[c-nsp] [SPAM?] Re: ASA / EIGRP / Redundant Interfaces

Steve McCrory SteveMc at netservicesplc.com
Thu Apr 30 14:11:31 EDT 2009 

Hi Jason,

Have you considered tweaking the metrics on the routers to force the ASA
to prefer the routes from only one router at a time?

A few of the options to influence path selection are detailed at the
following link:

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c
2d96.shtml


Steven
 
Steven McCrory
 
Senior Network Engineer
 
Netservices PLC
Waters Edge Business Park
Modwen Road
Manchester, M5 3EZ
 
www.netservicesplc.com

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jason Link
Sent: 30 April 2009 18:00
To: Peter Rathlev; Jason Link
Cc: Cisco-nsp
Subject: [SPAM?] Re: [c-nsp] ASA / EIGRP / Redundant Interfaces

Maybe that's the best option here.  I can't seem to find any other way
to do it cleanly.

Thanks!


-----Original Message-----
From: Peter Rathlev <peter at rathlev.dk>
Sent: Thursday, April 30, 2009 11:52 AM
To: Jason Link <Jason.Link at whgroup.com>
Cc: Cisco-nsp <cisco-nsp at puck.nether.net>
Subject: RE: [c-nsp] ASA / EIGRP / Redundant Interfaces

On Thu, 2009-04-30 at 11:39 -0500, Jason Link wrote:
> Additionally, I'm not sure HSRP would help me in a situation like
this,
> since the way I understand it the ASA will still learn both routers
> "real" IP address and will form a neighbor to each one.  I would like
to
> avoid calling out the neighbor specifically, if I can help it.

Yes of course, if the ASA has to do EIGRP my suggestion is irrelevant. I
overlooked that somewhat since I'm not used to thinking about having
firewalls do dynamic routing. :-)

The HSRP thing would of course be with the ASA not participating in the
EIGRP. On the ASA side you would use static routes pointing at the HSRP
IP. On the router side you would use static routes pointing at the ASA
primary IP.

Regards,
Peter


_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

--------
NetServices plc, Company No. 4178393,
Registered Office: NetServices House, 31 Modwen Road,
Waters Edge Business Park, SALFORD, M5 3EZ
--------

More information about the cisco-nsp mailing list