Equal Cost Multiple Path (ECMP) processing is a networking feature that enables the firewall to use up to four equal-cost routes to the same destination. Without this feature, if there are multiple equal-cost routes to the same destination, the virtual router chooses one of those routes from the routing table and adds it to its forwarding table; it will not use any of the other routes unless there is an outage in the chosen route.
Enabling ECMP functionality on a virtual router allows the firewall to have up to four equal-cost paths to a destination in its forwarding table, allowing the firewall to:
  • Load balance flows (sessions) to the same destination over multiple equal-cost links.
  • Efficiently use all available bandwidth on links to the same destination rather than leave some links unused.
  • Dynamically shift traffic to another ECMP member to the same destination if a link fails, rather than having to wait for the routing protocol or RIB table to elect an alternative path/route. This can help reduce downtime when links fail.
For information about ECMP path selection when an HA peer fails, see ECMP in Active/Active HA Mode.
The following sections describe ECMP and how to configure it.

