24 Mar
2017
24 Mar
'17
9:57 a.m.
I am sorry about my multitude of questions but
sometimes I can read
things a million times and still not understand.
Would I have to use either ampr-ripd
<http://wiki.ampr.org/wiki/Ampr-ripd>, or rip44d
<http://wiki.ampr.org/wiki/Rip44d> on the server to forward the traffic
to my AMPRnet box? Would I have to use either ampr-ripd
<http://wiki.ampr.org/wiki/Ampr-ripd>, or rip44d
<http://wiki.ampr.org/wiki/Rip44d> to tell the server where to send the
AMPRnet traffic cumming from the box.
Rip44 is not for forwarding. It is used to populate the routing table for
the IPIP tunnel system. The forwarding is done by the kernel and is configured
the usual way. I.e. forwarding is to be enabled in the kernel and the proper
interfaces and subnets are added.
You would be setting up the AMPR IPIP tunneling on your brother's computer
(first ask if he agrees with that) and you get a subnet from your coordinator,
e.g. a /28 network, where your brother's computer gets an AMPRnet address
and your own computer gets another address in the same subnet, you set your
brother's computer as the default gateway, and all AMPRnet traffic is forwarded
via your brother's computer that will tunnel it over the IPIP network.
The ampr-ripd running on your brother's computer will receive the AMPRnet RIP
packets and maintain a routing table with about 400 routes, plus it has the
locally attached AMPRnet subnet that was assigned to you. All AMPRnet traffic
is forwarded between the IPIP tunnels and your local subnet.
Or can I use a "simple" tool such as BIRD
Internet Routing Daemon
http://bird.network.cz/ <http://bird.network.cz/> (the first thing that came up
when I searched
for ipip routing deamons).
No. That software only handles standard protocols, and RIP44 isn't one.
(well, it almost is, it is just RIPv2, but the handling of the information by
the routing daemon is different)
An alternative when you do not want to do as much on your brother's computer
and do have a Linux system yourself, is to just forward all IPIP traffic received
by your brother's computer to your computer over the local network, and run
ampr-ripd etc on your own computer.
Rob
24 Mar
24 Mar
11:36 a.m.
New subject: Trouble creating a Gateway into 44net
"An alternative when you do not want to do as much on your brother's
computer
and do have a Linux system yourself, is to just
forward all IPIP
traffic received
by your brother's computer to your computer over the local network,
and run
ampr-ripd etc on your own computer. "
---
This is exactly what I want to do but I have no Idea how to do it. By
"all IPIP traffic" do you mean _only_ the IP Protocol 4 Traffic or do
you mean effectivly all IP traffic (I dont think that would be ok.)? I
ask this because my brothers computer has several websites and a few
other web services (IRC, SSH, FTP, Minecraft) running on it and
everything that I do cannot interfere with them.
11:53 a.m.
New subject: Trouble creating a Gateway into 44net
Further, what would the technical termanology be for " forwarding all
IPIP traffic received
by your brother's computer to your computer over the local network" ??
Thanks, Augustine
On 3/24/2017 7:36 AM, Augustine Tabeling, W8AWT wrote:
> (Please trim inclusions from previous messages)
> _______________________________________________
>
> "An alternative when you do not want to do as much on your brother's
> computer
>> and do have a Linux system yourself, is to just forward all IPIP
>> traffic received
>> by your brother's computer to your computer over the local network,
>> and run
>> ampr-ripd etc on your own computer. "
>> ---
>> This is exactly what I want to do but I have no Idea how to do it. By
>> "all IPIP traffic" do you mean _only_ the IP Protocol 4 Traffic or do
>> you mean effectivly all IP traffic (I dont think that would be ok.)?
>> I ask this because my brothers computer has several websites and a
>> few other web services (IRC, SSH, FTP, Minecraft) running on it and
>> everything that I do cannot interfere with them.
>>
>
>
3:08 p.m.
New subject: Trouble creating a Gateway into 44net
Hello Augustine,
Further, what would the technical termanology be for
" forwarding all
IPIP traffic received
by your brother's computer to your computer over the local network" ??
It would be called "forwarding" or "routing". Anyway, I was thinking
about your problem last night and I have a question and a fifth option:
- WHY is your brother's computer on the DMZ segment? Is there a
specific reason? If his computer is serving standard traffic like
HTTP/HTTPS, DNS, SMTP, whatever, all of those things can be forwarded
via your ISP provided router using a technology called "port
forwarding. At this point, you could put YOUR computer on the DMZ
segment and make things simpler. The only reason I can think of that
your brother would want to keep his machine on the DMZ port is for some
other specific GAMING reason. PC computer games that aren't NAT
friendly are pretty rare these days but they still exist
If you rather keep your brother's computer on the DMZ port, I would
recommend the final option at the end of Rob's email to keep things
simple. A few things are going to be required per the Ubuntu HOWTO at
http://wiki.ampr.org/wiki/Ubuntu_Linux_Gateway_Example :
- You'll ideally want a static IP from your ISP - it's not
absolutely required and if you don't have one, you'll want to setup a
DynamicDNS system on the router from your ISP. Setting that up is
outside the scope of this AMPR list and will be specific to your
particular ISP supported router
As for the actual IPENCAP forwarding on your brother's computer, it's
mostly strait forward. To make your Internet searches more successful
if you have initial questions, do a search for "iptables gre protocol
forwarding". GRE is another IP protocol similar to IPIP but far more
common and thus you'll get more hits. From that search list, you'll
find posts like:
http://www.linuxquestions.org/questions/linux-networking-3/port-forward-gre…
and more to the point
https://lists.debian.org/debian-firewall/2004/04/msg00103.html
In that second URL, you'll want to substitute protocol 47 for protocol 4.
