:00:06.0/virtio3/net/eth0
Device info of eth0:
dev_name: eth0
macaddr: 00:65:72:62:46:01
pci_vendor: 0x1af4
pci_device: 0x1000
pci_id: 0000:00:06.0
pci_domain: 0
pci_bus: 0
pci_devid: 6
pci_function: 0
dev_port: 0
guid: n/a
Unbinding device eth0 from kernel driver...
Device eth0 unbind from kernel driver successful
Binding device eth0 to DPDK driver...
Device eth0 bind to DPDK driver successful
Creating DPDK kernel driver for device eth0...
Add VNP dev: eth0 PCI: 0000:00:06.0#0, Succeeded
DPDK kernel driver for eth0 successfully created
DPDK kernel driver enabled for port 'port1' (device name 'eth0')

Start enabling DPDK kernel driver for port 'port3'...
Getting PCI device info for eth2...
reading pci dev /sys/class/net/eth2
link path: ../../devices/pci0000:00/0000:00:08.0/virtio5/net/eth2
Device info of eth2:
dev_name: eth2
macaddr: 00:65:72:62:46:03
pci_vendor: 0x1af4
pci_device: 0x1000
pci_id: 0000:00:08.0
pci_domain: 0
pci_bus: 0
pci_devid: 8
pci_function: 0
dev_port: 0
guid: n/a
Unbinding device eth2 from kernel driver...
Device eth2 unbind from kernel driver successful
Binding device eth2 to DPDK driver...
Device eth2 bind to DPDK driver successful
Creating DPDK kernel driver for device eth2...
Add VNP dev: eth2 PCI: 0000:00:08.0#0, Succeeded
DPDK kernel driver for eth2 successfully created
DPDK kernel driver enabled for port 'port3' (device name 'eth2')

Bind ports success!

mknod for uio0 (252, 0) done.
mknod for uio1 (252, 1) done.
Make UIO nodes success!

#---------------EAL INIT-----------------
#----------------------------------------

#----------------------------------------
# port oid dev_name pci_id
#----------------------------------------
0 0 eth0 0000:00:06.0
1 1 eth2 0000:00:08.0
#----------------------------------------
DPDK sanity test passed

Troubleshooting Tip: Changing and Verifying DPDK Ports on FortiGate

You are leaving our website