[177920] in North American Network Operators' Group
RE: Dynamic routing on firewalls.
daemon@ATHENA.MIT.EDU (Tony Wicks)
Sun Feb 8 20:35:53 2015
X-Original-To: nanog@nanog.org
From: "Tony Wicks" <tony@wicks.co.nz>
To: "'nanog group'" <nanog@nanog.org>
In-Reply-To: <CAJ=P5aYyhP+Ms+LB8WFHEe3MNWKu05u7DbX9tuu9sXXw=CFKtg@mail.gmail.com>
Date: Mon, 9 Feb 2015 14:35:35 +1300
WTL-MailScanner-From: tony@wicks.co.nz
Errors-To: nanog-bounces@nanog.org
I have some use cases where I have Fortinet firewalls running full =
ospf/ospfv3/bgp and it all pretty much just works without any issues. =
The CLI is a bit cumbersome, but apart from that its fine.
-----Original Message-----
From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Craig
Sent: Monday, 9 February 2015 2:21 p.m.
To: David Jansen
Cc: nanog group
Subject: Re: Dynamic routing on firewalls.
Setup a multi tenant setup between Nexus 7K and Juniper Net screen 5400 =
FW using OSPF.
It went OK and worked. However when under traffic load/ less than.
Desirable results... OSPF peer failure / bounces etc.
However using BGP with Juniper SRX FW has been working great. No issues =
thus far.
On Feb 5, 2015 9:11 AM, "David Jansen" <david@nines.nl> wrote:
> Hi,
>
> We have used dynamic routing on firewall in the old days. We did=20
> experience several severe outages due to this setup (OSPF en Cisco).=20
> As you will understand i=E2=80=99m not eager to go back to this =
solution but I=20
> am curious about your point of views.
>
> Is it advisory to so these days?
>
> Kind regards,
> David
>
>
>
