North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BGP question... (SOT)

  • From: Gerardo A. Gregory
  • Date: Fri Jul 26 11:34:45 2002

And we are off......

>OK trying to get a BGP session up between a pair of CISCO routers and a
>NOKIA running Checkpoint.

WOW! Nokia Checkpoint runs routing protocols (other than RIP or static
routes????)
more impressive is this appliance running BGP.

On a serious note...I imagine the Nokia is in front of one of the
Cisco's....(my assumption since the poster is as vague as a capitol hill
politician)

If this is the case, then take the stinking firewall and place it behind the
router, let the routers do their Peering, and even place some Bogon-lists on
the router, and some basic bogon filtering for your ingress traffic.  (take
as much illegitimate traffic of the firewall).

But hey, does this belong in the NANOG anyway.......?

my 2 cashings!!!


----- Original Message -----
From: "Manolo Hernandez" <[email protected]>
To: "Rich Sena" <[email protected]>
Cc: "Martin Hannigan" <[email protected]>; "NANOG" <[email protected]>
Sent: Friday, July 26, 2002 8:53 AM
Subject: Re: BGP question... (SOT)


>
> This has got to be the strangest setup of BGP I have seen yet. A
> firewall running an inherently insecure protocol all I can say is have
> fun.
>
> On Fri, 2002-07-26 at 09:31, Rich Sena wrote:
> >
> > Noice...
> >
> > There has got to be some sort of health code against you and I at the
same
> > bug pulling off the same tap - the laws of gravity etc...
> >
> > On Jul 26, 2002 Martin Hannigan spake:
> >
> > >
> > >
> > >
> > > On Thu, 25 Jul 2002, Rich Sena wrote:
> > >
> > > >
> > > > OK trying to get a BGP session up between a pair of CISCO routers
and a
> > > > NOKIA running Checkpoint.  Coming across an issue I had with GateD
where
> > > > the NOKIA is choking on a version indentifier sent by the CISCO and
> > > > reporting back a BGP-3 authentification failure for the OPEN message
(it's
> > > > interpreting the version ID as a authentification attempt...
> > > >
> > > > Any ideas?
> > > >
> > > > Please respond off list...
> > >
> > >
> > > Yeah, ok Sena.
> > >
> > > Uh, how about calling me back about beers you slacker ass?
> > >
> > >
> > >
> >
> > --
> > Rich Sena - [email protected]
> > ThickNET Consulting
> > "On the way to understanding; you understand, and forget."
> >
> >
> >
>
>