Load Sharing Questions

Unanswered Question
Jul 1st, 2009

I have a question concerning dual homing connections from the ASA 5510 to two switches (See Attached). What I am trying to do is see if there is a way to load share between the switches on the untrusted side (in RED) from the traffic that is coming from the trusted side (In GREEN) or vise verse.

I am looking for some ideas to accomplish this. My initial thought was the HSRP (VRRP) on the switches might be the answer with ASR Groups on the FW. But I am looking for other ideas as well.

Additionally, I am looking for some layer 2 solutions to address the problem.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
pccw258103 Wed, 07/15/2009 - 06:25

Routers & ASA5510 has ran in layer three ip connection.

Each of router has two of HSRP group, one group active and other group standby. Thus, this configuration has two HSRP IP.

The asa is ran in Active/Active failover (each physical router has two context or more)

Configuring each context unit has two routes and the next-hop are each of HSRP IP. Using asr-group command.


This Discussion