8 | Juniper Networks, Inc.
Router Mode
Advantages
Disadvantages
• Can reliably respond to and prevent
attacks
• Can connect IP networks with different
address spaces
• Affects layer-3 IP networks (routing
tables)
• Cannot use NS-IDP-BYP for fail-open
protection
ID P
F ir e w a ll
H u b o r
S w itc h
E th 0
1 9 2 .1 6 8 .0 .1 (F o rw a rd in g In te rfa c e )
D e fa u lt G W
1 9 2 .1 6 8 .0 .2
E th 1
1 .1 .1 .1
(F o rw a rd in g In te rfa c e )
P ro te c te d N e tw o rk
E th 2
2 .2 .2 .7 (M a n a g e m e n t In te rfa c e )
M a n a g e m e n t N e tw o rk
H u b o r S w itc h
2 .2 .2 .1
1 9 2 .1 6 8 .0 .2
c ro s s o v e r
c a b le
s tra ig h t-th ro u g h
c a b le
S e r v e r 1
IP
1 .1 .1 .2
G W
1 .1 .1 .1
S e rv e r3
IP
1 .1 .1 .4
G W
1 .1 .1 .1
S e r v e r 2
IP
1 .1 .1 .3
G W
1 .1 .1 .1
C lie n t1
IP
2 .2 .2 .2
C lie n t2
IP
2 .2 .2 .3
C lie n t3
IP
2 .2 .2 .5
C lie n t4
U I in s ta lle d
IP
2 .2 .2 .6
M a n a g e m e n t
S e rv e r
IP
2 .2 .2 .4