Well as I said to Ruben this is wrong.
You may think you will fix the problem with such simple fix. The networking world is not as "clean" as you think. Once someone advertise a subnet in the 44.0/09 or 44.128/10 they would have access to your network. The thing is that it is already happening and AMPR/ARDC are already monitoring such event but it take times to find those rogue people, then AMPR need to contact the owner of the network that provide the bgp route top the rogue guys. Those could be legit guys but are with the rogue group and they could delay for days if not weeks the action needed to secure back YOUR network. Do you want to leave the front door of your house to the public if you were made promises that no one but the legit owner of the neighbourhood would have access to the road in front of your house? Not the same security risk I think.
Pierre VE2PF
________________________________________ De : 44Net 44net-bounces+petem001=hotmail.com@mailman.ampr.org de la part de Rob PE1CHL via 44Net 44net@mailman.ampr.org Envoyé : 10 août 2021 17:57 À : 44net@mailman.ampr.org Cc : Rob PE1CHL Objet : Re: [44net] A new era of IPv4 Allocations : Agree
I agree! That motivation to split the network is totally bogus. Everyone in 44.0.0.0/9 and 44.128.0.0/10 can be "trusted" to be radio amateurs, it does not matter if they are on an isolated network or on a network connected to the internet. How it is routed (over radio or over internet tunnels, using what routing protocol, and what policy, does not matter at all.
Of course on an isolated network you can have bad guys as well, so you will always have to be careful what you open up to others.
Rob
On 8/10/21 11:40 PM, Ruben ON3RVH via 44Net wrote:
Dual addressing means complicated policy based routing.
The remaining 44net that we have today is ham only. Thus if one does not the internet to reach his/her subnet, all they have to do is add a simple firewall rule allowing 44/8 and 44.128/10 and denying the rest. That is a lot easier than policy based routing or dual addressing. That would allow fellow hams to reach the subnet, but not the rest of “the big bad internet”
Ruben - ON3RVH
_________________________________________ 44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net