Through both tunnels the network 172.28.0.0./24 is reached.
We currently have two routes, a floating route, i.e. the main route with a path monitoring, and the other route, which in case of a failure condition, takes the route out of the FIB and enters the route with the next metric. This operates correctly, without problems.
Now the next question:
1.- If I wanted to use the two tunnels simultaneously, i.e. example could be that some networks go through a tunnel and other networks go through the other secondary tunnel or that all go against a tunnel and against another, type round robin. I understand for this I should use, from the AP side, active ECMP, with the routes of the tunnel interfaces with the same metric. I understand that for my side to adjust and use ECMP, but what happens from the other end, if it is a Palo Alto or any other vendor, the other end should also have something like ECMP so that also the other end can return and/or send the traffic through both tunnels, right?
2.- Now thinking in an environment without being able to use ECMP, without being able to use, this would work ? What example if I start the communication and send traffic through the secondary, but the return of traffic from the other peer, goes through the main tunnel, Palo Alto supports that, that is to say that the traffic is sent through a tunnel interface and returns through the other one? I understand that on my side I must allow asymmetric traffic, that from my side, but the other peer should also allow and / or support asymmetric traffic, because otherwise this would not work, but this would operate correctly looking to use both in parallel ?
Thanks for your time, for your comments, for your time, for your good vibes and for your collaboration.