- 44net - mailman.ardc.net

Re: [44net] AX25 support on Linux based (Raspberry PI) node

by Lorenzo Simoncello

Il giorno mer 13 mar 2019 alle ore 16:43 Thomas Osterried < thomas(a)osterried.de> ha scritto: > > It's always the best choice to use the official repo. See > http://www.linux-ax25.org/wiki/GIT > http://www.linux-ax25.org/wiki/Compilation > > It would always have been a good idea to send patches upstream. > Since three days ago, the official ax25 site is not available.... are there any news? Very recent, there were some updates... and there was a new release … [View More]

6 years, 1 month

2
1
0 0

Re: [44net] RIP problems?

by Rob Janssen

> Google says it's my fault; I say Google has its collective head up > its ass in marking a valid email as spam. Their official word is > "Don't act like the bad guys" and you won't have problems. Never > mind that it's 100% RFC-compliant, they say it's bad guy behaviour. I agree. Sending mail to google (and also hotmail/outlook) has become very unreliable. E.g. when using @amsat.org or other forwarding services like @veron.nl or @vrza.nl (Dutch amateur radio societies) it will … [View More]

6 years, 1 month

1
0
0 0

DNS

by monsieurmarc＠btinternet.com

Hi all, Who do I contact these days about getting a dns entry for 44.131.192.128 All help appreciated. Regards Marc (2W0PNT)

6 years, 1 month

18
25
0 0

Re: [44net] RIP problems?

by Rob Janssen

> Everyone happy with this? Any comments? It would be nice if the mail had some info about what a gateway is and why you (don't) want it, e.g. with a pointer to the wiki page. I have found that some people add a gateway entry because they think this is some form of registration of their existing (not IPIP mesh) router e.g. connected via radio or via one of the other VPN types we support. They think it would be useful to be registered in some list. That is how the problematic … [View More]

6 years, 1 month

5
5
0 0

amprd setup issues

by Marius Petrescu

Hello, To all amprd users (this does not affect setups using the kernel tunnel driver and ampr-ripd). Due to changes in the 4.x kernels, there's a problem with the system replying with "icmp unreachable" to incoming IPIP traffic. This will possible drop incoming traffic, including the RIP broadcasts (resulting in incomplete route tables). Please switch to an ampr-ripd setup or filter outgoing icmp messages on your WAN interface, using a rule like the one below: *iptables -A OUTPUT -o … [View More]

6 years, 1 month

2
3
0 0

Re: [44net] RIP problems?

by Rob Janssen

> If you want to suggest some text I can add it to the template… > Thanks, > Chris I hope a native English speaker can do this... Rob

6 years, 1 month

1
0
0 0

Re: [44net] RIP problems?

by Rob Janssen

> I don't think folks would add a gateway if they haven't been approved for a block. Well, actually they do. The problem is that the visitors of the portal do not know at all what the whole concept of the IPIP tunnel mesh looks like, how it is relevant within AMPRnet, and that it is only one of the options for getting connected. As there is no walk-through explanation of concepts like a registered subnet, a gateway, the resulting IPIP tunnel mesh, etc, people just blindly click on menu … [View More]

6 years, 1 month

1
0
0 0

Re: [44net] amprd setup issues

by Rob Janssen

> I would replace DROP by REJECT. DROP means the system will wait till the packet times out. > For outgoing connections this may cause issues as the daemon that sends the unreachable will also wait till the packet times out before continuing No, outgoing ICMP "destination unreachable" is not an outgoing connect and it makes no sense to REJECT them... (this kind of packet should not be replied to) Rob

6 years, 1 month

1
0
0 0

Re: [44net] RIP problems?

by G1FEF

> > Given this, perhaps you could add a note suggesting that one or the list > of blocks should be added when they reregister their gateway, that would > eliminate any confusion... just my two cents. This better: —8< SNIP >8--- Hello {givenName}, This is a system generated email from the AMPRNet Portal. This is a courtesy notice to advise you that your gateway entry has been removed. Your gateway was removed by an automated process that looks for gateways that have had … [View More]

6 years, 1 month

2
2
0 0

Re: [44net] RIP problems?

by Rob Janssen

What is the final outcome of the discussion? Will any changes be made to the Portal to validate user input for default users? Will there be a change in functionality w.r.t. having gateways with external address within AMPRnet? Will incomplete gateway entries be deleted? I hope we can have some outcome of the bad situation and following discussion, instead of leaving everything as it is. Rob

6 years, 1 month

4
5
0 0

Router demo

by Marius Petrescu

Although I wanted to provide a freely accessible demo for ALL ham operators as an configuration example on an EdgeRouter, I'm starting to have my doubts. Especially to w6ray... What is the use of hanging on a router web interface for 24h now? What new information could it give you by watching its interface? Marius, YO2LOJ

6 years, 1 month

5
9
0 0

Re: [44net] RIP problems?

by Rob Janssen

> I am happy to implement BK’s suggestion to limit the setting up of gateway endpoints that fall within the 44/8 range to co-ordinators. > I am also happy to go through and remove any currently empty/incomplete gateways. Perhaps I could also setup a cronjob that purge such entries on a regular basis, e.g. any that are over a week old with no subnets? > I can implement the above fairly quickly if that is what is wanted? I would certainly appreciate that. Even better would be to … [View More]

6 years, 1 month

2
1
0 0

EdgeRouter full setup instructions to the Wiki

by Marius Petrescu

I have added the EdgeRouter full setup instructions to the Wiki. http://wiki.ampr.org/wiki/Setting_up_a_complete_gateway_on_Ubiquiti_EdgeRou… Have fun, Marius, YO2LOJ

6 years, 1 month

1
0
0 0

Re: [44net] RIP problems?

by Rob Janssen

> I would propose an alternate solution. Since the number of such > valid gateways is so very few, perhaps it would work well enough that > someone must *be* a coordinator to set up a gateway whose outside-world > address is in network 44. Note it also involves routing subnets that belong to others... I don't know how difficult it would be to add an extra property to a user record, should be a minute of work in a LAMP environment, I guess. Maybe a shortcut would be to add the "… [View More]

6 years, 1 month

4
3
0 0

Re: [44net] RIP problems?

by Rob Janssen

> I think somewhere less obvious (like under ones user profile) there > should be a place to check a box to enable "advanced user options." > And if that is checked then such abnormal things would be accepted? > Not sure how feasible/easy that sort of thing is for Chris to code though. I think that is actually the best idea. Adding a flag to each user (default false) and using it to enable those things (checks that were present before!) should not be that difficult. At least it … [View More]

6 years, 2 months

5
5
0 0

Re: [44net] RIP problems?

by Rob Janssen

> and who would be responsible for turning the flag on/off? > The user themselves? In which case aren’t we back to square one (with some/most users at least). > or perhaps a coordinator? > Do they want the extra responsibility? When you fear that will be a problem I would suggest to set the flag to false for everyone except experienced users like VE3TOK, DG8NGN, N1URO etc, and await requests to enable it for others. I would be OK with managing that for my area as a coordinator. … [View More]

