Home
Support
Product Support
Routers
Cisco SD-WAN
End-User Guides

Routing Configuration Guide, Cisco Catalyst SD-WAN Releases 17.x

View all Saved Content

PDF

Is this helpful?

Helpful Unhelpful

Feedback

Thank you for your feedback. Your response has been recorded.

Ask about this document

Cisco Configuration Guide, Release 4.2

Table of contents

Expand all sections

About this document

Overlay Management Protocol

Feature history for OMP
OMP routing mechanisms for Cisco SD‑WAN overlay networks
OMP route advertisements
OMP paths
OMP route redistribution
OMP graceful restart
OMP vRoute advertisement optimization using system path
Configure OMP

Border Gateway Protocol

Feature history for BGP
BGP for Cisco SD-WAN overlay networks
Configure BGP
Verify BGP redistribute route in OMP
Redistribute BGP routes and AS path information

Open Shortest Path First Routing Protocol

Feature history for OSPF routing protocol
OSPF and OSPFv3 protocol
Configure OSPF
Configure OSPFv3 IPSec authentication

Enhanced Interior Gateway Routing Protocol

EIGRP in Cisco IOS XE Catalyst SD-WAN devices
Configure EIGRP
Verification commands for EIGRP configuration

Routing Information Protocol

Feature history for RIP
RIP in Cisco Catalyst SD-WAN
Configure RIPv2 using the CLI
Verification commands for RIPv2 configuration
Configure RIPng using the CLI
Verification commands for RIPng configuration

Multicast Overlay Routing

Feature history for multicast overlay
Multicast overlay routing for Cisco IOS XE Catalyst SD-WAN
Configure multicast overlay routing
How traffic flows in multicast overlay routing
Verify multicast routing on hub-and-spoke

Radio Aware Routing

Feature history for RAR
RAR for Cisco IOS XE Catalyst SD-WAN devices
Configure RAR

Route Leaking between VPNs

Feature history for route leaking between VPNs
Supported protocols
Restrictions for route leaking and redistribution
Route leaking
Configure route leaking
Verify route-leaking configurations between service VPNs using the CLI
Verify VRRP tracking
Route redistribution
Configure route redistribution between global VRF and service VPNs using the CLI
Verify route redistribution

Bi-directional Forwarding Detection Protocol

Feature history for BFD protocol
BFD protocol for Cisco SD-WAN
Static route support for BFD sessions in transport VPN
Configure BFD using a configuration group
Configure BFD for routing protocols
Automatically suspending BFD sessions
Monitor and verify BFD configuration
Troubleshoot common BFD errors

Cisco Cisco SD-WAN Controller Route Filtering by TLOC Color

Feature history for route filtering by TLOC color
Route filtering mechanism by TLOC color
Configure Cisco SD-WAN Controller route filtering by TLOC color using a CLI template
Monitor Cisco SD-WAN Controller route filtering by TLOC color

Rendezvous Point Selection Process by a PIM BSR

Feature history for RP selection process by a PIM BSR
RP selection process by a PIM BSR
Configure a PIM BSR
Verify VRRP-Aware PIM Using the CLI

Multicast Source Discovery Protocol

Feature history for MSDP
MSDP Routing Protocol Support
Configure MSDP to interconnect Cisco SD-WAN and Non-SD-WAN using a CLI Template
Verify MSDP configuration to interconnect Cisco SD-WAN and Non-SD-WAN
Monitor MSDP configuration to interconnect Cisco SD-WAN and Non-SD-WAN
Troubleshooting for MSDP

Transport Gateway

Feature history for transport gateway
Transport gateways for connecting networks in Cisco SD‑WAN
Configure a router as a transport gateway
Configure the transport gateway path preference
Configure the site type for a router
Verify the site type of a router using the CLI
Verify a transport gateway configuration using the CLI

Symmetric Routing

Feature history for symmetric routing
Symmetric routing mechanisms for Cisco SD-WAN
Translating OMP metrics for devices outside of the overlay network
Symmetric routing scenarios
Configure symmetric routing
Verify symmetric routing
Monitor RIB metric translation

Hub-and-Spoke

Feature history for Hub-and-Spoke
Hub-and-Spoke configuration
Hub-and-Spoke connectivity example
Hub-and-Spoke use cases
Configure a Hub-and-Spoke topology
Hub-and-Spoke configuration verification

Symmetric routing mechanisms for Cisco SD-WAN

Updated: February 6, 2026

On this page

Overview

TLOC behavior when moving away from symmetric NAT
Assumption about router operation
Benefits of symmetric routing configuration
Restrictions for symmetric routing

Overview

Explains symmetric routing and its importance for bidirectional services like NAT and Firewalls.

A symmetric routing is a traffic flow property that

uses the same path for traffic in both directions
maintains a consistent return path between endpoints, and
supports features that require bidirectional path symmetry.

Some networking functionality requires symmetric routing to operate correctly, including Cisco NBAR2, Cisco Zone-Based Firewall (ZBF), Cisco Unified Threat Defense (UTD), Cisco Application Quality of Experience (AppQoE), and network address translation (NAT).

Within a Cisco Catalyst SD-WAN network, you can use affinity groups, affinity group preference, control policy, and other mechanisms to configure the network so that the preferred route between two endpoints remains consistent for traffic in both directions. This configuration ensures symmetric routing for traffic flows between those endpoints. In some scenarios, you can also ensure symmetric routing for traffic flows that extend to a device outside the Cisco Catalyst SD-WAN overlay network.

TLOC behavior when moving away from symmetric NAT

When a TLOC starts behind symmetric NAT and then moves to any other NAT type such as full cone, port-restricted cone, or restricted cone, the TLOC does not update its public IP or port. The learned NAT type of the TLOC also does not update. As a result, some or all BFD sessions for this TLOC go down. To recover from this state, you can run clear sdwan control connections from the edge router.

Assumption about router operation

All of this applies only when routers stay operational during a traffic flow. If a router in the path becomes inoperable, traffic must take a new route. This change can cause temporary asymmetric routing.

Benefits of symmetric routing configuration

Before Cisco IOS XE Catalyst SD-WAN Release 17.12.1a configuring symmetric routing required complex and error-prone control policies in the overlay network. These policies set up hop-by-hop routing in both directions.

In service-side routing, it required complex route-maps to maintain path symmetry in both directions.

From Cisco IOS XE Catalyst SD-WAN Release 17.12.1a onward, you can use affinity groups, affinity group preferences, and OMP metric redistribution to achieve symmetric routing. The following sections describe the details and supported scenarios.

Restrictions for symmetric routing

You cannot use both the redistribute omp translate-rib-metric command and the redistribute omp metric command together on the same device.

The translate-rib-metric option generates BGP attributes and OSPF metrics from OMP metrics, whereas the metric option configures the metrics explicitly. For information, see Translating OMP Metrics for Devices Outside of the Overlay Network.

Need help?

Open a support case

(Requires a Cisco Service Contract)

Bias-free language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.