44net May 2015

44net@mailman.ampr.org

24 participants
20 discussions

Re: [44net] ampr-gateways.org
by Rob Janssen 23 May '15

23 May '15

> Subject: > Re: [44net] ampr-gateways.org > From: > Steve L <kb9mwr(a)gmail.com> > Date: > 05/23/2015 08:09 PM > > To: > "44net(a)hamradio.ucsd.edu" <44net(a)hamradio.ucsd.edu> > > > I had to look at it via the wayback machine. For a minute I though > this was the site that the nice map of gateways. It looks like that is just another standalone site that you need to enter your data on, and that almost nobody knows it exists. IMHO such a site is only worth doing when it is linked to the actual data, not when it is yet another place to enter data. Check http://hamnetdb.net/ when you are looking for a site that brings some real value. In fact it offers much more than the portal and I think it should be considered to merge the portal function into it. Its ways of handling subnets and addresses are much more usable than those of the portal, and it can do so much more. It only needs a section to enter data for IPIP gateways. Rob

1 0

Re: [44net] ampr-gateways.org
by Steve L 23 May '15

23 May '15

I had to look at it via the wayback machine. For a minute I though this was the site that the nice map of gateways. Turns out that is: http://www.ampr-gates.net/frame_e.htm It would be really nice to have gateways portion of the portal list some geographic info. For those looking for connectivity to area XXX. I think this is our main selling point and we need to advertise it a bit. Right now if you lookup each gateway subnet you can derive the geographic area from the networks portion of the portal. Thanks again for your work Chris.

1 0

44net connection with RaspberryPi behind NAT
by Fred Boogaard 14 May '15

14 May '15

Hi all, I'm new to amprnet and linux and try to get my RaspberryPi connected with the 44net. I have setup the Pi and configured IPIP tunl0. I can ping to 44.137.0.0/16. The problem is that I do not receive any RIPv2 packets with ampr-ripd or rip44d. The situation is that the Pi is behind the DMZ of my ISP router and I think that's causing the problem. Have try ed the cron as a 1 minute ping as suggested at http://n1uro.ampr.org/linuxconf/amprnat.txt but without result. Do you have any suggestions or advise on what to do to get this running? 73, Fred/PA8F

3 2

Re: [44net] easy amprnet attachemet and connection - seeking peers for cost sharing
by Rial Sloan 13 May '15

13 May '15

> > > On 13.5.2015. 04:55, Andrew Ragone (RIT Alumni) wrote: > > > >> With that said, I am not sure what the advantage of this is (aside from > >> perhaps the dynamic IP issue you mention), though, since you could > always > >> write a script to login to the AMPRNet portal and tweak the IPIP tunnels > >> with any WAN IP address updates. When you have the free gateway over in > >> California already, it seems like that would be the way to go aside from > >> directly advertising your own BGP CIDR block. > >> > > > > I guess this would allow anyone with any decent router with VPN client > > capability) to be able to connect to 44net without requirements for > > struggling with dedicated computer and very specific installation to make > > it run. > > > > Yes, exactly and well said! that's exactly the point I've been pushing > for a long time. the single dedicated IP is taken care of by the cloud > based hub and a relitively simple setup on your client router at your > network edge simply makes 44net show up on your lan. no dedicated machine, > no dedicated or special software, no having to write custom config files, > just easy and instantly deployable using standard protocols used everyday > that real people use often and understand. > > Eric > Hi Eric, Are you doing the BGP announce or would the hosting provider you are proposing we share doing the announce? Are you familiar with what the HamWAN group is doing with their Open Peering Policy (http://www.hamwan.org/t/Open+Peering+Policy)? Rial F Sloan II N0OTZ

1 0

Re: [44net] easy amprnet attachemet and connection - seeking peers for cost sharing
by Rob Janssen 13 May '15

