18 Apr
2017
18 Apr
'17
5:23 p.m.
Tom and Ruben,
traceroute to 44.165.2.4 (44.165.2.4), 30 hops max, 60
byte packets
1 kb3vwg-001.ampr.org (44.60.44.1) 1.385 ms 1.392 ms 1.593 ms
2 mail.sp2l.ampr.org (44.165.2.2) 154.783 ms 171.077 ms 171.653 ms
3 home.sp2l.ampr.org (44.165.2.4) 171.674 ms 171.668 ms 171.650 ms
I cannot ping, connect or traceroute you either.
When it works from your side and not from ours, are you sure you have a *working*
incoming IPIP protocol forward or DMZ host? It is all too common for stations behind
ISP NAT modem/routers to have IPIP tunnels that work only outbound (and replies), not
for unsolicited inbound traffic, because they only admit IPIP traffic as replies to
their own outging traffic, even when they have set a DMZ host in their router.
(which often only works for protocols like ICMP, TCP and UDP)
Rob
19 Apr
19 Apr
8:45 a.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
All,
Overnight I've observed the following:
- I removed an explicit firewall rule not permitting UDP-based
traceroute. 44/8 and IPENCAP Endpoints should be able to trace my WAN
and AMPR IPs. In addition, your UDP-based traces are accepted before the
TTL <= 7 rule. I will work on ICMP-based tools like MTR (MyTraceRoute).
- I'm receiving routes (my encap.txt is only an hour old as my writing,
it has updated at some point overnight), but no longer get hits on my
firewall for port 520. I believe this may be due to a design change in
ampr-ripd, I previously ran 1.13. Also, the routes don't appear to be
updating in 5 minutes intervals...
- I see a route for - 45.79.175.44 via 71.163.58.1 dev eth0.2 proto 44
onlink
and - amprwan 44.135.124.0/24 45.79.175.44 0 44
I'm almost certain the former rule would send an un encapsulated packet
over my WAN link
root@router:/etc/config# ip route get from 44.60.44.1 to 45.79.175.44
45.79.175.44 from 44.60.44.1 via 71.163.58.1 dev eth0.2 table 44
cache
- I see hits for DNS, and I only allow DNS from AMPRNet, so someone is
able to reach me (I'll review the netflow to determine from whom later).
- I've successfully attempted http://44.60.44.10 from the Public
Internet many times and from multiple IPs.
- I'm very interested if any can reach me and run
http://speedtest.ampr.org from YOUR AMPR IPs (I'm not trying to bog down
Brian's AMPRGW tunnel).
- Lynwood
9:13 a.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
1) - Is this the one on the MIPSBE architecture?
2) - Do you have routes for 44.130.121.0/24, 44.130.122.0/24 and
44.130.124.0/24 via eth0.2?
If the the answer to 1 is yes and to 2 is no, then we have an endianess
problem in ampr-ripd...
(Please trim inclusions from previous messages)
_______________________________________________
All,
Overnight I've observed the following:
- I removed an explicit firewall rule not permitting UDP-based
traceroute. 44/8 and IPENCAP Endpoints should be able to trace my WAN
and AMPR IPs. In addition, your UDP-based traces are accepted before the
TTL <= 7 rule. I will work on ICMP-based tools like MTR (MyTraceRoute).
- I'm receiving routes (my encap.txt is only an hour old as my writing,
it has updated at some point overnight), but no longer get hits on my
firewall for port 520. I believe this may be due to a design change in
ampr-ripd, I previously ran 1.13. Also, the routes don't appear to be
updating in 5 minutes intervals...
- I see a route for - 45.79.175.44 via 71.163.58.1 dev eth0.2 proto 44
onlink
and - amprwan 44.135.124.0/24 45.79.175.44 0 44
I'm almost certain the former rule would send an un encapsulated packet
over my WAN link
root@router:/etc/config# ip route get from 44.60.44.1 to 45.79.175.44
45.79.175.44 from 44.60.44.1 via 71.163.58.1 dev eth0.2 table 44
cache
- I see hits for DNS, and I only allow DNS from AMPRNet, so someone is
able to reach me (I'll review the netflow to determine from whom later).
- I've successfully attempted http://44.60.44.10 from the Public
Internet many times and from multiple IPs.
- I'm very interested if any can reach me and run
http://speedtest.ampr.org from YOUR AMPR IPs (I'm not trying to bog down
Brian's AMPRGW tunnel).
- Lynwood
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
10:30 a.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
Lynwood,
Sorry for mailing here on the list, but AOL does not accept my provider
as mail source.
Could you please try the version below on your MIPBE machine?
