From: Andre Teku (andre.teku@xxxxxxxxx)
Date: Wed Aug 21 2002 - 10:53:12 GMT-3
Border is just what it is. Run EBGP on your last hop router and your
upstream will have your Serial interface as Next-hop to your domain. Your
DMZ is still within your AS isn't it?
Andre
-----Original Message-----
From: Ademola Osindero [mailto:osindero@lagos.sns.slb.com]
Sent: Wednesday, August 21, 2002 9:16 AM
To: ccielab@groupstudy.com
Subject: BGP and DMZ
Group,
I had like to know how best to deal with my DMZ - demilitarized zone. There
are 2 choices for doing this but would like to know the best and easiest
practice during the lab exam.
If I redistribute the network into my IGP, my routers will hav a route to
it but the external AS may not know about my own interior networks. I'm not
sure but guess this boils down to the fact that I still can't reach the BGP
next hop. Can anyone shed more light on this and how it holds in the lab.
Using neighbor next-hop-self command can be quite easier at least my IGP
should have this route shared among the routers. I wouldn't know if there
are any other issues with regards to this as well.
Regards,
Osindero Ademola
Schlumberger Network Solutions
Tel: 234 1 261 0446 Ext 5427
Fax 234 1 262 1034
email:osindero@lagos.sns.slb.com
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:48:31 GMT-3