This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Who rated this post

gwesson
L7 Applicator
In response to Abdul_Razaq

‎02-12-2019 06:19 AM

@Abdul_Razaq they're related, but do different things in their own context. The PBF option is when you could have asymmetric routes, whereas in ECMP it overrides the inherent load balancing that ECMP provides. Both of the following are pulled from the inline help on the firewall from their respective sections:

 

Symmetric return in ECMP

Select Symmetric Return to cause return packets to egress out the same interface on which the associated ingress packets arrived. That is, the firewall will use the ingress interface on which to send return packets, rather than use the ECMP interface, so the Symmetric Return setting overrides load balancing. This behavior occurs only for traffic flows from the server to the client.

 

Symmetric return in PBF

Select Enforce Symmetric Return and enter one or more IP addresses in the Next Hop Address List. Enabling symmetric return ensures that return traffic (such as from the Trust zone on the LAN to the Internet) is forwarded out through the same interface through which traffic ingresses from the internet.
(1)
Who rated this post
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks