inge, first of all....the first rule of bgp design is to not use it if static will work.
are you part of a larger AS??? does it route the same way you do? dont use bgp if this true. path component studies with bgp will resemble the paths your traffiv will take if your transit does like the AS above same routing is predictable, thus entry point traffic density can be handled with knowledge of required horsepower. on the othe hand if you need multi-exit discrimination, then the integrity of the firewalls is now in question... think.... you changed this from a netsec to routing.. restate the premise... now ya wanna rip/ospf,eigrp thru the firewalls!!!!!! go back to the lab and think about what you want to accomplish.. piranha. >From: [EMAIL PROTECTED] >To: [EMAIL PROTECTED] >Subject: bgp through a firewall >Date: Fri, 1 Feb 2002 17:34:28 +0100 > >Hi all, > >We are designing a redundant connection to an external network via >different >locations. Both connections are protected with a firewall (PIX). > >It seems that the only way to make this setup work is to talk a routing >protocol (BGP) between our internal and our external router through the >firewall. > >Is this a safe solution, what are the issues when talking BGP through the >firewall, are there other options to achieve reduncancy? > >Any suggestions would be greatly appreciated! > >Regards, > >Inge Dortu > > >_______________________________________________ >Firewalls mailing list >[EMAIL PROTECTED] >http://lists.gnac.net/mailman/listinfo/firewalls _________________________________________________________________ Join the world�s largest e-mail service with MSN Hotmail. http://www.hotmail.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
