From: Craig Dorry (chdorry@yahoo.com)
Date: Tue Sep 03 2002 - 13:51:54 GMT-3
Charles - One option would be to do eBGP multihop
through the firewall. Then you would put a static
route on each router pointing at the firewall to get
to the neighbor peer IP address. This would allow you
to get the routes dynamically, but allow traffic to
pass through the firewall without encapsulating it in
GRE or some other header.
--- Charles Huang <routing@icharles.no-ip.com> wrote:
> Hi All,
>
> This may be a bit OT.
>
> does anybody know how to pass routing formation
> across the firewall ?
> tunnel would be an option to pass routing updates
> ONLY. The "normal" IP
> traffic should still passes through the firewall.
> Assuming the firewall
> does not support any routing protocol. Here is a
> little diagram hope it
> might clarify the question.
>
>
10.1.1.0/24--R1--192.168.1.0/24--Firewall--192.168.2.0/24--R2--10.2.2.0/24
>
> R2 needs to learn 10.1.1.0/24 from R1
> R1 needs to learn 10.2.2.0/24 from R2
> tunnel between R1 & R2 is an option. but only to
> pass route update/hello
> only.
> all IP traffic must route through the firewall.
>
>
> Any help would be appreciated
> Thanks in advance
> Charles
>
This archive was generated by hypermail 2.1.4 : Mon Oct 07 2002 - 07:43:42 GMT-3