Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
619
Views
0
Helpful
5
Replies

PIX/ASA - OSPF Load Balancing

Go to solution
lxcollin1
Level 1
Level 1

‎07-07-2006 10:37 PM - edited ‎02-21-2020 01:02 AM

Hello,

I have read the the PIX will load balance an equal cost route via OSPF. Will it send packets via per-packet, or is there a different method of distibuting traffic to the equal cost next-hop?

Thanks!!

Lee

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hemendoz
Cisco Employee
Cisco Employee

‎07-07-2006 11:08 PM

Hello Lee,

PIX 6.3 Now supports Load Balancing using OSPF only (up to 3 default routes)

The PIX can receive upto 3 default routes (all same metric) to 3 different gateways, and

will load balance on a per destination basis. Currently, there is no way from the PIX to

determine which gateway a packet will be sent to. One cannot currently use static routes

to do load balancing.

The hashing algorithm used is not simple, therefore it is very difficult to determine what

route (next hop) a packet will take given an IP Source and Destination pair. Basically,

the PIX takes the source and destination IPs (two 32-bit numbers) and hashes them into a

single 16-bit number. Then, the 16-bit number (0x0000 - 0xFFFF) is divided into thirds.

The first 1/3 goes to Gateway 1, the next 1/3 goes to Gateway 2, and the final 1/3 goes to

Gateway 3.

Hope this helps! If so, please rate.

Thanks

View solution in original post

0 Helpful
5 Replies 5

Go to solution
hemendoz
Cisco Employee
Cisco Employee

‎07-07-2006 11:06 PM

Hello Lee,

PIX 6.3 Now supports Load Balancing using OSPF only (up to 3 default routes)

The PIX can receive upto 3 default routes (all same metric) to 3 different gateways, and

will load balance on a per destination basis. Currently, there is no way from the PIX to

determine which gateway a packet will be sent to. One cannot currently use static routes

to do load balancing.

The hashing algorithm used is not simple, therefore it is very difficult to determine what

route (next hop) a packet will take given an IP Source and Destination pair. Basically,

the PIX takes the source and destination IPs (two 32-bit numbers) and hashes them into a

single 16-bit number. Then, the 16-bit number (0x0000 - 0xFFFF) is divided into thirds.

The first 1/3 goes to Gateway 1, the next 1/3 goes to Gateway 2, and the final 1/3 goes to

Gateway 3.

Hope this helps! If so, please rate.

Thanks

0 Helpful

Go to solution
hemendoz
Cisco Employee
Cisco Employee

‎07-07-2006 11:08 PM

Hello Lee,

PIX 6.3 Now supports Load Balancing using OSPF only (up to 3 default routes)

The PIX can receive upto 3 default routes (all same metric) to 3 different gateways, and

will load balance on a per destination basis. Currently, there is no way from the PIX to

determine which gateway a packet will be sent to. One cannot currently use static routes

to do load balancing.

The hashing algorithm used is not simple, therefore it is very difficult to determine what

route (next hop) a packet will take given an IP Source and Destination pair. Basically,

the PIX takes the source and destination IPs (two 32-bit numbers) and hashes them into a

single 16-bit number. Then, the 16-bit number (0x0000 - 0xFFFF) is divided into thirds.

The first 1/3 goes to Gateway 1, the next 1/3 goes to Gateway 2, and the final 1/3 goes to

Gateway 3.

Hope this helps! If so, please rate.

Thanks

0 Helpful

Go to solution
lxcollin1
Level 1
Level 1
In response to hemendoz

‎07-07-2006 11:21 PM

Thanks Hemendoz! This is exactly what I'm looking for!

0 Helpful

Go to solution
lxcollin1
Level 1
Level 1
In response to hemendoz

‎07-07-2006 11:25 PM

Hemendoz,

Out of curiosity, is this hashing algorithm the same method that CEF uses for per-destination determination?

Thanks!

0 Helpful

Go to solution
hemendoz
Cisco Employee
Cisco Employee
In response to lxcollin1

‎07-07-2006 11:52 PM

Hello,

I'm sorry. I don't have that visibility into the code so I can't answer that question.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card