On Mon, Mar 16, 2015 at 10:33:31PM +0200, Marius Petrescu wrote:
- BGP to IPIP results in a correct routing via 44.0.0.1 (I can not check if
it is filtered at ampr-gw, it probably is)
It's not filtered at amprgw, it's misrouted by a default route in an upstream router. It is not practical to delete that default route and replace it with some 200+ individual routes, which is what it would take to eliminate the default route.
To fix this, we could partition the network - move all BGP-announced subnets to the range 44.192.0.0/10 and up. Then it would be possible to change the default route in the upstream router here at UCSD to allow egress of destination addresses in the top quarter of 44/8 and connectivity would be restored.
There are 50 BGP-announced subnets (and a few pending) which would have to be rehomed. It is not clear how many actual hosts would have to be renumbered in doing this. My guess is that most of the BGP-announced subnets are sparsely populated at this point. Likewise, any tunneled hosts in the top quarter would have to be rehomed to lower addresses.
Another alternative was proposed a while back where someone with good connectivity could operate a decapsulating gateway and the tunnel network would simply have tunnel routes to the BGP subnets via that gateway. Doing it this way would avoid having to re-address anyone. The problem with this solution is finding someone to operate the decap gateway. - Brian