nerdexam
Exams300-320Questions#340
Cisco

300-320 · Question #340

300-320 Question #340: Real Exam Question with Answer & Explanation

The correct answer is D: ASR groups. In ASA active/active failover, both units are simultaneously active for different failover groups/contexts. A problem arises with asymmetric routing - traffic may enter one ASA unit but return through the other. Without a mechanism to share connection state, the returning unit wo

Question

ASA firewall cause outraged....maintaining QOS in architecture ......(or)Cisco ASA in active / active mode, how to pass almost like stateful info across to the other member?

Options

  • AECMP
  • BBFD
  • CIP SLA
  • DASR groups

Explanation

In ASA active/active failover, both units are simultaneously active for different failover groups/contexts. A problem arises with asymmetric routing - traffic may enter one ASA unit but return through the other. Without a mechanism to share connection state, the returning unit would have no knowledge of the session and would drop the packets. ASR (Asymmetric routing) groups solve this: interfaces on both units are assigned to the same ASR group, and when a packet arrives that belongs to a connection owned by the peer unit, the receiving unit forwards that packet over the stateful link to the owning unit for proper processing. This allows stateful session information to be effectively shared between active/active members even when traffic flows asymmetrically.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-320 Practice