In which scenario can asymmetric routing occur?
A. active/active firewall setup
B. single path in and out of the network.
C. active/standby firewall setup
D. redundant routers running VRRP
In which scenario can asymmetric routing occur?
A. active/active firewall setup
B. single path in and out of the network.
C. active/standby firewall setup
D. redundant routers running VRRP
Corre answer is D. A and C are correct in parts, “because asymmetric routing can be leveraged in the firewalls in active/standby and active/active modes”. Firewall is not a subject on ccnp exam.
Asymmetric routing
Many times, routing operations are impacted by Layer 2 switching in a network. As an
example, consider a situation, as depicted in Figure 1-21 , where a VLAN is spread across
multiple access layer switches, and a First-Hop Redundancy Protocol (FHRP) (for example,
HSRP, VRRP, or GLBP) is being used on multilayer switches at the distribution layer.
A challenge with this common scenario can occur with the return traffic, as illustrated in
Figure 1-23 . The return traffic flows from the Internet and into CSW1, which then loadbalances
between DSW1 and DSW2. When the path through DSW1 is used, the MAC
address of PC1 is known to DSW1’s ARP cache (because it just saw PC1’s MAC address
being used as the source MAC address in a packet going out to the Internet). However,
when the path through DSW2 is used, DSW2 might not have PC1’s MAC address in its
ARP cache (because PC1 isn’t normally using DSW2 as its default gateway). As a result,
DSW2 floods this unknown unicast traffic out all its other ports. This issue is known as
asymmetric routing , because traffic might leave through one path (for example, through
DSW1) and return through a different path (for example, through DSW2). Another name
given to this issue is unicast flooding , because of the potential for a backup FHRP router
or multilayer switch to flood unknown unicast traffic for returning traffic.
CCNP Routing and Switching ROUTE 300-101
Official Cert Guide
so A & C are correct
A is the correct answer:
The Asymmetric routing (ASR) feature is supported in both the FWSM 3.x and ASA 7.x code releases, and can be leveraged in the firewalls in active/standby and active/active modes
D is the correct Answer.
A is wrong because Active/Active Firewalls do not actually “cause” asymmetric routing but they can be affected by it if they are keeping session state information.
I think A.
Asymmetric Routing Support in Active/Active Mode.
The asymmetric routing accurs when the the msg was sent from a path and the reply came from an other path, seems like a redundancy thing.
Corre answer is D. A and C are correct in parts, “because asymmetric routing can be leveraged in the firewalls in active/standby and active/active modes”. Firewall is not a subject on ccnp exam.
Asymmetric routing
Many times, routing operations are impacted by Layer 2 switching in a network. As an
example, consider a situation, as depicted in Figure 1-21 , where a VLAN is spread across
multiple access layer switches, and a First-Hop Redundancy Protocol (FHRP) (for example,
HSRP, VRRP, or GLBP) is being used on multilayer switches at the distribution layer.
A challenge with this common scenario can occur with the return traffic, as illustrated in
Figure 1-23 . The return traffic flows from the Internet and into CSW1, which then loadbalances
between DSW1 and DSW2. When the path through DSW1 is used, the MAC
address of PC1 is known to DSW1’s ARP cache (because it just saw PC1’s MAC address
being used as the source MAC address in a packet going out to the Internet). However,
when the path through DSW2 is used, DSW2 might not have PC1’s MAC address in its
ARP cache (because PC1 isn’t normally using DSW2 as its default gateway). As a result,
DSW2 floods this unknown unicast traffic out all its other ports. This issue is known as
asymmetric routing , because traffic might leave through one path (for example, through
DSW1) and return through a different path (for example, through DSW2). Another name
given to this issue is unicast flooding , because of the potential for a backup FHRP router
or multilayer switch to flood unknown unicast traffic for returning traffic.
CCNP Routing and Switching ROUTE 300-101
Official Cert Guide