6 years, 2 months

1
0
0 0

MikroTik Discovery Protocol?

by lleachii＠aol.com

All, I'm getting consistent traffic from these gateways: 19:09:47.158200 IP (tos 0x0, ttl 244, id 38837, offset 0, flags [none], proto IPIP (4), length 150) 89.67.160.225 > 71.246.224.8: IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 130) 0.0.0.0.5678 > 255.255.255.255.5678: [udp sum ok] UDP, length 102 19:10:27.498793 IP (tos 0x28, ttl 241, id 46236, offset 0, flags [none], proto IPIP (4), length 159) 66.109.219.132 > … [View More]

6 years, 2 months

2
1
0 0

Re: [44net] 44Net Digest, Vol 8, Issue 57

by Roger Andrews

Eloy, I had the same issue and you need to do MSS Clamping. At least that’s what I was told and it fixed mine. Roger VA7LBB > > > > From: Eloy Ritter de Monredont <eritter(a)me.com> > Subject: Re: [44net] RIP problems? > Date: April 7, 2019 at 3:47:13 PM PDT > To: AMPRNet working group <44net(a)mailman.ampr.org> > > > Bob, following your reply I remembered that that the gateway (44.98.7.1) is setup to not respond to pings and that, for now, the … [View More]

6 years, 2 months

2
1
0 0

OpenWRT Routing Daemon

by M6XCV (Mike)

Hi, A while back I wrote a routing daemon for receiving RIP broadcasts and installing them in to the routing table. I turned this in to a complete setup script which worked on OpenWRT without needing to compile architecture-specific binaries. I kind of stopped working on it after I got it working, as my prefix is BGP routed so I don't have much need for it myself, however I just got back to it and have created a package for easy install. This single package should work on any OpenWRT/LEDE … [View More]

6 years, 2 months

1
0
0 0

Re: [44net] RIP problems?

by Rob Janssen

> I was just going through some of the portal pages and Chris has some > extensive online help next to the various text/check boxes in the "?" > circles. We can't hold Chris accountable for people not comprehending > what they read on the portal. The online help did seem pretty accurate > and well written. It is not to hold Chris accountable, but some extra text above the form (that also explains what a gateway is and that setting up a one may not be what you want to do as a … [View More]

6 years, 2 months

8
8
0 0

Re: [44net] RIP problems?

by Rob Janssen

> If there are any additional checks that can be put into the Portal, I’m happy to add them if we can reach a consensus on what those checks should be... > Regards, > Chris Do you think it is viable to add another manual validation step for any gateway config that has one of these properties: - external gateway address is within 44.0.0.0/8 - advertised subnet is not owned by the gateway operator This would at least prevent mishaps like we had this week, because especially a gateway … [View More]

6 years, 2 months

1
0
0 0

Re: [44net] RIP problems?

by Rob Janssen

> The portal has made it easier for those to request blocks and for > routing to become a bit more efficient through RIP vs having to download > the encap.txt file and having to reload it every so often so the > automation is definitely welcomed in this regard. The whole concept of > ip encapsulation under ip is what confuses most people. Take OpenVPN for > example - people don't want to know it's using ip encapsulation, they > just want to configure it and have it work. … [View More]

6 years, 2 months

3
2
0 0

Re: [44net] RIP problems?

by Rob Janssen

> Rob et al; > This user is flagged RADIO only in his config and should not be a listed > "gateway" at all: > ... > If this is causing an issue, let me know and I'll send him a note asking > him what he's looking to do and point him to a few things that may help > him out. Well, the recurring issue is that users do not really understand the whole system and still are expected to manage it themselves via the portal. This does not work well. They experiment with entering … [View More]

6 years, 2 months

2
1
0 0

Re: [44net] RIP problems?

by Brian

Rob et al; This user is flagged RADIO only in his config and should not be a listed "gateway" at all: 44.118.1.1 2018-03-01 18:16:04 N1QX View <https://portal.ampr.org/gateways_list.php?a=view&id=1403> 44.118.1.2 2018-03-01 18:16:12 N1QX View <https://portal.ampr.org/gateways_list.php?a=view&id=1404> 44.118.1.3 2018-03-01 18:16:19 N1QX View <https://portal.ampr.org/gateways_list.php?a=view&id=1405> 44.130.104.1 2017-10-02 18:… [View More]

6 years, 2 months

1
0
0 0

Re: [44net] RIP problems?

by Rob Janssen

Well, after a week of frantic searching how this problem came about, it has finally been pinpointed. It turned out to be an unfortunate consequence of someone setting up a bad gateway entry with the external IP within out 44.137.0.0/16 network, combined with strict firewalling that returns ICMP messages on bad traffic, a bug in the handling of those messages, and the way ampr-ripd handles the above type of gateways. Finally when Marius discovered that ICMP messages were going back to the … [View More]

6 years, 2 months

4
4
0 0

Re: [44net] RIP problems?

by Rob Janssen

> Until a decision is made about what to do long term here, maybe the AMPR > Portal web interface can change this name from "gateway" to "public > Internet IP (gateway)". I think that would help some people avoid this > issue. Either that, and/or a descriptive text above the form that explains what a gateway is, why you want to have it (and why not), and where to read more about it. There are those "hover" type help texts but I am afraid it is not enough. I think several "… [View More]

6 years, 2 months

1
0
0 0

Re: [44net] RIP problems?

by Rob Janssen

Talked to network people at the ISP, they indicate that they have changed something w.r.t. the routing via Eurorings. It should be researched and hopefully fixed. In the meantime I am thinking about relaying the RIP packets from my own colo host to our gateway as an extra safeguard against things like this. I see that ampr-ripd has options -E and -F that should relay the raw packets to a specified address, good. That should work. But I don't think it is possible to make ampr-ripd … [View More]

6 years, 2 months

2
1
0 0

Fwd: mailman.ampr.org mailing list memberships reminder

by William Lewis

Does anyone else find it useless to have a password reminder email sent out every month where you're told your password is [****] ? -------- Forwarded Message -------- Subject: mailman.ampr.org mailing list memberships reminder Date: Mon, 01 Apr 2019 05:00:19 -0700 From: mailman-owner(a)mailman.ampr.org To: wlewis(a)acscalifornia.org This is a reminder, sent out once a month, about your mailman.ampr.org mailing list memberships. It includes your … [View More]

6 years, 2 months

6
7
0 0

RIP problems?

by Rob Janssen

Since yesterday, or maybe earlier, we do not receive the full RIP table anymore and our route table for IPIP routes has almost emptied. A trace of UDP port 520 shows only 2 RIP packets per cycle. Has something changed? Or does this have to be some rate-limiting on the path to here? Rob

6 years, 2 months

5
7
0 0

Re: [44net] RIP problems?

by Rob Janssen

I did further debugging... It is indeed our 213.222.29.194 gateway that has the issue, it misses most of the routes at least since yesterday (I notice because I have some mail in the queue routed over IPIP that has stalled since yesterday). But I do have another independently hosted IPIP host in the Netherlands that receives all the normal routes. It is at IP 89.18.172.156 and is located in another datacenter. So likely it is a routing issue on the internet... Rob

6 years, 2 months

1
0
0 0

Linux Gateway Question.

by KJ7DMC

Hello, I'm setting up a gateway on a linux server, I have added NAT and firewall rules to send protocol 4 over to my server at 10.0.2.1. Here's some output from tcpdump. Does this look right to you? Under it I have the output from ampr-ripd, showing nothing coming in. 0.0.0.0.5678 > 255.255.255.255.5678: UDP, length 102 15:41:24.153222 IP (tos 0x50, ttl 242, id 15047, offset 0, flags [none], proto IPIP (4), length 174) ip72-192-148-49.sd.sd.cox.net > 10.0.2.1: IP (tos 0x0, ttl 64,… [View More]

6 years, 2 months

2
1
0 0

Brian Kantor could you contact me off-list please

by Ruben ON3RVH

Hi Brian, I am trying to reach you off-list but the message keeps bouncing at your bkantor.net o365 mailbox due to security settings. I have a question about re-routing my BGP subnet. Would it be possible to contact me off-list please? Thanks! 73, Ruben - ON3RVH

6 years, 2 months

3
11
0 0

Vultr & vyos bgp setup

by brian＠binded.net

Hello All! I just got my /24 setup over at vultr. Im trying to follow a generic VYOS guide to setup bgp. Im getting some errors when trying to setup the bgp network command. Im used to working with cisco stuff, never really configured anything else. Has anyone used VYOS for bgp? Or is there another router OS thats better to use. 73, Brian

6 years, 2 months

7
8
0 0

EdgeRouter Gateway question.

by KJ7DMC

Hello, I have set up my ubiquiti edgerouter according to this guide http://wiki.ampr.org/wiki/Setting_up_a_gateway_on_Ubiquiti_EdgeRouter. I have plugged a pc into the new port, and I have internet connectivity, but via my ISP ip address. Here is a traceroute to google, showing that it is hitting the gateway. My PC has a static ip of 44.26.0.170, a mask of 225.255.255.248 and a default gateway of 44.26.0.169. What am I doing wrong? Thanks, -Nate 1 <1 ms <1 ms <1 ms kj7dmc.… [View More]

6 years, 2 months

2
3
0 0

AX25 support on Linux based (Raspberry PI) node

by Lorenzo Simoncello

Hi hoping won't be OT for "44 Net" mailing list, I would like to ask for yours experience with current AX25 support on Debian and specifically on Linux (Raspbian) based (Raspberry PI) node. At the moment my node should have 1 radio port (1 6pack interface to TNC) and one AXIP link via 44 net. In a previuos post I can see some warnings about "... many kernel issues with the AX25 stack and newer kernels that cause the kernel to simply lock, panic, and other nasties ..." and so the downgrade … [View More]

6 years, 2 months

8
13
0 0

Re: [44net] BGP routes in RIP transmissions - Using ampr-ripd in parallel with BGP ?

by Rob Janssen

> This is another drawback : all outgoing traffic (to Internet) has to go > through one of our gateways, and can not be forwareded to Internet > directly by an endpoint via its local (NATted) ISP. Yes of course. In our case that is not very important because our gateway is in a datacenter in Amsterdam, where most of the internet traffic passes anyway, and the ping time to typical internet hosts nearby is like 2ms. I have a 5.5ms ping time to our gateway via my VDSL connection, and … [View More]

6 years, 2 months

3
2
0 0

Re: [44net] AX25 support on Linux based (Raspberry PI) node

by Rob Janssen

> Since many on this group have the peculiar knowledge on AX.25, > on amateur packet radio and related stuff, it could be effective > and proficient to re-compact the efforts to support, repair, > improve and revamp the linux kernel, the NET/NOS and so on. The problem with code in the kernel is that it is very difficult to get any improvements available to the user. Assuming that not everyone wants to compile their own custom kernel from source, you need to get the … [View More]

6 years, 2 months

5
6
0 0

Re: [44net] BGP routes in RIP transmissions - Using ampr-ripd in parallel with BGP ?

by Rob Janssen

> - We are an island, so our network will be managed as a "closed" network, with only two gateways to "the rest of the world", in two data centers located in the two the main cities. It should be possible to get it working correct in that setup. The main problems of the German network are: - the use of many exitpoints towards internet that use consumer lines and NAT - the reliance on consumer routers that offer no flexibility in routing and connection marking (AVM Fritzbox etc) - the … [View More]

6 years, 2 months

2
1
0 0

Re: [44net] BGP routes in RIP transmissions - Using ampr-ripd in parallel with BGP ?

by Rob Janssen

> And then you'll have issues in at least parts of the German networks. You will have issues with them no matter what. Their network design just isn't suitable for connection to internet. No matter if you do or don't use tunnels, you will always have issues in some way. Rob

6 years, 2 months

3
2
0 0

Re: [44net] AX25 support on Linux based (Raspberry PI) node

by Rob Janssen

> The challenge is that by loosing the protocol stack in the kernel, all the existing Linux packet applications break. Maybe if a new libax25 library was created that could redirect all those calls to something in userland, that would work but that doesn't exist today. By also moving out of the kernel, we loose most of the advanced routing abilities in playing around with AX25/Netrom/Rose, etc. It should be possible to make a usermode program that handles socket calls made by … [View More]

6 years, 2 months

2
1
0 0

Re: [44net] TAP interface routing

by Rob Janssen

> I'm writing a DVB-GSE receiver block for GNU Radio. It will be used in a > future software defined DVB-S2 receiver. I've pretty much completed the > block, but I'm stuck on how to forward packets written to the TAP > interface into the Linux network stack. That happens automatically. The tap interface has two sides, one exists as a Linux network interface that you configure just as any network interface and the other side is accessed via the socket in your application. … [View More]

6 years, 2 months

2
1
0 0

Bouncing Emails

by William Lewis

Brian Kantor: I tried sending you two emails (off list). Both got bounced: ----------------------------------------------------------------------------------------------------------------------------- Remote-MTA: dns; bkantor.net Diagnostic-Code: smtp; 550 5.7.1 Disposition Notification Denied:NOYGDB -------------------------------------------------------------------------- Can you contact me off list to verify any change in your email address? Thank you. ----------------------------… [View More]

6 years, 2 months

1
0
0 0

TAP interface routing

by Ron Economos

I'm writing a DVB-GSE receiver block for GNU Radio. It will be used in a future software defined DVB-S2 receiver. I've pretty much completed the block, but I'm stuck on how to forward packets written to the TAP interface into the Linux network stack. I'm guessing some sort of bridge or virtual Ethernet interface is required, but I just can't find a coherent example. I'm hoping the brain trust here on 44net can help. The source code is here: https://github.com/drmpeg/gr-dvbgse/blob/master/… [View More]

6 years, 2 months

1
0
0 0

Re: [44net] AX25 support on Linux based (Raspberry PI) node

by Rob Janssen

> Is there a place where we can get the latest unofficial patches? Has anyone considered a fork to keep it relevant to modern kernels? I would say it is best to remove all AX.25 code from the kernel and use one or more userspace programs to provide the functionality instead. It is just too difficult to keep some seldomly used feature working in the kernel working without testing (as outlined by David). And once there is a problem, it is almost impossible to get it fixed and very difficult … [View More]

6 years, 2 months

2
1
0 0

Re: [44net] BGP routes in RIP transmissions - Using ampr-ripd in parallel with BGP ?

by Rob Janssen

> - May I encounter routing issues with some clients ? > - Is it recommended to deploy ampr-ripd in parallel with BGP ? You won't encounter problems with traffic to other systems on internet and also not with other AMPRnet systems routed via BGP, but some of the traditional AMPRnet networks that are only routed via IPIP will be unreachable when you do not run IPIP tunnels in parallel to your BGP announcement, or at best they will be routed via San Diego, USA which of course affects … [View More]

6 years, 2 months

3
2
0 0

Re: [44net] BGP routes in RIP transmissions -- CANCELLED

by Rob Janssen

> What's this "snow" thing? And can it be routed over the 44 net? ;P It can sometimes affect the routing over UHF/SHF radio links. But is anyone using those, or is only internet routing used? Here we have had lots of rain and strong winds over the past week. The antennas are shaking and I cannot work on my OSCAR 100 uplink. My WiFi AMPRnet link to the radio tower nearby is affected due to a tree in the path. Rob

6 years, 2 months

2
1
0 0

gateway on 0.0.0.0 entry in the portal

by R P

0.0.0.0 2019-02-16 11:36:03 F4BWT View<https://portal.ampr.org/gateways_list.php?a=view&id=1787> What is that ? Regards Ronen - 4Z4ZQ

6 years, 2 months

2
1
0 0

Re: [44net] BGP routes in RIP transmissions -- CANCELLED

by Rob Janssen

> If you have a 44net subnet behind your router, machines that do not have DNS entries at ampr.org will not be able to reach BGPed networks, because amprgw requires any host passing traffic through it must have such a DNS entry. > At the moment, simply removing the default route in your ampr table solves this and routes those hosts vis ISP NAT. > By automatically creating individual routes for BGP subnets make this a little more diffcult, and breaks existing working setups. Even if … [View More]

6 years, 2 months

8
9
0 0

what version NNTP to put in

by R P

Hi there does anyone know what ver of server (1 2 3) i have to put on my cisco SNTP if i want to use the following NNTP server s ? 44.24.244.4 and 44.60.44.1 Thanks Forward Ronen - 4Z4ZQ

6 years, 2 months

1
0
0 0

Re: [44net] 44Net Digest, Vol 8, Issue 35

by Roger

So I would be one of those with weak networking knowledge :( That said, would the proposed change have improved connectivity? I’m finding that not everyone is able to connect to my tunnel setup. I even noticed 3 days last week where N1URO.amor.org, was not reachable from untunnelled devices, like my cellphone and isp. If the changes would improve connectivity, even if people like me would need some instruction and tutoring, maybe it should be considered. Roger VA7VH > On Mar 12, 2019, … [View More]

6 years, 2 months

1
0
0 0

Re: [44net] BGP routes in RIP transmissions -- CANCELLED

by Rob Janssen

> Of course a special version of ampr-ripd could be made that ignores those routes when some flag is given. Or rather: add a flag that specifies an alternate route table number where those routes will be stored instead of the main table or the table specified with -t A special value (0, -1) could be used to entirely ignore those routes. Rob

6 years, 2 months

1
0
0 0

BGP routes in RIP transmissions

by Brian Kantor

Hello, Beginning on March 15th, the pseudo-RIP transmissions from amprgw will include the various subnet prefixes which are being advertised by BGP. They will show a next-hop address of 169.228.34.84, which is amprgw. Marius assures me that this will cause no harm, and will enable tunnel-only AMPRNet hosts to reach those destinations via the tunnel. He says that many tunnel-connected hosts have a semi-default route to amprgw that has to be manually installed when the system is set up; this … [View More]

6 years, 2 months

3
5
0 0

Connected via VPN, now what?

by Mike Saeger

I connected via VPN. IPv4 Address. . . . . . . . . . . : 44.139.11.22 Subnet Mask . . . . . . . . . . . : 255.255.255.252 My DHCP server is 44.139.11.21. I am not able to ping that server. I can't ping ampr.org. Actually, I tried pinging several IP addresses and nothing is returned. I'm trying to figure out if connecting via VPN is of any useful value? Mike N9MS

6 years, 3 months

4
3
0 0

Re: [44net] Port-forwarding of 44-addresses

by Rob Janssen

Marius, Ok that is an interesting solution! It solves the "route lookup" issue, but in the case of using BGP there isalso the issue that BGP only distributes the subnet route when there is an actual matching route in the table that it is managing. Of course this can by circumvented by unchecking the "synchronize" option. And on our local AMPRnet we distribute the default route via the same BGPinstance as the remainder of the routes. So that would have to be changed. I'm inclined … [View More]

6 years, 3 months

1
0
0 0

EdgeRouter and EdgeRouterX

by Marius Petrescu

I updated the startup scripts for the EdgeRouters to properly route back replies of requests from the internet via tunnel. So if you like to use the new setup, download again and reinstall the package... Also, with the new setup, the status wizard also needs to be updated (remove and install). Find the EdgeRouter setup package here: http://www.yo2loj.ro/hamprojects/Ampr_EdgeRouter.tgz (mips64) For the EdgeRouterX setup use this one: http://www.yo2loj.ro/hamprojects/Ampr_EdgeRouterX.tgz … [View More]

6 years, 3 months

1
0
0 0

Re: [44net] Port-forwarding of 44-addresses

by Rob Janssen

> The forwarded packets > that were supposed to go to my 'inner' server were also routed back to > the AMPR GW, which of course did not know anything about my local > addresses (192.168...). > However, after adding this line: > ip route add 192.168.19.0/24 dev enp0s6 table 44 > everything felt in place and I'm now a happy man. Unfortunately this is a detail that is soooooo easy to oversee that it frequently happens. But of course it is always educational to … [View More]

6 years, 3 months

2
2
0 0

Fixed the problem

by Mike Saeger

There were 2 RSA keys in my n9ms keys file. The 2nd one was the correct one. Then I got an error message telling me that OpenVPN couldn't connect due to a weak algorithm. Adding the following line to the .opvn file fixed it. Mike tls-cipher "DEFAULT:@SECLEVEL=0"

6 years, 3 months

1
0
0 0

Trying to use VPN

by Mike Saeger

I'm already using OpenVPN and it works great. Now, I'm trying to use OpenVPN to establish a tunnel to AMPR.ORG. I followed the instructions at: http://wiki.ampr.org/wiki/AMPRNet_VPN I get the following message in my OpenVpn Log: Tue Mar 05 12:19:13 2019 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead. Tue Mar 05 12:19:13 2019 SIGUSR1[soft,private-key-password-failure] received, process restarting Tue Mar 05 12:19:13 2019 MANAGEMENT: >STATE:1551813553,RECONNECTING,… [View More]

6 years, 3 months

1
0
0 0

Port-forwarding of 44-addresses

by Bent Bagger

Hi I have acquired myself a problem. Recently I decided to move all web services away from the gateway to an ‘inner’ server. This is easily done by using port forwarding in the firewall on the gateway. Thus I forward all web services by using this line: iptables -t nat -A PREROUTING -p tcp -m multiport --dport $Services -d $EXT_IP -j DNAT --to $webserver where $Services is defined as Services="smtp,domain,www,https,submission,imaps", $EXT_IP is my external IP address and $webserver … [View More]is the IP address of the ‘inner’ server. I do the same for the ampr interface: $iptables -t nat -A PREROUTING -p tcp -m multiport --dport $Services -i ampr0 -j DNAT --to $webserver In this case it is only the www and https services that are relevant since I do not do mail on the 44-address. All of this works of course as it should for ordinary IP addresses (non-44) and it also works fine when comming from a 44-address. Furthermore it works fine when I ping my 44-address from any IP address (which isn't surprising as ICMP is not forwarded). But it fails miserablywhen accessing my 44-address (44.145.40.3) from an ordinary IP address. The incomming request comes nicely in on the ampr interface, but the reply goes out the WAN interface to the Internet at largeand is thus not recognized as a reply on the originating host. I have spent quite a bit of time trying to findout why this is so. I’m convinced it is something in my setup that is the cause of this behavior, but I’m at a loss as what it may be, so I hope some of you eagle-eyed people out there can spot the error. Here are somedetails of my setup. Routing rules: $ip rule list 0: from all lookup local 44: from all to 44.0.0.0 /8 lookup ampr 45: from 44.145.40.3 lookup ampr 32766: from all lookup main 32767: from all lookup default Main routing table: $ip route list default via 86.48.99.33 dev enp0s7 metric 3 127.0.0.0/8 via 127.0.0.1 dev lo 192.168.19.0/24 dev enp0s6 proto kernel scope link src 192.168.19.6 ‘ampr’ routing table (table 44) (excerpts): $ip route list table ampr | head -n4 default via 169.228.34.84 dev ampr0 onlink 44.2.0.1 via 191.183.136.1 dev ampr0 proto 44 onlink window 840 44.2.2.0/24 via 216.218.207.198 dev ampr0 proto 44 onlink window 840 44.2.7.0/30 via 98.208.73.100 dev ampr0 proto 44 onlink window 840 My gateway is a Soekris Net5501 running Gentoo Linux updated to the latest versions last Monday. I do hope I have expressed myself clearly enough and provided details enough so that one of you can point at something and say: ‘there is your error’. If some information is missing or lacking please ask for it and I’ll provide as much as I can. Best 73 de Bent/OZ6BL [View Less]

6 years, 3 months

3
8
0 0

AMPR.ORG for Mesh Network?

by Mike Saeger

Hi, I'm new to this forum. Several years ago I used Packet Radio and had an IP address (it is still active: n9ms.ampr.org [44.72.58.62]). Now, I'm getting active on the AREDN Mesh Network. I'm wondering if my n9ms.ampr.org would be useful on our mesh network -- maybe it's strictly a Packet Radio thing? I'm just curious. I looked at the Gateway information, but I didn't see anything in there for my IP address -- but I could be wrong. Thanks for your help. Mike N9MS

6 years, 3 months

2
1
0 0

Dead gateway, looking for input

by Tom Cardinal

Greetings, My gateway bit the dust and I need to start from scratch. I have two possible approaches. 1. I have an older Edgerouter Lite. Has anyone cracked the nut on connectivity to other AMPR nodes in the mesh? 2. I’m considering buying a new microtik router. Is there a suggested model? Would like to get back on 44net but want to stay away from the “roll your own” Linux system as Ubuntu has changed their network manager to netplan. Suggestions welcome. — tom Tom Cardinal / MSgt USAF (… [View More]

6 years, 3 months

4
25
0 0

Do we support GRE?

by Mark Phillips

Hi folks, Trying to get my pfSense firewall to talk directly on AMPRnet and am wondering about GRE. Do we support this? It looks like the only way I can get pfSense to do AMPRnet is to forward everything to an internal host and do things there. I can do BGP but I don't have enough addresses space for that (I only have a /27). Thanks Mark G7LTT

6 years, 3 months

3
4
0 0

Where to get BGP subnet list?

by Steve L

>From time to time testing various setups I need to determine if the remote 44 host is IPIP or BGP so that I can verify everything is working etc. I used to grep this, but apparently this is not current? http://thyme.rand.apnic.net/current/data-add-ARIN Does anyone know of an up to date source? I used to test new installs against hambook.de.ampr.org (44.225.164.16) as I know this is not reachable via the normal internet, but is via 44net. It used to be via an IPIP tunnel. I don't see it … [View More]

6 years, 3 months

6
15
0 0

Cellular networks

by Roger

So very sorry everyone. Sometime after I sent my message, the computer I was using for 44Net had issues so everyone that tested found they couldn’t reach me. Please try again, this time; VA7LBB.ampr.org or 44.135.179.19. It is up. Port 80 is open. It does work! It just doesn’t seem to work on Cellular networks. At least not for me. Please let me know what you find, and if you have any suggestions. Roger VA7LBB

6 years, 3 months

5
4
0 0

defective entries in the encap file?

by Brian Kantor

There are a few entries in the encap file which are for subnets that are NOT indicated as tunnel-routed subnets. They are apparently in the portal database with the Tunnel attribute UNchecked, but they have a gateway associated with them. Perhaps this is because they at one time *were* tunnel-routed but converted to direct (BGP) routing. Anyway, I believe they should NOT be in the encap file because they are NOT IPIP tunnel-routed. These are 44.48.8.0/22 44.56.128.0/24 44.131.7.0/24 44.182.… [View More]

6 years, 3 months

1
0
0 0

Cellular networks

by Roger

Hello, I finally got my AMPRnet tunnel up and running. I have dns and a few A names. Everything seemed fine until I tried reaching one of my machines using my cellphone over the Cellular Network. It just times out. Here’s a test page. Ve7mov.ampr.org. Is this normal. I can’t imagine this is a config problem on my end Thanks Roger VA7LBB

