Just did a dig on ve6cic.ampr.org and it's returning with an IP that is no where near what I thought it should be. Could someone update my DNS record to point to 44.135.148.131?
Stephen Atkins
VE6CIC/VE6CPU/VE6STA/VE6SU
Sent with [Proton Mail](https://proton.me/) secure email.
Hi
> If there is no DNS A record for a tunneled amprnet destination host, the
traffic is not forwarded in either direction.
Does this mean a single A record for my gateway (44.61.31.1/27), or
multiple A records, one for each IP of my subnet?
Thanks
Tom M0LTE
Hello everyone. I've been playing with my 44 net addresses for a while now. I've got an Edgerouter X setup and I've attached a picture of the main config page for it. The edgerouter has an address of 44.135.148.129 and my computer has 44.135.148.130/27. Default gateway is 44.135.148.29. I've also had my DNS setup so it points ve6cic.ampr.org to 44.135.148.130 and my gateway on the portal points to my internet IP.
I run a CC Cluster and BBS on this machine. Is there a way to route from the internet (not on the 44 Net) to this machine?
[44Net.PNG]
Stephen Atkins
VE6CIC
Sent with [Proton Mail](https://proton.me/) secure email.
Thanks, TCP MSS was the answer!
On my router ( Mikrotik ):
/ip firewall mangle
add action=change-mss chain=forward new-mss=clamp-to-pmtu
passthrough=yes protocol=tcp
tcp-flags=syn
On Sun, Sep 17, 2023 at 4:02 PM Jonathan Lassoff <jof(a)thejof.com> wrote:
> That DNS resolution seems ok, 20.201.28.151 is one of the web frontend
> IPs. (Confirmed with their API's /meta endpoint:
> https://api.github.com/meta)
>
> However, an operation timing out implies that something along the path
> is filtering your TCP connection.
>
> Maybe use `tcptraceroute` to try and tell how far your initial TCP SYN
> packet is making it (to try and tell whom is filtering).
>
> The other thought that comes in mind in the context of TCP breaking
> while traversing VPNs (where small packets like ICMP pings are
> working) is that maybe something along the path is not clamping TCP
> MSS? Maybe try adding a `mssfix` option into the OpenVPN config (maybe
> sized 1420 bytes).
>
> --j
>
> On Sat, 16 Sept 2023 at 11:19, Henrique Brancher Gravina
> <henrique(a)gravina.com.br> wrote:
> >
> > gnutls-cli cannot connect to the host, it give me a timeout:
> >
> > $gnutls-cli github.com:443
> > Processed 137 CA certificate(s).
> > Resolving 'github.com:443'...
> > Connecting to '20.201.28.151:443'...
> > *** Fatal error: The operation timed out
> >
> >
> > But I cant ping the host:
> >
> > $ping www.github.com
> > PING github.com (20.201.28.151) 56(84) bytes of data.
> > 64 bytes from 20.201.28.151 (20.201.28.151): icmp_seq=1 ttl=111
> time=22.3 ms
> > 64 bytes from 20.201.28.151 (20.201.28.151): icmp_seq=2 ttl=111
> time=19.5 ms
> > 64 bytes from 20.201.28.151 (20.201.28.151): icmp_seq=3 ttl=111
> time=22.3 ms
> > 64 bytes from 20.201.28.151 (20.201.28.151): icmp_seq=4 ttl=111
> time=19.8 ms
> > 64 bytes from 20.201.28.151 (20.201.28.151): icmp_seq=5 ttl=111
> time=19.7 ms
> >
> >
> >
> >
> > On Sat, Sep 16, 2023 at 3:33 AM Jonathan Lassoff <jof(a)thejof.com> wrote:
> >>
> >> For what it's worth, I am able to successfully do git clones from IPv4
> >> Github from 44net BGP island space, and even that repo you list.
> >>
> >> That error suggests that something happened with GNUTLS while
> >> establishing a TLS connection. Maybe test just that with GNUTLS and
> >> run "gnutls-cli github.com:443"?
> >>
> >> On Fri, 15 Sept 2023 at 23:08, Henrique Brancher Gravina via 44net
> >> <44net(a)mailman.ampr.org> wrote:
> >> >
> >> > Hello,
> >> >
> >> > I am running a 44 network with bgp announces on Vultr ( mikrotik )
> and a VPN to my home ( mikrotik ) . Everything is working fine inbound and
> outbound traffic are being routed ok.
> >> >
> >> > The problem is that I can use github on the server on my 44 hosts.
> >> >
> >> > For example:
> >> >
> >> > # git clone https://github.com/Henriquegravina/DxccResolver
> >> > Cloning into 'DxccResolver'...
> >> > fatal: unable to access '
> https://github.com/Henriquegravina/DxccResolver/': gnutls_handshake()
> failed: Error in the pull function.
> >> > # root@odc1:/home/henrique/tmp# git clone
> https://github.com/Henriquegravina/DxccResolver
> >> > Cloning into 'DxccResolver'...
> >> > fatal: unable to access '
> https://github.com/Henriquegravina/DxccResolver/': gnutls_handshake()
> failed: Error in the pull function.
> >> >
> >> > Thanks for any help.
> >> > PU3IKE
> >> >
> >> >
> >> > _______________________________________________
> >> > 44net mailing list -- 44net(a)mailman.ampr.org
> >> > To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
>
Dear 44Net Members,
Many thanks to all of you who responded to the ‘44Net + Groups.io’
survey back in June. Thank you also for your patience in our follow-up,
as it’s been a very busy summer here at ARDC.
Here’s what we learned from the 54 folks who responded:
* 90% of you were familiar with Groups.io
* 52% of you were interested in moving from mailman.ardc.net to Groups.io
* The remaining 48% of you either wanted to remain on Mailman or wanted
more information about a move to Groups.io (with a pretty even split
between those two groups)
A nearly 50/50 split is not enough to warrant a migration of this
mailing list to Groups.io. It does, however, tell us that there is a
general interest in making the move, and that many of you would like
more information before making a decision one way or another.
In an effort to provide more information, in the coming months, our team
will put together some educational information about groups.io, so be on
the lookout. Until then, feel free to peruse around ardc.groups.io and
give some of the subgroups a try. Some information about how to join the
subgroups is provided below this email.
Depending on how things go, we may move the full mailing list over to
ardc.groups.io over time. For now, though, please consider this only an
experiment! If you have any questions, please don’t hesitate to reach
out to us at any time at contact(a)ardc.net. You can also post questions
and comments here or on ardc.groups.io.
Looking forward to the discussion!
73,
Rosy + ARDC Staff
/
For those of you who are interested in joining the mentined subgroups,
here’s how:
* Join the ‘Main’ group at ardc.groups.io.
* Once approved, you’ll be automatically added to the Community subgroup
for general discussions (the ‘Main’ group serves as an announcement
group, where only ARDC staff can post).
* From here, you can join many of the other subgroups for special
interest topics.
44Net VPN Subgroup: https://ardc.groups.io/g/net-44-vpn
44Net Wiki Subgroup: https://ardc.groups.io/g/wiki/
Subgroup list (which has some info about each group):
https://ardc.groups.io/g/main/subgroups
If you get stuck, our resident groups.io expert John Hays K7VE is here
to answer any questions. Reach out any time: john.hays(a)ardc.net
--
Rosy Schechter - KJ7RYV
Executive Director
Amateur Radio Digital Communications (ARDC)
ardc.net
Hi
Has anyone setup the IPIP tunnel successfully in Mikrotik? I think the instruction in Wiki is written for ROS 2.0. Things has changed a lot and I have trouble following. I created the IPIP tunnel in the interface and not sure what to do next. I added my IP subnet to the IP tab. The RIP configuration menu is very different now.
