EasyManuals Logo
Home>Cisco>Firewall>ASA 5512-X

Cisco ASA 5512-X Cli Configuration Guide

Cisco ASA 5512-X
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #266 background imageLoading...
Page #266 background image
1-2
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring a Cluster of ASAs
Information About ASA Clustering
How the ASA Cluster Manages Connections, page 1-15
ASA Features and Clustering, page 1-17
How the ASA Cluster Fits into Your Network
The cluster consists of multiple ASAs acting as a single unit. (See the “Licensing Requirements for ASA
Clustering” section on page 1-23 for the number of units supported per model). To act as a cluster, the
ASAs need the following infrastructure:
Isolated, high-speed backplane network for intra-cluster communication, known as the cluster
control link. See the “Cluster Control Link” section on page 1-6.
Management access to each ASA for configuration and monitoring. See the “ASA Cluster
Management” section on page 1-10.
When you place the cluster in your network, the upstream and downstream routers need to be able to
load-balance the data coming to and from the cluster using one of the following methods:
Spanned EtherChannel (Recommended)—Interfaces on multiple members of the cluster are
grouped into a single EtherChannel; the EtherChannel performs load balancing between units. See
the “Spanned EtherChannel (Recommended)” section on page 1-12.
Policy-Based Routing (Routed firewall mode only)—The upstream and downstream routers perform
load balancing between units using route maps and ACLs. See the “Policy-Based Routing (Routed
Firewall Mode Only)” section on page 1-14.
Equal-Cost Multi-Path Routing (Routed firewall mode only)—The upstream and downstream
routers perform load balancing between units using equal cost static or dynamic routes. See the
“Equal-Cost Multi-Path Routing (Routed Firewall Mode Only)” section on page 1-15.
Performance Scaling Factor
When you combine multiple units into a cluster, you can expect a performance of approximately:
70% of the combined throughput
60% of maximum connections
50% of connections per second
For example, for throughput, the ASA 5585-X with SSP-40 can handle approximately 10 Gbps of real
world firewall traffic when running alone. For a cluster of 8 units, the maximum combined throughput
will be approximately 70% of 80 Gbps (8 units x 10 Gbps): 56 Gbps.
Cluster Members
ASA Hardware and Software Requirements, page 1-3
Bootstrap Configuration, page 1-3
Master and Slave Unit Roles, page 1-3
Master Unit Election, page 1-3

Table of Contents

Other manuals for Cisco ASA 5512-X

Preview: Quick Start Guide
Quick Start Guide14 pages
Preview: Configuration Guide
Configuration Guide428 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Software Guide
Software Guide37 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5512-X and is the answer not in the manual?

Cisco ASA 5512-X Specifications

General IconGeneral
BrandCisco
ModelASA 5512-X
CategoryFirewall
LanguageEnglish

Related product manuals