[177774] in North American Network Operators' Group
Re: Dynamic routing on firewalls.
daemon@ATHENA.MIT.EDU (ML)
Thu Feb 5 09:57:51 2015
X-Original-To: nanog@nanog.org
Date: Thu, 05 Feb 2015 09:53:24 -0500
From: ML <ml@kenweb.org>
To: nanog@nanog.org
In-Reply-To: <CALgc3C6DTzJFwOUtLMfdtS---qzA4bPRYYLrQqktWG8F+dbzzw@mail.gmail.com>
Errors-To: nanog-bounces@nanog.org
On 2/5/2015 9:42 AM, Eugeniu Patrascu wrote:
> On Juniper things tend work OK. Other than this, make sure you don't
> run into asymmetric routing as connections might get dropped because
> the firewall does not know about them or packets arrive out of order
> and the firewall cannot reassemble all of them.
Agreed. Assymmetric routing is not your friend unless you plan
accordingly.
I use OSPF and BGP quite a bit on Juniper SRX. Works great.
