The MPLS-OPS Archive[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index][Thread Index][Author Index][Subject Index] Re: Which FW for MPLS VPN?
paranoia@phreaker.net wrote: > On Sat, Jan 29, 2005 at 10:09:05PM +0100, Garry Glendown wrote: > >>As Cisco doesn't seem to have a suitable firewall IOS for their PIX any >>time soon, and the Lucent Brick we picked up doesn't seem to be anywhere >>close to usable, what Firewall are you folks using to connect multiple >>MPLS VPNs to the Internet? > > > I use Linux with a *very* customized iptables script. Redundancy > is taken care of by having dual boxes; all that is needed for > one box to take the primary place is execution of the iptables > script. I would *love* to use Linux - I know Linux VLAN support is working fine, but from what I read, the Linux VRF project seems not very active (at best) and lacking very many functions - how do you handle overlapping IP ranges of different customers? I.e., 192.168.2/24 routed on two VLANs for two different customers? > on an MPLS-enabled Linux box, to save me the VLAN link between > fw and router. I think it would feel cleaner. A little. That trunk port I can live with ... ;) though direct integration in the multiple VRFs would be nice ... Tnx, -garry ------- The MPLS-OPS Mailing List Subscribe/Unsubscribe: http://www.mplsrc.com/mplsops.shtml Archive: http://www.mplsrc.com/mpls-ops_archive.shtml
|
|