Subj : fsxNet Feedback (ZeroTier
To   : deon
From : N1uro
Date : Sat May 15 2021 02:50 pm

Hello deon;

-=> deon wrote to N1uro <=-

 de> Its direct via the "hub" though right?

No it is not.

 de> 44/9 includes both 44.88.0.9 and 44.0.0.1 (and 44.64.10.33)

 de> Network:   44.0.0.0/9           00101100.0 0000000.00000000.00000000
 de> HostMin:   44.0.0.1             00101100.0 0000000.00000000.00000001
 de> HostMax:   44.127.255.254       00101100.0 1111111.11111111.11111110
 de> Broadcast: 44.127.255.255       00101100.0 1111111.11111111.11111111

Correct.

 de> If you did a tcpdump -ni tun0 on 44.0.0.1 you would see the packets
 de> coming in (from your real IP) and going out again (to the other IP).
 de> Traceroute doest show it because you are not technically traversing a
 de> router (because it is a /9 network).

Again semi-correct. It'd be tunl0 not tun0... and you'd want to use the
ethernet interface not the tunneled interface to watch.

 N1> traceroute to wb2snn.ampr.org (44.64.10.33), 30 hops max, 60 byte packets
 N1>  1  gw.n1uro.ampr.org (44.88.0.1)  5.670 ms  6.102 ms  6.095 ms
 N1>  2  wb2ona.ampr.org (44.64.255.225)  41.601 ms  45.571 ms  46.421 ms

 de> So, if you turn off 44.0.0.1, can you still ping 44.64.10.33 from
 de> 44.88.0.9?

Absolutely! They do have to take 44.0.0.1 offline on occasion to do 
maintenance, software upgrades, etc but that doesn't affect the rest of us.
AmprGate as it's known is a BSD box hosted at the University of California/
San Diego where the primary BGP announcement is done.

 de> Further the performance of your network traffic to 44.64.10.33 is
 de> limited by the your link, 44.0.0.1's link and 44.64.10.33. If any of
 de> those links gets "busy", especially 44.0.0.1 your peformance is
 de> impacted.

Not at all! Because of the encapsulation and ISPs doing what we've termed as
SAFE routing (Source Address FilterEd) we incorporate policy routing into our
systems and we get a "push" from a 3rd party site in the U.K. as dynamic IP
hosted systems report updates to it like OpenVPN would do. So in the policy
route table I have for 44/9 this is one of hundreds of routes:
44.64.10.32/27 via 24.0.91.254 dev tunl0  proto 44 onlink  window 840
My route/path to 44.64.10.33 doesn't go near California!.. and since we're
on the same ISP, we're about as direct as we can possibly be without line
of site 802.11 :)

Years go this might not have been true depending on who you were and what your
needs were. If you were SAFEd you needed a non-SAFEd host to forward your
routing via. Since I was on a non-SAFEd ISP I was one of a handful of hosts
for those that were. Of course, general traffic from the global internet would
still filter through 44.0.0.1 which would take the standard frame and convert
it to an encapsulated frame destined for the final hop. If we're looking to
accomodate encryption for european links/feeds I don't think this would be
an issue :)

.... Backstage Pass -- "Shake Your Booty" World Tour 1995-96
--- MultiMail/Linux v0.52
 * Origin: Carnage - risen from the dead now on SBBS (21:4/107)

.