6 years, 3 months

5
4
0 0

Re: [44net] IPv6

by Rob Janssen

> An interesting report on the adoption of IPv6 by the Internet at large. Very interesting indeed! It discusses all those aspects that have slowed down IPv6 adoption. My ISP (which also hosts our gateway system) was amongst the early adopters and I have also experimented early, but abandoned it due to the "no benefits and only problems" situation. But later, when those were mostly cured, I again enabled IPv6 on my network. Problems caused by running dual-stack are now rare, but still it … [View More]

6 years, 3 months

1
0
0 0

IPv6

by Brian Kantor

An interesting report on the adoption of IPv6 by the Internet at large. https://www.internetgovernance.org/wp-content/uploads/IPv6-Migration-Study-… - Brian

6 years, 3 months

3
2
0 0

How to allow central gateway to support small gateways that use dynamic IP ?

by R P

Hi there We consider to advertise part of our Country AMPRNET IP Network allocation via BGP to a small DataCenter We want from there to allow users to have a gateways that will have IPIP tunnel to it. By that we will decrease the latency of the IPIP tunnel that goes to UCSD and back and also hopefully get a much bigger bandwidth (from the data center and not from the UCSD limitations) What Do we need to have in the Data Center in order to Support it ? Is there any expert here that may … [View More]

6 years, 3 months

4
5
0 0

Can't seem to grasp something

by pete M

HI every one, I have an alocation and registered a gateway to do ipip encapsulation to finally be able to run a gateway inside my local lan. The gateway is a debain 9 computer with 2 nic. one connected to my lan (eth0) and another wich will have the 44 net address network (eth1) I already put the first adress of the 44 allocation that I have on eth1. eth0 is for now on dhcp. Now I've been reading, reading and re reading the wiki. there are so much stuff that I am lost. In my case, what … [View More]

6 years, 3 months

9
18
0 0

Allocation

by Michael Beaveridge

Hi - I requested a block via the portal and I noticed that my call is on gateway list, however I didn’t get any indication that I had sent in the request. I know they said that everything was volunteer and to be patient, but just wondering if my request went in as I didn’t get any email. Thanks. .michael, ve7ki

6 years, 3 months

3
2
0 0

Re: [44net] Yahoo.com hangs via 44Net

by Rob Janssen

> Hi all, > I’m having an issue with my 44Net tunnel. It works beautifully incoming and almost as good outgoing. For some reason, while on a 44Net IP’ed computer, I can’t reach yahoo.com. > All other locations I’ve tried work well and off the 44Net, yahoo.com is reachable. That kind of problems is usually caused by over-active network admins that block all ICMP and thus kill PMTU discovery. You can work around it by doing "TCP MSS clamping" at your end. E.g. when you have a MikroTik … [View More]

6 years, 3 months

1
0
0 0

Yahoo.com hangs via 44Net

by Roger

Hi all, I’m having an issue with my 44Net tunnel. It works beautifully incoming and almost as good outgoing. For some reason, while on a 44Net IP’ed computer, I can’t reach yahoo.com. All other locations I’ve tried work well and off the 44Net, yahoo.com is reachable. On the 44Net, it times out. DNS seems find and I can ping the address. I’ve tried both chrome and Firefox and cleared the cache on both. Is anyone else having issues with that site, or any other? Solutions? Roger VA7LBB

6 years, 3 months

1
0
0 0

subscribe

by Jean Létourneau

-- Sysop de: VE2PKT (BBS), VE2PKT-13 (URONode) : VE2RCN-1, VE2RGM-1, VE2RGC-1, VE2RVA-1, (The-Net) : VE2PKT-9 (DXCluster), VE2PKT-10 (Winlink Gateway) RF: 147.435 Mhz (1200 Bps), Internet: Telnet://nodes-ve2pkt.dyndns.org <http://xrouter-ve2pkt.dyndns.org> port 23 (Network Node) Telnet://fbb-ve2pkt.dyndns.org port 6300 (FBB BBS) Telnet://ve2pkt.dyndns.org port 9000 (DXCluster) E-Mail: packet: ve2pkt(a)ve2pkt.#qbc.qc.can.noam ampr net: ve2pkt(a)ve2pkt.ampr.org Inet: ve2pkt(a)gmail.com

6 years, 4 months

1
0
0 0

Re: [44net] DNS Flag Day, Feb 1st, 2019

by Rob Janssen

>Contacting Debian will always yield the same results as they've stated >for decades now. They fix end-user affecting bugs, but they don't >introduce new versions, features, etc. At one time there was the >Debian Volatile project that hosted "fast moving" versions of software >(spamassassin, clamav, etc), But that project was disbanded years ago. It is what most distributions do. And frankly I am not that unhappy with it. Sometimes it is nice to have a … [View More]

6 years, 4 months

2
1
0 0

Re: [44net] DNS Flag Day, Feb 1st, 2019

by Rob Janssen

> The problem lies outside of Linux distributions, the problem lies with > over aggressive firewalls (or poorly designed firewalls) that don't > allow or understand DNS Extensions. And with old DNS server versions that do not allow them either, I think. And that seems to be the case for the abovementioned domains. (or there is such an overly agressive firewall in front of them) > This email was sent to you from a Debian Stretch (earlier in the food > chain than Jessie) server … [View More]

6 years, 4 months

3
2
0 0

Re: [44net] DNS Flag Day, Feb 1st, 2019

by Rob Janssen

>>/But on our AMPRnet gateway (which has Debian Jessie) />>/there is a DNS server/resolver (bind 9.9.5) / >Ouch. Bind v9.9.5 is ~10 years old... sure Debian applies patches, but >man that's way too old, even ISC would heavily advise against it. Why >can't that gateway be upgraded to Stretch or Buster? I'm willing to >help if help is needed. Debian Jessie is only some 3.5 years old and it is fully supported. We keep it uptodate. When you think the package is too old … [View More]

6 years, 4 months

2
1
0 0

Re: [44net] DNS Flag Day, Feb 1st, 2019

by Rob Janssen

> Rob, > Both domains you speak of do not rely on AMPRnet DNS infrastructure > So Brandmeister and Dstar.su are not effected by any DNS issues within AMPRnet > 73s, > Rudy (PD0ZRY) That is exactly what I wrote: it is not related to 44Net. There is nothing we can do about it. But it is related to amateur radio and it could affect people reading the list because they are involved in amateur radio networking. So it is good to know it so we know where we could look when … [View More]

6 years, 4 months

2
1
0 0

Re: [44net] DNS Flag Day, Feb 1st, 2019

by Rob Janssen

While not really related to 44Net, note that there are serious issues with the DNS servers used by amateur radio related services like brandmeister.network dstargateway.org dstar.su etc. Not much we can do about it, but at least it is known... Rob

6 years, 4 months

4
4
0 0

Wiki - Firewall ipset Bogons

by LLEACHII＠aol.com

All, The ipset firewall script I posted included my subnet. The error was fixed from an unedited copy/paste operation. 73, - Lynwood KB3VWG

