On Aug 12, 2021, at 05:38, Tony Langdon via 44Net 44net@mailman.ampr.org wrote:
something more user friendly. I would have 3 classes of IP in my networks:
- Public, BGP routed (direct connection). Basically my existing
44.190 allocation is a prime example of this. These IPs are to provide Internet facing services.
- Backbone routed IPs on LAN (or local wifi). These are mainly for
intranet use, but not being on air, connection to Internet hosts is tolerated. For example, these addresses would be a good place to run an IRLP or Echolink node.
Tony, It would seem to me that IRLP or Echolink nodes would need to be in the public space (now 44.190). Both require open unfettered access to/from any public IP in 0/0. I always suggest IRLP nodes ideally, are setup directly on a public IP, outside any local firewall (though quite often that is not possible). Perhaps your proxies could be in Backbone routed nets, depends on how the routing out of the backbone is set up.
Lotsa details TBD
- Radio based IPs. Here, I would be very selective what to allow by
default - other Intranet addresses, possibly at least some of the public BGP routed 44net space. Individual hosts on radio may even have cause to communicate with specific Internet IP addresses (e.g. the end point for some other amateur link), on a case by case basis. Or I may allow specific ports/protocols only to the general Internet (e.g. Echolink, IRLP, etc).