hey guys,
I am curious to know if any of you have had issues with your ASAs in routed mode when it comes to neighbor adjaceny flapping. Let me explain in detail.
We redistribute all of our internal MPLS routes to the core, which ultimately connects to our ASAs. Well.. the carrier had a huge BGP flop, which in turn caused all of our EX EIGRP routes to flap... which seemed to cause the ASA neighbor adjacencies to bounce.
2015 Feb 2 13:36:58 NDC_N7K-NDC_Core %EIGRP-5-NBRCHANGE_DUAL: eigrp-100 [22090] (default-base) IP-EIGRP(0) 100: Neighbor 10.0.0.11 (Vlan908) is down: s
tuck in active
2015 Feb 2 13:37:02 NDC_N7K-NDC_Core %EIGRP-5-NBRCHANGE_DUAL: eigrp-100 [22090] (default-base) IP-EIGRP(0) 100: Neighbor 10.0.0.11 (Vlan908) is up: new
adjacency
any insight would be phenominal.
We use static routes on all our ASAs because we don't trust them to do firewall stuff *and* route.
Are static routes an option for you?
Which code are are running on the ASA? Early EIGRP implementations were a bit lacking.