-----Original Message----- From: 44net-bounces+marius=yo2loj.ro@hamradio.ucsd.edu [mailto:44net-bounces+marius=yo2loj.ro@hamradio.ucsd.edu] On Behalf Of Robbie De Lise Sent: Saturday, March 29, 2014 14:50 To: AMPRNet working group Subject: Re: [44net] isn't 44net being a "full mesh" a misnomer? Is it even necessary?
....................
This is correct, we still route 44.0.0.0/8 to a system that does IPIP to the rest of amprnet. However, the route from the rest of amprnet back to us could be done purely over the internet. So the question might be, do we still need to announce ourselves in the encap file ? ....................
The fact that routing back via internet is an false assumption.
If I sent an outgoing packet vit a 44net source address to my ISP (and I assume the same for others, too), that packet will just be dropped, since it does not originate from their IP address space. Allowing such behavior would open the door for IP spoofing... And if that response comes from one interface, while the request was snet via another will probably also allow RP filtering to kick in, unless you disable it on your routers (which is a bad idea for similar security reasons).
Also, an unnannounced network gets no forwarding in amprgw, since the encap destination is not known.
So yes, you need to announce yourselves, so that other endpoints could have the proper encapsulation destinations.
73 de Marius, YO2LOJ