Setting up some kind of vpn tunnel and running BGP over it is much easier then setting up a full mesh ipip network. Nobody asks anybody to be a big network hub. On linux, basically it comes down to configure a virtual network interface of some kind and add 4 lines to the quagga configuration file. On routers, its not a bigger endeavour either. We have all the 32bit ASs available, and a rational assignement and usage is already in place in the DE hamnet and workig for years (42+itu_prefix+...).
And after such a reorganization, even switching to another prefix, e.g. private addressing, would be a walk in the park.
Btw, this would be a nice first project to use some of that money...
Marius, YO2LOJ
July 19, 2019 10:50 AM, "Ruben ON3RVH" on3rvh@on3rvh.be wrote:
First thought would be that BGP is too difficult for 90% of the HAM operators. Although I do applaud the idea and do think it would be a better setup, 90% of the operators don't know anything about routing, let alone dynamic routing protocols.
The ease of the IPIP tunnels using a modified RIP daemon that can easily be downloaded makes the current setup so easy to deploy and get online. Also seeing that a lot of questions coming in are from users complaining that they are not reachable to/from the internet (when they haven't set up reverse DNS) shows that even reading the wiki is too hard for some of them.
73,
Ruben - ON3RVH
-----Original Message----- From: 44Net 44net-bounces+on3rvh=on3rvh.be@mailman.ampr.org On Behalf Of Rob Janssen Sent: vrijdag 19 juli 2019 11:43 To: 44net@mailman.ampr.org Subject: [44net] Time to restructure the network?
Now that we are all going to have to dive into our router configurations, wouldn't it be a good time to make some changes that are long overdue?
Like getting rid of the IPIP mesh and replace it with something more modern and supported by off-the-shelf routers, works behind NAT, etc? I would say setup some routers with VPN of different types around the world, have everyone connect to there using a suitable VPN protocol, run BGP on it to announce the gateway subnets.
A $50 MikroTik can do those jobs, for those that still want to run a JNOS system on MS-DOS they can put one in front of their box and still use it. People are already using it for IPIP mesh, a change in topology would be only a config change for them. And other routers mentioned here can do it too, without having to get external programs installed on them.
Those that want direct connection without a centralized system in the path can simply setup a VPN connection between them and configure the BGP peers, it will automatically work. There is no need to use only a single protocol in such a network, only the peers have to agree, so you can select from anything like L2TP/IPsec, OpenVPN, Wireguard, just plain GRE or even IPIP, etc etc. Just at this time I am trying to move my colocated machine that runs as an IPIP mesh member and I face that stupid "protocol 4 is not passed by the firewall" problem again. Arghh!!
Also we could get that IPv6 idea going. Remember it has been discussed many times and the only things we still need is some agreement on how to register and distribute the "list of AMPRnet prefixes in IPv6 space". Again that could be done using BGP, no need to setup yet another registration portal with downloadable files.
Note that Daniel EA4GPZ put some ideas around IPv6 on his site: https://destevez.net/ipv6-for-amateur-radio
Rob _________________________________________ 44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net