10 Apr
2014
10 Apr
'14
9:46 p.m.
On 10/04/2014 23:33, Marc, LX1DUC wrote:
(Please trim inclusions from previous messages)
_______________________________________________
On 10/04/2014 23:23, Bart Kus wrote:
> At step (c) the packet matched a route that is associated with an IPIP
> tunnel. The inner headers are from-44.whatever and to-44.24.240.0/20.
> When that match is made, the packet is IPIP encapsulated, and given new
> outer src/dst IPs. The dst-IP in this case should be 44.24.221.1, and
> the src-IP should be whatever local-address was configured for the IPIP
> tunnel (which should be routable over his public ISP). Then the router
> has to make a 2nd routing decision about how to deliver to 44.24.221.1.
> In this case, it should match default route (0.0.0.0/0).
Please disregard this message, I was reading the previous message and
replying to this one.
Your proposed setup could work for internal 44net traffic. But due to
restrictions with routing setup of 44/8 @ UCSD, traffic from the
commercial internet wouldn't necessarily always reach you. In cases
where traffic is not routed to according to your BGP announcement,
traffic would go to UCSD where it would end up in a routing loop.
Additionally some check would need to added to the portal 44GW should
only be allowed to have a 44net address if that address is part of an
independent BGP announce. Tunneling of a 44net to a 44GW which itself is
only reachable via another 44GW and tunnel is probably not desirable.
73 de Marc