By this case, these two servers are the different nets. A good subnetting
scheme could avoid policy routing.
_ming
On Wed, 23 Dec 1998, William Tarkington stated:
> Policy based routing does indeed have to do with network or host security.
> With a cisco I can route everything based on poicy to the firewall. That is
> to say if I have two servers on the same local router (2 ethernets) I can
> policy route them to the firewall instead of letting it cross the router
> uninhibited.
>
> At 10:19 AM 12/23/98 -0500, Ming Lu wrote:
> >On Wed, 23 Dec 1998, William Tarkington stated:
> >
> >> Now I've watched this descussion bounce around on various lists and I just
> >> thought I would throw in my two cents worth.
> >>
> >> 1) One firewall is a single point of falure so lets assume we have two.
> >
> >than your routing structure will be complicated and costy.
> >
> >> 2) Now that we have two we can't do a default routae
> >
> > Not true, one is active and another one tsand by.
> >
> >> 3) Enter GateD
> >> 4) OSPF (or some other modern routing protocal)
> >
> >GateD supports all of open standard routing protocols, OSPF is one of
> >them.
> >
> >> 5) Problem solved.
> >> Now with translation outbound and inbound everyone can talk to each other.
> >>
> >> If you seriously want to get down to business you can of course use Cisco's
> >> and do policy based routing.
> >
> >Policy routing gatta nothing to do with network or host security.
> >
> >> Hurm I hope that answered a question perhaps I am just ranting.
> >>
> >> Thanks,
> >> Will
> >>
> >>
> >============================================================================
> >Ming Lu Email: [EMAIL PROTECTED]
> >Sr. Network Engineer Phone: 703-689-5290 (w)
> >IP Engineering 703-855-4194 (m)
> >Global One Telecommunications, LLT. 703-689-6575 (f)
> >===========================================================================
> =
> >"Do not pay attention to every word people say, or you may hear your
> > servant cursing you ---- for you know in your heart that many times you
> > yourself have cursed others."
> >
> >
> >
> William Tarkington
> Daimler Chrysler
> 810-758-9563
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
============================================================================
Ming Lu Email: [EMAIL PROTECTED]
Sr. Network Engineer Phone: 703-689-5290 (w)
IP Engineering 703-855-4194 (m)
Global One Telecommunications, LLT. 703-689-6575 (f)
============================================================================
"Do not pay attention to every word people say, or you may hear your
servant cursing you ---- for you know in your heart that many times you
yourself have cursed others."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
