Hey all. I'm having an issue when trying to turnup some new firewalls. We currently have two Cisco 2100 FTDs that are running in Active/Passive mode. They are running a port channel with two links each to two of our core Nexus 3K switches. So eth 1/2 on each FTD runs to port eth 1/20 on each Nexus and 1/3 on FTD to 1/21 on Nexus. We are running OSPF to link the pairs for routing. The problem I have is the port-channel comes up but it I get inconsistent traffic flow. All traffic goes out to the Internet but it seems if the return traffic hits the secondary Nexus it ends up dropping. If I disable to routing on the secondary Nexus all traffic works fine. I've tried looking online and I think it has to do with traffic coming back into the secondary switch and then trying to route over the vpc peer-link to the primary switch and it drops it then but I'm not sure.
No comments:
Post a Comment