- CheckMates
- :
- Products
- :
- Quantum
- :
- Maestro Masters
- :
- R81.10 Maestro VSX with OSPF/ECMP
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
R81.10 Maestro VSX with OSPF/ECMP
Anyone who could help with below question:
Setup:
- Single site Maestro R81.10 including latest JHF
- 3 external interfaces, each of them connected to another router
- 3 default routes are received via OSPF (equal cost).
- All antispoofing is enabled and is using the routing table information.
What happens for:
1) Outgoing connections?
Outgoing interface is determined using Weighted Fair Queueing. What will happen if the return packet enters on another interface? (Asymmetric routing) - As the antispoofing is configued correctly, will the flow be accepted and fully inspected?
2 Incoming connections?
We have no control about on which interface the traffic is entering. But will the reply packet use the same interface for replying (stickiness)? Or will it determine the external interface using the 'Weighted Fair Queueing' and thus potentially creating asymmetric routing?
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
for 1 Outgoing connections
If the packet come from different interface who decide if is inspected or not is the antispoofing since you already define what can pass from that interface. Who decides is the stateful inspection due that is asymmetric routing.
2) incomming Packet should be replied by same interface.
Question to you. why are you using ECMP on Maestro R81.10, this version allow Upto 10 Redundant ISP. or it is for internal traffic?