Re: [44net] ipip tunnel

Hi Lynwood, The source address of the packages to be encapsulated has to be your ampr address. Only the IPIP outer envelope is NAT-ed. NAT doesn't care about the data content of the IP frame which in this case is another IP frame. So a correct ipip frame is something like this: [Ip header from external interface/local interface to be nat-ed to gateway proto 4][ip header from local ampr address to remote ampr address proto 1, 6 or 17][tcp/udp/icmp header] ...payload... [checksums] This is what you should see on your external interface (nate-ed or not). Marius. -----Original Message----- From: 44net-bounces+marius=yo2loj.ro(a)hamradio.ucsd.edu [mailto:44net-bounces+marius=yo2loj.ro@hamradio.ucsd.edu] On Behalf Of lleachii(a)aol.com Sent: Saturday, August 03, 2013 15:54 To: 44net(a)hamradio.ucsd.edu Subject: Re: [44net] ipip tunnel (Please trim inclusions from previous messages) _______________________________________________ Marius, My tunl0 IP address is currently 44.60.44.2/24; please test and update us. You noted that you cannot reach http://44.60.44.13/startampr Is that from the public Internet as well? It may help if you could review the script, so we'll be discussing the same configuration. Also, I've confirmed that my tunnel is encapsulating with the correct source (192.168.x.x - which is NATed to my public IP) and destination IP addresses (the destination 44Gateway in my route table). My gateway DOESN'T use the tunl0 IP address unless I enter 'ping -i tunl0' on the console. Thanks to all who troubleshoot, we've been trying to understand why we have issues between some gateways for quite some time. -Lynwood KB3VWG On 08/02/2013 06:37 PM, marius(a)yo2loj.ro wrote: ------------------------------------------------------------------------ No matter the architecture (which I can not see because it doesn't work) there shall either be a tunnel endpoint with a 44 source address or a regular private route. Not a tunnel end point with a private source address. Marius.