This is driving me crazy, and I haven't found any Cisco documentation to explain this finding. I'm thinking it's an ASA thing, but I don't see why it would be.
- I have several routed Cisco ASAs participating in OSPF.
- They are the only OSPF router on most interfaces, so they report those as stub networks with a cost of 10.
- Any transit networks also have a cost of 10.
- All these ASAs use 1 Gbps or 10 Gbps interfaces with a reference bandwidth of 100 mbps.
I don't understand why those networks have a cost of 10 instead of 1, as I see no OSPF commands to explain it. Since this is common to all our ASAs regardless of software version, I'm wondering if this was an architectural decision to make firewalls less likely to be used for transiting. I'm not satisfied with that hypothesis b/c the cost is the same for transit and stub networks.
No comments:
Post a Comment