I'm running Mikrotik RouterOS on a machine directly connected to the Internet (it has a public IP, no NAT, no Firewall except it's own). I runs smoothly so far. I'm using a Python script from https://github.com/kd7lxl/hamwan_scripts/tree/master/amprupdate (I made a few customisations to address a issues with my specific setup) to create the IPIP interfaces, add routes and some routing policy rules (customisation).
The AMPR fullmesh works almost as well on Mikrotik as on Linux. I haven't had any issues with the IPIP fullmesh so far (on Linux and Mikrotik RouterOS).
We are using this Mikrotik machine in LX to connect some sites to the AMPR which are behind NAT and which cannot run their own IPIP interfaces. The NATted sites use OpenVPN (may we'll add SSTP) to connect to the Mikrotik machine. Within AMPR all the subnets are routed to the Mikrotik machine which routes them via the OpenVPN links to the remote sites.
I have installed a reference site at my home, connected via OpenVPN to the Mikrotik machine. To demonstrate the performance I'm accessing several major video streaming sites without any connection issues. Packet flow is steady with acceptable jitter for HAM usage. The runtime is around 200ms (RTT ~400ms), which is higher than normal but remains unnoticed for HAM usage. I'm even running some VoIP and IM systems on 44net addresses, latency depends on the uplinks and distance between the sites. Within the nodes connected to my Mikrotik machines I have a latency of 30 to 200ms (30ms is DSL on both ends and 200ms is GPRS on both ends) which remains completely unnoticed even with VoIP services (unless you're calling the person standing next to you).
So I have to disagree with your opinion. I can reach around 400 AMPR subnets of different size directly via the IPIP fullmesh (respectively with the help of my Mikrotik machine used as a tunnel server). My AMPR subnets can also access the Internet and they are fully accessible from the Internet. Access to the Internet and from the Internet is not activated by default and you have to create a DNS entry for each AMPR IP address which should be able to access the Internet respectively be accessed from the Internet.
I intend to "open" my Mikrotik machine to other HAMs around the world having issues with NAT or ISP/University Firewall and hence cannot connect to the IPIP Fullmesh directly but I need to do some upgrades first (RAM, CPU, bandwidth).
73 de Marc, LX1DUC
Quoting YT9TP - Pedja yt9tp@uzice.net:
(Please trim inclusions from previous messages) _______________________________________________ On 20.08.13. 04:32, Rod Ekholm wrote:
Let me know if anyone is interested in creating some more static links, and / or trying to do some sort of edge router that can have an open communications standard, and not a customized (could otherwise spelled proprietary) protocol in the middle.
Count me in. I am in the same boat as you are :)
I am also waiting to see if there would some easy-for-human-to-implement solution to activate my subnet.
Although I did not manage to connect my network to AMPR due to unusual routing I think I do understand what is the problem.
Thing is 44/8 is maintained as one verz large PRIVATE network. It is router to public, or better, some portions are routed but not all.
This leads to a problem: we cannot simply route to other 44/8 subnets as they are not reachable through Internet. We have to establish VPNs to them to be able to route. As there are not some aggregating routing points, we have to make VPN for (almost) each subnet.
I guess that is the reason for odd routing procedure: you do not have to crate just a route but VPN too...
I guess that is a problem which is not easy to resolve.
I agree with you that pinning service on something like customized RIP protocol unknown to any router in wide use. I already suggested that ampr.org should offer not just encap.txt file bit also pre-generated scripts for routers which are commonly in use, like Mikrotik, you mentioned, and which, I also use.
I agree it is not the nicest approach we can have, but it is at least easy to implement and most important, it would allow humans to be able to get at least involved.
Pedja YT9TP
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html