Kun
Hello,
I am running a 44 network with bgp announces on Vultr ( mikrotik ) and a
VPN to my home ( mikrotik ) . Everything is working fine inbound and
outbound traffic are being routed ok.
The problem is that I can use github on the server on my 44 hosts.
For example:
# git clone https://github.com/Henriquegravina/DxccResolver
Cloning into 'DxccResolver'...
fatal: unable to access 'https://github.com/Henriquegravina/DxccResolver/':
gnutls_handshake() failed: Error in the pull function.
# root@odc1:/home/henrique/tmp# git clone
https://github.com/Henriquegravina/DxccResolver
Cloning into 'DxccResolver'...
fatal: unable to access 'https://github.com/Henriquegravina/DxccResolver/':
gnutls_handshake() failed: Error in the pull function.
Thanks for any help.
PU3IKE
Good Evening,
I noticed that the amprwiki has some information that could use some updating/knowledge additions to make onboarding easier for new end-users.
1. On all gateway setups, there should be notices about having to enter your gateway WAN onto the gateway list on the 44net portal, as well your allocation being broadcasted by your gateway.
2. Explanations on delay times in receiving RIPv2 packets (1 hour to update, 5 mins/announcement). A few of the instruction sets say "wait a few minutes" but dont explain why and don't all explain that your gateway needs to be registered before anything can happen.
3. Additional Documentation for folks who are using coordinator-maintained VPN gateways
4. General cleanup and some additional explanations on how each piece of the IPIP tunnel works for folks who want to learn how to run the system, to ensure that we can have more people using the gateway rather than BGPing out of frustration.
I've worked for several orgs cleaning up documentation so questions can be answered efficiently, I'm more than happy to volunteer my time to help clean things up if needed!
73,
-M.
K1YUU
Hi,
been having a few issues with IPIP tunnels of late. On my original
server (a R-Pi), which I recently resurrected, ampr-ripd suddenly
started segfaulting on startup for no obvious reason. The old system
also had a few limitations and an ageing SD card, so I decided to move
my gateway to a VPS, and updated the gateway IP in the portal accordingly.
I ported my setup to the new server and built the latest (2.41)
ampr-ripd. I've verified that I am receiving the RIP broadcasts, and
ampr-ripd writes the encap.txt file in /var/lib/ampr-ripd. However, I
am not seeing any route updates in table 44 (the routing table I use for
ampr routing - I am using the recommended policy routing). The only
clue I get as to something not being right is a line:
SIGALRM received
I'm guessing that signal has something to do with the routing table not
being updated, but there's no other clues to help me troubleshoot.
Anyone have any ideas?
--
73 de Tony VK3JED/VK3IRL
http://vkradio.com
Hi, 44Net!
Following much interest from our grants community, ARDC has created a
forum on groups.io: https://ardc.groups.io/g/main
Here, our grantees and others can discuss specific topics and connect
with one another: https://ardc.groups.io/g/community/topics
We invite you to take a peek and, if you like, join some of the
conversations.
What we like about groups.io: it integrates seamlessly into users' email
accounts, and there is a web interface feature as well. On the admin
side, it provides many tools to support collaboration like file sharing
that are simply not available in our current setup.
For these reasons, and support of fostering cross-pollination between
our grantees and the 44Net community, our team is considering moving the
44Net mailing list from mailman.ampr.org to groups.io. Some 44Net
subgroups – VPN and the Regional Coordinators – are already using it.
Before moving the entire mailing list, we want to get your feedback:
what do you think?
Please let us know by filling out this survey:
https://survey.alchemer.com/s3/7386497/Poll-44Net-Groups-io
And of course, feel free to share your thoughts and any questions in
this thread. John Hays K7VE is our resident groups.io expert, and he’s
standing by to answer any questions you may have.
Many thanks and 73,
Rosy + ARDC Staff
--
Rosy Schechter - KJ7RYV
Executive Director
Amateur Radio Digital Communications (ARDC)
ardc.net