Hi Tom,
Just a simple question: If there would be 2 entries in the routes to your system, how would you expect the other systems to guess which tunnel endpoint to use for encapsulation?
Your subnet may be multihomed, but you need either to split it up for P2P tunnels to work, or do the "internal" routing yourself and use a single gateway with an unique ip address. Remember that there are no such things as connection tracking in the ampr full mesh concept. No matter where you originate your tunnel, ipip is stateless and the replies will go to the destination, via the defined gateway. That is why tunnels originated on a second device will get no reply traffic, since those replies will be directed to the proper gateway as defined in the encap file/Rip broadcast (that one being the other device with the "official" gateway address).
The only solution to this would be to switch from ipip to a stateful tunnel protocol, like pptp, l2tp or sstp. This would of course work, but it will require a interface for every possible link partner (340 at the moment of this writing).
73s de Marius, YO2LOJ
-----Original Message----- From: 44net-bounces+marius=yo2loj.ro@hamradio.ucsd.edu [mailto:44net-bounces+marius=yo2loj.ro@hamradio.ucsd.edu] On Behalf Of Tom Hayward Sent: Friday, March 28, 2014 22:58 To: AMPRNet working group Subject: Re: [44net] Can't add redundant AMPR gateway to portal
(Please trim inclusions from previous messages) _______________________________________________ AMPR IPIP tunnels are currently broken for our network, 44.24.240.0/20. 44.24.240.0/20 is multi-homed. We have two edge routers. We originate IPIP tunnels from both routers, but other AMPR systems only accept IPIP traffic from one of the routers. Why? The second gateway IP is not in the encap file.
The portal will not let us add a second gateway IP for 44.24.240.0/20, because one already exists. Can we get this restriction lifted?
Second issue:
Something changed with the encap file download process. The script that builds our IPIP tunnels uses "curl https://portal.ampr.org/getdata.php" to download the encap data. A few days ago this was working just fine. Now the returned file is empty.
Loading that url with a web browser also returns an empty page. However, if I click the "download encap" link at https://portal.ampr.org/gateways_list.php, it works fine. Some funky session bug, I assume.
Please fix this issue, or point me towards the documentation that explains a better way to get the encap data.
Tom KD7LXL
On Tue, Mar 25, 2014 at 11:40 AM, Bart Kus me@bartk.us wrote:
(Please trim inclusions from previous messages) _______________________________________________ Screenshot
This network (44.24.240.0/20) is available via both 209.189.196.68 and 198.178.136.80. However, I'm unable to list more than one point of
contact.
I realize this was probably a design decision at some point, but it
doesn't
seem like a good idea from a redundancy perspective.
--Bart
PS: If you're wondering why the image looks like crap, it's to satisfy the puny 32kB message size limit of the list.