On Mon, 15 Jun 2015, Jann Traschewski wrote:
Date: Mon, 15 Jun 2015 07:37:56 +0200 From: Jann Traschewski jann@gmx.de Reply-To: AMPRNet working group 44net@hamradio.ucsd.edu To: AMPRNet working group 44net@hamradio.ucsd.edu Subject: Re: [44net] AMPRNet Interoperability with BGP
(Please trim inclusions from previous messages) _______________________________________________ On 15.06.2015 07:17, Tim Osburn wrote:
I remember that, I setup a tunnel but I don't think anyone did any testing with it. We can try that again. So to recap that idea, that would be a IPIP tunnel from a none UCSD router (Router Z) on the internet to the amprgw server. You would then add the current 53 authorized BGP prefixes as static routes on the amprgw to go over that IPIP tunnel and then egress out to the internet from that router Z location. Router Z would need to allow traffic from any 44 IP Address to egress out router Z's ISP internet connectivity
+1
Once that's working it would be nice to let the maintainers of the current 53 authorized BGP prefixes decide (e.g. through the AMPRNet Portal) whether they want to add an IPIP route for their prefix pointing to router Z which is decapsulating traffic directed to these nets or not (some do setup an IPIP endpoint theirself already). This way we are able to keep End-to-End-Communication (Source-44 to Dest-44) alive and source-route-filtered gateways do not net to NAT through their ISPs commercial address(es).
There would be no NATTING in this setup since to be the ISP for this design you will need to allow the 44 IP space to egress without being NATTED. There is no reason you need to NAT public IP Space to public space other then a policy, which if that is the case then you're not a good fit for a 44 IP space egress server.
Drawing: https://www.osburn.com/amprnet-150614-1.0.0-ipip_tunnels.jpg
Btw: My current workaround would be to parse the BGP-table of the Internet for net44-prefixes and do it myself (I have something similar to "router Z"). I would be happy if there is a non-private solution...
73, Jann
Tim Osburn www.osburn.com 206.812.6214 W7RSZ