Hi,
Does anyone know Ryan, K0RET and can get a message to him please?
Ryan, if you are reading this, please could you drop me an email?
Thank you,
Chris - G1FEF
Hello, 44net!
It's 2021, and things are already getting off to a running start at
ARDC. We've got a big year of grantmaking and 44net portal work in store
for the year, with additional members being added to our Grants Advisory
Committee (GAC) and a new Technical Advisory Committee (TAC) being
created to support both efforts. We'll have more to share about it soon,
and we'd love to tell you about it at our next **community meeting**:
* Saturday, 06 Feb 2021
* 18:00 GMT (10am PT / 1pm ET / 7pm CET)
Join us by signing up here:
https://www.ampr.org/feb-6-meeting-sign-up/
In this meeting, we'll cover:
* Highlights from 2020,
* Grantmaking goals in 2021,
* Introductions of new Technical Advisory Committee (TAC) and Grants
Advisory Committee (GAC) Members,
* Survey results from our latest survey, discussed below, and
* Questions from our attendees.
This meeting will be similar to the one we held on 10 Oct. 2020:
https://www.ampr.org/recap-ardc-44net-oct-10-community-call/
This one is intended for a much broader audience. So - please tell your
friends! We also plan to record this meeting for those who can't make it.
## New Survey
Leading up to the meeting, we're also asking amateur radio enthusiasts
to give us their thoughts in this survey:
https://survey.alchemer.com/s3/6096699/ARDC-Amateur-Radio-Survey
Please share it with other hams you know. As with the last survey, the
aim is to get to know the people we aim to support through our
grantmaking. And like our upcoming meeting, it too is meant for a
broader audience.
That's all for now! Looking forward to sharing more with everyone soon.
All the best,
Rosy
--
Rosy Wolfe - KJ7RYV
Executive Director
Amateur Radio Digital Communications (ARDC)
ampr.org
Hello, with all the talk of BGP on the list I thought I would drop a note. I am also part of another volunteer effort for those of you already doing your own BGP. Project TON, its sort of like a RBL but via BGP www.projectton.com<http://www.projectton.com> you can setup a peering, and block bad actors (mostly SSH scans currently but our mix is always growing) or even do blocking by prefixes based on country. All free of course - and currently experimental so YMMV, we are just trying to contribute to the community and make the internet "safer". If anyone also had any questions about BGP stuff in Western Canada (Calgary), I could help with that as well - its my day job.
My thanks to everyone dedicating their time to this effort.
-C/VA6CCB
I forgot my portal login info ... entered my email address into the
password reset and got the link, but it is asking to confirm my email
address by entering my username - holy bazoombas I must have forgotten that
one as well ...
How to find your username? Years ago I deleted the welcome email ...
Thanks
Tracy N4LGH
On Sun, Jan 31, 2021 at 2:55 PM G1FEF <chris(a)g1fef.co.uk> wrote:
>
>
> > On 31 Jan 2021, at 14:09, Nat Morris <nat(a)nuqe.net> wrote:
> >
> > Which blocks did you report?
>
> I don’t really want to go into specific details on an open mailing list. Suffice to say that keeping an eye on these and responding to problems keeps me busy enough!
Why not? what is to hide? hijack discussions happen on other mailing
lists in the public.
So no more comment from yourself as the BGP co-ordinator on the
prefixes in the report?
https://docs.google.com/spreadsheets/d/1nb4cTYVG1tm4HpxgPp7TAcgZ_qOlcej1whd…
If you really do have the details on all these prefixes, there should
be no reason you can't provide a statement on each, if it is an
expected announcement, misconfiguration or hijackk
Without you being slightly more forthcoming in public, in my eyes it
puts the whole integrity of co-ordinating AMPRnet BGP announcements in
doubt.
> > Any explanation for these prefixes announced in the UK by AS61337,
> > along side your portal prefixes, they are not documented at all in the
> > portal:
>
> Not all allocations appear in the public listing on the portal, for various reasons. Try the Whois server if you want by check specific prefixes.
Where is this publicly documented?
> > RADB is ok, but not sufficient for the future. A better investment
> > would be for the ARDC to negotiation with one of the 5 RIRs for
> > prefixes to be registered there, so we could all benefit from use of
> > their RPKI trust anchors.
>
> I can’t see that happening anytime soon I’m afraid, if ever, unless they drastically change their terms. We won’t do anything that risks losing our legacy status.
Have the ARDC approached each RIR and discussed this?
> > Having prefixes in RADB will not provide
> > trust anchor functionality.
>
> Agreed, and RPKI is something we understand is desirable, there are several ways it could be achieved and will be the focus for the TAC at some point in the future.
>
> >> Which repo is this development taking place in?
>
> The development is taking place currently and will be open sourced when it’s ready. In the meantime, if you want to have input on any features you would like to see, feel free to contact Rosy and/or myself.
I'd like to see planning for this taking place in the open, not closed.
> > I noticed the github.com AMPRnet Portal repo has been removed.