13 May '15

> Subject: > Re: [44net] easy amprnet attachemet and connection - seeking peers for cost sharing > From: > Eric Fort <eric.fort(a)gmail.com> > Date: > 05/13/2015 05:40 AM > > To: > AMPRNet working group <44net(a)hamradio.ucsd.edu> > > > there are 2 problems here which I'm working to address. The first being > that even though ipip tunneling is defined via rfc it's still relitively > nonstandard and I can't think of anywhere other than amateur radio / 44net > where it is used, much less used widely. It's also not generally handeled > well by many consumer grade household nat routers. I can't go to the web > interface on my cheapo whatever name consumer router and set up the > tunnel(s) I need to import a link to amprnet. If Tunnels are done with > something like IPSec, PPTP, or OpenVPN it's much better supported and is > easier to setup. the edge connections can simply establish their link(s) > to one or more hubs with known static IP, be assigned/connected to a > netblock, and be in business just by using their basic consumer grade > router and no other fancy or overly technical setup. > > Eric > AF6EP True. We already offer OpenVPN and IPsec VPN connection to our BGP routed gateway in Amsterdam, the Netherlands (44.137.0.0/16). (and IPIP of course) Indeed it makes entry a lot easier for those on the typical internet connection with NAT and maybe not a fixed address (although that is not really a problem here) What VPN protocols do you want to offer? I am considering adding support for OpenConnect (an open implementation of Cisco AnyConnect SSL VPN). That could even replace OpenVPN on the long run (I am not very happy with some aspects of it). Do you offer connections from your VPN users to non-44 Internet addresses and back? (this makes it more tricky and error-prone for users to configure their side, as they will need some form of policy routing that is not always available or easy to setup) Rob

1 0

BGP VPN access
by Bryan Fields 13 May '15

13 May '15

So I've had this working for some time now, but wanted to announce it to the group. in case anyone wants to try. I have a VPN router on vpn.w9cr.net You can use an IP sec VPN dialer to connect to it and then get an IP out of a /28 I have set aside for it. I don't mesh with the 44net ipip encap, but I believe we have connectivity to that via the hamwan guys from Seattle. I have no radius server or anything fancy, it's a crisco 1811 in my rack in tampa. I've confirmed it works with the apple VPN dialer. carrar has it working under windows with shrewsoft too. If you want to test/play send me your callsign/name and a password (numbers/letters/uppercase, no special char's), and I'll provision it and send back the group ID and PSK. 73's -- Bryan Fields 727-409-1194 - Voice 727-214-2508 - Fax http://bryanfields.net

1 0

easy amprnet attachemet and connection - seeking peers for cost sharing
by Eric Fort 13 May '15

13 May '15

After completing a successful experiment that demonstrated just how easy it can be to connect to amprnet without any need for a static public ip address and by just a few peers working together I'm looking for interested parties that may be interested in sharing the cost of a cloud based vpn server which would then host a 44/24 netblock routed via bgp. use of standard vpn tools makes this setup extremely easy and usable/compatable with NAT firewalls, and standard dynamic routing protocols and tools make things easy as well. I'd like to set this up based in the usa on plenty of bandwidth. please speak up if you would be willing to share cost and help make a go of this. Eric AF6EP

4 6

Re: [44net] easy amprnet attachemet and connection - seeking peers for cost sharing
by Bryan Fields 13 May '15

13 May '15

On 5/12/15 10:01 PM, Eric Fort wrote: > I'd like to set this up based in the usa on plenty of > bandwidth. please speak up if you would be willing to share cost and help > make a go of this. Eric, I have some space and could probably figure out how to spin up a VM for you here or just give you shell on a box. I'm collocated at 400 N Tampa which is well connected to across multiple carriers. Give me some details about what you're thinking. Will you be at Dayton? -- Bryan Fields 727-409-1194 - Voice 727-214-2508 - Fax http://bryanfields.net

1 0

Ampr Wiki
by Brian 12 May '15

12 May '15

Chris; I tried to log on my account to do some notes and it says my account is invalid...? Can you please double check and verify that it is still valid? Thanks much! -- The most difficult egg to beat is one that is hard boiled. 73 de Brian Rogers - N1URO email: (see above) Web: http://www.n1uro.net/ Ampr1: http://n1uro.ampr.org/ Ampr2: http://nos.n1uro.ampr.org Linux Amateur Radio Services axMail-Fax & URONode http://uronode.sourceforge.net http://axmail.sourceforge.net AmprNet coordinator for: Connecticut, Delaware, Maine, Maryland, Massachusetts, New Hampshire, Pennsylvania, Rhode Island, and Vermont.

2 1

expiring old routes
by Niall Parker 04 May '15

04 May '15

Hello, I recall some discussion on this a while back but don't remember if there was a solution and can't find it in the archives ... Is there a way to expire an announced encap route ? I'm trying to concentrate all the UBC subnets back at our router there and an experiment with 44.135.190/24 via another host isn't going away ... I can purge it from the router itself but it looks like the rest of the system is probably sending that subnet to the old (defunct) ip. ... Niall

2 2

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

44net May 2015