09-30-2010 09:18 AM
I have a scenario with an SRX650 that receives a full bgp table from an upstream. I am now about to add a second upstream and receive a second full-feed. I'm thinking of what issues I might bump into in this scenario, mainly related to asymmetric routing, ie. sending a packet out one interface and getting the reply back on the other interface. Should this work OK as long as the two upstreams are in the same zone? I'm running in flow mode so a session is created upon egress.
I have tried to find the answer to this in the documentation but the closest I've gotten is "Flow mode does not support asymmetric routing for stateful sessions" - this in the documentation for 10.0 (I'm running 10.0R2.10) but this is not mentioned from 10.1 and on. Does that mean that restriction is resolved?
Thanks in advance!
10-05-2010 01:25 AM
If you have the two ISP interfaces in the same zone (untrust), it should work fine.
However, I'm not 100% sure; we have a bit more advanced setup, and it doesn't work at the moment (we have a case with JTAC).