Gentlemen,

I think there is a BIIIG misunderstanding about mirrorshades.

Mirrorshades is just a last resort default 44 gateway from the internet to ampr and a central 44 route administration point.

This means that all there should set up their tunneling so they could reach the 44 peers without passing mirrorshades.

Mirrorshades offers you all the necessary info in form of updated encap files and RIPv2 broadcasts.

But the tunneling has to be done on a peer to peer basis based on that information on both sides of the tunnels.

And this issue puts a big strain on mirrorshades.

Most of the setups get incoming traffic via PtP and the mirrorshades tunnel and send out the reply packets NATted to their ISP IPs.

That outgoing traffic is then tunneled by mirrorshades to the proper recipient.

And this is plain and simple WRONG.

You need to tunnel the outgoing traffic back to the IPIP peer it originated from.

If this is set up correctly and you have a updated encap, you don't need mirrorshades any more, except for internet->ampr connectivity (and to update your routing table if you use the RIP method).

So between ampr peers, you could either use the traditional IPIP setup, or implement whatever routing protocol and transport media you want, as long as it is PtP and does not rely on mirrorshades.

And the simplest way to check your correct setup is to drop any default route to 44 networks in your system. If all is set up correctly, all connections should still work flawless.

If not, your setup is faulty and mirrorshades is your single point of failure.

73s de Marius, YO2LOJ