- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-18-2006 09:42 AM - edited 02-21-2020 01:14 AM
I have a pix 515e with two default routes, learned via OSPF from two routers on the "outside" interface.
Currently router#2 is being preferred way much more than router#1. There are many thousands of destinations for the traffic. These two routers are further doing NAT to nat rfc1918 ip's to the internet (the pix is NOT doing nat)
Can someone please let me know how the PIX does load balancing? is it by IP address destination? is it something else?
thanks,
Joe
Solved! Go to Solution.
- Labels:
-
Other Network Security Topics
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-21-2007 07:55 PM
Per TAC:
"the PIX will do per-destination Load Balancing instead of per packet
load balancing. The algorithm will look at the source and destination
addresses. It does not do 1:1 load balancing. Given enough different
source and destination addresses, the packets will more or less reach a
50/50 spit between the two next-hops. However, in real world testing
with the same source and destination addresses, it may not reach an even
load balancing."
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-20-2006 05:45 AM
The pix does not do load balancing. Your only option would be to configure the upstream routers to load balance.
Thanks,
Chad
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-21-2007 07:55 PM
Per TAC:
"the PIX will do per-destination Load Balancing instead of per packet
load balancing. The algorithm will look at the source and destination
addresses. It does not do 1:1 load balancing. Given enough different
source and destination addresses, the packets will more or less reach a
50/50 spit between the two next-hops. However, in real world testing
with the same source and destination addresses, it may not reach an even
load balancing."
