I want to build up a system as follows:
The two CCRs have BGP connections to the uplink provider (2 ports, 1 ASN) and they exchange routes with the PPPoE servers via OSPF. The second uplink port exists for redundancy purpose, not to gain more bandwith. So in normal operation mode the customer traffic should run through the first BGP router. My question is, what can happen if I have asymmetric traffic flow? For example a customer establishes a TCP connection and sends his syn packet through BGP router 1 but the ack package arrives through BGP router 2? Normaly I would setup firewall rules which allow incoming packets only if they are related to a connection which is established from the inside, hence BGP router 2 would drop the ack packet. So, how can I keep reliable connection tracking with more than one possible paths?
Of course I'll try to force the traffic to run through router 1 but I can't force a host in the internet to use the first path as long its available. Although I guess that if I use AS prepend for the second router and both BGP peers have the same partner AS, there should be no reason for a host to use the second path...
Please let me know your opinions!