03-20-2008 09:59 AM - edited 03-05-2019 09:52 PM
I've got two ASA5510s that are connected via three L2 links that are grouped into one Etherchannel. Load balancing isn't working since it is determined by the source/destination ip/mac, and that is always the same. The only ip/mac to talk over the L2 links are the ASAs.
Is there any way to fix load balancing with the current configuration?
If I switch the L2 connections to L3, will that help? There'd then be 3 equal costs static routes between the L3 switches. Each ASA would have point-to-point connection to the L3 switch on it's side and static routes would do all of the routing. Given that it's still the same ip/mac doing all of the talking, will load balancing still work across the three L3 links?
One switch is a 3560 and one is a 3550. Both run 12.2(25)SEE1 IOS. The ASA has a boot image of "asa704-12-k8.bin".
Thanks for any help.
---John Holmes...
03-20-2008 05:48 PM
These switches won't take the "ip load-sharing per-packet" command on the FE interfaces. I did some tests with another 3550 and 3560 and even though it took the commands, all of the traffic still went over one FE interfact.
I tried different methods of "ip cef load-sharing algorithm", too.
I tried making the two L3 switches OSPF neightbors and even though max-paths was set to 3 and there were 3 equal cost paths to the tunnel destinations on the "ASA"s, all of the traffic flowed over on FE interface between the switches.
The only way I can test this is to open a couple ping windows on a laptop connected to one "ASA", which is really just a router. The two routers have a GRE tunnel through the switches, so the only traffic the switch sees is GRE traffic to/from the same ip/mac. I confirmed this was the only thing going out the interface towards the switch by using "show ip cache flow".
Three trunking ports didn't do any good, either. I assume two of them would have just gone into blocking, anyhow.
Thanks for any help. :)
-John
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide