Hi everybody,

Just to clarify the issues related to "strange routes" appearing during the use of the rip daemons.

Together with Jann, DG8NGN, we devised a solution for interoperating BGP announced 44 subnets with the current full mesh tunnel system.

Initially I implemented the system for testing and proof of concept in the Mikrotik script v.3.0, and later in the ampr-ripd starting with version 1.16 and amprd version 1.5.

Current versions are 1.16.3 for ampr-ripd (bug fixes and small enhancements) and 1.6 (bug fixes), please use these.

Now to the idea behind it...

Directly BGP announced gateways need to be reached, well, directly, as any other gateway.

If we have a default route by which we could reach the BGP announced hosts (via your public IP, please don't use default routes via amprgw!), on installing a subnet route via the RIP daemon, e.g. 44.130.121.0/24 (it is a working test host) then the endpint 44.130.121.2 will also be routed via the tunnel, creating a loop, which is of course wrong.

So ampr-ripd will detect your default gateway on the system, and set host routes for those direct gateways via the default gateway, if the RIP announced gateway has a 44 address.

The detection of the default gateway is done by getting the route to 8.8.8.8 from your kernel tables.

So you will end up with 2 routes for that entry, like:

44.130.121.0/24 via 44.130.121.2 dev tunl0 proto 44 onlink

44.130.121.2 via 192.168.1.1 dev eth0 proto 44 onlink.

In this case, traffic for those subnets (in this case to 44.130.121.0/24) will be encapsulated and sent directly to 44.130.121.2, which is reachable via internet.

It is expected that your system will nat those destinations to your public IP (which probably happens).

If the detection of your default gateway is not correct, there is a parameter '-g' by which you can set your gateway IP by hand.

Your internal addresses are not published, nor are the known to the gateway. It is a local lookup performed by the daemons.

At the moment there are 4 functional gateways using this setup: 44.130.121.2, 44.130.122.2, 44.130.124.2 (as test systems) and 44.131.14.255 as a live setup.

Reachable tests hosts are: 44.130.121.3, 44.130.121.130, 44.130.122.3, 44.130.122.130, 44.130.124.3, 44.130.124.130, and of course the end points.

(44.130.121.2 runs amprd, 44.130.122.2 runs ampr-ripd and 44.130.124.2 runs the Mikrotik script).

I hope this clarifies some of the questions that may arise.

Have fun with the hobby,

Marius, YO2LOJ