From: nem chua (nemthuduc@gmail.com)
Date: Tue Mar 27 2007 - 15:40:11 ART
Hi, thank you all for your reply. You're absolutely right about IBGP
neighbor does not have to be directly connected. Assuming OSPF is the
protocol using a neighbor statement and ospf nonbroadcast network will allow
OSPF to send unicast messages to the neighbor one hop away and establish
adjacency across the layer 3 firewall? That would be perfect.
On 3/27/07, maureen schaar <maureen.schaar@gmail.com> wrote:
>
> With ibgp there is no need for multihop. You can already peer with
> ibgp on for example the loopbacks without any special config (besides
> setting the update-source). Just needs an underlying igp route!
>
> For the other protocols, if not using a tunnel, you would have to find
> a way to establish an adjacency without broadcasting/multicasting. So
> that would mean:
>
> RIP: passive-interface default + neighbor x.x.x.x
> OSPF: ip ospf network-type nonbroadcast + neighbor x.x.x.x
> EIGRP: neighbor x.x.x.x <outgoing intf>
>
> Maureen
>
> On 3/27/07, nem chua <nemthuduc@gmail.com> wrote:
> > Hi all, I have a unique scenario where we need to establish a dynamic
> > routing protocol over layer 3 firewalls. With EBGP we can do multihop
> to
> > skip the firewall, but with other protocols such os ospf, eigrp, rip, is
> > there any option to establish a neighbor without using GRE to tunnel
> over
> > the firewall? Assume in all cases the firewall cannot participate in
> any
> > routing protocol.
> >
> > Is there a way to do multihop with ibgp? Is there a hop count limit to
> > multihop?
> >
> > THanks much.
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Apr 01 2007 - 06:35:53 ART