We have a newer customer who has an agreement with a brand new fiber provider in our area. They are going to provide 10GB fiber to our customer. We are providing our customer the firewall and they will sub-lease the fiber/resell to the tenants of the building. **Yes, the fiber provider is okay with this.
They are asking us though, which routing type. I’ve never been asked this before. Every other time it is just they provide the fiber to a demarc and then terminate to an LC/SFP and even some go as far as providing 2 GBICS for us to use.
Customer is getting a /24 block.
I think the provider is asking you to pick one of these:
- The provider’s device takes the first IP in the /24, and then your firewall takes one of the IPs in the /24, with the first IP as the default gateway. For other devices to use public IPs, they will either need to be connected to the ISP directly via a switch (outside your firewall) or you will need to a 1:1 NAT through the firewall. I believe this is what they mean by “Direct Connect”
- The provider will set up a second subnet, usually a /30. Their device takes the first IP in the /30 and your firewall takes the second. Your firewall uses the first IP as its default gateway. Then the whole /24 is routed to your firewall (second IP in the /30). You then put one of the IPs of the /24 onto a “LAN” interface of your firewall, and everything that needs a public IP connects to this and uses the firewall as their default gateway. I believe this is what they mean by “Static Route”
Even if I am correct, I would always get a confirmation from the ISP.