Hi all,
I've just set up my net44 gateway using a Debian machine running in the cloud with a static IP. My plan is to use this machine as an IPIP-to-OpenVPN adapter so that I can run my subnet from home via my LTE connection, with will not support IPIP. I set up the machine with Debian linux and rip44d.
I'm currently receiving the routing table from 44.0.0.1, and I'm able to ping several net44 machines in my area (44.4.2.153 and 44.4.50.1 for example), however, my linux machine is not able to ping 44.0.0.1. At first I assumed that this was a security policy, however, I'm also not able to access the ampr.org website from that machine now. in addition, I'm unable to ping my machine's net44 address from the internet.
Is this a result of gw.ampr.org not updating it's gateway list, and thus not knowing how to route to me, or have I missed something obvious?
Also, if anyone with a properly maintained gateway list could ping me at 44.4.36.1 and let me know the result, I'd appreciate it.
Thank you,
Blaine
On Wed, Jul 31, 2013 at 04:51:08PM -0700, Blaine Forbort wrote:
I'm currently receiving the routing table from 44.0.0.1
Which means that the amprgw system has your gateway address and route ok, and that you're receiving IPIP encapsulated packets from amprgw.
, and I'm able to
ping several net44 machines in my area (44.4.2.153 and 44.4.50.1 for example), however, my linux machine is not able to ping 44.0.0.1.
44.0.0.1 doesn't respond to pings from amprnet because of brokeness. It's a bug in the kernel on amprgw which I've never been able to track down.
to ping my machine's net44 address from the internet. Is this a result of gw.ampr.org not updating it's gateway list, and thus not knowing how to route to me, or have I missed something obvious?
If you're receiving the routes, you're in the gateway list on gw. It updates in real time when gateways changes are made on the portal.
I note that your gateway machine is not responding to pings from the Internet on its commercial address. You might try running tcpdump on your gateway system to see if pings from the Internet are reaching it on either its commercial address or via IPIP on its AMPR address, and to see if and how it is replying to those ping requests. - Brian
44.0.0.1 doesn't respond to pings from amprnet because of brokeness. It's a bug in the kernel on amprgw which I've never been able to track down.
Ok, that solves that part of the mystery. I'm still curious as to why I cannot get to the webpage however.
I note that your gateway machine is not responding to pings from the Internet on its commercial address.
Well, that's very curious indeed. I just pinged my machine, and it responded just fine for me.
$ ping ampr.k1qv.com PING ampr.k1qv.com (54.214.234.149): 56 data bytes 64 bytes from 54.214.234.149: icmp_seq=0 ttl=42 time=67.445 ms 64 bytes from 54.214.234.149: icmp_seq=1 ttl=42 time=86.558 ms 64 bytes from 54.214.234.149: icmp_seq=2 ttl=42 time=84.399 ms 64 bytes from 54.214.234.149: icmp_seq=3 ttl=42 time=98.167 ms --- ampr.k1qv.com ping statistics --- 4 packets transmitted, 4 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 67.445/84.142/98.167/10.970 ms
Not really sure what's going on here. As I said, I pinged n6mef-gw.ampr.org(44.4.2.153) as a test with tcpdump running. I see the IPIP encapsulated ICMP requests and replies working as they should between my machine and his gateway...
So... we know that I'm receiving IPIP encapsulated traffic from 44.0.0.1 because I'm receiving the RIP traffic, however, tcpdump shows no inbound traffic when trying to ping my 44.4.36.1 address from the internet.
Stupid question here, was I correct in assuming that my net44 subnet was routable from the internet?
Worked OK for me too:
ping ampr.k1qv.com
Pinging ampr.k1qv.com [54.214.234.149] with 32 bytes of data: Reply from 54.214.234.149: bytes=32 time=185ms TTL=43 Reply from 54.214.234.149: bytes=32 time=185ms TTL=43 Reply from 54.214.234.149: bytes=32 time=185ms TTL=43 Reply from 54.214.234.149: bytes=32 time=234ms TTL=43
Ping statistics for 54.214.234.149: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 185ms, Maximum = 234ms, Average = 197ms
73 vk2akg
on 31 Jul 2013 at 17:54 Blaine Forbort 44net@hamradio.ucsd.edu wrote:
Well, that's very curious indeed. I just pinged my machine, and it responded just fine for me.
On Wed, 2013-07-31 at 17:54 -0700, Blaine Forbort wrote:
Stupid question here, was I correct in assuming that my net44 subnet was routable from the internet?
It is once you have a valid DNS entry associated with your gateway's IP: n1uro@n1uro:~/ham$ host !$ host 44.4.36.1 Host 1.36.4.44.in-addr.arpa. not found: 3(NXDOMAIN)
On Wed, Jul 31, 2013 at 05:54:11PM -0700, Blaine Forbort wrote:
I note that your gateway machine is not responding to pings from the Internet on its commercial address.
Well, that's very curious indeed. I just pinged my machine, and it responded just fine for me.
Yes, and it responded ok for me too as soon as I stopped mistyping its address. Sorry. Stupid typo.
Stupid question here, was I correct in assuming that my net44 subnet was routable from the internet?
