ASA active/avtive failover and Load Balance ?

Unanswered Question
Sep 21st, 2007

I have four ASA5550 need to set up a cluster of failover also load balance, but I am confused with ASA active/active failover and Load balance? What?s the mean difference?

In active/active mode does that mean the traffic/session pick up the ASA randomly? If like this, I feel this is a sort of load balance already, right?

Looks like load balance does not maintain the session table on all the members, so that means if one member unit is dead all the session on it will be dropped and the users need rebuild the session? If things like this, it is not perfect, right? I do not want users feel any interrupt.

Need help,

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
chidd Wed, 09/26/2007 - 10:17

Active/Active can't load balance. Load Balancing depend on Layer 3 devices. ASA Active/Active simply pass traffic origninating from Layer 3 devices (Routers, Switch).

If one member unit is dead, all session will be replicate to Standby Context (will become Active) on Peer devices, thus users doesn't rebuild the sessions.

rico_hao40 Wed, 09/26/2007 - 11:17

Thanks for reply.

If I only have one user group access my ASAs, so actually active/active mode is not necessary for me, active/standby is good enought?

Does that mean Active/active is only useful if I have multipul user group access my ASAs?

Thanks.

whisperwind Wed, 09/26/2007 - 11:36

Correct active/standby is for you.

Active/active is a victory for cisco marketing and a hugely misleading moniker.

IMO it is best for service providers that need to give different customers their own firewalls for some reason.

Actions

This Discussion