Re: [44net] non-operational gateways

Make sure you act only on ICMP unreachables that refer to the protocol 4, not to the port 520! When protocol 4 is unreachable, it sure means the gateway is not operational, as it rejects operational traffic. When it rejects port 520, it could be that it is not using RIP to update its tables (it could be downloading encap files!) or even that it *is* using RIP but via raw sockets (ampr-ripd -r) and has a firewall that rejects the packets. ampr-ripd would still see and process them! That condition could be flagged in yet another status report, but it should not be a base to declare the gateway inactive. Also, we recently have seen some postings that indicate that some people operate a gateway that has tunnels to all other gateways, but explicitly have excluded a tunnel to amprgw. Because that brings mostly internet traffic and they don't want to have that. Of course another (not exclusively deciding) check on gateway activity could be to check if you actually receive any tunneled packets from them. I do have that as a byproduct of having an access list that accepts protocol 4 traffic only from addresses of registered gateways. At the moment it shows traffic from 34 different gateways (including amprgw). Of course, when the external address of a gateway changes, its history is lost. Rob