Hi,

I am considering a "sandwich" deployment of a farm of stateful appliances between a pair of xrv9000 in AWS -- showing the relevant portion of the bigger topology below:

xrv9k-1 --- [farm of appliances] --- xrv9k-2

Each of the appliances is directly connected to both the xrv9ks. There would be BGP peering between the 2 xrv9ks and the farm of appliances would be the IGP next hops for one xrv9k to reach the other. Questions:

1. Is there a way to configure ECMP hashing on the xrv9ks to get to the farm of appliances?
2. If so, is there a way to configure symmetric hashing i.e. xrv9k-1 --> xrv9k-2 flow tuple and xrv9k-2 --> xrv9k-1 flow tuple hash to the same stateful appliance? Any pointers on how to set that up?
3. What are the IGP options available for peering with the farm of appliances?

Another alternative being considered is where the sandwich is "virtual" i.e. on a single xrv9k I will create 2 non-default VRFs and sandwich the path thru the farm of appliances. Questions:

1. The way I can think of will require some form of bidirectional route leaking between the non-default VRFs. Is this supported?
2. In the above leaking the IGP next hop still has to be the farm of appliances -- any issues with that?
3. Any other scheme to accomplish the virtual sandwich also welcome
4. Symmetric hash as in the physical sandwich continues to be a requirement.

Look forward to inputs

Thanks

-Venky