I’m running into issues where addresses in the public prefixes we announce upstream were used on point-to-point interfaces between router and firewalls. This is looking to potentially cause issues with adding additional interfaces and withdrawing prefixes when certain interfaces go down.
I slightly remember a general guidance to use a separate prefix for infrastructure (ex. point-to-point router interfaces, point-to-point firewall interfaces) and route the separate prefixes for “user traffic” using static,ospf,ibgp, ebgp over that.
Does that make sense?
What do you guys do?
No comments:
Post a Comment