19 Dec
2023
19 Dec
'23
5:29 p.m.
Hello everyone,
I’ve stumbled on a problem with my 44net connection and I’m hoping someone can shed light
on what’s going on.
I’m connected using IPIP, and I can exchange traffic with other hosts that are also using
IPIP (and hence appear in the RIP broadcasts).
Where I’m struggling is with a couple of subnets which perform their own BGP
advertisements. I can reach them over the internet, but can’t from my 44net-connected
system.
I can see traffic leaving my network for the hosts in question, encapsulated with a
destination address of 169.228.34.84 (amprgw.ucsd.edu <http://amprgw.ucsd.edu/>),
but my packets never reach the remote systems.
Any clues?
Mike Quin
19 Dec
19 Dec
5:58 p.m.
Mike,
Hey, what's your callsign?
Your routing instance should configure those nodes to use your own WAN connection. If
NAT/Masquerade is needed for that purpose, you should do so. But, I notice now that I
don't see such routes on my routing table anymore(?). You may be merely observing your
configured default route for subnets not in your table (I see the same behavior). I run
ampr-ripd version 2.4.1 on OpenWrt 23.05.2 - what are you running?
Since they do not run a tunnel (which they should if we need to reach them, otherwise
they'd be in the route table) - we would need to understand how they'd handle the
connection nonetheless.
Basically, the BGP IPs are on the Public Internet, hence should connect with a Public IP.
73,
- Lynwood
KB3VWG
6:10 p.m.
Not every BGP announced subnet is in the IPIP list, so route the rest of amprnet just
directly to Internet.
That is what I do here.
Bob VE3TOK
On 2023-12-19 17:29, Mike Quin via 44net wrote:
Hello everyone,
I’ve stumbled on a problem with my 44net connection and I’m hoping someone can shed light
on what’s going on.
I’m connected using IPIP, and I can exchange traffic with other hosts that are also using
IPIP (and hence appear in the RIP broadcasts).
Where I’m struggling is with a couple of subnets which perform their own BGP
advertisements. I can reach them over the internet, but can’t from my 44net-connected
system.
I can see traffic leaving my network for the hosts in question, encapsulated with a
destination address of 169.228.34.84 (amprgw.ucsd.edu <http://amprgw.ucsd.edu>), but
my packets never reach the remote systems.
Any clues?
Mike Quin
_______________________________________________
44net mailing list --44net(a)mailman.ampr.org
To unsubscribe send an email to44net-leave(a)mailman.ampr.org
--
There is nothing permanent except change
-Heraclitus
20 Dec
20 Dec
3:55 a.m.
Thank you Bob and Lynwood
I’m running ampr-ripd 2.4-1 on a Raspberry Pi (Raspbian 11).
I understand the suggestion to just route traffic to these systems via the internet, but
that feels like it contradicts how the FAQ describes AmprGW’s features:
"It forwards traffic between Internet hosts (including those AMPRNet that are
directly connected to the Internet [BGP-routed]) and IPIP tunneled AMPRNet hosts”
(https://wiki.ampr.org/wiki/FAQ).
I’m aware that connections between IPIP hosts and the general Internet need to be
authorized (by having an DNS A record) does that restriction also apply to BGP-routed
parts of 44net?
Mike 2M0MQN
8:11 a.m.
Mike, you should take that as an option, not as a "must".
Otherwise why would it make sense to BGP announce a subnet on the global
internet, if using the ampr gateway would be mandatory? In such a case,
the tunnel mesh would do just fine.
Let's take an example: Me, at 44.182.21.1 want to reach 44.182.10.1
which is BGP announced.
Using my own public IP this would be:
44.182.21.1->(nat)89.33.44.100->[about 5 hops]->44.182.10.1 (src
89.33.44.100, RTT 4 msec, some 300km apart).
Using the ampr-gw this becomes:
44.182.21.1->[tunneling, about 15 hops]->ampr-gw-> [abt. 15
hops]->44.182.10.1 (src 44.182.21.1, RTT 450 msec, crossing the ocean
twice).
The idea is to connect directly via your internet provider, so that you
get there more efficient and offload the forwarding through ampr-gw.
The only draw-back is that you would reach the destination with your
public IP as source instead of your 44 address.
Marius, YO2LOJ
On 20/12/2023 10:55, Mike Quin via 44net wrote:
Thank you Bob and Lynwood
I’m running ampr-ripd 2.4-1 on a Raspberry Pi (Raspbian 11).
I understand the suggestion to just route traffic to these systems via
the internet, but that feels like it contradicts how the FAQ describes
AmprGW’s features:
"It forwards traffic between Internet hosts (including those AMPRNet
that are directly connected to the Internet [BGP-routed]) and IPIP
tunneled AMPRNet hosts” (https://wiki.ampr.org/wiki/FAQ).
I’m aware that connections between IPIP hosts and the general Internet
need to be authorized (by having an DNS A record) does that
restriction also apply to BGP-routed parts of 44net?
Mike 2M0MQN
_______________________________________________
44net mailing list --44net(a)mailman.ampr.org
To unsubscribe send an email to44net-leave(a)mailman.ampr.org
10 a.m.
Hi to the group.
One of the project of the TAC this year was to work on a way to links all of the 44net
network legs in a better and more effective way.
It is a project to add point of presence around the globe to help route between each of
them with better route. And at the same time, helping people to connect to the 44net than
using the ipip network. ( we are not talking about removing the ipip mesh, just adding
way's to connect to the 44 net ip realm )
I cant wait to see the result of that work done by a real good group of people.
I was in good health most of the year and was not able to follow the progress of the
project. (Still I dont have more than a few good days a week.) So I did not do much in
the whole story.
So the the TAC keep going strong. Also Chris also worked on another project. When it will
come online people will like it a lot!
Pierre
VE2PF
________________________________________
De : Mike Quin via 44net <44net(a)mailman.ampr.org>
Envoyé : 20 décembre 2023 03:55
À : 44net(a)mailman.ampr.org
Objet : [44net] Re: Reaching BGP subnets through AmprGW
Thank you Bob and Lynwood
I’m running ampr-ripd 2.4-1 on a Raspberry Pi (Raspbian 11).
I understand the suggestion to just route traffic to these systems via the internet, but
that feels like it contradicts how the FAQ describes AmprGW’s features:
"It forwards traffic between Internet hosts (including those AMPRNet that are
directly connected to the Internet [BGP-routed]) and IPIP tunneled AMPRNet hosts”
(https://wiki.ampr.org/wiki/FAQ<https://na01.safelinks.protection.outlook…)mp;reserved=0>).
I’m aware that connections between IPIP hosts and the general Internet need to be
authorized (by having an DNS A record) does that restriction also apply to BGP-routed
parts of 44net?
Mike 2M0MQN
152
days inactive
153
days old
5 comments
5 participants
participants (5)
-
Boudewijn (Bob) Tenty -
lleachii@aol.com -
Marius Petrescu -
Mike Quin -
pete M