So, everyone out in 44net land, how are things?
After one month since the "cut-over": - are the coordinators allowed to coordinate fully? - are the requestors allowed to be assigned a non-.32/.61/63 address? - is everyone "trusted" enough to use the portal freely/fully again?
Inquiring minds, and those waiting for an allocation, want to know.
News to me as I coordinate 11 USA state /16 subnets.
On 5/3/2024 10:43 AM, Pedja YT9TP via 44net wrote:
On 3.5.2024. 13:28, Charles J. Hargrove via 44net wrote:
- are the coordinators allowed to coordinate fully?
I was explained that coordinators are no more needed.
On Fri, May 3, 2024 at 7:28 AM Charles J. Hargrove via 44net 44net@mailman.ampr.org wrote:
So, everyone out in 44net land, how are things?
After one month since the "cut-over":
- are the coordinators allowed to coordinate fully?
- are the requestors allowed to be assigned a non-.32/.61/63 address?
- is everyone "trusted" enough to use the portal freely/fully again?
Inquiring minds, and those waiting for an allocation, want to know.
I'm happy to share my own (limited) perspective. Overall, I'd say it's a mixed bag. Let's start with the good:
1. Self-service DNS is very nice. It always struck me as a bit of an administrative burden that the coordinators had to get involved just to set up RR's in existing allocations. People have always been very gracious about it (thank you, Charles) but I also felt kind of sheepish asking, because I knew I was asking to take someone else's time. If I just want to change a hostname or add a record, this is much easier and I think will lend itself well to experimentation. 2. The portal itself is much _nicer_, from an aesthetic standpoint. Visually it's easier to use and better organized. 3. The use of 2FA seems like a net positive.
Ok, the not-as-good, along with suggestions for improvement.
1. The roll-out was rocky. This is known; 'nuff said. Suggestion: It probably would have helped to have an extended "beta-test" period and a staged roll-out, inviting some set of users (maybe the coordinators?) to use it with dummy data, point out the flaws, etc. Some of the kinks with ticket permissions and the partial rollback might have been discovered and worked out ahead of time. 2. Communication: the change-over seemed rather abrupt. Perhaps I just wasn't paying sufficient attention, but my sense is that we'd heard that a new portal was coming and then poof, there it was. While that in and of itself is not a problem, things are sufficiently different that there are outstanding questions about e.g. the role of coordinators. Suggestion: more proactive communication with stakeholders in the existing organizational structure might have smoothed that out. A heads up with an FAQ for end-users addressing what's changing and how the new portal works could have reduced some confusion. 3. The "Level of Trust" mechanism seems a little under-developed and confusing. For instance, I've completed all of the automated verifications, yet I still haven't accumulated enough trust points to request a /24, even though I've already got a /24 allocated to me! That feels vaguely off. There's no clear relationship between the number of points one has and what sort of allocation one can request, etc. Further, it almost feels like a bit of a game: the next step is to request validation with a validator, but a) it's unclear exactly how, and b) as explained on the portal, there's no upper bound to the number of points one can request. Multiple meetings with validators gains one more points, but one wonders why? If I show an identifying document to a person who is, one presumes, trusted enough to say, "yes, this person showed a valid ID and I believe that they are who they say that they are" what is the utility of repeating that process over and over? Suggestion: streamline the LoT thing, and document it so that people know exactly what they have to do to get validated to a level to request whatever sized allocation they want or need. 4. I'm a bit disappointed that the source code isn't available for inspection. Yes, I get that this can result in endless bikeshedding ("why didn't you use _my_ favorite programming language?") but I also think it's important as a precedent. This is an experimental hobby; we should be sharing things like this in a spirit of openness. I'm a working software engineer, and my company makes rack-scale servers. We do software/hardware codesign from web-based consoles down to the board/FPGA/ASIC level; yet we open-source whatever we can, both software and hardware, modulo legal requirements involving third-parties. We do this because we firmly believe it is best for our users. It can be done! Suggestion: open source the portal (and other code, as applicable!) under an OSI-approved license.
