On 3/8/21 6:29 am, Rosy Wolfe via 44Net wrote:
Hello everyone,
I, along with the board and staff, have been reading these messages. First of all, I want you all to know that YOU ARE HEARD. The point of having the TAC put out a proposal was to get feedback before adoption. It turns out that a significant part of the feedback is negative. I think that this proposal needs more work and adjustment before we can consider implementing it. The board and I want to see consensus on the main points of a proposal among the major schools of thought on this mailing list. That said, it’s important to remember that the people on this list are not the only people using the AMRPnet. We have a complex task on our hands to reach as many of those people as possible as we evolve proposals toward consensus.
I'm in two minds about the proposal, and it comes down to "more information needed" (more below). I'm one for whom renumbering will be a major exercise, with 200+ IP addresses, plus having to liaise with various network administrators for manual intervention and running some geolocation sensitive services, which means a protracted changeover. I'm not opposed to doing this, BUT it has to be worth my while, with clear benefits for the network (and hopefully myself) at the end of it. Last thing I want is to spend that time and effort, and be where we are now, or worse, having to do it again, to fix up something unforeseen.
Several board members have suggested that it's hard to find consensus on solutions until we have a consensus on what problem(s) the solutions are trying to solve. We have a tangle of issues like the complexity of IPIP tunnels, to BGP routing, to address space sparseness, to low performance.
Yes, I'd like to see the problems fleshed out first, so we have a clear definition of the problems, their priority and proposed solutions.
With this in mind, what problems with the AMPRnet do you think we should be trying to solve first?
One thing we haven't communicated well before, is that we are actively discussing budget and infrastructure for a “backbone” network of PoPs (Points of Presence) of the 44net on various continents, to make it easier for hams to connect to the AMPRnet with minimal effort and higher performance. If you have ideas about how you would like to see this happen, feel free to share here on the mailing list. I know that there’s at least one alternative proposal on the way.
First thing for me is to replace the IPIP mesh with the proposed backbone. While I have IPIP working here, I'm not 100% convinced that it's as reliable as I'd like. Often, my routing table has only had routes in 44.128/10, on occasions I've checked. While direct point to point links should offer good performance, I'm not necessarily convinced I'm seeing that, and there's many possible places things could break (routers not passing the IPIP protocol, for example). The backbone/POP idea could offer simpler setup for the cost of slightly less optimal routing for end users. The VPN software can generally route subnets, if told to do so by the server (perfect for those of us with subnet allocations). The question is whether we can make it as easy for ARDC to manage as the current system.
Other issues I see are:
Manual DNS management seems so 1990s. I haven't made any changes to my DNS, as manual changes by a third party (network coordinator in this case) is a major barrier. And a simple means of reverse DNS delegation would be nice for those of us with /24 or larger allocations. And having control of firewall separated from DNS would be nice - I may want ampr.org DNS "internally", but not want my RF sites Internet connected.
There seems to be questions of how to communicate between intranet (those on the radio/tunneled network) and BGP announced subnets, and this is where different people may need different solutions, depending on their network topology, etc. I have a private VPN between my tunneled and BGP subnets, because some routes would otherwise go via San Diego otherwise - that's working "long path" (~18000-20000km) for a server 150km away! :) I'd like relatively right connectivity between my BGP and intranet subnets, and possibly other BGP routed subnets, but no connection (generally) to the wider Internet from my part of the intranet.
Anyway, just putting some thoughts out there for discussion.