RE: OSPF on Firewall

["Carroll, Shawn" <SCarroll () chittenden com>]

> That depends on the firewall.  If you implement a bridging 
> firewall, then there should be no reason the routers need to 
> know that anything has changed.

OpenBSD on a Pentium-100 is something I've done myself.  Two nics, no IP addresses necessary on either interface.  
BRIDGES the packets from one machine to the next, so therefore is not another hop, and is transparent, except for 
picking off the packets you don't like, based on TCP/IP addresses/ports or other criteria you define.  Think 
"packet-filtering bridge", FAQs on the web.

> If inserting the firewall changes the path, then the obvious 
> solution is to have the firewall use OSPF also (assuming it's 
> supported).  I don't want to say "no other way," but it does 
> make sense.
>
> PaulM
>
> -----Original Message-----
> Lets say that I have two routers (on an internal network) 
> that talk OSPF
> between them.
>
> Now I have to insert a firewall in-between the two routers.
>
> I am led to believe (by the Communications people I work 
> with) that there is
> no other option but to install OSPF on the firewall, which 
> doesn't make me
> feel easy about the solution.
>
> Is it true that there is no other way around this problem?
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards