Hi everybody,
Just to clarify the issues related to "strange routes" appearing during
the use of the rip daemons.
Together with Jann, DG8NGN, we devised a solution for interoperating BGP
announced 44 subnets with the current full mesh tunnel system.
Initially I implemented the system for testing and proof of concept in
the Mikrotik script v.3.0, and later in the ampr-ripd starting with
version 1.16 and amprd version 1.5.
Current versions are 1.16.3 for ampr-ripd (bug fixes and small
enhancements) and 1.6 (bug fixes), please use these.
Now to the idea behind it...
Directly BGP announced gateways need to be reached, well, directly, as
any other gateway.
If we have a default route by which we could reach the BGP announced
hosts (via your public IP, please don't use default routes via amprgw!),
on installing a subnet route via the RIP daemon, e.g. 44.130.121.0/24
(it is a working test host) then the endpint 44.130.121.2 will also be
routed via the tunnel, creating a loop, which is of course wrong.
So ampr-ripd will detect your default gateway on the system, and set
host routes for those direct gateways via the default gateway, if the
RIP announced gateway has a 44 address.
The detection of the default gateway is done by getting the route to
8.8.8.8 from your kernel tables.
So you will end up with 2 routes for that entry, like:
44.130.121.0/24 via 44.130.121.2 dev tunl0 proto 44 onlink
44.130.121.2 via 192.168.1.1 dev eth0 proto 44 onlink.
In this case, traffic for those subnets (in this case to
44.130.121.0/24) will be encapsulated and sent directly to 44.130.121.2,
which is reachable via internet.
It is expected that your system will nat those destinations to your
public IP (which probably happens).
If the detection of your default gateway is not correct, there is a
parameter '-g' by which you can set your gateway IP by hand.
Your internal addresses are not published, nor are the known to the
gateway. It is a local lookup performed by the daemons.
At the moment there are 4 functional gateways using this setup:
44.130.121.2, 44.130.122.2, 44.130.124.2 (as test systems) and
44.131.14.255 as a live setup.
Reachable tests hosts are: 44.130.121.3, 44.130.121.130, 44.130.122.3,
44.130.122.130, 44.130.124.3, 44.130.124.130, and of course the end points.
(44.130.121.2 runs amprd, 44.130.122.2 runs ampr-ripd and 44.130.124.2
runs the Mikrotik script).
I hope this clarifies some of the questions that may arise.
Have fun with the hobby,
Marius, YO2LOJ
Show replies by date
Marius.
That was very good and very helpful explanation - thank you.
Best regards.
--
Tom - SP2L
------------------------------------
It is nice to be important.
But it is more important to be nice!
On 21/04/17 23:22, Marius Petrescu wrote:
(Please trim inclusions from previous messages)
_______________________________________________
Hi everybody,
Just to clarify the issues related to "strange routes" appearing
during the use of the rip daemons.