Configuring ECMP on Cisco FMC

Overview

According to the best practices when you are designing a network, you should always think about having redundancy to avoid any Single Point of Failure, and one of the important parts is the Internet connectivity links. Nowadays most network designs are trying to use at a least tow Internet links at the network edge to implement highly available Internet access for users (it is not talking about the publishing a service on the internet). However, using both links simultaneously has always being an implementation challenge. To achieve this, some implementation is using Policy Based Routing (PBR), but it is also possible to use Equal-Cost Multi-Path (ECMP) routing. 

Earlier for configuring traffic Load balancing on Cisco Firepower Management Center you had to use a mix of PBRs and FlexConfig rules, however Cisco has recently added a feature to the Firepower Management Center UI for configuring ECMP.

In this article I am going to show you how to implement ECMP on Cisco Firepower Management Center.   

Requirements

• ECMP is supported on Routed FTD only. 
• You should have at least FMC and FTD 6.5 version.
• If you have Virtual Router in your implantation, to add ECMP configuration you should upgrade your FMC and FTD to version 6.6 and later. 

Note:

• On Cisco FMC and FTD version 7.0 and earlier, you should use FlexConfig for configuring ECMP, however since Cisco FMC and FTD 7.1 and later you must configure it in UI. 
• When you upgrade to FMC 7.1, the existing FlexConfig for ECMP is not deployed to the device. Hence, for a successful deployment, you must manually migrate the FlexConfig traffic zones to ECMP in the UI
• Only routed interfaces which have the logical name can be participated in an ECMP group. 
• Each ECMP group supports maximum 8 interfaces.  
• According to Cisco FMC administration guid, With the ECMP configured, the network traffic is seamlessly balanced.

Configuration

To configuring ECMP on Cisco FMC follow the below direction:

Device -> Device Management -> Select the desirable FTD Device / FTD HA

Click on Routing tab -> select ECMP from the left panel -> click on Add button

You need to provide a proper name and choose desirable interface.

from the left panel -> click on Static Route -> Add Route

As You know the feature name is Equal-Cost Multi-Path and you must use same metric for the routes. In addition configuring a “Track” can be efficient and handy during a down time.