Configuring Asymmetric Routing Support
Disabling Neighbor Change and Warning Message Logging
By default neighbor change, and neighbor warning messages are logged. You can disable the logging of
neighbor change message and neighbor warning messages.
•
•
Configuring Asymmetric Routing Support
In some situations, return traffic for a session may be routed through a different interface than it
originated from. In failover configurations, return traffic for a connection that originated on one unit may
return through the peer unit. This most commonly occurs when two interfaces on a single FWSM, or two
FWSMs in a failover pair, are connected to different service providers and the outbound connection does
not use a NAT address. By default, the FWSM drops the return traffic because there is no connection
information for the traffic.
You can prevent the return traffic from being dropped using the asr-group command on interfaces where
this is likely to occur. When an interface configured with the asr-group command receives a packet for
which it has no session information, it checks the session information for the other interfaces that are in
the same group.
Note
In failover configurations, you must enable Stateful Failover for session information to be passed from
the standby unit or failover group to the active unit or failover group.
If it does not find a match, the packet is dropped. If it finds a match, then one of the following actions
occurs:
•
•
This section contains the following topics:
•
•
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
8-30
To disable the logging of neighbor change messages, enter the following command in router
configuration mode for the EIGRP routing process:
hostname(config-router)# no eigrp log-neighbor-changes
To disable the logging of neighbor warning messages, enter the following command in router
configuration mode for the EIGRP routing process:
hostname(config-router)# no eigrp log-neighbor-warnings
If the incoming traffic originated on a peer unit in a failover configuration, some or all of the layer
2 header is rewritten and the packet is redirected to the other unit. This redirection continues as long
as the session is active.
If the incoming traffic originated on a different interface on the same unit, some or all of the layer
2 header is rewritten and the packet is re-injected into the stream.
Adding Interfaces to ASR Groups, page 8-31
Asymmetric Routing Support Example, page 8-31
Chapter 8
Configuring IP Routing and DHCP Services
OL-20748-01