44net October 2022

44net@mailman.ampr.org

27 participants
30 discussions

Re: New ISP blocking VoIP
by lleachii＠aol.com 05 Oct '22

05 Oct '22

Bill,Your VoIP system should be configured to register with the server. This would maintain the link.I'm not sure what client/server you're using, but there may be a time, timeout or keepalive (etc.) setting in the configuration options for the Callcentric service.If you are configured to receive blind SIP calls/packets into your Public IP at udp/5060 or something, Carrier Grade NAT would hinder that method.--- KB3VWG

3 2

Re: New ISP blocking VoIP
by lleachii＠aol.com 05 Oct '22

05 Oct '22

- I believe the secure firewall the ALG would need to traverse and be installed on is the ISP's device. That seems to be the source of the current issue.- The SIP ALG is known to be vulnerable - see https://samy.pl/slipstream/

1 0

Re: New ISP blocking VoIP
by lleachii＠aol.com 05 Oct '22

05 Oct '22

Bill,Carrier grade NAT means you aren't issued a Public IP on the WAN interface facing your ISP. There's a block of IP space (100.64.0.0/10) used for this purpose. CG NAT exists because of exhaustion of the Global IPv4 space.Yes, this would mean you cannot control receipt of protocols like: TCP, UDP and importantly for AMPR - IP Protocol No. 4.It sounds like they may have recently implemented this on their customer network. The ISP can offer their own services because they use their Public IP space on those needed servers. Another example where they use Global IPs - is on the CG NAT router that connects you to the Internet.It's possible they now offer a Public IP as an added service. You could inquire about that.73,LynwoodKB3VWG -------- Original message --------From: Harold Kinchelow via 44net <44net(a)mailman.ampr.org> Date: 10/4/22 22:32 (GMT-05:00) To: 44net(a)mailman.ampr.org Subject: [44net] New ISP blocking VoIP I am reposting this for William Horne because he post using a prevous message of mine but it came directly to me. Please take a look @ his issue below. Thanks Harold K7ILO From: E. William Horne <malassimilation(a)gmail.com> Sent: Sunday, October 2, 2022 2:57 PM To: Harold Kinchelow <k7ilo(a)outlook.com> Subject: New ISP blocking VoIP OM, I humbly request that you help me in any way you can to get around my new ISP blocking VoIP phone calls. On 9/4/2022, they stopped without warning or justification: both Callcentric and Hamshack Hotline went dead at the same time. On Monday, 9/5, I complained to the "Tech Support" number, and I listened to their employee being told to "Blame it on his router," and then to her doing so. I told her that wouldn't cut it, and she said she would "reset my modem" and then Callcentric came back online. I made a call with my Cisco SIP phone, and talked to my brother-in-law in Massachusetts for a few minutes, but right after we hanged up, the Callcentric line was dead again. I complained again, with nothing but gobbledygook and shaming and finger-pointing to show for it. The ISP had some flack call me, and he told me that they were doing "Cee-Gee-NAT," and couldn't map the ports required for Voip. I asked him how the ISP could offer it's own VoIP service, right on their public-facing website, if that were so. He said he'd have to do some more research, and I've never heard back. Here's a fervent "TIA" for any help you can offer. 73, Bill Horne, W4EWH 828-380-1440 (Cell)

1 0

New ISP blocking VoIP
by Harold Kinchelow 04 Oct '22

04 Oct '22

I am reposting this for William Horne because he post using a prevous message of mine but it came directly to me. Please take a look @ his issue below. Thanks Harold K7ILO ________________________________ From: E. William Horne <malassimilation(a)gmail.com> Sent: Sunday, October 2, 2022 2:57 PM To: Harold Kinchelow <k7ilo(a)outlook.com> Subject: New ISP blocking VoIP OM, I humbly request that you help me in any way you can to get around my new ISP blocking VoIP phone calls. On 9/4/2022, they stopped without warning or justification: both Callcentric and Hamshack Hotline went dead at the same time. On Monday, 9/5, I complained to the "Tech Support" number, and I listened to their employee being told to "Blame it on his router," and then to her doing so. I told her that wouldn't cut it, and she said she would "reset my modem" and then Callcentric came back online. I made a call with my Cisco SIP phone, and talked to my brother-in-law in Massachusetts for a few minutes, but right after we hanged up, the Callcentric line was dead again. I complained again, with nothing but gobbledygook and shaming and finger-pointing to show for it. The ISP had some flack call me, and he told me that they were doing "Cee-Gee-NAT," and couldn't map the ports required for Voip. I asked him how the ISP could offer it's own VoIP service, right on their public-facing website, if that were so. He said he'd have to do some more research, and I've never heard back. Here's a fervent "TIA" for any help you can offer. 73, Bill Horne, W4EWH 828-380-1440 (Cell)

