Jeff,

I also wanted to note that converting my server to BGP - means I must volunteer to run a IPENCAP tunnel as well, especially running the DNS. I also volunteered to do so to the old and new admin and coordinator.

Look in the 44-net mailing archives to see why that would be necessary. It may shed light on why a recursive DNS is needed. A lot of those discussions - a SK participated in.



- Lynwood



On Wednesday, April 24, 2024 at 06:14:16 PM EDT, lleachii@aol.com <lleachii@aol.com> wrote:


Jeff,


No. 6 - our ENCOMM sponsors have issues with the robustness of the network. I will be required to run that Server here anyways. This will only hinder our use, as we just received approvals from W3PGC's sponsor (home of the MDC section EC). I've been waiting to update on the DNS matter that was just resolved yesterday (aside from 2 /16's).


**BGP approval here also depend on a OLSR (used in HSMM) mesh via public safety controlled Layer1/Layer2 fiber to any radio towers, etc. as well.**

Not sure others points need to be discussed.

No. 7 - I need to update my ENCAP DDNS - I hope this "ticket system" doesn't delay it.


---

- KB3VWG




On Wednesday, April 24, 2024 at 06:02:34 PM EDT, Jeff Parrish-Personal <jeff@kb9gxk.net> wrote:


Good evening, everyone,

I have been passively watching this heated discussion.  I usually wouldn't jump in on it, but I have some input.

  1. We are HAMS, and one of our goals is to better the hobby for everyone.
  2. I think finding a way to have multiple recursive DNS geographically disbursed is a good idea.
  3. We must remember that any DNS we get from ARDC, whether ampr.org or ardc.net, is still technically an ARDC ZONE, and they have the right to choose whether they will allow AXFR.
  4. While you need to have a DNS entry created in the ARCH Portal for IPIP to work, if you have your own domain name, you can still use that.  I own kb9gxk.net and will publish it under my domain for anything I wish to allow others to access.  I chose Cloudflare for this as I can use their CloudflareD option to allow public access via my IP but keep the actual HAM traffic going through my IPIP tunnel.
  5. There are no RFCs stating that a DNS server MUST allow for AXFR.  That easily allows for DNS poisoning.  I'm hoping that ARDC's DNS servers are using DNSSEC to help prevent this.
  6. Lynwood, if you have a server in a Data Center, why would you not work with them to get a BGP connection instead of using IPIP? I'm not saying you have to; I'm just curious.
  7. The new portal has given us much more access than the old one, and there are bound to be bugs and delays as many more requests are being processed.  I'm still having an issue with my DNS stuff, but I am patiently waiting.  In my case, my IPs were previously assigned, and my "DNS Name" was created in the wrong domain, so when I had asked for the previous assignments to be removed, I couldn't create the proper entries for my IPs to work correctly.  Again, I know they are backed up with tickets, and I will wait patiently.

This whole discussion could have been handled differently.  This could have started as a proposal of ideas and asking for implementation.

As a side note, when I get passionate about something I believe and decide to write an email, I use Grammarly to a) make sure my grammar is correct and b) check the tone of the email.  I have learned that my passion can be very off-putting, so I have found a way to say what I need to, but it is not demeaning.

73,
Jeff Parrish - KB9GXK


From: lleachii--- via 44net <44net@mailman.ampr.org>
Sent: Wednesday, April 24, 2024 16:01
To: 44net@mailman.ampr.org <44net@mailman.ampr.org>; Charles J. Hargrove <n2nov@n2nov.net>
Subject: [44net] Re: DNS AXFR
 
All,

I have been accused of:

  • not being a native English speaker
  • being enraged
  • being asked how I'm hurt - despite I explained the issue with AMPRNet that hindered our usage of it here
  • to explain the RFC that tertiary servers use to obtain their zone???
  • having my server on a low-speed link, yet it's on a 1 Gbps connection in a Data Center

I honestly thought it was a joke when Chris asked to access the server - this all was laughable; but I think I'm just done discussing. So many people have made up things while not understanding something simple as having a client work on AMPRNet when one goes thru the trouble to setup a mesh with no client DNS sever. I honestly thought that was simple. I just want people not to have timeouts and lookup failures.

To be clear, I was born and raised in Washington, DC USA and I resent that statement on behalf of my neighborhood' (lol). There's been a lot of negative guessing about who I am personally taking place here- I find it quite rude.




73,


Lynwood
KB3VWG



On Wednesday, April 24, 2024 at 04:25:20 PM EDT, Charles J. Hargrove via 44net <44net@mailman.ampr.org> wrote:


Shhh! Secret Squirrel.

On 4/24/2024 4:22 PM, Ruben ON3RVH via 44net wrote:
> from an OPSEC point of view

--
Charles J. Hargrove - N2NOV
NYC-ARECS/RACES Citywide Radio Officer/Skywarn Coord.

NYC-ARECS/RACES Nets 441.100/136.5 PL
ARnewsline Broadcast Mon. @ 8:00PM
NYC-ARECS Weekly Net Mon. @ 8:30PM
http://www.nyc-arecs.org

NY-NBEMS Net Saturdays @ 10AM & USeast-NBEMS Net Wednesdays @ 7PM
on 7.036 Mhz USB (alt 3.536)/1500 hz waterfall spot; MFSK-16 or 32

"Information is the oxygen of the modern age. It seeps through the walls
topped
by barbed wire, it wafts across the electrified borders." - Ronald Reagan

"The more corrupt the state, the more it legislates." - Tacitus

"Molann an obair an fear" - Irish Saying
(The work praises the man.)

"No matter how big and powerful government gets, and the many services it
provides, it can never take the place of volunteers." - Ronald Reagan

_______________________________________________
44net mailing list -- 44net@mailman.ampr.org
To unsubscribe send an email to 44net-leave@mailman.ampr.org