Interesting, I had asked the question earlier how much administrative work would be required by the AMPR POP's admin(s) to configure the GRE/IP-IP tunnels from the local gateways. I didn't get a response.
I agree that using a Linux/BSD box could allow users to provision their own tunnels via a carefully written script.
-Neil
On Thu, Jul 25, 2013 at 5:05 PM, Marc, LX1DUC lx1duc@rlx.lu wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Protocol and Vendor agnostic yes , but people running production networks get nervous around "unsupported" (i.e. they can't call a number and get help right away). devices tied into their nets. Not saying it can't be done, but a lot of effort must be put in place to protect the Net from trouble.
What I'm saying is that the POPs would need to be run by truly competent personnel and configured to protect the Net from accidental or malicious configurations at the local gateway level.
When you start messing with routing on the Internet you HAVE to know what you are doing and trust your device not to do something stupid.
Agreed, so we need skilled operators for the regional internet gateways (RIGs) and they should be working close with or even within the organization hosting the RIGs. The hoster is also free to take any actions necessary to protect it's network by filtering and limiting the announcements from the RIG or even shutdown the BGP session completely.
All this however doesn't change the fact that the setup does not require hardware from big C or big J or whomever, a carefully selected Linux Box running some kind of routing daemons (e.g. Quagga, Bird, ExaBGP) can suffice to cope with all the tasks. Alot of projects have proven that a stable service using Linux based BGP speakers (AS112, a.ntpns.org (aka AS6647), etc) is possible.
73 de Marc, LX1DUC -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJR8aEcAAoJEHFIN1T8ZA8vQDAQAIdHlreR64mBNBQpdPbSKGw8 KYpMfxjp8OLRHozDxRcAhbW8zgru31CrCfErBsqjpoSWkocTwklMW8PWvQZ7ATBW wPFugqxgGtKPD9BX32tp0REWc5+q4mNiZpChw4N5+MPqVjEGEkChbjxB2dLYUfvu ncussosXTlyBePvOO5/hN5l+j917ajAng2P6QMWPNT+HNU9kyps5rSnPh960HGBD BGKlw12RuJ4KBWvSlDBRkkqTMm1teXqNYVPMh8s1TPjL41LEYMt7CBXDjlKZlFZB vLvBVijo4HIekgcc50Ao8Lz0vZmQ5GbvAB9R0qGZyyguTxLB0P5qGylfltP8MsVS WhVfihaI1f0wn5HnCoQMyaxnmYtqAg7Dr+cpc0sUAXjz6wiwUHZw+gmhucXGW9Ug gIJ9J4QCPLWDSfNo/l52hYHBneoy3zThcjx9pmRVDvolQpGeVQNvSFd1jZFZFSPn c8NDXCXvtv1cikOmfEfxyRWnbm9gbIJ3uuS3zf4h+Qq8n4qZjQcULI1hDZAlCtqs OczFFtgmaEhnOtyEpKJrN99NTQPqpxGAk5Nfu+pl0Piz2MjFLh67yuYwLbWkaols TCOgWwoE3n8fmIxXGqDKaiL0ifY7mnfDyo2f3pp2Pahi57BffNavIuvQWtno2n4u nmP9hSpNPhH9lx9nwgl+ =6vpz -----END PGP SIGNATURE-----