On Fri, Mar 13, 2015 at 6:30 PM, Brian Kantor <Brian(a)ucsd.edu> wrote:
At the current moment I can see no way for an AMPRNet
subnet to be both
TUNNEL and DIRECT (BGP-announced) connected, unless a special provision
has been made to operate a gateway from a non-44/8 address into the
BGP-connected subnet.
This is because the tunnel mesh can't reach 44/8 addresses that aren't
reachable via a non-44/8 tunnel entrance.
There's a diagram that shows this. The red box is what you're talking about:
http://www.hamwan.org/t/AMPRNet
(sorry, I couldn't find the original source)
This means that we can't have gateways whose
entrance address is in 44/8.
Seems to work just fine for us (with 44.24.240/20), in most cases. The
traffic doesn't come from 44/8 addresses, it comes from their tunnel
endpoints. Their ISPs have no problem routing to 44.24.221.1 because
it's announced globally with BGP. Since we're talking about a tunnel
mesh, it's the tunnel gateway ISP that needs to reach the other tunnel
gateway, not AMPR gateway. Packets going out will have a source IP
from their ISP and a payload of an IPIP packet.
Tom KD7LXL