We are recieving two separate last mile fibers from our ISP. We are receving two separate /30 subnets from the ISP and a separate /28 pool. Now the first pool for instance is x.x.x.128/30, the second one is x.x.x.136/30 and the last pool is x.x.x.160/28. We have an eBGP relationship with the ISP. We were informed that the /28 pool is for live IPs for our servers which would be in a DMZ zone on the firewall. I am assuming that we will need to give a static route to these servers from our edge router (eBGP running router with ISP), through the firewall to the server and advertise the /28 live ip pool via BGP to the ISP. In this scenario if the connection fails over from the first connection to the ISP to the second one the live IPs will still be accessible via the second link. I won't be creating a NAT entry for these entries on the routers since these are being pubicly advertised over the internet. Now firstly, am I right in understaiding that this design is right? Also, on the DMZ interface on the firewall should I assign the x.x.x.161/28 IP as a secondary IP (secondary IP because that zone already has a private IP addressing scheme for INSIDE users on the firewall. The server in that zone for instance would have the second useable IP in that range. x.x.x.162. This would give my servers a live IP on the internet. Am I right here?