BGP and Firewalls...

Christopher Morrow morrowc.lists at gmail.com
Wed Dec 7 20:43:44 UTC 2011


On Wed, Dec 7, 2011 at 1:04 PM, Gregory Croft <gcroft at shoremortgage.com> wrote:
> I'm not having problems... Well, not yet anyways.  :)
>
> Just investigating to see if there is a reason I shouldn't use a
> firewall at the edge versus a dedicated router as well as to see if
> anyone can share their specific experience with the PAN devices.

do you have power or space concerns?
do you want to have a single point of failure?
do you want to have some limitations in what your devices can effectively do?

you probably want to be able to fail the firewall and maintain some
level of access to the site (the router), you may want to fail the
router but still maintain local network services from the router
south.

don't put all your eggs in one basket, unless you only have 1 U of
space and 1 power plug.




More information about the NANOG mailing list