On 2008-02-23, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > I noticed that the two firewalls do not forward there iBGP > learned routes to one another. Is this intended/expected behavior?
Yes, you should probably read up a bit about BGP, and why you need a full mesh of i-BGP speakers. > And I had a "redistribute default" configured in ospfd.conf on the routers, > however I had problems with this setup as well when I unplugged the external > link on the firewall but this could have been due to my pf configuration on > the firewalls. Should I re-investigate this scenario? You mean, just OSPF and no BGP on the firewalls? That's probably worth another look. > Also how how quickly should traffic be rerouted with OSPF if a link dies? Depends on your timers, but <10sec is not unreasonable for OSPF. If you have to wait for BGP timers and session re-establishment that would take longer.
