Hello,
I have been configuring ASA firewall (asa v9 on Firepower 4K) to integrate with the ACI. The eBGP peerings are up and all works fine. I am trying to achieve multipath load sharing in inbound as well as outbound direction. refer to the diagram please.
aci_asa_bgp_vpc
Goal 1: The outbound (from the ASA towards ACI) multipath load sharing is achieved by using maximum-paths 2.
Goal 2: The inbound (from the ACI towards ASA) multipath load sharing is not working. We tried 2 tftp download sessions (from Network A to Network B) and it didn't seem like the traffic gets load balanced across the VPC links. The 80-90% of the traffic was going via the Leaf3333 and the link over Leaf3334 was almost idle. Is there any way on the ACI side to enable/configure to achieve 50/50 load sharing or similar?
Thanks.