30 Mar
2014
30 Mar
'14
9:11 p.m.
On Fri, Mar 28, 2014 at 10:08 PM, Don Fanning <don(a)00100100.net> wrote:
again, if it's not going to be routable then why do we need 44/8? use
RFC1918 space and give 44/8 back. The easiest way to get things routable
is to use a dynamic routing protocol and peer with others using standards
based routing protocols and practices. That involves using working with
others to peeer with protocols such as OSPF and BGP. We could attract many
into this hobby if we'd simply offer to be the teachers of the IP
networking craft using standards based methods used by everyone else across
the internet.
A significantly harder solution would be to use BGP which is what is used
On Fri, Mar 28, 2014 at 3:03 PM, Eric Fort
<eric.fort(a)gmail.com> wrote:
If this is, " a hack to backbone a semi-private network on top of the
public internet" then why do we need 44/8? Please explain why 10/8 would
not work just as well?
Also, most links are point to point and connect various networks, or did I
miss something in my networking classes? A host in the IP sense can be
viewed as a /32 network though the link it's on generally requires a /30
for everything to work correctly (rfc3021 notwithstanding).
(Please trim inclusions from previous messages)
_______________________________________________
It would seem to me that while due to the fact we are tunneling most
everything we may have a logical full mesh but far from a physical full
mesh. What does a tunneled logical full mesh really accomplish for us
other than making things all the more complicated?
Right now it allows small/medium sized islands of amateur packet radio
networks to interconnect with others around the planet at speeds faster and
more reliable than HF or VHF.
Wouldn't traditional
peering and routing done "the normal way" be much easier?
Not really because most networks are point to point (ie: you connect to
your work VPN - not you connect to your work VPN which interconnects with
every other VPN in the world). This essentially is a hack to backbone a
semi-private network on top of the public internet.
I can see a
valid place for nailing up vpn links and various tunnels, i.e. last mile
access and tying islands together though something other than IPIP with
links negotiated on a peering basis as needed, but what does a full
logical
mesh of tunnels give us? It seems that since it's built of tunnels and
thus virtual rather than physical we just unnecessarily complicate the
mess
wherein the tunneled traffic and the tunnels themselves end up taking
multiple and somewhat changing hops to get from one end to another.
Yup, nothing's perfect.
IP was
designed such that I could hand a packet off and basically go, "ok, now
it's your problem to deliver it (on a best effort basis)", thus I
shouldn't
need to know every conceivable route to every conceivable endpoint. What
prevents us from using it that way?
Because the internet isn't built that way. You still need a source and
destination address. You still need routers able to figure out how to get
your packet from point A to point Z via points B,C,Q and V. And your
packets need to know how to return back to you through said points. The way
the current network works is that it sends a routing table to all
participants of all these little islands of "44net" and how they could be
reached over the public internet. And mind you, for it to work correctly,
the traffic has to be effectively routable back to you without being
dropped into a blackhole or routing loops occurring. One can just
substitute 44/8 for 10/8 and the same problems are there.
The simplest way of routing a non-routable network is through
encapsulation for which IPIP was chosen as it's part of the TCP/IP network
protocol. This allows everyone to be part of the network while not having
control or bandwidth being focused at any one single location.
on the larger internet. But there are many, many
reasons why you don't
want just anyone manipulating BGP routes. One wrong command and you could
send China's internet traffic to Togo. Or create routing loops which would
cause large interruptions not only for yourself but for a multitude of
other people on the internet.
Yes, I've seen this done both intentionally and unintentionally. sometimes
one need be careful about what and who's anouncements are trustworthy.
this is where mentoring and good network policy becomes increasingly
importaint.
Most residential ISP's will not let you insert
44/8 addresses onto their
networks. Even commercial hosting and colocation providers really want to
see justification and the proper I's and T's dotted and crossed before they
will host a 44/8 subnet for you as it's still not a trivial change. Then
there is the problem of encapsulated and non-encapsulated. The few 44/8
subnets that have broken off the UCSD router are able to route across the
internet just like anyone else but cannot reach other 44net islands that
run the encapsulated tunnels without going back to the encap munge because
those other islands either don't know how or are unable to reach them due
to upstream providers blackholing 44/8 traffic as nonroutable.
And they should ask for and review that you have all your stuff in order
prior to either hosting your netblock within their AS or offering to peer
with you. It's then our task as custodians of 44/8 to mentor those who
would use that space into being good network engineers and technicians. As
far as reachability to and from other 44net islands, i.e. between those
using BGP and those not that would seem to be resolvable via individual
peering agreements between the respective islands. At the same time I'd
think use of BGP wherever possible to route to and from the larger internet
and smaller 44net islands ought be encouraged as the norm or again if that
is not to be the case then maybe we ought seriously consider 10/8.
One might suggest that we can just create a 44net VPN
that we all connect
into via PPTP or other means but who pays the hosting bill for that?
Bandwidth and hosting still costs money at the end of the day as Netflix
found out. And we don't have the advantage of doing commercial "peering"
as our networks cannot be used for commercial purposes.
Who pays to put your local repeater on the air and keep it there? Same
thing. Also while our over the air ham band networks can not in most
cases carry commercial traffic, our internet links most certainly could.
the prohibition is against what goes over the air on the ham bands, not
what travels over the 44/8 network - at least from a govt. regulatory
viewpoint.
That's all I got...
Eric
AF6EP