1. Network design question.
I am looking on some thoughts from you all on a network design question.
Lets say I have 3 sites all connected together like a triangle via fiber
(figure Cisco routers). At each site there is also an internet
connection on another Cisco router. I am running BGP to the net at each
site under the same AS. Everything is great because if one internet
connection goes down it routes to the other. Yah BGP!
Now the issue.
I need to bring the 3 site internal, ie 10.1.x.x, 10.2.x.x, 10.3.x.x.
Great. Put in an OpenBSD firewall between the internet and the LAN.
However I now loose my BGP failover for outbound and inbound traffic if
one of the sites goes down. What I mean is this..
(site1): internet---router---firewall---lan---router to site2 and site3
(site2): internet---router---firewall---lan---router to site1 and site3
(site3): internet---router---firewall---lan---router to site1 and site2
Draw it out as a triangle if it helps to see it.
On each site the default gateway is the firewall. If the router goes
down to the internet at that site there is no way to get the traffic to
go back throught the firewall (and NAT) then out to the next site and
out that firewall.
Here is what I have so far.
1. Run iBGP between the external and internal routers through the
OpenBSD firewall. I have NAT issues then with in bound packets. The
biggest issues is how do I tell OpenBSD that the internet router is down
2. Write a script that pings the serial interface on the internet router
from the OpenBSD box. If the ping fails then change the default gw on
the box to the internal ethernet on the OpenBSD box at the next site
(would have to hard code the route to the next site on the OpenBSD box).
My question on this is where does the NAT fall into place. Will the
packet head back off the OpenBSD box to the internal router before it
gets NAT'ed if I change the default route?
2. Running X with ATI Ultra?
3. DNS, firewall/network design question
4. How to see your Log File?
5. Network Design questions
6. statistics for this mailinglist
7. A Network design question...
9. Network application design question
10. hardware design or digital design
11. Chip Design on Linux with the OCEAN IC design system
12. Network application design