On Thu, 10 Apr 2014, Neil Johnson wrote:
In order allow hosts in the IP-IP tunnel system reach/be reachable to/from the Internet, I believe the default route has to be to amprgw.sysnet.ucsd.edu.
Actually, no, not the default route. If the default route pointed to amprgw, you could not send encapsulated packets to any other gateway at all. The default route is applied to the IPIP packet after encapsulation - it needs to point to your local upstream Internet router.
Some sites will have to route packets which have both (1) source address within their 44.x.y/z subnet and (2) destination address outside 44/8, to amprgw, since their local upstream Internet provider drops outgoing packets which have a source address within 44/8.
That's quite different from both the default route, or routing packets having destination address within 44/8.
- Hessu