1 0

OpenVPN Uses
by Harold Kinchelow 04 Oct '22

04 Oct '22

Hey Amateur Radio team I know what VPN is. I know what OpenVPN does. What are the actual uses of having a VPN into the AmprNet space. Ive seen on so many diagrams of setups where there is a VPN into the network. Thanks all Harold - K7ILO

6 5

[FYI] OpenWrt Nodes - 22.03.0 with dynamic firewall
by lleachii＠aol.com 04 Oct '22

04 Oct '22

All, FYI if you upgrade an OpenWrt node to 22.03.0 with a dynamic firewall script. The script will need to be updates to nftables. In addition, I am running on x86_64, but those who use consumer hardware may experience loads when iptables rules were in the Wiki versus "ipset" (which is an iptables feature). See the archives about that issue. On larger sets of IPs, the load times are slower. I'm not sure if that's due to our routing table already being in a "least-specific" notation. Nonetheless, if anyone wishes to try, feel free to have me as a resource during your upgrade. If anyone want to test installing the additional needed packages to continue using, let me know too for documenting to the Wiki. I can test on consumer software too - and you can forward the routes to it using the setting in ampr-ripd. -- 73, - Lynwood KB3VWG

1 2

Re: OpenVPN Uses
by Dave Gingrich 04 Oct '22

04 Oct '22

Stations are issued an 44-net IP on their first connection, which remains permanently for all subsequent connections. It also automatically reconnects should the underlying IP change, or drop out (think cellular based links). IRLP can handle IPs changing on the fly automatically, but our VPN users are essentially static using the same 44-net address each time they connect. — Dave K9DC, K9IP > On Oct 4, 2022, at 17:56, Stephen Atkins <ve6cpu(a)proton.me> wrote: > > Are you using 44net so you have a "static" ip for those repeaters instead of always having to update dns for there dynamic is ones? > > > Stephen Atkins > VE6CPU/VE6STA/VE6SU

1 0

Re: OpenVPN Uses
by lleachii＠aol.com 04 Oct '22

04 Oct '22

In the past, I used the available VPN to access AMPR resources away from the QTH.Additionally, I could test my own setup.73,Lynwood KB3VWG

2 1

Node KB3VWG upgraded - test OpenWrt 22.03.0
by lleachii＠aol.com 03 Oct '22

03 Oct '22

All, Overnight, I upgraded my AMPR Gateway to OpenWrt 22.03.0. There is a major firewall change from iptables to nftables. Feel free to test access (NOTE: only the protocols listed work). You should be able to Trace/Ping from your Public or AMPR ranges: - 44.60.44.1 NTP (NTP should only be configured on AMPR clients, but it is open to your public IPs by firewall as a courtesy) - 44.60.44.3 DNS (dns-mdc.ampr.org - only from AMPR) - 44.60.44.10 HTTP (http://44.60.44.10 and http://kb3vwg-010.ampr.org/homepage/ on AMPR and Public - AMPR access has more options/links available) -- 73, - Lynwood KB3VWG

1 0

Comments and questions welcome: Portal Features Requirements Document
by Rosy Schechter - KJ7RYV 02 Oct '22

02 Oct '22

Hello 44Net! For quite some time, y'all have heard rumblings of a new portal, which Chris has been working on bit by bit. Realizing that it's likely a larger project than we initially thought, earlier this year the TAC took on the task of writing a feature requirements document. This has been the bulk of their work this year so far, and I'm really proud of the results, which were completed just a couple weeks ago. I'm writing on behalf of the TAC to share this document with you and to request comments and comments: https://www.ampr.org/wp-content/uploads/2022-09-Portal-Features-Requirement… Ideally, please share your thoughts in this channel rather than emailing directly, though of course we will read any feedback you send. Pierre, the TAC Chair, will be watching the list and answering any questions that may come up. Note that this document is a feature requirements document - which outlines the features that the portal needs to have before it's considered "done." By definition, it's *not* an engineering document; we've purposefully not specified the exact technology we'll use to build this out. We have, however, specified that it will be released as an open source project as soon as we have a functional version, likely without all features present. Ultimately this will be a project managed by our new Director of Technology (who starts on Monday; will introduce after he starts) and the team he assembles to carry out the build. Thus, information like timelines, project plans, and database specifications, etc., will follow his review of this document and any comments from this group. And with that, I say - happy reading! And thank you so much for your thoughts and questions. Looking forward, Rosy -- Rosy Schechter - KJ7RYV Executive Director Amateur Radio Digital Communications (ARDC) ampr.org

9 13

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

44net October 2022