On 4/11/2014 8:49 AM, Bryan Fields wrote:
On 4/11/14, 11:32 AM, Bart Kus wrote:
It allows our microwave network to remain
connected to the rest of
AMPRnet as long as we have at least 1 ISP that isn't dead. The
microwave network peers with the Internet at 2 different points at
present, but more points will come in the future. It's a robustness
improvement in the face of partial failures, like in a natural disaster
when an ISP's fiber gets torn or their building collapses.
So this is a hack
to correct for the hack of AMPRnet IPIP tunnels. Argh, it
makes my head hurt.
If AMPRnet was treated like any other network on the internet, this problem
would go away. At worst anyone not redundantly connected to the global
internet would lose connectivity if their small gateway went down.
Well, IPIP itself is not the problem. It avoids the costs of Internet
BGP peering. What is a problem is the lack of dead-peer-detection
between IPIP gateways. If intra-AMPR BGP peering was actually deployed
as part of the general recommendations then we wouldn't need to anycast
to achieve redundancy. But as it stands, the deployed technologies are
very light, and anycasting our IPIP endpoint is the easiest way to
achieve the desired redundancy. We do plan to make special BGP+IPSec
arrangements with select AMPRnet peers to further improve our
availability and security, but there's no need to do any of that work on
the mailing list.
--Bart