Anyway, that's my 2c.
- Dan C. (KZ2X)
NYC-ARECS/RACES Nets 441.100/136.5 PL ARnewsline Broadcast Mon. @ 8:00PM NYC-ARECS Weekly Net Mon. @ 8:30PM http://www.nyc-arecs.org
NY-NBEMS Net Saturdays @ 10AM & USeast-NBEMS Net Wednesdays @ 7PM on 7.036 Mhz USB (alt 3.536)/1500 hz waterfall spot; MFSK-16 or 32
"Information is the oxygen of the modern age. It seeps through the walls topped by barbed wire, it wafts across the electrified borders." - Ronald Reagan
"The more corrupt the state, the more it legislates." - Tacitus
"Molann an obair an fear" - Irish Saying (The work praises the man.)
"No matter how big and powerful government gets, and the many services it provides, it can never take the place of volunteers." - Ronald Reagan _______________________________________________ 44net mailing list -- 44net@mailman.ampr.org To unsubscribe send an email to 44net-leave@mailman.ampr.org
While self-service DNS entries is a good thing for those who know and understand what to do, in the hands of a non-knowing newbie it is bad. As for doing the entries for people in my area or even outside of it, they were spaced out enough to not be a bother. For the newbies, it gave me a chance to converse with them and be the Elmer that those of us with experience should be. I would hope that the coordinators, if they continue to exist as per G1FEF's comments to me recently, should have the ability to make the DNS entries for others who need the help.
On 5/3/2024 12:38 PM, Dan Cross wrote:
- Self-service DNS is very nice. It always struck me as a bit of an
administrative burden that the coordinators had to get involved just to set up RR's in existing allocations. People have always been very gracious about it (thank you, Charles) but I also felt kind of sheepish asking, because I knew I was asking to take someone else's time. If I just want to change a hostname or add a record, this is much easier and I think will lend itself well to experimentation.
My gate will be my Friend Sysop Elmer Leader Teacher Point of contact And a lot more..
N9pno George Kirn had contact with this data.
On Fri, May 3, 2024 at 12:26 PM Charles J. Hargrove via 44net < 44net@mailman.ampr.org> wrote:
While self-service DNS entries is a good thing for those who know and understand what to do, in the hands of a non-knowing newbie it is bad. As for doing the entries for people in my area or even outside of it, they were spaced out enough to not be a bother. For the newbies, it gave me a chance to converse with them and be the Elmer that those of us with experience should be. I would hope that the coordinators, if they continue to exist as per G1FEF's comments to me recently, should have the ability to make the DNS entries for others who need the help.
On 5/3/2024 12:38 PM, Dan Cross wrote:
- Self-service DNS is very nice. It always struck me as a bit of an
administrative burden that the coordinators had to get involved just to set up RR's in existing allocations. People have always been very gracious about it (thank you, Charles) but I also felt kind of sheepish asking, because I knew I was asking to take someone else's time. If I just want to change a hostname or add a record, this is much easier and I think will lend itself well to experimentation.
-- Charles J. Hargrove - N2NOV NYC-ARECS/RACES Citywide Radio Officer/Skywarn Coord.
NYC-ARECS/RACES Nets 441.100/136.5 PL ARnewsline Broadcast Mon. @ 8:00PM NYC-ARECS Weekly Net Mon. @ 8:30PM http://www.nyc-arecs.org
NY-NBEMS Net Saturdays @ 10AM & USeast-NBEMS Net Wednesdays @ 7PM on 7.036 Mhz USB (alt 3.536)/1500 hz waterfall spot; MFSK-16 or 32
"Information is the oxygen of the modern age. It seeps through the walls topped by barbed wire, it wafts across the electrified borders." - Ronald Reagan
"The more corrupt the state, the more it legislates." - Tacitus
"Molann an obair an fear" - Irish Saying (The work praises the man.)
