Greetings,
On Fri, 16 Mar 2012, Lin Holcomb wrote:
My understanding from Cogent (our upstream provider) is we provide them with a letter from ARDC allowing us to advertise the sub net to the other AS machines around the world. They put the sub net in their AS then magic of the Internet it routs to our server/users. I am not a Computer Science major or person so I am just learing how things work up stream from the ISPs. So correct me if I am wrong.
That is basically it. So long as any of the Teir-1 backbones honor the more specific 44.102/16 route announcements (using 44.102/16 as an example as that is my State network here in Michigan).
Tim the reason for not doing IP tunnels is easy. Single point of failure. God forbid SCSD drops in to the ocean (not really but lets just say the big one hits SoCal) all of AMPR is down.
IPIP Protocol-4 tunnels are absolutely fine - so long as you are NOT tunneling directly to Mirrorshades/AMPRgw. If *every* Internet attached node in your network contains the ENCAP route table, then they each will know which nodes support which subnets and can route the traffic DIRECTLY to them. There is *NO* single point of failure because this method provides you with a FULLY MESHED network. It is quite easy and VERY elegant, really :)
Passing *ANY* traffic through Mirrorshades/AMPRgw, as *I* see it, is to catch 'stray' packets destined from the Internet headed toward a 44/8 address. Since the Michigan AMPRnet *DOES NOT ALLOW* any direct Internet to 44-net traffic, then whatever happens to the West coast slipping into the ocean will not effect us here (sorry Brian, hope you have your SCUBA gear on! HI HI). The Michigan AMPRnet will hum along quite nicely :)
But for those folk who *DO* accept 44 traffic from the Internet (and all the firewall and filtering that requires), I am all in favor of splitting off more specific BGP announcements to the big-I Internet route tables. Just be aware that peering agreements are oftentimes NOT free. Oftentimes require and equal sharing in traffic, both inbound and outbound (if they are paying to give you a port on their box, they wanna be sure it is adventagious to *their* customers). And you will need to formulate MANY peering agreements to make it worthwhile. This is NOT as simple as setting up dual upstreams from one "company" location. You are talking about dividing the 44/8 space into subnets that each get routed/peered through different backbone providers and networks. This can get sticky...
Good luck! And I enjoy the discussion :)
--- Jay Nugent WB8TKL o Served my penance at Advanced Network & Services (ANS) and working in the NOC during the T1 NSFnet and T3 NSFnet days. (I think we were sucessfull in our NSF goal to commercialize the Internet - BIG GRIN)
() ascii ribbon campaign in /\ support of plain text e-mail +------------------------------------------------------------------------+ | Jay Nugent jjn@nuge.com (734)484-5105 (734)649-0850/Cell | | Nugent Telecommunications [www.nuge.com] | | Internet Consulting/Linux SysAdmin/Engineering & Design/ISP Reseller | | ISP Monitoring [www.ispmonitor.org] ISP & Modem Performance Monitoring | | Web-Pegasus [www.webpegasus.com] Web Hosting/DNS Hosting/Shell Accts| +------------------------------------------------------------------------+ 14:01:01 up 193 days, 19:39, 3 users, load average: 0.03, 0.04, 0.00
My understanding from Cogent (our upstream provider) is we provide them
with a letter from ARDC allowing us to advertise the sub net to the other
AS machines around the world. They put the sub net in their AS then magic
of the Internet it routs to our server/users. I am not a Computer Science
major or person so I am just learing how things work up stream from the
ISPs. So correct me if I am wrong.
Tim the reason for not doing IP tunnels is easy. Single point of failure.
God forbid SCSD drops in to the ocean (not really but lets just say the big
one hits SoCal) all of AMPR is down.
Lin
_________________________________________
44Net mailing list
44Net@hamradio.ucsd.edu