First I think the idea here is to get more ways into 44 than mirrorshades. If ISPs are willing to take delegations for CIDRs of 44 then that is one side of the formula. This may be a few or possibly one per /16, I don't think we should be propagating this all the way to /30 subnets.
The other side is to bring in pockets of activity (LANs) into these "edge routers", which will often be VPN servers for tunnels from the LANs. The problem we have now is that almost all of the tunnel configuration and methods are tied to non-standard, uncommon, or ancient technology. We don't have to have just one VPN solution, e.g. it doesn't have to always be IPIP using JNOS, or even OpenVPN. It just has to be a VPN/Tunnel protocol that the edge router or routers support for those LANs connecting to them. OpenVPN, L2TP, MPLS, ... the key is that it is a standard, widely deployed, authenticated, and easy to setup. I can take $60 router off the shelf, provide a standard configuration and deploy it very quickly using L2TP. A new LAN would be able to take a script, plug in their credentials (for a primary and fallback edge router) and be up in short order, whether they are on a public / private (natted) address, static or dynamic.
Not everyone setting up a LAN will be a network engineer, so we need recipes for some common "off the shelf" routing solutions that are pretty solid for someone following directions.
John D. Hays
K7VE
PO Box 1223, Edmonds, WA 98020-1223
On Fri, Jun 8, 2012 at 4:28 PM, Elias V. Basse III
<kd5jfe@gmail.com> wrote:
(Please trim inclusions from previous messages)
_______________________________________________
What about an ipip server that links openvpn to the mirrorshades ipip link?
This would allow coexistence of both protocols.
73 de KD5JFE
Elias
Sent from my iPhone
