21 May
2021
21 May
'21
10:42 a.m.
On 5/17/21 3:57 PM, Steve L via 44Net wrote:
However as some others else pointed out, internet
providers block a
lot of ports and services. So tunneling of some fashion does
alleviate that. And as the internet continues with more and more
probes, political policies, and a general ipv4 shortage, this ISP
filtering and carrier grade NAT might make a larger use case for hams
to have ways around those restrictions to keep supporting their
internet connected ham radio stuff, i.e. IRLP, AllStar, etc
Political filtering tends to be higher up the stack and an unencrypted tunnel
will not stop it.
Case in point I had an AllStarLink user from the middle east who couldn't
register to our servers outside of France nor actually pass any IAX traffic
after the session was setup. I setup a GRE tunnel for him and it still would
block some of the IAX packets, irregardless of the port. Ended up having to
set him up with an encrypted tunnel to my 44net vpn server just to get IAX to
pass.
We suspect this is due to the state monopoly and logging requirements for all
voice traffic. These layer 7 packet filters can block anything with a given
hash at an offset, and do it quite will. The same filters can easily be used
against other services too.
--
Bryan Fields
727-409-1194 - Voice
http://bryanfields.net