1 Jan
2021
1 Jan
'21
10:43 a.m.
Maybe a concrete example of our current and future S5net in Slovenia
together with our expectations from broader 44net community could help.
As you can see from schema of current and planned links:
https://groups.io/g/nbp/topic/s5net_stanje_in_plan/79358609
we are building nationwide radio network, linking our hills with DMR
repeaters into a fully redundant network, as much as possible
independent from public internet. Main goals:
- reliable DMR, EchoLink, APRS network,
- emergency communications for our communities,
- for radioclubs and individual radioamateurs,
- open for experimentation and innovation into the future.
Besides mesh-like radio layer there is also a star-like ground layer
connecting gateways to public internet via tunnels to main router in our
capital. VPN server is established to connect easily and from everywhere
to the S5net. Offering L2TP and SSTP VPN access which is easiest for
most people.
We are using Mikrotik routers and Wifi antennas from Ubiquiti and
Mikrotik. But we care not to become too dependent to any vendor.
Sticking to standards is a key here.
We allocate our 44.150 IPs in the following way:
- /28 with reserve /28 to each hill,
- /24 with reserve /24 to each interested radioclub,
- /28 with /28 to a LAN of each interested radioamateur,
- static /32 and dynamic /32 (like for mobile phones) to each interested
- more for specific needs (for experimentation, some IoT projects etc.)
Allocation is not forever, it will probably cease 5yrs after inactivity.
OSPF protocol routes traffic in S5net. Therefore we are free to raise
any subnet anywhere in the network. For things like roaming..
BGP to the public internet for a whole national 44.150 allocation is
something we are thinking about. Like in Netherlands as I understand?
All access from outside disallowed by default, switched on manually for
each individual IP or subnet.
For peering we are talking with our Academic network ARNES, because they
are similar in philosophy and have a lot of knowledgeable networkers
willing to help.
To interconnect with HAMnet in neighbor countries we also plan to use
BGP with a whole S5net as one AS with private ASN.
Our DMR master server is multihomed - with public access for hotspots
and with 44 IP via S5net for DMR repeaters.
Hope this helps a bit
73, Janko S57NK
Rob PE1CHL via 44Net je 31. 12. 20 ob 11:24 napisal:
On 12/31/20 10:47 AM, Roland Schwarz via 44Net wrote:
I absolutely agree! What I wanted to point out is that there might be
basically two expectations about 44 addresses. Topological routing as
you have pointed out is one of it.
Let me elaborate on the second idea: lots of isolated /32 hosts or /28
subnets: Sure, if I need to load the entire routing table to every node,
this will not scale. But a single node will not need the full routing
table typically. Only a few entries are interesting at a single time.
So if you have a dynamic lookup facility of the gateway address, you
could populate your routing tables on demand. This facility could be
realized by means of a distributed hash table, so there is no single
point of failure. And yes the optimal routing is done by the core
internet in such a use case.
But there already is the BGP protocol which on internet manages
to maintain the route tables for hundreds of thousands of routes
and which should easily manage to maintain the routes in our
network even when done to /32 level.
We do this inside 44.137.0.0/16 now and we have about 270 routes.
In other similar networks they have like a few thousand routes.
Cheap routers handle that easily. No need to invent something
that is "more efficient" and again kill the advantage that you
can use off-the-shelf routers instead of having to tinker with
general-purpose computers running specialized images.
The advantage of routing to the /32 level is that every address can
connect from every place using every method. Sure you can gain
some advantage by strictly subnetting everything and e.g. limiting
the addresses by POP, but that introduces a dependency on that
POP. If the POP is down the users cannot connect to the network
anymore, which worries some people. But when you just route
every end-user address or subnet, the user can just connect to
another POP and still get his traffic on his fixed address.
And of course there can always be hybrid solutions. We can advertise
our entire network as a single 44.137.0.0/16 route and handle all
detail routes ourselves, when we like. Of course that would mean
a user could not connect somewhere else.
Rob
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net