BGP through a firewall

From: Jefferson, Dave (djefferson@jhancock.com)
Date: Fri May 09 2003 - 10:20:00 GMT-3

• Next message: MADMAN: "Re: 6500 Flexwan modules & Msfc"
• Previous message: OhioHondo: "RE: bgp redistribution to ospf problem !"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I am testing a BGP scenario in my test lab that simulates arrowpoint
switches use of keepalives to accomplish primary path and failover through a
pair of redundant firewalls. I have two routers on the inside and two
outside with a pair of firewalls that route traffic straight through from
inside to outside interface and vice-versa. The inside runs one bgp as and
the outside another. Neighbor statements through the firewalls on both side
with local preference. If the primary path firewall fails to pass keepalives
the neighbor will show down and shift routes over to the failover path. It
works in my lab.

          Anyone do this for real in a production environment ? What are the
BGP timers used? What are known gotchas ?

Thanks.

• Next message: MADMAN: "Re: 6500 Flexwan modules & Msfc"
• Previous message: OhioHondo: "RE: bgp redistribution to ospf problem !"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:39 GMT-3