I've installed the routing software on the new amprgw machine and tested it, and it's working properly. In anticipation of moving the inbound route for 44/8 from the old amprgw to the new one, it is time for people to start using the AMPRGW.UCSD.EDU (169.228.34.84) address for their outgoing tunnel endpoint.
That will require people who have a firewall to adjust their firewall rules and any default routes they're using.
However, it is still necessary to allow the old amprgw.SYSNET.ucsd.edu (169.228.66.251) in past your firewalls, as up until the moment that we switch the 44/8 route from old to new, inbound traffic from the Internet will still be coming from that old address.
Please make the change and test it as soon as practical so that you don't get caught by the switch. Be sure to let me know if you lose connectivity when you switch over to using the new machine for outbound traffic, and we'll try to figure out what went wrong.
I anticipate a week or so before we can make the switch, so please keep it in mind.
Thank you! - Brian
On Wed, May 24, 2017 at 08:03:52PM -0700, Brian Kantor wrote:
Good News! Our friends in the CAIDA research group at UCSD have come up with a new machine for amprgw, quite a bit newer than the existing one, and with faster CPU, more cores, and more memory. It also has RAIDed disk and dual power supplies, although unlike the current amprgw, it won't be on a UPS.
The primary difference is that the gateway will have a NEW ADDRESS and a slighly DIFFERENT NAME. Instead of being known as 'AMPRGW.SYSNET.UCSD.EDU' as the current one on address 169.228.66.251 is known, the new machine will be 'AMPRGW.UCSD.EDU' (no 'sysnet' in the name), and will be on address 169.228.34.84. You should probably adjust your firewalls soon, letting both machines in for a while, as they will both be operating at the same time as services are moved from old to new. Do not move your tunnel endpoints to the new machine quite yet; that won't work until the routing software is installed and reconfigured for the new address. I'll let you know what it's ready for that.
- Brian