Re: [44net] A new era of IPv4 Allocations : Agree

On 10 Aug 2021, at 23:38, pete M via 44Net <44net(a)mailman.ampr.org> wrote: Ronen,Those are not difficult question, but they are hard to answer properly. Why do we need to keep the nmetwork separated is because it is almost impossible to ask everyone on the 44 net to keep rules for every part of the net that they want to communicate with on a white list or the one they dont a black list on their own firewalls. That looks like the easy way, but it is on the long run the hard way. Also, The way internet routing works keeping white list or black list of route is also the same, very hard to keep tracks. If you want to keep up to date you need to download list from a server and that is what the IPIP tunel been doing for years. And what did it do? We now need router that have multiple meg of memory to handle the traffic and the routes keep on getting more and more complicated. Byt splitting the networks there is a simple line that can be put on one router to keep the user sure that what he will connect to and what connect to his system is from a ham operator and it is to have an intranet like 44.128/10. There are ways to keep your country into the internet connected world and also keep all the address you already have and that is by adding a new ip address to all of your machine and making new routes in your routers to a new allocation that you would still be connected to by the same method you are using presently and that is just by asking a new allocation into the 44.0/10 section of the ip space, without releasing the ip space you already have. You can all do this remotely casue your network is already online and it is simple to hope that you can monitor and program stuff in your network properly. The TAC also said that support AND time will be allowed for that to be done. And only AFTER all the route addition be done b y the people that WANT to continu to have internet routing and not intranet only will be working that the change would be done. And then if AFTER the proposal be applied if you dont want to keep the duplicate network on 44.138 you will be able to drop it OR keep it if in use. I hope this answer your question. Pierre VE2PF ________________________________________ De : 44Net <44net-bounces+petem001=hotmail.com(a)mailman.ampr.org> de la part de R P via 44Net <44net(a)mailman.ampr.org> Envoyé : 10 août 2021 14:26 À : 44Net general discussion Cc : R P Objet : Re: [44net] A new era of IPv4 Allocations : Agree Hi I read now the proposal as i said before i also didnt see it (probably missed it ) I still dont understand and didnt got any answer for simple question i have asked it not long ago beside the answer " it is only proposal" So i ask it again and expect simple answer Why should we separate networks ? Every simple firewall can block traffic with simple rule today every simple cheep microtik router (the same that i have at home that do for me the IPIP tunnel for the amprnet network) have excellent firewall and everyone that dont want to get data from the internet can add a rule in his router and close the deal . by that the whole amprnet will have a single topology and the rules will sit at the endpoints and now for more specific question I (and all my country) sit on 44.138 which according to the proposal would be not connected to the Internet But i am connected to the internet and would like to be connected in the future (and im sure others in my country would also ) what will i have to do ? renumber ? Hope for any logical answers for the not so complicated questions that i asked Regards Ronen - 4Z4ZQ ________________________________ From: 44Net <44net-bounces+ronenp=hotmail.com(a)mailman.ampr.org> on behalf of Toussaint OTTAVI via 44Net <44net(a)mailman.ampr.org> Sent: Tuesday, August 10, 2021 2:23 AM To: 44net(a)mailman.ampr.org <44net(a)mailman.ampr.org> Cc: Toussaint OTTAVI <t.ottavi(a)bc-109.com> Subject: Re: [44net] A new era of IPv4 Allocations : Agree Sorry for late answer. I was on holiday, working on a music festival which took all of my time and my energy :-) I had to review all the unread messages :-) Just to say I fully agree with the TAC proposal. Here in Corsica, we've been experimenting such a scenario for 2 years now : - a 44.168 "Intranet" subnet (routed locally on the island) - a 44.190 "Internet" subnet (routed on Internet via BGP) Every endpoint router has two VLANs labeled "Intranet" and "Internet", dual addressing and dual routing. Every router (currently, OpenWRT) has two sets of Ethernet interfaces. Connecting an equipment to "Internet" or "Intranet" is just a matter of plugging it on the right router interface (or setting the interface in "untagged" mode on the right VLAN if using a L2 switch). For example, D-Star or DMR repeaters are connected to "Internet" interfaces, while Asterisk analog VoIP repeaters are connected to "Intranet" interfaces. This topology works well and suits all of our current and future needs. The only constraint for us with the TAC proposal is that we'll have to renumber our 44.190.11.0/24 to something in 44.0.0.0/10. We have 21 child prefixes and 40 IP addresses to renumber. Of course, this will require some time, but it's not as if we had thousands of addresses :-) If we don't make mistakes, all can be done remotely :-) 73 de TK1BI _________________________________________ 44Net mailing list 44Net(a)mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net _________________________________________ 44Net mailing list 44Net(a)mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net _________________________________________ 44Net mailing list 44Net(a)mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net