Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
825
Views
0
Helpful
1
Replies

Fragment owner in FTD

prestigio391
Level 1
Level 1

‎03-24-2022 06:03 AM

Hello guys,

 

We have cluster of 4 FTD nodes which are in 2 pairs per DC. Describe of situation

 

Traffic comes to NODES in DCA - Because of fragmentation device sent comunication to node in DCB and then send communication for endpoint go out of FW in DCB.This is causing problem on another FW(CORE) and traffic is dropped on int..

 

Is some way to force FTD cluster deal with fragmented traffic that came in DCA goes out in DCA ? FRAGMENT OWNER stay in locality that is traffic came from.

 

Thanks

 

 

Pavol

0 Helpful
1 Reply 1

Octavian Szolga
Level 4
Level 4

‎03-24-2022 07:39 AM - edited ‎03-24-2022 07:40 AM

Hi,

 

Usually, each connection has a specific owner.

Maybe your issue is related to the fact that the device before your FTD cluster is balancing based on L4 and fragmented traffic is not sent to the same FTD box, because L4 info is present only in the 1st fragment?

Maybe you should change the load balancing method to something that does not take into account L4..

 

BR,
Octavian

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card