Any issues of this sort should be emailed to abuse(a)ampr.org <mailto:abuse@ampr.org> and I will get right on it. I have full visibility of all subnet allocations and who is responsible for them. I’ve had several compromised systems reported recently, more in last 6 weeks than in the last 6 months for some reason! 73, Chris - G1FEF

On 1/16/21 1:13 PM, Jann Traschewski via 44Net wrote: Why do they send traffic for 44.137/16 via that? They should have sent the traffic directly to internet, or better get on the IPIP mesh themselves. Why do they send it via FHN? We drop all traffic from the IPIP mesh that does not have a route back to the IPIP mesh. I hope the new network structure will be deployed "soon" so we no longer have to cope with such silly static routings and we can all exchange traffic via a single core network without such "man in the middle" forwardings. Rob

On 1/16/21 3:06 PM, Jann Traschewski via 44Net wrote: There has been a lot of discussion on the 44NGN list (not related to your callsign) and there are some documents on the nexcloud.ampr.org server. I would have assumed you are on that list as well. Certainly a lot better than the current network.  E.g. you will be able have multiple connections between the radio network and the internet tunnel network, and it will be possible to exchange routing information using BGP instead of having the basically static routing over the mesh. So in a situation like this, when both Germany and Croatia would join that network, there would be no need for Croatia to put large static subnet routes over a private VPN, they could use BGP to sent traffic for those subnets that you can reach over radio via Germany, and the rest via another tunnel over internet directly towards the destination gateway. (of course that is already possible today, but apparently it is too difficult or too inconvenient to do that?) Rob

Which is exactly how it is, e.g. whois -h whois.ampr.org 44.190.255.1 Chris. -G1FEF

Rob, That is why I was saying that every subnet should be registered in the portal. Including end-user subnets. This is also why I do not want to use a separate ipam for the Belgian network as my idea is that every subnet should be available in the portal and for every ham to see who own that subnet. Or every region that has it's own ipam should run a whois server which is then referred to by the portal. (like every registry does) But that is a job for another day and that can be thought out in the future. 73 Ruben ON3RVH -----Original Message----- From: 44Net &lt;44net-bounces+on3rvh=on3rvh.be(a)mailman.ampr.org&gt; On Behalf Of Rob PE1CHL via 44Net Sent: Saturday, January 16, 2021 14:32 To: G1FEF via 44Net &lt;44net(a)mailman.ampr.org&gt; Cc: Rob PE1CHL &lt;44net(a)pe1chl.nl&gt; Subject: Re: [44net] 44.170.120.59 I already knew it is "Croatia". I see no way to identify the invidual behind 44.170.120.59: whois -h whois.ampr.org 44.170.120.59 Network:    44.170.0.0/16 Type:       country BGP:        NO Callsign:   AMPRNET Locator:    IO92ab Description:HR Allocated:  2019-07-21 14:32:05 Updated:    2019-07-21 14:32:05 At least they can maintain a reverse DNS. "it can be handled by abuse(a)ampr.org&quot; but that should be reserved for abuse only I think, I initially wasn't handling this as abuse but still I think we should be able to identify traffic to the originating callsign. Rob On 1/16/21 1:25 PM, G1FEF via 44Net wrote: _________________________________________ 44Net mailing list 44Net(a)mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net