Subject: Re: [44net] Gateways with external address in net-44 From: Brian n1uro@n1uro.ampr.org Date: 11/12/2014 02:07 PM
To: AMPRNet working group 44net@hamradio.ucsd.edu
On Wed, 2014-11-12 at 10:16 +0100, Rob Janssen wrote:
Ok, but then I think those gateway entries should not be distributed via RIP. When they are directly routable, should we use a tunnel to reach them?
That's only half the equasion. The other half is when one is SAFed (Source Address FilterED) and they policy route 44/8 via their tunnel interface, and anything else via UCSD...
Yes that is the problem. I need to policy route on source address because of SAF and I use a separate routing table for the tunnels with a default to UCSD. This fails with that 44.24.240/20 with gateway 44.24.221.1 network.
We are building a gateway for 44.137.0.0/16 which in fact has already been running since the summer but the process of getting the provider to agree to route BGP has taken much longer than anticipated. Anyway, this gateway (which of course is not affected by SAF itself) has a separate public IP (194.109.64.198) for use by the IPIP tunnels to other gateways. I think that is a better method, it avoids lots of confusion and complicated policy routing rules.
Maybe the routing will work again once we have our country gateway up and running with BGP and direct outbound routing of net-44 traffic (without having to tunnel to UCSD). I plan to work out a routing configuration without separate net-44 routing table at that time.
Rob