Cisco ASA Series Cli Configuration Manual page 607

Chapter 1 Routing Overview
The same problem may happen when there are no route flaps on the ASA itself, but some routing process
is flapping around it, sending source-translated packets that belong to the same flow through the ASA
using different interfaces. Destination-translated return packets may be forwarded back using the wrong
egress interface.
This issue has a high probability in some security traffic configurations, where virtually any traffic may
be either source-translated or destination-translated, depending on the direction of the initial packet in
the flow. When this issue occurs after a route flap, it can be resolved manually by using the clear xlate
command, or automatically resolved by an XLATE timeout. The XLATE timeout may be decreased if
necessary. To ensure that this issue rarely occurs, make sure that there are no route flaps on the ASA and
around it. That is, ensure that destination-translated packets that belong to the same flow are always
forwarded the same way through the ASA.
Supported Internet Protocols for Routing
The ASA supports several Internet protocols for routing. Each protocol is briefly described in this
section.
•
•
•
Information About the Routing Table
This section includes the following topics:
•
•
•
•
•
Enhanced Interior Gateway Routing Protocol (EIGRP)
EIGRP is a Cisco proprietary protocol that provides compatibility and seamless interoperation with
IGRP routers. An automatic-redistribution mechanism allows IGRP routes to be imported into
Enhanced IGRP, and vice versa, so it is possible to add Enhanced IGRP gradually into an existing
IGRP network.
For more information about configuring EIGRP, see the
Open Shortest Path First (OSPF)
OSPF is a routing protocol developed for Internet Protocol (IP) networks by the interior gateway
protocol (IGP) working group of the Internet Engineering Task Force (IETF). OSPF uses a link-state
algorithm to build and calculate the shortest path to all known destinations. Each router in an OSPF
area includes an identical link-state database, which is a list of each of the router usable interfaces
and reachable neighbors.
For more information about configuring OSPF, see the
Routing Information Protocol (RIP)
RIP is a distance-vector protocol that uses hop count as its metric. RIP is widely used for routing
traffic in the global Internet and is an interior gateway protocol (IGP), which means that it performs
routing within a single autonomous system.
For more information about configuring RIP, see the
Displaying the Routing Table, page 1-6
How the Routing Table Is Populated, page 1-6
How Forwarding Decisions Are Made, page 1-8
Dynamic Routing and Failover, page 1-9
Dynamic Routing and Clustering, page 1-9
Supported Internet Protocols for Routing
"Configuring EIGRP" section on page
"Configuring OSPFv2" section on page
"Configuring RIP" section on page
Cisco ASA Series CLI Configuration Guide
1-3.
1-5.
1-4.
1-5