Across both the global internet and enterprise networks achieving routing symmetry is recognized as a difficult task. When highly secure networks with back-to-back stateful firewalls interconnect, routing symmetry becomes a critical issue. Stateful firewalls require bi-directional protocols such as TCP to return responses such as acknowledgements through the same set of firewalls that the initial forward flow traverses. If a different firewall is used for the return flow, the TCP session will fail due to this firewall blocking the response packet since it does not have state information of the connection initiation.
Currently known methods of solving the problem of stateful firewalls and symmetric routing suffer from several main flaws. For example, if the networks are single-homed and are connected via one set of firewalls, the failure of a single firewall or of the link between the two firewalls will stop all inter-network traffic. Due to the single point of failure, this option cannot be used for high availability secure networks. If the networks are multi-homed but only one network uses firewalls and connection initiation is allowed from only one network, then routing symmetry is only needed in a single direction. Alternatively, networks can be multi-homed and connected via multiple firewalls but have only one set of firewalls used at any given time. In this situation, the other set of firewalls and the link between them are used as backup for a failure of the primary set. However, in this approach there is no load balancing of traffic. IGP metric manipulation may also be used to ensure that routing is symmetric. In this method, every router in each network should have a unique lowest cost path to one of the gateways. This method however, does not work when there is more than one lowest cost path from a router to a gateway. Traffic load balancing from a single router is not achievable due to this constraint. This method also does not work with certain network topologies, for example, where two gateways of one network are connected to a single gateway of another network.
With regard to the network address translation approach for symmetric routing, this approach is commonly used to solve problems associated with public IP address depletion and private address usage with Internet access. However, a side effect of network address translation guarantees symmetric routing in a single direction. The host can reach the Internet via network address translation gateways and return traffic would reach the same host via the same gateway. This is guaranteed by the fact that a unique inside global address block is associated with each network address translation gateway and the source IP address traffic from the host appearing in the Internet will have one or the other of these addresses as their source IP address. Therefore, the return traffic would flow through the appropriate gateway. By locating the stateful firewalls with the network address translation gateways the asymmetry problem is solved in situations where all connections are initiated from within the autonomous network.
However, this approach has several shortcomings. For connections initiated from the Internet or an outside network, symmetric routing is not guaranteed. For networks where firewalls are used back to back, symmetric routing in one direction is not sufficient. Further, for this method to be scalable, dynamic network address translation has to be used—but this causes the domain name service framework to become complex as domain name service (DNS) servers need to be assigned static addresses. Since applications and DNS servers cache DNS entries, the cache timeout periods need to be tuned with the network address translation timeout periods. Therefore, network address translation is not an ideal method for symmetric routing. Given the drawbacks of the present methods, it is therefore desirable to provide a method for efficient bi-directional routing which follows a symmetric path in multi-homed networks.