"No matter how big and powerful government gets, and the many services it provides, it can never take the place of volunteers." - Ronald Reagan _______________________________________________ 44net mailing list -- 44net@mailman.ampr.org To unsubscribe send an email to 44net-leave@mailman.ampr.org
I'm one for whom the old manual system was user hostile. I never got round to getting my ampr.org DNS sorted out because of the manual coordinator requirement. Now I might get around to it.
On 4/5/24 3:26 am, Charles J. Hargrove via 44net wrote:
While self-service DNS entries is a good thing for those who know and understand what to do, in the hands of a non-knowing newbie it is bad. As for doing the entries for people in my area or even outside of it, they were spaced out enough to not be a bother. For the newbies, it gave me a chance to converse with them and be the Elmer that those of us with experience should be. I would hope that the coordinators, if they continue to exist as per G1FEF's comments to me recently, should have the ability to make the DNS entries for others who need the help.
On 5/3/2024 12:38 PM, Dan Cross wrote:
- Self-service DNS is very nice. It always struck me as a bit of an
administrative burden that the coordinators had to get involved just to set up RR's in existing allocations. People have always been very gracious about it (thank you, Charles) but I also felt kind of sheepish asking, because I knew I was asking to take someone else's time. If I just want to change a hostname or add a record, this is much easier and I think will lend itself well to experimentation.
I am disappointed that the current system is focused on a completely different use-case than we have here (both in the Netherlands and in other European countries). I have tried my best to explain this to the people involved via a membership of the TAC, but no matter how hard I tried, I wasn't able to explain it to them. It may be because English is not my first language, I am very disappointed and depressed because of it. Every time I brought up issues, they were not understood.
It seems that the system is now completely geared towards a person who wants to personally advertise a /24 network from a datacenter server, gets a permit to use BGP on the internet, and manages his own subnet including DNS. Fine.
Any issues like "wanting to run an own DNS server" are waved away with answers like "why don't you use internet DNS resolvers like 1.1.1.1"...
But that is NOT AT ALL how we are using AMPRnet! We actually have a radio network. It uses net44 IP space. It is regionally subdivided into subnets, from where individual amateurs and also amateur projects like repeater sites get their subnets and also separate IP addresses. They do so via a coordinator. They do not need randomly assigned addresses, they need addresses in their regional subnet, depending on what radio access point they connect.
The network can operate stand-alone. So it needs an internal DNS server that can resolve the domain names and addresses used inside the network. It needs the DNS data for that.
As an extra service, the network is also routed towards the internet, both on BGP and IPIP. But that is the entire /16 network, not all those separate subnets (many of which are too small to advertise on internet anyway).
I have tried to explain the architecture to the other TAC members and Chris. But I failed. And now we got what we have now, which does not over our needs at all.
And worst, Chris is rejecting and denying all my requests to help us and add the features (or even the configuration) we need to operate our network.
I am sad, disappointed and depressed. In Chris, in the ARDC. I don't understand why people have to treat each other this way, and cannot co-operate in a friendly way where everyone can be happy doing their hobby.
Rob PE1CHL
On 2024-05-03 13:28, Charles J. Hargrove via 44net wrote:
So, everyone out in 44net land, how are things?
After one month since the "cut-over":
- are the coordinators allowed to coordinate fully?
- are the requestors allowed to be assigned a non-.32/.61/63 address?
- is everyone "trusted" enough to use the portal freely/fully again?
Inquiring minds, and those waiting for an allocation, want to know.
