25 Jul
2013
25 Jul
'13
2:22 a.m.
My thoughts.
The IPIP / JNOS network is an anachronism that is quant but doesn't
take advantage of how technology has evolved. I'm a pretty skilled
network guy but the current IPIP tunnel system has eluded me. I have
gotten close, but finally thrown my hands up each time. (I never get
the rip44d to run and find the proper password.)
However, I can get a VPN tunnel running in short order which can bring
an address range to whatever location is on the full Internet. I have
a personal class-C at home that has functioned over a VPN for over a
year and I have VPN'ed to another Net-44 gateway with success. (In
both cases on inexpensive MikroTik routers.)
I think we need to work on connectivity of the gateways to unify
Net-44 and treat the "on air" connectivity as a separate task.
Whether the on air connectivity is for IP over AX.25 at 1200 bps,
WiFi/HSMM, D-STAR Digital Data, or some new transport over RF. It
doesn't do a lot of good to have islands of on air activity without
interconnectivity of Net-44. Otherwise just use RFC 1918 address
space and NAT it to the Internet.
My vision is that we have multiple BGP gateways on the Internet. Some
may advertise the whole of 44/8 and others may have smaller networks,
clear down to 44.x.x.x/24 Some will be multi-homed, some will not, but
all would be advertised to the Internet for routing. Any router
advertising all of 44/8 would need to know about all routes for
anything with a CIDR of less than /8. I don't think we really want
all traffic to go to 1 or 2 routers advertising 44/8 or we're back to
the everything must go through UCSD scenario of the last couple of
decades.
My recommendation is to find ISPs who are willing to 'donate'
bandwidth and routing for some number of BGP'ed networks, then place
routers at those ISPs which will support authenticated VPN service to
local networks.
Say we had an ISP (or University, etc.) that would donate bandwidth
for 44.24.0.0/16 and 44.12.0.0/16,44.26.0.0/16, and 44.40.0.0/16 and
BGP advertise those ranges. Let's another data center wanted to BGP
44.24.100.0/24. Traffic would flow to the best gateway for each. If
44.24.10.0/24 didn't have the ability to BGP its own address space, it
could VPN to the router at the major gateway (ISP) and that router
would tunnel traffic for that network to the gateway for
44.24.10.0/24. Then there might be a small on the air network at
44.24.128.0/28 and its gateway would VPN to the 44.24.10.0/24 router
who would route traffic for the small network.
This would mean that no special tables need to be passed around. Each
router would know the addresses it was responsible for and would route
all other 44 traffic to its "upstream" and non-44 network traffic to
the Internet through their service provider.
This means the "heavy lifting" of BGP and network routing would be
handled by those ISPs where the expertise exists and a new member of
Net-44 could simply setup a simple router that VPN'ed to an upstream
router to get its traffic and to send Net-44 traffic, all other
traffic would simply pass over local service provider's network.
This is all readily available, off the shelf, technology. For the end
user it is very inexpensive to setup a router with VPN. Then the
local distribution over RF can happen over whatever technology is
available, whether a TNC and FM radio, WiFi dongle, UDR56k-4, Bullet,
etc.
________________________________
John D. Hays
K7VE
PO Box 1223, Edmonds, WA 98020-1223