On Monday 07 September 2009 01:13:49 Michael Rack wrote:
Now, the reason for the tunneling-interface is totaly clear. There is no other solution to route internet-traffic through a specified gatway. The only solution will be to lable a tcp/ip-packet how MPLS does, but that is to fancy.
Well, we have something similar called "batman-adv". It is a kernel module implementing the batman protocol on layer 2.5 (using mac addresses instead of IPs). May be you should look into that ?
One question: Will the P2P-Interface (gate0) shows up in a traceroute? The P2P-Interface have a private ip-address 169.x.x.x assigned to it. I use only public ip-addresses and do not want to show a private ip-address in a traceroute.
I have no test setup at hand but I think you always should see the gateway's virtual ip (0.0 at the end) if you try to traceroute a host that resides in the internet.
Keep in mind that the tunneling will make everything appear as a single hop no matter how many nodes are in between. A traceroute should look like this:
* node ip * gw virtual ip * internet ip1 * internet ip2 * ...
When using the tunneling interface, the MTU is set to a lower value then 1500 bytes (1431 bytes). B.A.T.M.A.N have in addition to the NAT-Helper set the TCPMSS Flag to something like 1371 bytes (1431 bytes - 20 Bytes of MAC-Address and - 40 Bytes of TCP/IP Header). I found nothing about TCPMSS on my firewall-rules (iptables) in the table "mangle".
Without TCPMSS, packages that transport more then 1371 bytes will be silently dropped in my case.
Not sure how you get to these numbers (1431 / 1371) as the batman tunnel is running over UDP which costs 29 Bytes [20 Bytes IP + 8 Bytes UDP + 1 Byte batman stuff] in total, reducing the maximum packet size to 1471.
You are right about the the TCPMSS configuration - batman could set this automatically as well. I suggest something like this:
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -o gate0 -j TCPMSS --clamp- mss-to-pmtu
Currently i have my own policy-routing-script, because B.A.T.M.A.N does not support HOST-Routes xxx.205.12.4/32. But why does B.A.T.M.A.N not fully support Host-Routes? A mash with only Host-Addresses is easier to administrate then complete networks. A second goal is, that the ad-hoc mobile user is free to change his position across the net.
Your own policy-routing-script ? Why do you think batman does not support host routes ? I had the feeling batman supports host routes in all possible ways. :-)