26 Dec
2014
26 Dec
'14
1:19 p.m.
Just to clarify this: The unterstanding on how a full mesh works is wrong.
Now, suppose the public user connects to 44.44.44.44.
His packet comes in
via the UCSD gateway and over the AMPRnet link to that gateway to my
amprnet
interface, 44.44.44.44. The reply should go back out
the 44.44.44.44
interface, via the AMPRnet, through the UCSD gateway, and back to the
user.
No. It doesn't. If the user connects from 44.44.44.44 his packet comes
directly via the IPIP tunnel, not via the UCSD gateway.
And that user will have an encap route set up by the routing daemon pointing
back directly to his machine. The answer will be IPIP encapsulated end sent
back directly. The UCSD gateway is not involved in this case.
But if the user connects to 101.102.103.104, the reply
should go out my
regular LAN interface to my local NAT/FW where it's public IP address is
re-applied, and it goes direct to the user.
This is correct, as long as the user connects to the gateways public IP. And
routing is correct in this case.
And the third case Arno was talking about: The user with a regular IP
connects to an ampr IP address.
Then it will be routed via UCSD gateway and sent IPIP encapsulated to the
gateway IP.
It is decapsulated and will contain packets from 1.2.3.4 (the users public
ip) to let's say, 44.1.1.1 (our ampr address).
The answer has to go back via that tunnel at UCSD, from 44.1.1.1 to 1.2.3.4,
IPIP encapsulated from our public IP to the UCSD gateway.
Marius, YO2LOJ