Dynamic routing on firewalls.

Tony Wicks tony at wicks.co.nz
Mon Feb 9 01:35:35 UTC 2015


I have some use cases where I have Fortinet firewalls running full ospf/ospfv3/bgp and it all pretty much just works without any issues. The CLI is a bit cumbersome, but apart from that its fine.

-----Original Message-----
From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Craig
Sent: Monday, 9 February 2015 2:21 p.m.
To: David Jansen
Cc: nanog group
Subject: Re: Dynamic routing on firewalls.

Setup a multi tenant setup between Nexus 7K and Juniper Net screen 5400 FW using OSPF.
It went OK and worked. However when under traffic load/ less than.
Desirable results... OSPF peer failure / bounces etc.

However using BGP with Juniper SRX FW has been working great. No issues thus far.
 On Feb 5, 2015 9:11 AM, "David Jansen" <david at nines.nl> wrote:

> Hi,
>
> We have used dynamic routing on firewall in the old days. We did 
> experience several severe outages due to this setup (OSPF en Cisco). 
> As you will understand i’m not eager to go back to this solution but I 
> am curious about your point of views.
>
> Is it advisory to so these days?
>
> Kind regards,
> David
>
>
>




More information about the NANOG mailing list