On Fri, May 26, 2017 at 11:28 AM, Brian Kantor Brian@ucsd.edu wrote:
However, it is still necessary to allow the old amprgw.SYSNET.ucsd.edu (169.228.66.251) in past your firewalls, as up until the moment that we switch the 44/8 route from old to new, inbound traffic from the Internet will still be coming from that old address.
Please make the change and test it as soon as practical so that you don't get caught by the switch. Be sure to let me know if you lose connectivity when you switch over to using the new machine for outbound traffic, and we'll try to figure out what went wrong.
Can you anycast the old address from the new server so there's no "cutoff" during the transition? Actually, this might not be a bad thing to run long-term. Keep both servers online and anycasting. When one goes down, pull the route to 169.228.66.251 and packets will continue flowing to the other server. You could even do this at various locations around the world to reduce internet latency for AMPRGW users... (permission to announce 169.228.66.251/24 or some other /24 required)
Tom KD7LXL