My 2-pence (or cents)…

I typically use Pfsense for routing and the export tool for OpenVPN makes creating certificates and exporting configs as easy as any other solution.

The subnets are plenty big enough for someone to create a platform that supports more than one VPN type and people can choose what they prefer… L2TP is built-in to some Huawei 4G routers for example, OVPN has an app for just about every platform and Wireguard is good for Site-to-Site VPNs.

I have a service offering static addresses on both L2TP and OVPN, I may add Wireguard later on.

On Sun, 22 May 2022 at 19:44, David Andrzejewski via 44net <44net@mailman.ampr.org> wrote:
I might suggest WireGuard instead of OpenVPN.  I know it's newer but it's also a bit easier to use and set up.

That said, I fully agree with your point about the learning aspect of routing.  I think there's a balance to be struck - ham radio is about learning, but there shouldn't be a high barrier to entry.

Dave/ad8g

-----Original Message-----
From: Steve L via 44net <44net@mailman.ampr.org>
Sent: Sunday, May 22, 2022 14:25
To: Rosy Schechter - KJ7RYV <rosy@ardc.net>
Cc: Amprnet 44 Net <44net@mailman.ampr.org>
Subject: [44net] Re: 44Net Assessment Kickoff - Survey!

Good survey
I just completed it and I have some other comments.

The IPIP mesh is not plug and play, which for folks like me who are interested in learning routing has been an invaluable learning exercise.  I hope something like this can always continue.

However there are other use cases that are more plug and play.  One being supporting internet connected infrastructure (ie. IRLP, Allstar, DMR, D-Star etc).  All of which mostly require a public IPV4 address and the ability to port forward.  Such is not the case with cellular providers and will only become more of an issue as the global pool
IPv4 addresses shrinks.  A system of geographic POP’s should be deployed.  The POP’s might want to use OpenVPN as it's well supported and issues automated keys or the ARRL LoTW method.  It would be wise to limit the bandwidth to something modest and employ a DPI technique to drop bittorrent fingerprints to ease overall administration.

Short of ARDC supporting POP’s, then you’re looking at outside groups making this happen.  But these will likely be service specific.  Ex, I believe IRLP has done so with some assigned address space.

Current geographic portal allocations are based on CIDR style routing.
Which makes sense if you intend to interact with existing (legacy) RF networks. Perhaps a portal question should exist to point them to their geographic allocation or not.  If the intent is non RF or mesh, then a different allocation methodology should be employed (next chunk in sequence)

I’ll stress again knowing who is doing what is always good so one can privately coordinate forwarding partners, etc, and just folks to experiment with.

Steve, KB9MWR
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org To unsubscribe send an email to 44net-leave@mailman.ampr.org
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org
To unsubscribe send an email to 44net-leave@mailman.ampr.org