"Replace your router with a PFsense firewall (FREE) and all these problems go away. Networking is NOT hard, it is only the "band aid" solutions that cheap hardware has forced us into, that makes networking difficult (NAT, DNAT, PnP, etc.)."
I run pFsense here at NI2O and whilst is runs flawlessly I would not say that it was trivial to get it working for 44net IPENCAP. Indeed, using its supplied GUI there was no way in which I could allow any of our protocols to traverse the firewall. In the end I found a very obscure mailing list posting from someone trying to do the exact same thing as me back in 2004. The solution was to edit the /etc/protocols file to enable the ones I wanted (IPENCAP/IPIP/AX.25) and then also edit the GUI web pages so that one could select those protocols in the drop down lists when making new rules. The end result is great but it was a PITA getting there.
Should I write this up? Would it be useful to anyone other than me?
Mark
On Tue, Jan 28, 2014 at 8:48 AM, Jay Nugent jjn@nuge.com wrote:
(Please trim inclusions from previous messages) _______________________________________________ Greetings,
On Tue, 28 Jan 2014, YT9TP - Pedja wrote:
(Please trim inclusions from previous messages) _______________________________________________ On 28.01.14. 02:23, Jay Nugent wrote:
I have never understood why so many people can't seem to wrap theirheads around IPIP Encap? It is SOOOOooooo easy to use. The drawback seems to be *cheap junk* consumer gateway routers that have no understanding of protocols other than TCP and UDP. IPIP-Encap is NOT TCP and is a protocol unto itself, and so many cheap routers have no idea how to just pass these packets.
As far as I recall, it not problem in cheap routers but expensive too, as the only platform that supports custom IPIP used for 44NET is linux box, and even that needs to be customized.
If IPIP is widely supported that would be ok solution. But this is custom solution that needs hacking just to make it work.
It takes NO hacking at all except to get around junk routers. Replace your router with a PFsense firewall (FREE) and all these problems go away. Networking is NOT hard, it is only the "band aid" solutions that cheap hardware has forced us into, that makes networking difficult (NAT, DNAT, PnP, etc.).
--- Jay WB8TKL
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net