Network architecture for honeypots?

["Williams Jon" <WilliamsJonathan () JohnDeere com>]

I'm in the process of building a honeypot for one of my clients using
honeyd.  The goals are simple, provide an endpoint for misconfigured
software, worms, etc. to connect with so the IDS will see more than TCP
SYNs and RSTs.  The client's network is pretty simple, a handful of
sites with internal traffic statically routed and everything else
following a default to nowhere.  An analysis of the network traffic
following the default route showed that there was no functional activity
that required the default route.

I'd proposed changing the default route to point at the honeypot, but
before they made the change, they checked with their network vendor to
see what issues might come up.  Their network rep said that he was
unaware of anyone doing this, which kind of surprised me.

Am I totally off-base here?  Is anyone else out there doing something
similar?  If not, what should I be doing to get the junk traffic to the
honeypot?

Thanks.

Jon