Guest

Preview Tool

Cisco Bug: CSCvv15123 - ENH: Add support for full distribution of SCTP multi-homed connections through the cluster

Last Modified

Aug 07, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.12(3) 9.12(4) 9.14(1) 9.8(4)

Description (partial)

Symptom:
ASA or FTD cluster supports semi-distributed SCTP multi-homed connections. That is an SCTP association can be created on any unit, however, its multi-homing connections must reside on the same unit, resulting in a 'centralized' behavior. In certain environments, especially inter-site deployments, if the primary and the secondary connections of the same association are established through different cluster units and if the primary connection becomes affected due to network issues in the upstream or the downstream segments in a way that that cluster cannot detect and react to them (for example, if the default gateway becomes unreachable, or there are indirect failures in the transmission path, etc), entire SCTP association will be affected even if the secondary connections are intact. The reason is that all the packets through the secondary connections will be forwarded to the owner of the primary connection.

This is an enhancement request to add support for the full distribution of  SCTP multi-homed connections through the cluster.

Conditions:
All of the following conditions must match:

- ASA or FTD  running in a clustered deployment.
- Multi-homed SCTP associations through the cluster.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.