Re: [44net] Something simple

I'm running Mikrotik RouterOS on a machine directly connected to the Internet (it has a public IP, no NAT, no Firewall except it's own). I runs smoothly so far. I'm using a Python script from https://github.com/kd7lxl/hamwan_scripts/tree/master/amprupdate (I made a few customisations to address a issues with my specific setup) to create the IPIP interfaces, add routes and some routing policy rules (customisation). The AMPR fullmesh works almost as well on Mikrotik as on Linux. I haven't had any issues with the IPIP fullmesh so far (on Linux and Mikrotik RouterOS). We are using this Mikrotik machine in LX to connect some sites to the AMPR which are behind NAT and which cannot run their own IPIP interfaces. The NATted sites use OpenVPN (may we'll add SSTP) to connect to the Mikrotik machine. Within AMPR all the subnets are routed to the Mikrotik machine which routes them via the OpenVPN links to the remote sites. I have installed a reference site at my home, connected via OpenVPN to the Mikrotik machine. To demonstrate the performance I'm accessing several major video streaming sites without any connection issues. Packet flow is steady with acceptable jitter for HAM usage. The runtime is around 200ms (RTT ~400ms), which is higher than normal but remains unnoticed for HAM usage. I'm even running some VoIP and IM systems on 44net addresses, latency depends on the uplinks and distance between the sites. Within the nodes connected to my Mikrotik machines I have a latency of 30 to 200ms (30ms is DSL on both ends and 200ms is GPRS on both ends) which remains completely unnoticed even with VoIP services (unless you're calling the person standing next to you). So I have to disagree with your opinion. I can reach around 400 AMPR subnets of different size directly via the IPIP fullmesh (respectively with the help of my Mikrotik machine used as a tunnel server). My AMPR subnets can also access the Internet and they are fully accessible from the Internet. Access to the Internet and from the Internet is not activated by default and you have to create a DNS entry for each AMPR IP address which should be able to access the Internet respectively be accessed from the Internet. I intend to "open" my Mikrotik machine to other HAMs around the world having issues with NAT or ISP/University Firewall and hence cannot connect to the IPIP Fullmesh directly but I need to do some upgrades first (RAM, CPU, bandwidth). 73 de Marc, LX1DUC Quoting YT9TP - Pedja <yt9tp(a)uzice.net>et>: