From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <toke@toke.dk>
Received: from mail2.tohojo.dk (mail2.tohojo.dk [IPv6:2a01:4f8:200:3141::101])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by huchra.bufferbloat.net (Postfix) with ESMTPS id 61BF421F259
	for <cerowrt-devel@lists.bufferbloat.net>;
	Fri, 21 Mar 2014 11:51:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at example.com
Received: by alrua-x1.borgediget.toke.dk (Postfix, from userid 1000)
	id 7E8F61BCD6; Fri, 21 Mar 2014 19:51:45 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toke.dk; s=201310;
	t=1395427906; bh=WgzzwNv3rrM0z5lLtr3BI7WAagjZT6Bmjymg40o915k=;
	h=From:To:Cc:Subject:References:Date:In-Reply-To;
	b=JT0nyTu4Tm8WDjO1Hut8wY20KBBluxfvDPSdxsQf0EZE2vQ091OSHxe+SId3qjL5Y
	bMPKsNC6NhO/e4tBlMHG1AtcOELkbyWqqIMG1pugTFaUaysqoaFLphaN4DqmEnbSe+
	JdzEn6lYY028GecLd9QVRCgIgFheeslucIRcUf6M=
From: =?utf-8?Q?Toke_H=C3=B8iland-J=C3=B8rgensen?= <toke@toke.dk>
To: Dave Taht <dave.taht@gmail.com>
References: <CAA93jw6Y3V29Ynk+2DE+5RrPzSe7X6WeoJK9CcPAHPTRUBsCdQ@mail.gmail.com>
Date: Fri, 21 Mar 2014 19:51:43 +0100
In-Reply-To: <CAA93jw6Y3V29Ynk+2DE+5RrPzSe7X6WeoJK9CcPAHPTRUBsCdQ@mail.gmail.com>
	(Dave Taht's message of "Fri, 21 Mar 2014 17:47:42 +0000")
Message-ID: <87lhw38jwg.fsf@toke.dk>
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha256; protocol="application/pgp-signature"
Cc: "cerowrt-devel@lists.bufferbloat.net" <cerowrt-devel@lists.bufferbloat.net>
Subject: Re: [Cerowrt-devel] cerowrt-3.10.32-12 released
X-BeenThere: cerowrt-devel@lists.bufferbloat.net
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Development issues regarding the cerowrt test router project
	<cerowrt-devel.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/cerowrt-devel>,
	<mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/cerowrt-devel>
List-Post: <mailto:cerowrt-devel@lists.bufferbloat.net>
List-Help: <mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/cerowrt-devel>,
	<mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Fri, 21 Mar 2014 18:51:53 -0000

--=-=-=
Content-Type: text/plain

Dave Taht <dave.taht@gmail.com> writes:

> 2) People using this on an interior gateway on a complex network will
> need to either disable bcp38 or (preferably) add their rfc1918
> network(s) to the exception list on the interior gateway (not on the
> external gateway). For example, the yurtlab lives on subnets
> 172.21.0.0/20.

Well, depending on the topology it might not be needed. There's an
auto-detection mechanism built-in which tries to auto-detect the
upstream network settings. So as long as you only need to access one
upstream subnet, no configuration change is needed.

If it does *not* work, I'd appreciate seeing the output of the following
commands to try to improve the auto-detection feature:

ipset list
ip route
ip addr

along with the network that's being blocked.

-Toke

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBCAAGBQJTLIo/AAoJEENeEGz1+utPx/EIAMqzAdYqlIGliM78EX6DWZ3/
D8hyfNOeMcVox3qTBBQ6WUB7Kz56FOE7PKyQFiiEzlMHhDLaEKyIjcdtmdEuFyHL
22EWCL6DpfFSvFfalJreJ3UJCU2V/wXHPyqwLnMCiWt9Y/f+s84fmHIuBRujkfdK
9aGGAktXgHB16EosdSQf2X7ReSApTrYkT5NU9K/j5929hoarqgIGF/0oUmrRyO+i
+LYrV4vQ0OUAkjxi1iCC7y0zCozZoSJUwa4v12ajXSv4VULerdambp39II8glZZG
w1PNOi736aXYXvQ8zJH1INu/xd72IQmhJWzAHdcEniwsyChiIxVNSAuHtuMUr+k=
=J9rY
-----END PGP SIGNATURE-----
--=-=-=--