From: Roderick B. Greening (rgreening@gt.ca)
Date: Wed Sep 04 2002 - 12:05:57 GMT-3
If you're passing traffic through a firewall, then the assumption is that
you have two seperate automous enities. BGP should probably be used in a
case like that. You can configure BGP with private AS numbers if you are not
connecting the AS to the internet or if you are homing to only one ISP.
-----Original Message-----
From: Charles Huang [mailto:routing@icharles.no-ip.com]
Sent: Tuesday, September 03, 2002 5:44 PM
To: Charles Huang; CCIE
Subject: RE: Passing Routing information across Firewall
Sorry, I forgot to mention no BGP. I prefer to use routing protocols like
EIGRP, OSPF and/or RIP.
Thanks
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Charles Huang
Sent: Tuesday, September 03, 2002 12:19 PM
To: CCIE
Subject: OT: Passing Routing information across Firewall
Hi All,
This may be a bit OT.
does anybody know how to pass routing formation across the firewall ?
tunnel would be an option to pass routing updates ONLY. The "normal" IP
traffic should still passes through the firewall. Assuming the firewall
does not support any routing protocol. Here is a little diagram hope it
might clarify the question.
10.1.1.0/24--R1--192.168.1.0/24--Firewall--192.168.2.0/24--R2--10.2.2.0/24
R2 needs to learn 10.1.1.0/24 from R1
R1 needs to learn 10.2.2.0/24 from R2
tunnel between R1 & R2 is an option. but only to pass route update/hello
only.
all IP traffic must route through the firewall.
Any help would be appreciated
Thanks in advance
Charles
This archive was generated by hypermail 2.1.4 : Mon Oct 07 2002 - 07:43:44 GMT-3