7 Jan
2018
7 Jan
'18
11:58 p.m.
Currently running on a Raspberry Pi in a pfSense DMZ on residential Dynamic
IP. Marius’ ampr-ripd compiled with no issue, the scripts from my linux
gateway that I worked on with Lynwood work perfectly with no modification.
Need to do a little tweaking with iptables firewall as my network
implementation is different from what it was when I was running one box.
Diagram:
(Internet)===<pfSense>==(DMZ)==<Raspberry Pi>==(44.98.63.0/29)
- I’m NAT forwarding ipip traffic that hits the pfSense external interface
to the DMZ (usb NIC) interface on the Pi.
- tunnel script and ampr-ripd run on the pi creating tunl0 on the pi
- local AMPR segment on the Pi native interface.
- pfSense NATs outbound encapsulated traffic making it appear as if it
comes from the pfSense box.
- My gateways appears on Marius map.
Working on documentation for the wiki and will post by weeks end.
—tom
--
73 de N2XU/Tom Cardinal/MSgt USAF (Ret)/BSCS/Security+/IPv6 Certified
8 Jan
8 Jan
1:55 a.m.
Let me just remind you that for systems not having this point to
multipoint capabilities on the IPIP implementation, there is the amprd
application, which does the tunneling, routing and RIP handling
internally while providing a single virtual network interface, without
the need of any script, the only thing needed being a small config file.
I never had the possibility to test it on other Os than Linux, but it
should work on BSD style flavors.
Marius, YO2LOJ
On 08.01.2018 06:58, Tom C wrote:
Currently running on a Raspberry Pi in a pfSense DMZ
on residential Dynamic
IP. Marius’ ampr-ripd compiled with no issue, the scripts from my linux
gateway that I worked on with Lynwood work perfectly with no modification.
Need to do a little tweaking with iptables firewall as my network
implementation is different from what it was when I was running one box.
Diagram:
(Internet)===<pfSense>==(DMZ)==<Raspberry Pi>==(44.98.63.0/29)
- I’m NAT forwarding ipip traffic that hits the pfSense external interface
to the DMZ (usb NIC) interface on the Pi.
- tunnel script and ampr-ripd run on the pi creating tunl0 on the pi
- local AMPR segment on the Pi native interface.
- pfSense NATs outbound encapsulated traffic making it appear as if it
comes from the pfSense box.
- My gateways appears on Marius map.
Working on documentation for the wiki and will post by weeks end.
—tom
2509
days inactive
2509
days old
1 comments
2 participants
participants (2)
-
Marius Petrescu -
Tom C