Re: [44net] Can't seem to grasp something

its working!!!!! got over 700 route when I do ip route list table 44 I can ping some of the 44 network where none responded before. but I dont seem to be reachable from the outside. Anyone can ping 44.135.51.1?? from my windows machine I cant ping that adress and a traceroute end at the edcu network. Again a big thank you to David for the help and script. And to all that works on the 44 network! Pierre VE2PF ________________________________ De : 44Net <44net-bounces+petem001=hotmail.com(a)mailman.ampr.org> de la part de David Ranch <amprgw(a)trinnet.net> Envoyé : 18 février 2019 12:53 À : AMPRNet working group Objet : Re: [44net] Can't seem to grasp something Hello Pete, Ok.. I've made a comment about that in the script. I'll publish that new version in a bit. I'm not sure why you're seeing all these stray "-e" but the setup seems to be running ok/ Those are ok. Many remote AMPR stations require to learn known good AMPR routes first before they will respond to *any* traffic. What many they do is take the route list either from the RIP announcements or ENCAPS file, parse them, and then load them into an iptables firewall WHITELIST. This sometimes can take some time and if your external IP address changes often, you might have a challenge to have remote stations keep up in allowing your traffic into their stations. One station might NOT require that and that's the AMPRGW at 44.0.0.1. I've added a ping check for that IP into my script. I've added a sleep statement in the script to hopefully deal with this but it's nothing to worry about. With the setup created by this script, traffic going to an AMPR address will automatically go through the tunl0 interface. One address you should be able to ping is the AMPR default gateway. If you do that ping, you should see: $ ping 44.0.0.1 PING 44.0.0.1 (44.0.0.1) 56(84) bytes of data. 64 bytes from 44.0.0.1: icmp_seq=1 ttl=62 time=31.2 ms 64 bytes from 44.0.0.1: icmp_seq=2 ttl=62 time=29.5 ms 64 bytes from 44.0.0.1: icmp_seq=3 ttl=62 time=28.5 ms ^C --- 44.0.0.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 28.538/29.804/31.295/1.136 ms If you run tcpdump in another terminal window on your AMPR station using the interface connected to your external ISP, you would see all the protocol 4 encapsulation and the ICMP ping traffic inside it: tcpdump -n -i eth0 not port 22 and not port 53 and not ip6 and not arp -- 09:21:53.861892 IP 96.78.144.186 > 169.228.34.84: IP 44.4.10.41 > 44.0.0.1: ICMP echo request, id 24614, seq 1, length 64 (ipip-proto-4) 09:21:53.892722 IP 169.228.34.84 > 96.78.144.186: IP 44.0.0.1 > 44.4.10.41: ICMP echo reply, id 24614, seq 1, length 64 (ipip-proto-4) 09:21:54.863001 IP 96.78.144.186 > 169.228.34.84: IP 44.4.10.41 > 44.0.0.1: ICMP echo request, id 24614, seq 2, length 64 (ipip-proto-4) 09:21:54.892171 IP 169.228.34.84 > 96.78.144.186: IP 44.0.0.1 > 44.4.10.41: ICMP echo reply, id 24614, seq 2, length 64 (ipip-proto-4) 09:21:55.864410 IP 96.78.144.186 > 169.228.34.84: IP 44.4.10.41 > 44.0.0.1: ICMP echo request, id 24614, seq 3, length 64 (ipip-proto-4) 09:21:55.892531 IP 169.228.34.84 > 96.78.144.186: IP 44.0.0.1 > 44.4.10.41: ICMP echo reply, id 24614, seq 3, length 64 (ipip-proto-4) -- It's critical that you see both the requests AND responses and with that tcpdump command, you can also use remote sites like http://yo2tm.ampr.org/nettools.php to ping your AMPR IP address and see unsolicited protocol 4 / IPIP traffic is coming into your AMPR station. If it's not, your ISP is probably blocking this traffic and you'll need to either see if they are willing to unblock that traffic or setup a VPN with a IPIP friendly VPN provider ( http://wiki.ampr.org/wiki/AMPRNet_VPN ). --David KI6ZHD _________________________________________ 44Net mailing list 44Net(a)mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net