Hello everyone, I need help about the next scenario.

I configured OSPF between a pair of Nexus 7706 and a pair of FTD 2103 in HA arrangement, to announce all SVIs to FTD-HA behind the peers VPC Nexus 7706 and avoid configuring every static route into the FTDs to the peers VPC LAN.

All the communication and adjacency is by VLAN301 in every device.

Primary Nexus:

Secondary Nexus:

I followed Best Practices for Virtual Port Channels (vPC) for Layer 3 document:

https://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf

This is the route table form FTD:

But, I have a LOOP, the Traceroute from FTD CLI to 10.92.59.251 (VLAN 2) (Secondary Nexus HSRP) shows three different behaviors:

1. Answer directly:

2. Answer with two hops:

3. Answer with three hops:

I want to avoid this kind of issue, so I’m requesting your help.

Actually all communication is PRIMARY NEXUS – FTD ACTIVE, and is desirable when the FTD ACTIVE goes down and the FTD PASSIVE takes the ACTIVE role, the SECONDARY NEXUS send all the routes like the PRIMARY NEXUS without repeating the routes.

Please some recommendations.

Thanks