Dave Taht <dave.taht@gmail.com> writes:

> 2) People using this on an interior gateway on a complex network will
> need to either disable bcp38 or (preferably) add their rfc1918
> network(s) to the exception list on the interior gateway (not on the
> external gateway). For example, the yurtlab lives on subnets
> 172.21.0.0/20.

Well, depending on the topology it might not be needed. There's an
auto-detection mechanism built-in which tries to auto-detect the
upstream network settings. So as long as you only need to access one
upstream subnet, no configuration change is needed.

If it does *not* work, I'd appreciate seeing the output of the following
commands to try to improve the auto-detection feature:

ipset list
ip route
ip addr

along with the network that's being blocked.

-Toke