>
> There was no point in it being there, we tried that route a couple of years ago and didn’t get anywhere.
Nat,
--
Nat
https://nat.ms
+44 7531 750292
Hello all,
Over the last few months I have noticed some odd BGP announcements of
prefixes which have no allocations in the AMPRnet portal. After
spotting 5 or 6 of these it made me wonder how many existed.
This evening I took a snapshot of the RIPE RIS data for announcements
within 44.0.0.0/9 and 44.128.0.0/10, which took place in 2021. Then
scraped the allocations from the AMPRnet portal, compared prefixes
directly and then used a radix tree to find a best match.
The resulting data
https://docs.google.com/spreadsheets/d/1nb4cTYVG1tm4HpxgPp7TAcgZ_qOlcej1whd…
At first glance there are some expected entries, for example users
with a /22 or /23 announcing a more specific /24.
What really worries me is the amount of announcements of /24s where
the closest portal documented prefix is a /16. Are these being used
legitimately? do AMPR co-ordinators what details about them? or have
they been hijacked?
Look for example at /24 announcements within country assignments, but
no specific description!
I would like to start a discussion around these specific prefixes.
The scripts I wrote are here https://github.com/natm/amprnet-observer
Kind regards,
Nat.
--
Nat
https://nat.ms
+44 7531 750292
Hello,
I have followed the instructions at
https://wiki.ampr.org/wiki/Installing_ampr-ripd_on_a_Ubiquiti_EdgeRouter_or…,
but am encountering an error when running the ampr.sh script.
line 28: /usr/sbin/ampr-ripd: cannot execute binary file
The binary file is executable and I am attempting to run it from root.
Line 28 has not been modified in the script:
ampr-ripd -s -t 44 -i tun44 -m 90
The instructions say only to modify if needed, and based on the info in the
Wiki I did not see a need to modify it, but I may be missing something. Any
ideas?
73,
Lee K5DAT
On or about January 5, 2021 I received an end-user allocation request for a
"direct" /24 allocation "for working with ARDEN and IRLP for VPN and link
setups" which I approved and submitted via portal.ampr.org. It
didn't create the allocation I assigned to the network but was "referred to
BGP coordinator". So far, there has been no action and no response to the
original request nor a follow up to my request via the "contact us" link on
the black hole that is the ampr.org portal. What is the status of the
system and how are coordinators expected to act in this regard? I try to
give my users timely, responsive service but it's very frustrating when I
can't even track a submission or review submission histories. The end user
has informed me that he is still awaiting action on the request.
ke6qh
Confirming that ARIN's web-based IRR system won't allow 44net addresses,
since there's no underlying allocation from one of ARIN's ranges. Your
upstream provider will probably not be able to put in the IRR objects for
you.
For IRR, AltDB doesn't have a simple web interface but it does work
regardless of the RIR (or lack of) that originally allocated the IPs.
I don't think there's a way to use RPKI on the 44net range as of yet,
though - that would likely need either a contract for one of the RIRs to
sign resources or ARDC to set up, maintain, and gain trust for a
certificate authority and handle RPKI requests like the RIRs do. Either of
these is a pretty significant undertaking.
73 de K0BYJ,
--
Jay
On Mon, Dec 14, 2020 at 3:00 PM <44net-request(a)mailman.ampr.org> wrote:
> Send 44Net mailing list submissions to
> 44net(a)mailman.ampr.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://mailman.ampr.org/mailman/listinfo/44net
> or, via email, send a message with subject or body 'help' to
> 44net-request(a)mailman.ampr.org
>
> You can reach the person managing the list at
> 44net-owner(a)mailman.ampr.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of 44Net digest..."
> Today's Topics:
>
> 1. Re: 44NET Route Objects IRR (Caleb Pal)
> 2. Re: 44NET Route Objects IRR (G1FEF)
>
>
>
> ---------- Forwarded message ----------
> From: Caleb Pal <cleb(a)defcon-3.net>
> To: James Colderwood via 44Net <44net(a)mailman.ampr.org>
> Cc:
> Bcc:
> Date: Mon, 14 Dec 2020 08:57:53 -0800
> Subject: Re: [44net] 44NET Route Objects IRR
> Hello,
>
> Your upstream providers may be able to put a proxy obj into the ARIN db
> for you. Unfortunately ARIN changed their IRR db in June of this year.
> They added a web based IRR service. According to ARIN, the web based
> service only allows you to add object for resources you own (your
> upstream ISP could not create those proxy objects since they do not own
> the 44net resources). If they still use the ARIN email IRR system, they
> can add proxy objects, they will just appear as ARIN-NOAUTH in the IRR
> db. I don't think NOAUTH is a problem for most providers now, but could
> be down the road if they start filtering/ignoring NOAUTH entries.
>
> Of course altdb, radb and others are options (full list at:
> http://www.irr.net/docs/list.html). Not sure how other RIR's outside the
> US are handling NOAUTH entries.
>
> I assume since AMPR does not have a RSA with ARIN, Chris cannot create
> IRR records for those folks who BGP advertise AMPR resources?
