I have some use cases where I have Fortinet firewalls running full ospf/ospfv3/bgp and it all pretty much just works without any issues. The CLI is a bit cumbersome, but apart from that its fine. -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Craig Sent: Monday, 9 February 2015 2:21 p.m. To: David Jansen Cc: nanog group Subject: Re: Dynamic routing on firewalls. Setup a multi tenant setup between Nexus 7K and Juniper Net screen 5400 FW using OSPF. It went OK and worked. However when under traffic load/ less than. Desirable results... OSPF peer failure / bounces etc. However using BGP with Juniper SRX FW has been working great. No issues thus far. On Feb 5, 2015 9:11 AM, "David Jansen" <david@nines.nl> wrote:
Hi,
We have used dynamic routing on firewall in the old days. We did experience several severe outages due to this setup (OSPF en Cisco). As you will understand i’m not eager to go back to this solution but I am curious about your point of views.
Is it advisory to so these days?
Kind regards, David