On Tue, Aug 6, 2013 at 3:16 PM, Marc, LX1DUC lx1duc@rlx.lu wrote:
I've seen this claim several times, but I don't understand why exactly such a route would be necessary. Could you elaborate a bit?
Some networks are not routed via the IPIP full mesh but directly via the Internet. For example Sweden and Australia announce their network directly via BGP but at the same time it seems that they don't have IPIP full mesh access.
As such if you want to reach any of those networks from within the IPIP full mesh, you will need to route your packets via a default route for 44/8 to the UCSD router which can then route the packets towards the internet.
But but... that does not work.
I tested it, and Brian confirmed that amprgw can not route packets out to the Internet to the BGP 44/8 sites, unless those sites are also reachable via an IPIP mesh. The technical reason is that the first upstream router between amprgw and the Internet has a static 44/8 route towards amprgw, and does not have the full Internet BGP table which would contain more specific routes to the BGP-only sites.
The BGP-enabled sites currently need to be present also in the IPIP table, and have (at least) an IPIP decapsulation gateway, so that other regular gateways can transmit packets to them. amprgw currently cannot act as a relay.
Also, it's more optimal to transmit the packets directly using a tunnel instead of trying to route via amprgw, even if it worked.
- Hessu