16 Jun
2020
16 Jun
'20
6:48 p.m.
I'm replying to the main thread, as Rob still insists with posting using his
broken MUA which breaks threading, making it impossible to follow his
ramblings. Thanks Rob.
On 6/16/20 1:23 PM, Rob Janssen via 44Net wrote:
I notice that more and more 44net traffic originates
from addresses that are
not registered in DNS. To identify an amateur radio transmission, it
is required
in most countries that the callsign is included in transmissions. Up to
now I
have considered traffic from a net44 address to be identified by the reverse
name that can be looked up in DNS, and that has the basic structure of
"hostname.callsign.ampr.org" (with of course some variations, but always the
callsign of the responsible station is part of the name).
Having reverse DNS with a callsign in it doesn't meet identification
requirements in the ITU or FCC rules, assuming the packet is traversing an RF
link on amateur frequencies. Under FCC rules (and I'm aware you may be under
a different legal authority), the control operator is the required ID, not the
originator of the packet.
I think everyone should be encouraged (or even
required) to register all
used
addresses in DNS. There may have been some hurdles to do that in the past
(e.g. the never completed DNS part of the portal, the unavoidable
restrictions
of the ampraddr robot to accept only updates from coordinators).
What is the problem you're seeking to solve if it's not legal identification
of transmissions?
Everyone who has e.g. a number of hosts in the 44.190
or other not
nationally
registered parts of the network can send a list of their IP addresses and
corresponding hostnames (with names like the above, i.e. a callsign embedded
in them) to me, then I can submit them to the robot and they get registered
in the ampr.org main DNS service. Otherwise please register your hosts
through
your local coordinator, even when you have been allocated an entire subnet.
DNS NS records handle this now. When you allocate a /24, your name servers
are setup to handle x.190.44.in-addr.arpa. This works and works well
requiring no manual or non-standard software. DNSSEC could be added to secure
it if needed.
Given that we now have this situation, I think there
should be a general
policy
of allowing AXFR and preferably also IXFR zone-transfers of these zones
between net44 addresses. We should not have "dark and secret" zones that
are inaccessible to others, I think, especially for the reverse (PTR) zones.
What does this solve? If you have evidence of non-ham use of 44net space,
email the ARDC board. AFIK there is no procedure to report this.
Allowing you to have a copy of my zone file isn't going to fix it. I can just
use CNAME records and jump to another domain. Should I be forced to give AXFR
access to any CNAME domains too? I can't do this for a number of services and
services in my hamcolo, as everyone has control over their own reverse dns.
(side bar, if anyone needs a VM for something ping me offlist.)
As it is now, you can download the zonefiles from an
FTP server (or of course
you can do lookups at the master server ampr.org at 44.0.0.1) and compile a
list of updates (using diff between the downloaded- and the desired info) and
then you can create an e-mail message to the ampraddr robot that will do the
updates.
Again, this is non-standard and doesn't add any functionality over and above
reverse DNS. If you want to see who is responsible for an IP in 44net, you
can use the portal or rwhois.
These proposals are asking DNS to do something it's not designed for. There
is also the need for a procedure regarding what to do when a person suspects
non-ham use of 44net by a licensee. Defining what would constituent this use
is going to be hard, and then what would be acceptable proof of it. There
would need to be clear and public proceeding to enforce this as well.
73s
--
Bryan Fields
727-409-1194 - Voice
http://bryanfields.net