Andrew,
Thanks very much for the additional insights.
Further troubleshooting has shown that it appears to be our firewall
blocking the asymmetric traffic. The ASA appears to be blocking the SYN
ACK since it didn't see the SYN.
2011-01-26 16:53:59Local4.Debug10.10.30.3%ASA-7-6090
Adam,
On Wed, 26 Jan 2011, Adam Greene wrote:
Pete,
Thanks ... we ran some tests this evening, disabling NAT entirely, and saw
the same results, so I think we can safely say that NAT is not causing the
issue.
The situation we are facing is that the customer appears to be unable to
route a
Pete,
Thanks ... we ran some tests this evening, disabling NAT entirely, and
saw the same results, so I think we can safely say that NAT is not
causing the issue.
The situation we are facing is that the customer appears to be unable to
route asymmetric traffic. At least that's what we think
Adam,
I realized (with the help of an off-list post) I mis-read your
original post. I thought this was on two different devices, instead of
two connections on the same device.
For a single box the NAT lookups are done when traffic arrives on any
nat inside/outside interface*. If we create a trans
NAT could definitely be causing issues. Generally you could use
something like Stateful NAT (SNAT) between the two BGP speakers to
make sure they sync their NAT tables, but this this feature has had a
number of challenges/issues and development and started moving it to
end of life.
On Fri, Jan 2
How are the pools configured?? Are they mapped to different public's
(prefix's from each of you)?? Or is it common subnet??
Obviously, if they're NAT'd to different prefixes (a prefix to each pool),
this is likely the problem. What goes out to provider (a) must come back in
provider (a) as it is N
Hi guys,
I have a multihomed customer who receives full BGP routes from both us
and another provider and load balances between the two connections.
Things are working fine until the traffic becomes asymmetric (i.e.
inbound through one provider, outbound through the other).
The block they are
