What is border (edge) router for?

Discussion in 'Cisco' started by Anton Panyushkin, Nov 7, 2004.

  1. I've got rather stupid network desing question.

    Let's consider the following network diagram

    Enterprise Border
    Central --------- Firewall --------- router -------- Internet
    Router

    I saw a lot of IP networks diagram from cisco based on the template
    listed above. They gave good explanation for purpose of access
    routers, central router and firewall, but, according to cisco's
    diagrams, the only reason border router is delpoyed between firewall
    and Internet is that this router provide some kind of WAN (serial)
    Interface for Internet access.
    Therefore U have a series of question abount border router:
    Why do I need border router in this network?
    What kings of work are executed by border router?
    Is it safe to directly connect outside interface of my firewall to
    Internet?
     
    Anton Panyushkin, Nov 7, 2004
    #1
    1. Advertising

  2. Anton Panyushkin

    Layer3guru Guest

    Well for starters you are right this is mainly used to terminate
    connectivity that is not supported on the firewall devices. So things like
    Serial, HSSI etc to terminate ds3's and the like. The other is for things
    like routing like our provider has given us a ethernet connection burstable
    to gigabit but to connect with them you must be using BGP even if you just
    want to get a default route from them. So those 2 things are the most things
    you will run in to.

    "Anton Panyushkin" <> wrote in message
    news:...
    > I've got rather stupid network desing question.
    >
    > Let's consider the following network diagram
    >
    > Enterprise Border
    > Central --------- Firewall --------- router -------- Internet
    > Router
    >
    > I saw a lot of IP networks diagram from cisco based on the template
    > listed above. They gave good explanation for purpose of access
    > routers, central router and firewall, but, according to cisco's
    > diagrams, the only reason border router is delpoyed between firewall
    > and Internet is that this router provide some kind of WAN (serial)
    > Interface for Internet access.
    > Therefore U have a series of question abount border router:
    > Why do I need border router in this network?
    > What kings of work are executed by border router?
    > Is it safe to directly connect outside interface of my firewall to
    > Internet?
     
    Layer3guru, Nov 7, 2004
    #2
    1. Advertising

  3. In article <>,
    (Anton Panyushkin) wrote:

    > I've got rather stupid network desing question.
    >
    > Let's consider the following network diagram
    >
    > Enterprise Border
    > Central --------- Firewall --------- router -------- Internet
    > Router
    >
    > I saw a lot of IP networks diagram from cisco based on the template
    > listed above. They gave good explanation for purpose of access
    > routers, central router and firewall, but, according to cisco's
    > diagrams, the only reason border router is delpoyed between firewall
    > and Internet is that this router provide some kind of WAN (serial)
    > Interface for Internet access.
    > Therefore U have a series of question abount border router:
    > Why do I need border router in this network?
    > What kings of work are executed by border router?
    > Is it safe to directly connect outside interface of my firewall to
    > Internet?


    If your firewall has the right kind of interface, you could do that.
    But most firewalls don't support T1/E1, Frame Relay, ATM, or other
    high-speed WAN connections.

    Having a separate router also allows you to put some servers outside the
    firewall, if necessary.

    Enterprise Border
    Central --------- Firewall ---+----- router -------- Internet
    Router |
    Public |
    Server------|

    This isn't necessarily the best configuration -- if your firewall has
    three or more interfaces, it may be better to put public servers on a
    "service" network connected to the third interface. But some protocols
    may be difficult to operate through a firewall, so they need to be
    outside completely.

    --
    Barry Margolin,
    Arlington, MA
    *** PLEASE post questions in newsgroups, not directly to me ***
     
    Barry Margolin, Nov 7, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Gary
    Replies:
    0
    Views:
    412
  2. Replies:
    0
    Views:
    721
  3. Replies:
    0
    Views:
    536
  4. Giuen
    Replies:
    0
    Views:
    1,250
    Giuen
    Sep 12, 2008
  5. Ian

    Lenovo ThinkPad EDGE 13: Bleeding Edge

    Ian, Feb 28, 2011, in forum: Front Page News
    Replies:
    0
    Views:
    1,212
Loading...

Share This Page