[c-nsp] Distance limit of ASA Failover

Chris Kane ccie14430 at gmail.com
Thu Mar 17 17:43:26 EDT 2011


On Thu, Mar 17, 2011 at 5:35 PM, David White, Jr. (dwhitejr) <
dwhitejr at cisco.com> wrote:

> For the ASA, what is important is the latency caused by the distance.
> For best results, latency should be less than 10 msec.  There is a 30
> msec timer used to check the acknowledgment that the peer received the
> message (this includes round-trip time, plus the time it takes the peer
> to accept, process, and respond to the message).  However, latencies up
> to 250 msec is possible/acceptable, but there will be quite a bit of
> overhead, as the ASA will retransmit every failover message 8 times at
> this latency.   If the latency is large (near 250 msec), then the
> failover poll and holdtimes must not be configured at low values.
> Using a polltime of 1 sec and a holdtime of 15 sec would be fine.  Long
> distance failover should not be deployed when latencies between ASAs
> exceed 250 msec.
>
> Sincerely,
>
> David.
>
> Chris Kane wrote:
> > I've been looking for some doco and was hoping someone here had a good
> > reference. Now that so many of us are extended Layer 2 between data
> centers
> > I'd like to find documentation that recommends the distance limit for the
> > ASA Failover. Since pseudowires hide the Ethernet distance I'm wondering
> if
> > there is a time based limitation (ex. 30ms). And I'm assuming only
> > Active/Standby could be supported in geographically distant (read several
> > hundred miles apart) data centers.
> >
> > Thanks,
> > -chris
>
>
David,

Thanks for the email. I'm looking at a design that's likely ~40 msec on
average. Do you know of any supporting documentation I could use for
reference?

-chris


More information about the cisco-nsp mailing list