6 years, 4 months

2
3
0 0

DNS Flag Day, Feb 1st, 2019

by Brian Kantor

Quoting from the web site at https://dnsflagday.net/ What is happening? The current DNS is unnecessarily slow and suffers from inability to deploy new features. To remediate these problems, vendors of DNS software and also big public DNS providers are going to remove certain workarounds on February 1st, 2019. This change affects only sites which operate software which is not following published standards. Are you affected? On that web page, there is a Domain Owner's … [View More]

6 years, 4 months

2
1
0 0

AMPRNet OVPN portal still working?

by Mark Phillips

Hi Folks, I've had need to try the Open VPN portal located at aprs.fi today but I failed to connect. Is it still functioning? Thanks Mark NI2O/G7LTT

6 years, 4 months

2
1
0 0

Re: [44net] security reminder : Sharing best practices and tools ?

by lleachii＠aol.com

1. As you all observed yesterday, I still run OpenWrt - currently on a Cisco Meraki MX60W device. I also use OpenWrt to create a separate VLAN for AMPRLAN traffic (those configs are in the Wiki). I can use routing, masquerade and NAT in another VLAN - if I need to temporally assign a device a 44 Public IP for testing and use. 2.I am running the firewall on my tunnel, which is iptables and zone-based in OpenWrt. Only relevant inbound ports for known services are allowed (e.g. 80/tcp … [View More]

6 years, 4 months

2
4
0 0

security reminder

by Brian Kantor

Folks, Please remember that when you set up a host, computer, or device on the AMPRNet, it is exposed to the big bad evil environment of the Internet without any form of protection such as a firewall or traffic filter, UNLESS YOU PROVIDE IT. In recent days we've had a some more complaints about systems being used as DNS amplification attack vectors, others as having been compromised and turned into a spam bot, and so on. I wish these were unusual events, but they're not rare enough. Yes, … [View More]

6 years, 4 months

3
4
0 0

Re: [44net] security reminder : Sharing best practices and tools ?

by Rob Janssen

I think that script is OK, except of course this line: AMPRGW="<AMPRGW>" Should be edited to the actual address of AMPRGW instead of that <AMPRGW>. I think it is better to just put the literal address in the example code as this kind of substitutions confuses people. When it changes, the Wiki can be updated. It is of course also possible to look it up using DNS but that will require another dependant package e.g. "dig" and again may confuse people. >I tested it … [View More]

6 years, 4 months

1
0
0 0

Re: [44net] security reminder : Sharing best practices and tools ?

by Rob Janssen

> All, > I implemented the code update. It's been added to Firewall Wiki under the ipset-based script. > http://wiki.ampr.org/wiki/Firewalls#ipset <http://wiki.ampr.org/wiki/Firewalls#ipset> > Thanks Rob! Those scripts were adapted from mails that I sent to the list, but there are some funny things in the versions on the Wiki. The first version (with iptables) has comments that really aren't correct. You must have had other problems while debugging this, as neither "the if … [View More]iptables ... construct does not work" nor "there must be no spaces or empty lines here" are true. Maybe you had files with CRLF line endings (Windows editor) and/or other issues that were resolved by other changes and this comment was left in there. if command then is the same as: command if [ $? eq 0 ] then there may be empty lines between the command and if, this is no problem, but of course there should be NO thing like "echo $?" between those lines! maybe you did that during testing. that will make it fail because the echo command will not only display the value of $? but also the new value of $? will then be set to the result of the echo command! -> always 0 In the second example, using "ipset", there is an "if ipset" command (see, here it is OK!) but the "then" and the "else" branch contain exactly the same code. I don't know how that came about, but of course in that case you can just remove the if, then and else and put 1 instance of the code left-shifted under that. Of course in this case you don't need the tempfile and can do everything in one go like this: ipset -N ipipfilter hash:ip 2>/dev/null ipset flush ipipfilter ipset -A ipipfilter $AMPRGW grep addprivate encap.txt | sed -e 's/.*encap //' | sort -u | while read ip do ipset -A ipipfilter $ip done In my own systems I use a temporary ipset and swap them after completing the above, to avoid the small time interval where the ipset is being filled and packets could be dropped. For an ordinary user gw it probably isn't worth the trouble as this interval is quite short. Of course, those filters are very useful against abuse of the gateway by people who send ipip packets but are not part of AMPRnet (they could use it to hide their IP or to work their way around parts of the firewall) but in practice I have found that most cases where this actually happens are in fact hams who have misconfigured their gateway. (e.g. the IPIP output goes out on another IP than they have configured as incoming for their gateway) Don't think that adding this will solve any problems you have been faced with unless you are certain that it was via IPIP abuse. There probably is another error in the firewall. Rob [View Less]

6 years, 5 months

1
0
0 0

Is there any way to update ampr.org dns

by Cathryn Mataga

Right now ke6i.ampr.org points to another ip address, not the one I'm using, which is at vhf.ke6i.ampr.org

6 years, 5 months

3
2
0 0

some subscribers have been missing 44net emails

by Brian Kantor

If your mailbox is located at or relayed by any of these domains: att.net btinternet.com estesvalley.net free.fr icloud.com laposte.net mac.com n5kh.org stpetebeach.net thbt.fr you may not have been getting some or all 44net email messages over the past few days. What seems to have happened is that the mailing list host, 'mailman.ampr.org', somehow got on … [View More]

6 years, 5 months

1
0
0 0

Mailman problem

by Brian Kantor

If you sent a message to the 44net mailing list in the last hour or so and haven't seen it distributed, it likely got lost in a mailer glitch that I think I've fixed. Please resend it. Sorry for the hassle. - Brian

6 years, 5 months

1
0
0 0

Re: [44net] OpenWRT AMPRNet config

by lleachii＠aol.com

Roger, I wrote the OpenWrt Wiki and my allocation has been live at 44.60.44.0/24 for years on my devices. Getting the tunnel interface active is the first step. * I'm not sure what network and firewall configs you want, as MY EXACT CONFIGS ARE ALREADY POSTED IN THE WIKI (I will re-post them in this email) * Again, AMPRGW should be replaced with the IP of AMPRGW. The IP is located here: http://wiki.ampr.org/wiki/Services | AMPRNet Gateway(AMPRGW) | 169.228.34.84 | * If you created … [View More]

6 years, 5 months

1
0
0 0

OpenWRT AMPRNet config

by Roger

Hi, I’m following the instructions at the below link to use OpenWRT as a 44Net gateway. I’m confused about some of the instructions. What should <AMPRGW> be replace with in the route. This has me confused as well: “an interface instance for a new VLAN and bridge (the example above uses AMPRNET), add it to its own firewall zone using Input: Accept (if you wish for you AMPRLAN devices to reach the router), Output: Accept and Forward: Drop (or Reject). Assign an IP from your allocation to … [View More]

