Alex,
Thanks for the reply. To answer your question:
1. Yes, the firewall directly connects to router A and router B via gigabit ethernet interfaces
2. Preferrable load sharing of outbound traffic would be nice. Especially because router A is connected to an ISP that offers us I2 access and another network that connects to some larger sites (such as google) in what is usually less AS jumps than the ISP that router B is connected to. I do get full BGP route tables (i think like 280k+ routes) from both ISPs regardless.
3. Unfortunately, the firewall only holds about 20k BGP routes, and I cannot take full routing tables. I also remember our SE suggesting that we should not run BGP on the firewall, but if we, for example, were only taking a default route via BGP I do not see how that could be a big issue.
Thanks for your help!
SH