1-34
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring a Cluster of ASAs
Configuring ASA Clustering
• For transparent mode, configure the bridge group according to the “Configuring Bridge Groups”
section on page 1-8.
Guidelines
• Do not specify the maximum and minimum links in the EtherChannel—We recommend that you do
not specify the maximum and minimum links in the EtherChannel (The lacp max-bundle and
port-channel min-bundle commands) on either the ASA or the switch. If you need to use them,
note the following:
–
The maximum links set on the ASA is the total number of active ports for the whole cluster. Be
sure the maximum links value configured on the switch is not larger than the ASA value.
–
The minimum links set on the ASA is the minimum active ports to bring up a port-channel
interface per unit. On the switch, the minimum links is the minimum links across the cluster, so
this value will not match the ASA value.
• Do not change the load-balancing algorithm from the default (see the port-channel load-balance
command). On the switch, we recommend that you use one of the following algorithms:
source-dest-ip or source-dest-ip-port (see the Nexus OS and IOS port-channel load-balance
command). Do not use a vlan keyword in the load-balance algorithm because it can cause unevenly
distributed traffic to the ASAs in a cluster.
• The lacp port-priority and lacp system-priority commands are not used for a Spanned
EtherChannel.
• When using Spanned EtherChannels, the port-channel interface will not come up until clustering is
fully enabled (see the “Configuring Spanned EtherChannels” section on page 1-33). This
requirement prevents traffic from being forwarded to a unit that is not an active unit in the cluster.
• For detailed EtherChannel guidelines, limitations, and prerequisites, see the “Configuring an
EtherChannel” section on page 1-28.
• See also the “EtherChannel Guidelines” section on page 1-11.
To Next Page
Loading...
Need help?
General
