Active/Passive vs. Active/Active

Reply
Highlighted
L4 Transporter

Re: Active/Passive vs. Active/Active

If you are using ECMP what is the point os HSRP?  Doesn't that kind of defeat the purpose of ECMP by forcing your path one direction?

L3 Networker

Re: Active/Passive vs. Active/Active

I do not follow? 

 

Each active hsrp peer is connected to each palo alto, so any routes beyond the palo alto can be reach through both palo altos.

L3 Networker

Re: Active/Passive vs. Active/Active

Full mesh iBGP so Palo1 (172.16.63.3) knows that network 192.168.21.0/24 lives at Core01 (172.16.63.1) and Core02 (172.16.63.2), same for Palo2.

 

But now I think I see what you are saying.....the traffic is only going to be forwarded to the active peer for that hsrp group correct? I wonder if I am seeing issues because its trying to send to both peers? So my 9500s are the only ones that seem to need to use ecmp and not the palos.

 

But I have things connected northbound to both palos which ecmp would be good for..So not sure. 

L4 Transporter

Re: Active/Passive vs. Active/Active

I'm just saying usually you don't mix both HSRP and ECMP.  HSRP - Layer 2 failover mechanism.  ECMP - Layer 3 load balancing mechanism.

L4 Transporter

Re: Active/Passive vs. Active/Active

Have you enabled ECMP on the Palos?  If you are using iBGP instead of eBGP, there are extra hoops to jump through when enabling ECMP.

L3 Networker

Re: Active/Passive vs. Active/Active

yes ecmp on palos. 

iBGP not eBGP.

 

I have not seen much relating to ECMP and iBGP, so what other hoops are there?

L3 Networker

Re: Active/Passive vs. Active/Active

Ok so I see something that sticks out to me. 

 

What does ecmp preferred path mean? How is this chosen? 

L4 Transporter

Re: Active/Passive vs. Active/Active

I've really only tacked iBGP with ECMP int he lab with Juniper equipment and PANs in Active/Passive.  You'll have to some research on this for Cisco.  Are you running your PANs independently or in an Active/Active pair?

L3 Networker

Re: Active/Passive vs. Active/Active

Active/active pair. Thought about splitting them to standalone active/active but then worried about session state if one failed. 

L4 Transporter

Re: Active/Passive vs. Active/Active

No, you're doing it right.  If you split them all asynchronous traffic will get dropped since session states won't be synced between the two.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!