>
> v/r,
>
> Caleb
>
> On 12/13/2020 10:08, James Colderwood via 44Net wrote:
> > Hi Pierre,
> >
> > Thank you for the heads up. I was aware of altdb but it hadn't crossed
> > my mind. Hopefully one of these solutions will work :-).
> >
> > On 2020-12-13 17:32, Pierre Emeriaud wrote:
> >> Le dim. 13 déc. 2020 à 12:04, G1FEF via 44Net
> >> <44net(a)mailman.ampr.org> a écrit :
> >>>
> >>> > On 13 Dec 2020, at 09:54, James Colderwood via 44Net
> >>> <44net(a)mailman.ampr.org> wrote:
> >>> >
> >>> > Hi All,
> >>> >
> >>> > May I wish you all happy holidays!
> >>> >
> >>> > Quick question, I'm working on establising my 3rd upstream but hit
> >>> a snag. The suppliers validation automation prohibits announcing
> >>> AMPR addresses as the system can't qualify validity.
> >>>
> >>> Are you talking about automatically checking entries in an IRR, or
> >>> RPKI?
> >>
> >> For service providers requesting an IRR route object to automate
> >> filter creation I've been using altdb. While it has not a lot of value
> >> in terms of authorization (anyone can create objects about any
> >> resource - a proper LOA has more value here) it is usually enough for
> >> provisioning tools to create appropriate filters / prefix-lists:
> >>
> >> $ whois -h whois.altdb.net 44.151.210.0
> >> route: 44.151.210.0/24
> >> descr: F4INU
> >> origin: AS206155
> >> mnt-by: MAINT-AS206155
> >>
> >> $ bgpq3 -4 -l F4INU as206155
> >> no ip prefix-list F4INU
> >> ip prefix-list F4INU permit 44.151.210.0/24
> >>
> >>
> >> 73 de F4INU
> >> --
> >> pierre
> >
>
>
>
>
> ---------- Forwarded message ----------
> From: G1FEF <chris(a)g1fef.co.uk>
> To: AMPRNet working group <44net(a)mailman.ampr.org>
> Cc:
> Bcc:
> Date: Mon, 14 Dec 2020 17:26:28 +0000
> Subject: Re: [44net] 44NET Route Objects IRR
> > I assume since AMPR does not have a RSA with ARIN, Chris cannot create
> > IRR records for those folks who BGP advertise AMPR resources?
>
> The vast majority of folk advertising their subnet over BGP are using
> altdb with no issues (currently).
>
> IIRC, altdb is run by one person, so if you don’t already have a MNTNER
> object there, it can sometimes take some time to get one.
>
> Chris
>
>
>
> > v/r,
> >
> > Caleb
> >
> > On 12/13/2020 10:08, James Colderwood via 44Net wrote:
> >> Hi Pierre,
> >>
> >> Thank you for the heads up. I was aware of altdb but it hadn't crossed
> >> my mind. Hopefully one of these solutions will work :-).
> >>
> >> On 2020-12-13 17:32, Pierre Emeriaud wrote:
> >>> Le dim. 13 déc. 2020 à 12:04, G1FEF via 44Net
> >>> <44net(a)mailman.ampr.org> a écrit :
> >>>>
> >>>>> On 13 Dec 2020, at 09:54, James Colderwood via 44Net
> >>>> <44net(a)mailman.ampr.org> wrote:
> >>>>>
> >>>>> Hi All,
> >>>>>
> >>>>> May I wish you all happy holidays!
> >>>>>
> >>>>> Quick question, I'm working on establising my 3rd upstream but hit
> >>>> a snag. The suppliers validation automation prohibits announcing
> >>>> AMPR addresses as the system can't qualify validity.
> >>>>
> >>>> Are you talking about automatically checking entries in an IRR, or
> >>>> RPKI?
> >>>
> >>> For service providers requesting an IRR route object to automate
> >>> filter creation I've been using altdb. While it has not a lot of value
> >>> in terms of authorization (anyone can create objects about any
> >>> resource - a proper LOA has more value here) it is usually enough for
> >>> provisioning tools to create appropriate filters / prefix-lists:
> >>>
> >>> $ whois -h whois.altdb.net 44.151.210.0
> >>> route: 44.151.210.0/24
> >>> descr: F4INU
> >>> origin: AS206155
> >>> mnt-by: MAINT-AS206155
> >>>
> >>> $ bgpq3 -4 -l F4INU as206155
> >>> no ip prefix-list F4INU
> >>> ip prefix-list F4INU permit 44.151.210.0/24
> >>>
> >>>
> >>> 73 de F4INU
> >>> --
> >>> pierre
> >>
> > _________________________________________
> > 44Net mailing list
> > 44Net(a)mailman.ampr.org
> > https://mailman.ampr.org/mailman/listinfo/44net
>
>
>
> _______________________________________________
> 44Net mailing list
> 44Net(a)mailman.ampr.org
> https://mailman.ampr.org/mailman/listinfo/44net
>
