Why not just push default into your OSPF network from a router(s) with a direct link to your firewall. Then your firewall simply points default to the BGP speaking router (or uses vrrp or some igp for resilient routing in the case of multiple routers)
Running BGP through your firewall, or redistributing from BGP to OSPF or vice versa don't sound like great ideas to me. I am likewise somewhat confused by the question however :-) You might be better off presenting the topology and asking for routing protocol recommendations. Pete At 06:29 PM 1/25/2003 +0000, Steve Ringley wrote: >That is why I am asking the question - it is unclear! Let me try it this >way: > >If we take the textbook Internet setup, we would have an > >outside router - BGP >firewall >inside router - OSPF ASBR to BGP >core router - OSPF backbone > >On the inside router, would I create an ASBR with area 0 defines on the >inside to core connection > >or > >Would I create an new OSPF area to define the connection between the inside >router and the core router? > > >There are several of these types of connections in the larger network, and >there is an expectation that if one of these goes down the OSPF and BGP will >figure it out and shift traffic to the working connections. > >""Priscilla Oppenheimer"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >I'm afraid your question isn't clear. > >By definition, an ASBR connects two unlike networks, one that is running >OSPF and one that isn't. So, the ASBR will connect to the Internet in your >example. > >Steve Ringley wrote: > > > > I have an OSPF network, and I have my Internet connections. Do > > I: > > > > ASBR where traffic goes from area 0 to the Internet > >Is that where your Internet connection is? In area 0? Often, it is, and >that's where your ASBR will be. > > > > > or > > > > ASBR where traffic goes to an area x then to the Internet? > >Goes from where to an Area x and then to the Internet?? This is where your >question gets unclear. But if you are considering putting an ASBR between >Area x and Area 0, then that doesn't make sense. It's not an ASBR because >it's connecting two OSPF networks. If your Internet connection is in Area X, >you will have an ASBR that connects the OSPF world to the Internet, sitting >on the edge of Area X. > >Are you asking if the ASBR should be in Area 0? I think the answer is yes, >if it can, but sometimes that's simply not possible on large internetworks >with multiple egress points. > >If I completely missed what you're getting at, sorry! > >Priscilla > > > > > > This was never clear to me from my reading. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61862&t=61823 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
