So apparently for ECMP to work correctly in SonicWALL world you have to check “enable Asymmetric Route Support” under the interfaces where you’re announcing your networks. It makes sense now that I think about it since our cores may not load balance return traffic the same way the SonicWALL’s sent it out.
Background for fun... were a small ISP in Reno NV and we’re given a pair of NSA2600’s. Our old data center services firewalls were long in the tooth (ASA5540’s) and needed updating. Each NSA has two peering interfaces, one to each of our cores, for internal traffic. For the longest time I’ve hated SonicWALLs but they’ve come a long way in terms of their support for more advanced networking features.
Anyhow I hope this little “gotcha” helps someone else out.
No comments:
Post a Comment