The reality at least in most parts of the US, most residential and even business customers *must* use the ISP provided router to get any support. It's these ISPs and routers:
- Many US ISPs won't forward atypical protocols as they filter IPIP and other protocols - https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml#pro... over their ingress, backbone, and egress.
- These ISP routers can have intentionally limited functionality so customers cannot theoretically shoot themselves in the foot
- These routers don't support forwarding of non-TCP / non-UDP traffic to ANY port (no "DMZ" support)
- These don't support bridging or their bridging support is completely messed up (I'm looking at you Comcast Business)
I generally agree that centralizing the traffic distribution to VPN hubs is non-optimal. For those who wish to use AMPR for any voice technologies like DMR, YSF, P25, AllStar, IRLP, EchoLink.. end to end latency matters. Going through every network hop hurts.
To the ease of use AMPR point and to find an acceptable lowest common denominator for traffic forwarding, it should TCP or UDP *only*. No other IP protocols will really cut it due to many of these lame router implementations. Yes, there are higher end solutions out there that do it better (Cisco, Juniper, Mirotik, OpenWRT, DD-WRT, etc) but their usability for the common Internet user can be generally poor. Considering the state of ISP's required routers and their limitation, I have to believe that a *UDP* transport would be the best way to go. Existing examples of this could be NAT-T IPSEC traversal, AXUDP, etc.
--David KI6ZHD
On 07/23/2019 01:42 AM, Brian Kantor via 44Net wrote:
"Name me one brand of standard of the shelf routers that supports IPIP"
Cisco Juniper Mikrotik
By the way, http://etutorials.org/Networking/Integrated+cisco+and+unix+network+architectures/Chapter+11.+VPN+Technologies+Tunnel+Interfaces+and+Architectures/IP-IP+Tunnel/ has a tutorial/lab on setting up IPIP tunnels on both Cisco and Linux systems.
- Brian