44net

44net@mailman.ampr.org

3170 discussions

Re: [44net] easy amprnet attachemet and connection - seeking peers for cost sharing

by Rob Janssen

> Subject: > Re: [44net] easy amprnet attachemet and connection - seeking peers for cost sharing > From: > Eric Fort <eric.fort(a)gmail.com> > Date: > 05/13/2015 05:40 AM > > To: > AMPRNet working group <44net(a)hamradio.ucsd.edu> > > > there are 2 problems here which I'm working to address. The first being > that even though ipip tunneling is defined via rfc it's still relitively > nonstandard and I can't think of anywhere other than amateur radio / 44net > where it is used, much less used widely. It's also not generally handeled > well by many consumer grade household nat routers. I can't go to the web > interface on my cheapo whatever name consumer router and set up the > tunnel(s) I need to import a link to amprnet. If Tunnels are done with > something like IPSec, PPTP, or OpenVPN it's much better supported and is > easier to setup. the edge connections can simply establish their link(s) > to one or more hubs with known static IP, be assigned/connected to a > netblock, and be in business just by using their basic consumer grade > router and no other fancy or overly technical setup. > > Eric > AF6EP True. We already offer OpenVPN and IPsec VPN connection to our BGP routed gateway in Amsterdam, the Netherlands (44.137.0.0/16). (and IPIP of course) Indeed it makes entry a lot easier for those on the typical internet connection with NAT and maybe not a fixed address (although that is not really a problem here) What VPN protocols do you want to offer? I am considering adding support for OpenConnect (an open implementation of Cisco AnyConnect SSL VPN). That could even replace OpenVPN on the long run (I am not very happy with some aspects of it). Do you offer connections from your VPN users to non-44 Internet addresses and back? (this makes it more tricky and error-prone for users to configure their side, as they will need some form of policy routing that is not always available or easy to setup) Rob

9 years, 8 months

BGP VPN access

by Bryan Fields

So I've had this working for some time now, but wanted to announce it to the group. in case anyone wants to try. I have a VPN router on vpn.w9cr.net You can use an IP sec VPN dialer to connect to it and then get an IP out of a /28 I have set aside for it. I don't mesh with the 44net ipip encap, but I believe we have connectivity to that via the hamwan guys from Seattle. I have no radius server or anything fancy, it's a crisco 1811 in my rack in tampa. I've confirmed it works with the apple VPN dialer. carrar has it working under windows with shrewsoft too. If you want to test/play send me your callsign/name and a password (numbers/letters/uppercase, no special char's), and I'll provision it and send back the group ID and PSK. 73's -- Bryan Fields 727-409-1194 - Voice 727-214-2508 - Fax http://bryanfields.net

9 years, 8 months

easy amprnet attachemet and connection - seeking peers for cost sharing

by Eric Fort

After completing a successful experiment that demonstrated just how easy it can be to connect to amprnet without any need for a static public ip address and by just a few peers working together I'm looking for interested parties that may be interested in sharing the cost of a cloud based vpn server which would then host a 44/24 netblock routed via bgp. use of standard vpn tools makes this setup extremely easy and usable/compatable with NAT firewalls, and standard dynamic routing protocols and tools make things easy as well. I'd like to set this up based in the usa on plenty of bandwidth. please speak up if you would be willing to share cost and help make a go of this. Eric AF6EP

9 years, 8 months

Re: [44net] easy amprnet attachemet and connection - seeking peers for cost sharing

by Bryan Fields

On 5/12/15 10:01 PM, Eric Fort wrote: > I'd like to set this up based in the usa on plenty of > bandwidth. please speak up if you would be willing to share cost and help > make a go of this. Eric, I have some space and could probably figure out how to spin up a VM for you here or just give you shell on a box. I'm collocated at 400 N Tampa which is well connected to across multiple carriers. Give me some details about what you're thinking. Will you be at Dayton? -- Bryan Fields 727-409-1194 - Voice 727-214-2508 - Fax http://bryanfields.net

9 years, 8 months

Ampr Wiki

by Brian

Chris; I tried to log on my account to do some notes and it says my account is invalid...? Can you please double check and verify that it is still valid? Thanks much! -- The most difficult egg to beat is one that is hard boiled. 73 de Brian Rogers - N1URO email: (see above) Web: http://www.n1uro.net/ Ampr1: http://n1uro.ampr.org/ Ampr2: http://nos.n1uro.ampr.org Linux Amateur Radio Services axMail-Fax & URONode http://uronode.sourceforge.net http://axmail.sourceforge.net AmprNet coordinator for: Connecticut, Delaware, Maine, Maryland, Massachusetts, New Hampshire, Pennsylvania, Rhode Island, and Vermont.

9 years, 8 months

expiring old routes

by Niall Parker

Hello, I recall some discussion on this a while back but don't remember if there was a solution and can't find it in the archives ... Is there a way to expire an announced encap route ? I'm trying to concentrate all the UBC subnets back at our router there and an experiment with 44.135.190/24 via another host isn't going away ... I can purge it from the router itself but it looks like the rest of the system is probably sending that subnet to the old (defunct) ip. ... Niall

9 years, 8 months

Port Forwarding

by gm4upx＠gb7jd.co.uk

Hello, As someone new to the intricacies of port forwarding I have been puzzled why I cannot maintain a connection when I have the entry shown below for port 7300 active yet connections via port 6300 and 8000 work as expected. $IPTABLES -A FORWARD -d 44.131.8.0/27 -p tcp -m tcp --dport 6300:6310 -j ACCEPT $IPTABLES -A FORWARD -d 44.131.8.0/27 -p tcp -m tcp --dport 7300:7310 -j ACCEPT $IPTABLES -A FORWARD -d 44.131.8.0/27 -p tcp -m tcp --dport 8000:8011 -j ACCEPT $IPTABLES -t nat -A PREROUTING -p tcp --dport 6300 -j DNAT --to-destination 44.131.8.16:6300 #$IPTABLES -t nat -A PREROUTING -p tcp --dport 7300 -j DNAT --to-destination 44.131.8.16:7300 $IPTABLES -t nat -A PREROUTING -p tcp --dport 8000 -j DNAT --to-destination 44.131.8.16:8000 Placing a [ # ] as shown allows the connections. Regards, Ian..

9 years, 8 months

encap.txt to Cisco script

by Nick G4IRX

A while ago Jason KY9J kindly sent me a copy of his script (which I have since lost) to convert encap.txt to generate tunnels for a Cisco IOS router. Are you still subscribed to the list Jason or can anybody else help with a copy of the script? http://hamradio.ucsd.edu/mailman/private/44net/2012-November/000534.html was the original thread. Many thanks, Nick G4IRX.

9 years, 9 months

(no subject)

by Don Moore

Whoever owns 44.131.160.1 you need to check your system configuration. It cannot do anything with 255.255.255.255 Below what I am seeing 8:20:25.632390 IP 81.174.253.193 > 192.168.1.150: IP 44.131.160.1.5678 > 255.255.255.255.5678: UDP, length 120 (ipip-proto-4) 08:20:25.635667 IP 192.168.1.150 > 81.174.253.193: IP 44.135.90.2 > 44.131.160.1: ICMP host 255.255.255.255 unreachable, length 36 (ipip-proto-4) -- cheers, Don - ve3zda

9 years, 9 months

gateways downlad

by Don Moore

Could someone explain why the manual download of the gateways is different than the what the portal shows? A station had an ip address change yesterday and because I download daily I manually changed to his new address. When the download took place this morning his old address was sent and of course replaced the new one. -- cheers, Don - ve3zda

9 years, 9 months

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

44net