Something to keep in mind: the USA encryption restriction only applies to traffic going over the air. Networks can and do have encryption as long as relay over air has information in the clear.
Adam Lewis KC7GDY
On Dec 2, 2021, at 3:38 PM, Kristjan Komloši via 44Net 44net@mailman.ampr.org wrote:
I've been working with BGP, Unix-like OS, and networks a decent amount, so here's my two cents.
IPIP has a significant advantage that it's dead simple to operate and that it works on most Unix-like operating systems (and cisco routers), however it's a very rudimentary protocol, inferior to even GRE. Considering that hamradio doesn't allow encryption, OpenVPN and Wireguard are off the table. What I think would be cooler is if we tried to run local tunneling services. I think we have a lot of people in our community who are well-educated in the radio part of AMPRnet, and others who are well-educated in the internet part of it. Localizing the AMPRnet tunnels would bring local communities closer together.
Another point maybe worth considering is dropping RIP44 altogether (because it's a non standard protocol) and replacing it with a BGP route reflector. Then a transition to a more DN42-like network could be easier because we wouldn't need to invent our own standards.
73
On 2. 12. 21 22:45, KUN LIN via 44Net wrote:
I feel like 44net need to move on from existing customized IPIP tunnel and onto something more modern. Existing tunnel could be kept for backward compatibility. Kun
From: 44Net 44net-bounces+dnwk=linkun.info@mailman.ampr.org on behalf of John Burwell via 44Net 44net@mailman.ampr.org Sent: Thursday, December 2, 2021 13:01 To: 44net@mailman.ampr.org 44net@mailman.ampr.org Cc: John Burwell john@b-wells.us Subject: Re: [44net] DN42 for 44net?
Thanks for sharing. I see this has been around a while, but I hadn’t run
into it myself yet.
Apple is currently doing something like this with IPSEC and IPv6 for iCloud users; pretty much any iCloud user is always on a private VPN with all their other iCloud devices. And there are commercial enterprise SD-WAN products and cloud providers that offer a similar approach for SMBs and branch offices. Azure and AWS offer almost exactly this between virtual networks, data centers, and regions, down to the private ASNs.
It’s nice to see a project built on open standards for the express purpose of playing with it and learning about it. Seems very much like something 44net could benefit from studying carefully.
From: KUN LIN dnwk@linkun.info
To: "44net@mailman.ampr.org" 44net@mailman.ampr.org Cc: Bcc: Date: Thu, 2 Dec 2021 18:48:49 +0000 Subject: [44net] DN42 for 44net?
Just discover this new thing where it will create mesh networks and even BGP via VPN tunnels. This maybe an interesting way for 44net to considering implement.
dn42 is a big dynamic VPN< https://en.wikipedia.org/wiki/Virtual_private_network%3E, which employs Internet technologies (BGPhttps://en.wikipedia.org/wiki/Bgp, whois database, DNShttps://en.wikipedia.org/wiki/Domain_Name_System, etc). Participants connect to each other using network tunnels (GRE< https://dn42.dev/howto/GRE-on-FreeBSD%3E, OpenVPN< https://dn42.dev/howto/openvpn%3E, WireGuard< https://dn42.dev/howto/wireguard%3E, Tinchttps://dn42.dev/howto/tinc, IPsechttps://dn42.dev/howto/IPsec-with-PublicKeys) and exchange routes thanks to the Border Gateway Protocol. Network addresses are assigned in the 172.20.0.0/14 range and private AS numbers are used (see registry< https://dn42.dev/services/Whois%3E) as well as IPv6 addresses from the ULA-Range (fd00::/8) –
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net _________________________________________ 44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net