21 Jan
2013
21 Jan
'13
1:35 a.m.
Marius,
I'd like to understand the recommendation regarding using Source NAT, I
am not using NAT, as all my IPs are directly routed to their hosts, and
all my AMPR hosts possess 44 IP address and are routed directly. Every
device on my network has a source IP in the range of 44.60.44.0/24, and
knows of no other routes but other AMPR subnets and the gateway (when
used) via my 44.60.44.1. Also, when using the default route, 44.0.0.1
populates in rip44 as:
44.0.0.1 dev tunl0 via 169.228.66.251 onlink.
Therefore, all AMPR networks are in-fact on my route table, including
44.0.0.1.
'44.0.0.1 via 169.228.66.251' is a valid and operational route (as
removing it causes announcements not to populate). Also, 'default via
169.228.66.251' is valid as it provides connectivity to the Internet and
routes to populate (since the default route is in-fact a link to the
next hop, 44.0.0.1).
I understand that 44.0.0.1 is known to be un-pingable via AMPR, I have
never been able to ping it. There are various reasons that could be so,
but Brian would be better to explain that (looping packets sent by a
rogue or misconfigured station using 44.0.0.1 as its IP are very good
reasons). Please note that it would be technically improper to say it's
unreachable, as we all have a route to 44.0.0.1; and we (all registered
gateways) receive subnet announcements when the 44.0.0.1 route is installed.
Just because an address is not pingable, telnet-able, etc, does not mean
it's invalid and in-operational (for example, for safety's sake [RFC
2003 -IP Encapsulation within IP - section 3.2], I firewall forwarding
of any IP whose source matches an interface on my AMPRrouter).
You would be correct that 44.0.0.0/8 is an invalid route within AMPR, as
you cannot reach subnets within AMPR without their direct route. We all
confirm that we have direct routes installed to the subnets we are testing.
I have not had issues with Windows hosts pinging 44 addresses over AMPR.
Before I used BIND DNS on 44.60.44.3, I used Microsoft DNS, that host
worked fine (Windows DNS simply required more memory to maintain than BIND).
~Lynwood