6 years, 5 months

1
0
0 0

Re: [44net] OpenWRT AMPRNet config

by lleachii

Also - from your post, did you follow the steps to install IP-full so the startup script would create the tunnel interface? In addition, did you compile ampr-ripd? null

6 years, 5 months

1
0
0 0

Re: [44net] OpenWRT AMPRNet config

by lleachii＠aol.com

Roger, AMPRGW should be replaced with the IP of AMPRGW.See: http://wiki.ampr.org/wiki/Services for those details. You don't need a "Gateway" to the tunnel, as it's a Layer 3. You do need to assign an IP from your range to a VLAN/bridge if you will make a: VLAN, port/ SSID, etc. for your allocation to "live." What issues are you having with network and firewall configs?You never actually said what's wrong. Feel free to ask me any more questions, or private email me for landline. 73, - … [View More]Lynwood KB3VWG -----Original Message----- From: 44net-request <44net-request(a)mailman.ampr.org> To: 44net <44net(a)mailman.ampr.org> Sent: Tue, Jan 8, 2019 3:00 pm Subject: 44Net Digest, Vol 8, Issue 3 Send 44Net mailing list submissions to 44net(a)mailman.ampr.org To subscribe or unsubscribe via the World Wide Web, visit https://mailman.ampr.org/mailman/listinfo/44net or, via email, send a message with subject or body 'help' to 44net-request(a)mailman.ampr.org You can reach the person managing the list at 44net-owner(a)mailman.ampr.org When replying, please edit your Subject line so it is more specific than "Re: Contents of 44Net digest..." Today's Topics: 1. OpenWRT AMPRNet config (Roger) ---------------------------------------------------------------------- Message: 1 Date: Mon, 7 Jan 2019 12:32:53 -0800 From: Roger <va7lbb(a)rezgas.com> To: 44net(a)mailman.ampr.org Subject: [44net] OpenWRT AMPRNet config Message-ID: <CC7E3091-3982-478B-A5C2-7F83E5D0AE30(a)rezgas.com> Content-Type: text/plain; charset=utf-8 Hi, I?m following the instructions at the below link to use OpenWRT as a 44Net gateway. I?m confused about some of the instructions. What should <AMPRGW> be replace with in the route. This has me confused as well: ?an interface instance for a new VLAN and bridge (the example above uses AMPRNET), add it to its own firewall zone using Input: Accept (if you wish for you AMPRLAN devices to reach the router), Output: Accept and Forward: Drop (or Reject). Assign an IP from your allocation to this interface, you will configure this IP on your devices as the Default Route/Gateway address.? I created the AMPRNET interface but i put the 44Net allocation ip in the gateway of that interface, reboot after doing everything else, I get an error from Ampr-ripd that the interface doesn?t exist. If anyone has done this on a OpenWRT router, would you be willing to share your firewall and network config files so that I can learn what I?m doing wrong. http://wiki.ampr.org/wiki/Setting_up_a_gateway_on_OpenWRT Thanks Roger VA7LBB ------------------------------ Subject: Digest Footer _______________________________________________ 44Net mailing list 44Net(a)mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net ------------------------------ End of 44Net Digest, Vol 8, Issue 3 *********************************** [View Less]

6 years, 5 months

1
0
0 0

OpenWRT AMPRNet config

by Roger

Hi, I’m following the instructions at the below link to use OpenWRT as a 44Net gateway. I’m confused about some of the instructions. What should <AMPRGW> be replace with in the route. This has me confused as well: “an interface instance for a new VLAN and bridge (the example above uses AMPRNET), add it to its own firewall zone using Input: Accept (if you wish for you AMPRLAN devices to reach the router), Output: Accept and Forward: Drop (or Reject). Assign an IP from your allocation to … [View More]

6 years, 5 months

1
0
0 0

Re: [44net] Bring your own IP at Amazon Cloud ?

by Cory (NQ1E)

> AWS instances have private IPs that are mapped (elsewhere) to a public IP, at no point does the public IP/Network exist on the AWS instance. That was true for legacy EC2. Now days, instances are launched in VPCs where you can choose to use your own public or private IPs directly on the network interfaces. You can also now have multiple interfaces on an instance. On Mon, Jan 7, 2019, 07:14 Jim Popovitch via 44Net <44net(a)mailman.ampr.org wrote: > On Mon, 2019-01-07 at 16:06 +… [View More]

6 years, 5 months

2
1
0 0

Bring your own IP at Amazon Cloud ?

by Toussaint OTTAVI

Hi all, We are already announcing a subnet with BGP via a low-cost virtual instance at Vultr. It works fine. As we'll soon deploy our second data center, and we'll start migrating from our old-style 10.44.0.0/16 private addressing to full AMPRNet addressing, I was wondering if I could find a second low-cost BGP provider for redundancy. I saw that Amazon now provides "Bring your Own IP" features : https://aws.amazon.com/fr/blogs/networking-and-content-delivery/introducing… Did someone … [View More]

6 years, 5 months

6
11
0 0

Setting up a tunnel on a Cisco 2921/k9 Router

by David Pechon

I am trying to setup a Cisco 2921/K9 router. The router has 3 gigabit ethernet ports and a CISCO EHWIC-4ESG 4-Port Gigabit WAN Interface Card<https://www.ebay.com/itm/CISCO-EHWIC-4ESG-4-Port-Gigabit-WAN-Interface-Card…>. I can not get a static IP address from Spectrum so I need to set up a tunnel. Does anyone has have any dealing with this type of setup. I am looking for a way to where to start from. 73's David A. Pechon Sr. KA5TTZ U.S. Army Retired (SSG/SS) Cell # (985)520-1748 HAMSHACK HOTLINE #4525

6 years, 5 months

4
3
0 0

TAPR DCC Talk on Net 44

by John D. Hays

https://youtu.be/OxsmGaFZ2MM -- ------------------------------ John D. Hays Edmonds, WA K7VE <http://k7ve.org/blog> <http://twitter.com/#!/john_hays>

6 years, 5 months

2
3
0 0

TAPR talk by John Hays

by Bryan Fields

https://www.youtube.com/watch?v=OxsmGaFZ2MM Wish I was able to make it this year, looks like some great presentations. 73's -- Bryan Fields 727-409-1194 - Voice http://bryanfields.net

6 years, 5 months

1
0
0 0

Scanning traffic; How much does the gateway get?

by Jeremy Cooper

Since taking on a BGP routed /24 several weeks ago I've occasionally watched my gateway firewall logs in realtime to get a sense of how much traffic I get from the Internet at large for my little section of the AMPRNet. I get an average of 2.7 packets a second in random scanning traffic. Scaling this up to the /8 that comprises AMPRNet, I surmise that the UCSD gateway must get something like 176k packets a second. Assuming an average SYN packet of 20 bytes, this is something like 283 … [View More]

6 years, 6 months

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

44net