It seems Rob explained the exact cohesive AMPRNet we conceived here - with OLSR radio towers/Access points, also connected by fiber that we're working on here. Depending on location 900 MHz, 2.4 and 5.4 GHz, non-Part 97 radio connections as applicable etc. These IPs would at minimum be in the "Maryland" range (we have other jurisdictions here willing to route to us), but we could feasibly deliver and route any IP that was assigned to our IPENCAP gateway on their behalf. Users simply need a WiFi device with a NIC on the correct band, configured with their IP. The simplest would be an OpenWrt-compatible device with OLSR on the WWAN/AdHoc interface, with their assigned 44 IP. They could then i.e. NAT/Masquerade then use LAN as any other network they've experienced previously - or perhaps they have a bigger subnet to assign clients. Our organization's assigned 44 range will be connected/announced via BGP to the same ISP of our RACES sponsor (a government ISP). They will also issue an IP on their ARIN/RIR allocation to use as an IPENCAP (IP Protocol No. 4) gateway. This design was approved by the sponsor's network manager and the ISP's Network Architect and Engineers (disclosure: I am the ISP's Systems/Network Administrator). Our Sectional and Regional Managers reiterate breaking the 2400 baud barrier, this is our answer this far. The DNS server would then be moved from its commercial data center, into one of the sponsor's or the sponsor's ISP. This COULD make all resolution internal as Rob noted. I maintain a 1 Gbps fiber connection via my QTH ISP to that data center currently. I would then use a device at my QTH pointed at my radio tower. I should be able to request my /24 allocation be announced via my RACES Organization. I could then I-BGP with them - across my RF/mesh interface to them - also still running IPENCAP on the GW. I hope I explained my future BGP connection that would be compatible with my region's RF network.
I hope two people expounding on the same topic makes clarity.
73,
- LynwoodKB3VWG
On Sunday, May 5, 2024 at 05:28:52 AM EDT, Rob PE1CHL via 44net 44net@mailman.ampr.org wrote:
I am disappointed that the current system is focused on a completely different use-case than we have here (both in the Netherlands and in other European countries). I have tried my best to explain this to the people involved via a membership of the TAC, but no matter how hard I tried, I wasn't able to explain it to them. It may be because English is not my first language, I am very disappointed and depressed because of it. Every time I brought up issues, they were not understood.
It seems that the system is now completely geared towards a person who wants to personally advertise a /24 network from a datacenter server, gets a permit to use BGP on the internet, and manages his own subnet including DNS. Fine.
Any issues like "wanting to run an own DNS server" are waved away with answers like "why don't you use internet DNS resolvers like 1.1.1.1"...
But that is NOT AT ALL how we are using AMPRnet! We actually have a radio network. It uses net44 IP space. It is regionally subdivided into subnets, from where individual amateurs and also amateur projects like repeater sites get their subnets and also separate IP addresses. They do so via a coordinator. They do not need randomly assigned addresses, they need addresses in their regional subnet, depending on what radio access point they connect.
The network can operate stand-alone. So it needs an internal DNS server that can resolve the domain names and addresses used inside the network. It needs the DNS data for that.
As an extra service, the network is also routed towards the internet, both on BGP and IPIP. But that is the entire /16 network, not all those separate subnets (many of which are too small to advertise on internet anyway).
I have tried to explain the architecture to the other TAC members and Chris. But I failed. And now we got what we have now, which does not over our needs at all.
And worst, Chris is rejecting and denying all my requests to help us and add the features (or even the configuration) we need to operate our network.
I am sad, disappointed and depressed. In Chris, in the ARDC. I don't understand why people have to treat each other this way, and cannot co-operate in a friendly way where everyone can be happy doing their hobby.
Rob PE1CHL
On 2024-05-03 13:28, Charles J. Hargrove via 44net wrote:
So, everyone out in 44net land, how are things?
After one month since the "cut-over":
- are the coordinators allowed to coordinate fully?
- are the requestors allowed to be assigned a non-.32/.61/63 address?
- is everyone "trusted" enough to use the portal freely/fully again?
Inquiring minds, and those waiting for an allocation, want to know.
_______________________________________________ 44net mailing list -- 44net@mailman.ampr.org To unsubscribe send an email to 44net-leave@mailman.ampr.org
-
Charles J. Hargrove -
Dan Cross -
g -
lleachii@aol.com -
Pedja YT9TP -
Rob PE1CHL -
Tony Langdon