I've got a question about how propagate routes behind a firewall.
Lets assume the network looks something like this:
____________
| Internet |
| Gateway |
|____________|
/
/
______/__
| Router |
| A |
|_________|
/ \
/ \
/ \
_______/____ _\__________
| Router | | Router |
| A1 | | A2 |
|__________| |____________|
Without a firewall, in the normal course of events we'd run RIP (or
whatever) the routes would automagically appear. The Internet gateway
would have a route to the world which would propagate to the other
routers.
If we insert a firewall, the picture becomes something like this.
____________
| Internet |
| Gateway |
|____________|
|
|
|
_____|______
| |
| Firewall |
|____________|
/
/
______/__
| Router |
| A |
|_________|
/ \
/ \
/ \
_______/____ _\__________
| Router | | Router |
| A1 | | A2 |
|__________| |____________|
Assuming we don't run a routing protocol on the firewall, now what? The
routers no longer "see" the Internet. The only solution I could think
of was to put static routes on each of the routers & the firewall.
So the firewall has a default route to the Internet and static routes to
each of the networks behind every router. Router A1 has a default route
to the Firewall. Routers A1 and A2 have default routes to Router A.
This solution works, but I'm wondering if there isn't a better way.
Thanks,
Chris
--
christopher michael / rms business systems / cm @
rmsbus .
com
Rid me, and deliver me from the hand of strange children, whose mouth
speaketh vanity, and their right hand is a right hand of falsehood: --
Psalms
|
|