--David
KI6ZHD
7:06 p.m.
New subject: Trouble creating a Gateway into 44net
Greetings Augustine,
On Fri, 24 Mar 2017, David Ranch wrote:
o Are you just trying to reach the worldwide AMRnet?
o Do you have an antenna in the air and radio on 144.93 MHz?
o Do you have an AMPRnet IP address assigned to you from the
44.102.1/24 subnet for Washtenaw county?
--- If so, then why not just set the JNOS default route (44/8) via your
RF port to 44.102.1.1 (Hamgate.Washtenaw.AMPR.org). Then ALL 44
traffic will flow to and from you via the county Hamgate.
--- Otherwise, you have to request an entry be placed in the worldwide
IPENCAP route table and *everyone* you ever wish to communicate
with will *HAVE* to load that new table into their boxes in order
to have a route back to you. For just ONE home station, that kinda
sucks!
You are just a few miles from me, and you should be part of the
Washtenaw subnet. Nope, just checked and you never aquired an IP address
from the Michigan IP Coordinator (assuming w8awt.ampr.org) or you used
something other than your callsign as your Hostname.
--- Jay WB8TKL
Further, what
would the technical termanology be for " forwarding all
IPIP traffic received by your brother's computer to your computer over
the local network" ??
It would be called "forwarding" or "routing". Anyway, I was thinking
about
your problem last night and I have a question and a fifth option:
- WHY is your brother's computer on the DMZ segment? Is there a specific
reason? If his computer is serving standard traffic like HTTP/HTTPS, DNS,
SMTP, whatever, all of those things can be forwarded via your ISP provided
router using a technology called "port forwarding. At this point, you could
put YOUR computer on the DMZ segment and make things simpler. The only
reason I can think of that your brother would want to keep his machine on the
DMZ port is for some other specific GAMING reason. PC computer games that
aren't NAT friendly are pretty rare these days but they still exist
If you rather keep your brother's computer on the DMZ port, I would
recommend the final option at the end of Rob's email to keep things simple.
A few things are going to be required per the Ubuntu HOWTO at
http://wiki.ampr.org/wiki/Ubuntu_Linux_Gateway_Example :
- You'll ideally want a static IP from your ISP - it's not absolutely
required and if you don't have one, you'll want to setup a DynamicDNS system
on the router from your ISP. Setting that up is outside the scope of this
AMPR list and will be specific to your particular ISP supported router
As for the actual IPENCAP forwarding on your brother's computer, it's mostly
strait forward. To make your Internet searches more successful if you have
initial questions, do a search for "iptables gre protocol forwarding". GRE
is another IP protocol similar to IPIP but far more common and thus you'll
get more hits. From that search list, you'll find posts like:
http://www.linuxquestions.org/questions/linux-networking-3/port-forward-gre…
and more to the point
https://lists.debian.org/debian-firewall/2004/04/msg00103.html
In that second URL, you'll want to substitute protocol 47 for protocol 4.
--David
KI6ZHD 
7:47 p.m.
New subject: Trouble creating a Gateway into 44net
On Fri, Mar 24, 2017 at 12:06 PM, Jay Nugent <jjn(a)nuge.com> wrote:
o Are you just trying to reach the worldwide
AMRnet?
o Do you have an antenna in the air and radio on 144.93 MHz?
o Do you have an AMPRnet IP address assigned to you from the
44.102.1/24 subnet for Washtenaw county?
--- If so, then why not just set the JNOS default route (44/8) via your
RF port to 44.102.1.1 (Hamgate.Washtenaw.AMPR.org). Then ALL 44
traffic will flow to and from you via the county Hamgate.
This would have some disappointing side effects. I'm guessing 144.93
MHz supports rather low speed data transfer. If you were to load
http://hamwan.org/, which resolves to 44.24.241.98
and 2604:5000:20:1000:20c:29ff:fe55:1ef0, a static 44/8 route would
force that web traffic over the slow 144.98 MHz RF port.
Instead, a more specific route on the RF port, such as 44.102.1.0/24,
would be a better way to handle it. That would request local resources
via the RF port and other resources (like hamwan.org) via the default
gateway.
Tom KD7LXL
2599
days inactive
2599
days old
5 comments
5 participants
participants (5)
-
Augustine Tabeling, W8AWT -
David Ranch -
Jay Nugent -
Rob Janssen -
Tom Hayward