21 Aug
2013
21 Aug
'13
7:10 a.m.
On 20.8.2013 20:46, Marc, LX1DUC wrote:
I'm running Mikrotik RouterOS on a machine
directly connected to the
Internet (it has a public IP, no NAT, no Firewall except it's own). I
runs smoothly so far. I'm using a Python script from
https://github.com/kd7lxl/hamwan_scripts/tree/master/amprupdate (I made
a few customisations to address a issues with my specific setup) to
create the IPIP interfaces, add routes and some routing policy rules
(customisation).
The AMPR fullmesh works almost as well on Mikrotik as on Linux. I
haven't had any issues with the IPIP fullmesh so far (on Linux and
Mikrotik RouterOS).
We are using this Mikrotik machine in LX to connect some sites to the
AMPR which are behind NAT and which cannot run their own IPIP
interfaces. The NATted sites use OpenVPN (may we'll add SSTP) to connect
to the Mikrotik machine. Within AMPR all the subnets are routed to the
Mikrotik machine which routes them via the OpenVPN links to the remote
sites.
One correction. You are not using just Mikrotik, but Mikrotik + Linux
machine that fills it in with settings.
Appropriate solution I was talking about is using Mikrotik alone. If I
have to set up Linux machine just to fill in Mikrotik settings that is
something basically wrong with that requirement from my point of view.
That is why I suggested that, as that Python script runs fine and
produces fine results, it could be good idea to run it on ampr.org site
to create script file that sets up IPIP interfaces and routing, so we
can download that script using Mikrotik device and run it within
Mikrotik device to set up all things properly without need to set up
external Linux machine to do the job.
I asked few times if anyone is using Mikrotik and is willing to export
IPIP interface and routing settings to sent it to me to examine and see
how this can be used in general. Noone responded.
So I have to disagree with your opinion. I can reach
around 400 AMPR
subnets of different size directly via the IPIP fullmesh (respectively
with the help of my Mikrotik machine used as a tunnel server).
Networking is not an issue when routing works. We have hard time setting
up routing for 44/8.
I intend to "open" my Mikrotik machine to
other HAMs around the world
having issues with NAT or ISP/University Firewall and hence cannot
connect to the IPIP Fullmesh directly but I need to do some upgrades
first (RAM, CPU, bandwidth).
That is very kind and generous but that means you would have to deal
with additional traffic as routes for others will go through your router
and internet connection.
By making us able to easily route 44/8 by ourselves then there is no
need that we have to use other's resources.
Again, networking is not an issue. Problem is that we are actually
forced to use special setup and additional hardware for 44/8 network.
Pedja
YT9TP