[Olsr-dev] Committed Patches
Friedrich Lobenstock
(spam-protected)
Mon Oct 1 13:13:05 CEST 2007
Hi!
Aaron Kaplan wrote on 01/10/07 02:00 MET:
> <delay alert :) sorry for coming back to threads so late>
>
>
> On Sep 23, 2007, at 7:47 PM, Bernd Petrovitsch wrote:
>
>> On Tue, 2007-09-18 at 21:47 +0200, Hannes Gredler wrote:
>> [...]
>>> we should really fix the "default-gw does NAT issue"
>> [....]
>>> thoughts ?
>> Basically I consider the issue not in the scope of routing daemon
>> (like
>> lots of other "people have funny setup things for whatever reason")
>> - if
>> only that I'm grown up with too much theory.
>>
>> But plugins which implement various schemes (e.g. GRE, IPIP, hell,
>> even
>> openvpn could be used in theory[0]) in sane ways or implement some
>> "call
>> external script" mechanism maybe useful.
>>
> Yup!
> I agree! Architecturally a plugin would be great.
> Then a GRE tunnel or an IPIP / whatever people want tunnel can be
> made easily.
> Hannes's proposition sounds good. But I would have to see it on paper
> or so.
> We should also check out how people are using tunnels so far in order
> to solve the default GW-does-NAT problem.
>
> How is it done in the Freifunk networks?
> Any other networks where you have NAT?
As you might know Funkfeuer Graz is going for a solution which uses
IPSEC-AH tunnels without NAT which are configured outside of OLSR and which
only depend on the routing information set by OLSR.
Judging from this position I can say that OLSR should do routing as it is a
routing protocol and nothing else - but then to the perfection. We would
rather need an improved quagga-plugin which would do conditional HNA's
based on route information received via BGP. For example if we "see" a
certain route, eg. default route, in BGP we should announce the HNA
10.10.10.10/32 (IP of our anycast IPSEC-AH gateway) in OLSR or remove it
otherwise.
Just my 2 euro cents.
--
MfG / Regards
Friedrich Lobenstock
More information about the Olsr-dev
mailing list