Does your ampr host have an A record in the ampr.org DNS? If not it won't be reachable from the internet even if the subnet is correctly routed. There's a filter in amprgw that requires DNS entries for all hosts to be reachable. The entire subnet is NOT reachable as a whole. - Brian
Ah!! I had a feeling I was missing something, but I didn't see that in any of the documentation I was looking at.
My DNS request is still waiting for coordinator approval. I guess I'll be waiting for that until I can finish off this first step of my experiment.
Thanks for the help,
Blaine, K1QV
Sent from my iPhone
On Jul 31, 2013, at 6:10 PM, Brian Kantor Brian@ucsd.edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ On Wed, Jul 31, 2013 at 05:54:11PM -0700, Blaine Forbort wrote:
I note that your gateway machine is not responding to pings from the Internet on its commercial address.
Well, that's very curious indeed. I just pinged my machine, and it responded just fine for me.
Yes, and it responded ok for me too as soon as I stopped mistyping its address. Sorry. Stupid typo.
Stupid question here, was I correct in assuming that my net44 subnet was routable from the internet?
Does your ampr host have an A record in the ampr.org DNS? If not it won't be reachable from the internet even if the subnet is correctly routed. There's a filter in amprgw that requires DNS entries for all hosts to be reachable. The entire subnet is NOT reachable as a whole.
- Brian
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
On Wed, Jul 31, 2013 at 06:16:32PM -0700, Blaine Forbort wrote:
My DNS request is still waiting for coordinator approval. I guess I'll be waiting for that until I can finish off this first step of my experiment.
Does that mean that you submitted it via the portal.ampr.org DNS function? I'm sorry, that function isn't working yet. I've asked for it to be taken off the portal menu until it *is* working as it confuses people.
Your address coordinator should submit a DNS update after he assigned you your subnet and you give him the hostnames.
I can do that for you if needed. - Brian
Yes, I did submit the DNS request via the portal. I wasn't aware that it wasn't currently working.
Would it be possible for you to create a CNAME record for k1qv.ampr.org. to point to ampr.k1qv.com.
If not, I can take an A name at 44.4.36.1
Thanks for the help with all this,
Blaine, K1QV
Sent from my iPhone
On Jul 31, 2013, at 6:25 PM, Brian Kantor Brian@ucsd.edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ On Wed, Jul 31, 2013 at 06:16:32PM -0700, Blaine Forbort wrote:
My DNS request is still waiting for coordinator approval. I guess I'll be waiting for that until I can finish off this first step of my experiment.
Does that mean that you submitted it via the portal.ampr.org DNS function? I'm sorry, that function isn't working yet. I've asked for it to be taken off the portal menu until it *is* working as it confuses people.
Your address coordinator should submit a DNS update after he assigned you your subnet and you give him the hostnames.
I can do that for you if needed.
- Brian
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
On Wed, Jul 31, 2013 at 07:53:39PM -0700, Blaine Forbort wrote:
Would it be possible for you to create a CNAME record for k1qv.ampr.org. to point to ampr.k1qv.com.
If not, I can take an A name at 44.4.36.1
I can do either one, but they have vastly different meanings.
The first, for example, won't get you an A record in the AMPR.ORG zone file, so there won't be a corresponding filter entry and packets from the internet won't be routed to your 44.4.36.1 address.
Let me know what you want to do. - Brian
Well, it's going to make routing even more complicated on my end, but I'll have to take the A name for the filter entry. Then I'll be on to the next step of my great experiment!
Blaine, K1QV
Sent from my iPhone
On Jul 31, 2013, at 7:59 PM, Brian Kantor Brian@ucsd.edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ On Wed, Jul 31, 2013 at 07:53:39PM -0700, Blaine Forbort wrote:
Would it be possible for you to create a CNAME record for k1qv.ampr.org. to point to ampr.k1qv.com.
If not, I can take an A name at 44.4.36.1
I can do either one, but they have vastly different meanings.
The first, for example, won't get you an A record in the AMPR.ORG zone file, so there won't be a corresponding filter entry and packets from the internet won't be routed to your 44.4.36.1 address.
Let me know what you want to do.
- Brian
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
I noticed that on AMPRNet portal DNS settings do not offer setting NS records for domains. Whz is that?
I have full capable host and it can easily deal with DNS zone for domain I choose. Al I need is to be able to set NS record to point to my host.
As it is not is too much hustle. First I have to manually maintain DNS and then, my host assumes that if it hosts domain then it hosts DNS zone too.
Pedja YT9TP
I didn't know that was not working and didn't know has to forward DNS requests to you.
I'll have to go through my requests and update you.
Thanks.
-Neil
On Wed, Jul 31, 2013 at 8:25 PM, Brian Kantor Brian@ucsd.edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ On Wed, Jul 31, 2013 at 06:16:32PM -0700, Blaine Forbort wrote:
My DNS request is still waiting for coordinator approval. I guess I'll be waiting for that until I can finish off this first step of my experiment.
Does that mean that you submitted it via the portal.ampr.org DNS function? I'm sorry, that function isn't working yet. I've asked for it to be taken off the portal menu until it *is* working as it confuses people.
Your address coordinator should submit a DNS update after he assigned you your subnet and you give him the hostnames.
I can do that for you if needed. - Brian _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
-
Blaine Forbort -
Brian Kantor -
Brian Rogers -
Frank VK2AKG -
Neil Johnson -
YT9TP op. Pedja