Sat Jan 10 00:52:07 EST 2015
Static routing won't work due to laptop host mobility, so need to fix
this in a different way.
Back to quagga? What are the options
OSPF is hierarchical which is not a good idea in my case.
RIP doesn't scale. Might not be a problem for a small number of routes.
So let's revisit RIP first.
- router comes up, broadcasts Request Message to all RIP-enabled
- router which receives Request Message replies with Response Message
containing its routing table. ( also when timer expires. )
- router receives Request Message,
- a route is used if it doesn yet exists or if hop count is lower.
- if hop count is higher: infinite loop avoidance (explain).
- For VPN routing, routers should NOT transmit their local net
routing. This leads to interesting problems where a VPN server's
subnet is routed through the VPN while a connection over the
internet is necessary to establish the VPN connection in the first
place. It seems beset to just limit to a collection of relevant
- Firewall might block multicast 126.96.36.199:540
- There is no authentication. Do not run this on untrusted links.
So I wonder if static isn't better. There are two problems I'm trying
- route redundancy through multiple VPN servers
- nodes that move around (e.g. laptops).
It might be best to solve the moving around problem using VPN links as
I already do, really... In practice the redundancy hasn't been an
issue. Pretty much perfect uptime of VPN servers.
Trouble is that I'm trying to solve a different problem: private
network inside an existing network where there is no control over the
routers (default gateways). In this case it seems that NAT at the
border of the private network is the only simple solution to reach
everything. Core of trusted hosts / nets can communicate over VPN +
quagga for things like VMs. All the rest is outside of this (web
browsing PCs, tablets, phones, printers, set top boxes and guest
wireless network.). From inside to outside routes need to be known,
while the return path uses nat.