Mike, the problem is that the n8lrf gateway has an address on
the subnet instead of a commercial IP address and is therefore
not reachable.
- Brian
On Wed, Apr 05, 2017 at 07:43:15AM -0400, Michael Wolthuis wrote:
> Rob,
> I have managed that subnet since early 90's. What is your concern? You are welcome to be assigned ips on it in Kent County. I have several other subnets for our HamWan project and even an IPv6 assignment from ARIN.
>
> How can I help meet your goals?
>
> Feel free to call me at 616-422-5412 or on the 145.27 Lowell repeater
>
> Mike
> KB8ZGL
>
> Sent from my iPhone
>
> > On Apr 5, 2017, at 6:13 AM, Brian Kantor <Brian(a)UCSD.Edu> wrote:
> >
> > I think it's a mistake. It's confusing. The gateway belongs to
> > n8lrf(a)comcast.net but the subnet belongs to kb8zgl(a)kb8zgl.net.
> > I'm guessing that n8lrf entered a gateway hostname that belongs to the
> > ampr side of the gateway rather than the commercial IP.
> > - Brian
> >
> >> On Wed, Apr 05, 2017 at 11:53:40AM +0200, Rob Janssen wrote:
> >> But there also is a network 44.102.128.0/24 and it does not work. Is that one okay or is
> >> it another config mistake? I suppose so, as its gateway 44.102.128.1 is routed to amprgw.
> >>
> >> I'm afraid we need better directions and/or safeguards in the portal.
> >>
> >> Rob
> >> _________________________________________
> >> 44Net mailing list
> >> 44Net(a)hamradio.ucsd.edu
> >> http://hamradio.ucsd.edu/mailman/listinfo/44net
I have installed the 1.16 on our gateway (without the safeguard for now) and it appears
to be doing its thing. I can ping hosts on those test networks.
But there also is a network 44.102.128.0/24 and it does not work. Is that one okay or is
it another config mistake? I suppose so, as its gateway 44.102.128.1 is routed to amprgw.
I'm afraid we need better directions and/or safeguards in the portal.
Rob
> Wouldn't you achieve the same result by adding that network's IP/subnet
> to the -a list?
Yes, but then I would have to know the offender's IP beforehand :-)
However, it would be possible to just delete the route in the -x script that we already have.
I think ampr-ripd will not detect that and the route will not be added every 5 minutes, right?
Rob
> If the daemon encounters a 44 gateway in the RIP data, it creates a host
> route to that specific host via the default gateway of the system.
I was thinking about one specific issue: when we run this code on our gateway, which is
BGP-routed for our 44.137.0.0/16 network and is on the IPIP network as well and runs ampr-ripd,
and some portal user who does not understand the system well, they could add a gateway with an
endpoint address inside the 44.137.0.0/16 network and we would add a circular route for that
address to our table.
Of course users should not do that. But they have done so, in the past.
Maybe we would need an option to specify a (list of) subnet(s) where this new mode of operation
would not be performed. Then a gateway can set that to the BGP routed network(s) it serves.
(similar to the -a option)
Rob
Good morning all,
I seem to have my gatway up (44.131.192.128)
It responds to some of the ampr ping tools in the service list but not others. Could I ask a few of you to ping it and see if you can see it.
Many thanks
Marc ("2W0PNT)
> No, but it is quite simple.
> If the daemon encounters a 44 gateway in the RIP data, it creates a host
> route to that specific host via the default gateway of the system.
Aha ok that is a nice solution. It should fix the problem for those that have two routing tables.
In our gateway we are using a single routing table (with some different metrics) so we don't have
the problem for isolated gateways, but your solution would still fix the case where the endpoint
has an address inside the subnet being routed (Sweden??).
I'll try to install it soon.
Rob
> Today I released an update to ampr-ripd (1.16) and amprd (1.5) to
> support ipip encapsulation on subnets which have their endpoints BGP
> announced in the 44net space.
Is it described somewhere how that works?
Rob
Is anyone using pfsense as your gateway/router? If so how do you handle
rip44? Is anyone interested in testing a package if I compile ampr-ripd?
Tom/N2XU/BSCS/CASP, Security+ ce
--
73 de N2XU/Tom Cardinal/MSgt USAF (Ret)/BSCS/Security+/IPv6 Certified
