Which scenario can asymmetric routing occur?

In which scenario can asymmetric routing occur?
A. active/active firewall setup
B. single path in and out of the network.
C. active/standby firewall setup
D. redundant routers running VRRP

cisco-exams

7 thoughts on “Which scenario can asymmetric routing occur?

  1. Corre answer is D. A and C are correct in parts, “because asymmetric routing can be leveraged in the firewalls in active/standby and active/active modes”. Firewall is not a subject on ccnp exam.

    Asymmetric routing

    Many times, routing operations are impacted by Layer 2 switching in a network. As an
    example, consider a situation, as depicted in Figure 1-21 , where a VLAN is spread across
    multiple access layer switches, and a First-Hop Redundancy Protocol (FHRP) (for example,
    HSRP, VRRP, or GLBP) is being used on multilayer switches at the distribution layer.

    A challenge with this common scenario can occur with the return traffic, as illustrated in
    Figure 1-23 . The return traffic flows from the Internet and into CSW1, which then loadbalances
    between DSW1 and DSW2. When the path through DSW1 is used, the MAC
    address of PC1 is known to DSW1’s ARP cache (because it just saw PC1’s MAC address
    being used as the source MAC address in a packet going out to the Internet). However,
    when the path through DSW2 is used, DSW2 might not have PC1’s MAC address in its
    ARP cache (because PC1 isn’t normally using DSW2 as its default gateway). As a result,
    DSW2 floods this unknown unicast traffic out all its other ports. This issue is known as
    asymmetric routing , because traffic might leave through one path (for example, through
    DSW1) and return through a different path (for example, through DSW2). Another name
    given to this issue is unicast flooding , because of the potential for a backup FHRP router
    or multilayer switch to flood unknown unicast traffic for returning traffic.

    CCNP Routing and Switching ROUTE 300-101
    Official Cert Guide

  2. A is the correct answer:

    The Asymmetric routing (ASR) feature is supported in both the FWSM 3.x and ASA 7.x code releases, and can be leveraged in the firewalls in active/standby and active/active modes

  3. D is the correct Answer.
    A is wrong because Active/Active Firewalls do not actually “cause” asymmetric routing but they can be affected by it if they are keeping session state information.

    1. The asymmetric routing accurs when the the msg was sent from a path and the reply came from an other path, seems like a redundancy thing.

    2. Corre answer is D. A and C are correct in parts, “because asymmetric routing can be leveraged in the firewalls in active/standby and active/active modes”. Firewall is not a subject on ccnp exam.

      Asymmetric routing

      Many times, routing operations are impacted by Layer 2 switching in a network. As an
      example, consider a situation, as depicted in Figure 1-21 , where a VLAN is spread across
      multiple access layer switches, and a First-Hop Redundancy Protocol (FHRP) (for example,
      HSRP, VRRP, or GLBP) is being used on multilayer switches at the distribution layer.

      A challenge with this common scenario can occur with the return traffic, as illustrated in
      Figure 1-23 . The return traffic flows from the Internet and into CSW1, which then loadbalances
      between DSW1 and DSW2. When the path through DSW1 is used, the MAC
      address of PC1 is known to DSW1’s ARP cache (because it just saw PC1’s MAC address
      being used as the source MAC address in a packet going out to the Internet). However,
      when the path through DSW2 is used, DSW2 might not have PC1’s MAC address in its
      ARP cache (because PC1 isn’t normally using DSW2 as its default gateway). As a result,
      DSW2 floods this unknown unicast traffic out all its other ports. This issue is known as
      asymmetric routing , because traffic might leave through one path (for example, through
      DSW1) and return through a different path (for example, through DSW2). Another name
      given to this issue is unicast flooding , because of the potential for a backup FHRP router
      or multilayer switch to flood unknown unicast traffic for returning traffic.

      CCNP Routing and Switching ROUTE 300-101
      Official Cert Guide

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.