FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
jalejoFTNT
Staff
Staff
Article Id 323178
Description

This article describes how to resolve a scenario where the FortiGate VM uses only one of the CPU cores available.

 

One CPU Core FGTVM 1.png

Scope FortiGate.
Solution

Review the driver that is used on FortiGate NIC with the following command:

 

diagnose hardware deviceinfo nic <port>

 

One CPU Core FGTVM 2.png

 

This e1000 NIC driver only has one queue. For this reason, it cannot distribute processing to multiple CPU cores like virtio or VMXNET3 when there are multiple sessions.

 

To fix this issue:

 

On the Virtualization Platform (such as VMWare or VirtualBox), change the driver used on NICs to another such as virtio or VMXNET3.

After this change, confirm if it was successful by running the following command in the FortiGate CLI again:

 

diagnose hardware deviceinfo nic <port>

 

FortiGate will recognize the new driver:

 

One CPU Core FGTVM 3.png

 

The sessions will be handled by all the CPU available cores:

 

One CPU Core FGTVM 4.png

 

Related links:

FortiGate-VM | FortiGate Private Cloud 7.4.0 | Fortinet Document Library.

Contributors