Others with big endian machines could also try :-)
http://yo2loj.ro/hamprojects/ampr-ripd-1.16.3.tgz
Marius, YO2LOJ
On 2017-04-19 16:13, marius(a)yo2loj.ro wrote:
1) - Is this the one on the MIPSBE architecture?
2) - Do you have routes for 44.130.121.0/24, 44.130.122.0/24 and
44.130.124.0/24 via eth0.2?
If the the answer to 1 is yes and to 2 is no, then we have an endianess
problem in ampr-ripd...
> (Please trim inclusions from previous messages)
> _______________________________________________
> All,
>
> Overnight I've observed the following:
>
> - I removed an explicit firewall rule not permitting UDP-based
> traceroute. 44/8 and IPENCAP Endpoints should be able to trace my WAN
> and AMPR IPs. In addition, your UDP-based traces are accepted before the
> TTL <= 7 rule. I will work on ICMP-based tools like MTR (MyTraceRoute).
>
> - I'm receiving routes (my encap.txt is only an hour old as my writing,
> it has updated at some point overnight), but no longer get hits on my
> firewall for port 520. I believe this may be due to a design change in
> ampr-ripd, I previously ran 1.13. Also, the routes don't appear to be
> updating in 5 minutes intervals...
>
> - I see a route for - 45.79.175.44 via 71.163.58.1 dev eth0.2 proto 44
> onlink
> and - amprwan 44.135.124.0/24 45.79.175.44 0 44
> I'm almost certain the former rule would send an un encapsulated packet
> over my WAN link
>
> root@router:/etc/config# ip route get from 44.60.44.1 to 45.79.175.44
> 45.79.175.44 from 44.60.44.1 via 71.163.58.1 dev eth0.2 table 44
> cache
>
> - I see hits for DNS, and I only allow DNS from AMPRNet, so someone is
> able to reach me (I'll review the netflow to determine from whom later).
>
> - I've successfully attempted http://44.60.44.10 from the Public
> Internet many times and from multiple IPs.
>
> - I'm very interested if any can reach me and run
> http://speedtest.ampr.org from YOUR AMPR IPs (I'm not trying to bog down
> Brian's AMPRGW tunnel).
>
>
>
> - Lynwood
>
>
>
> _________________________________________
> 44Net mailing list
> 44Net(a)hamradio.ucsd.edu
> http://hamradio.ucsd.edu/mailman/listinfo/44net
>
11:35 a.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
Marius,
1.) Yes, my processor is MIPS32 24kc, and
2.) No, those routes appear on tunl0
root@router:/# ip route get from 44.60.44.1 to 44.130.121.0/24
44.130.121.0 from 44.60.44.1 via 44.130.121.2 dev tunl0 table 44
cache window 840
root@router:/# ip route get from 44.60.44.1 to 44.130.122.0/24
44.130.122.0 from 44.60.44.1 via 44.130.122.2 dev tunl0 table 44
cache window 840
root@router:/# ip route get from 44.60.44.1 to 44.130.124.0/24
44.130.124.0 from 44.60.44.1 via 44.130.124.2 dev tunl0 table 44
cache window 840
I'll compile and try revision 1.16.3 (lol, I just shutdown the compile
server, lucky I didn't erase it).
- Lynwood
12:32 p.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
Marius,
I now receive the following when attempting to compile:
ampr-ripd.c:209:70: warning: deprecated conversion from string constant
to 'char*' [-Wwrite-strings]
static char *usage_string = "\nAMPR RIPv2 daemon " AMPR_RIPD_VERSION "
by Marius, YO2LOJ\n\nUsage: ampr-ripd [-d] [-v] [-s] [-r] [-i
<interface>] [-t <table>] [-a <ip|hostnam
^
ampr-ripd.c:215:15: warning: deprecated conversion from string constant
to 'char*' [-Wwrite-strings]
char *tunif = "tunl0";
^
ampr-ripd.c:221:16: warning: deprecated conversion from string constant
to 'char*' [-Wwrite-strings]
char *passwd = "REMOVED THE PASSWORD HERE-KB3VWG";
^
ampr-ripd.c:227:16: warning: deprecated conversion from string constant
to 'char*' [-Wwrite-strings]
char *fwdest = "224.0.0.9";
^
ampr-ripd.c: In function 'uint32_t route_func(rt_actions, uint32_t,
uint32_t, uint32_t)':
ampr-ripd.c:1020:36: warning: invalid conversion from 'void*' to
'rtattr*' [-fpermissive]
struct rtattr *mxrta = (void *)mxbuf;
^
ampr-ripd.c:1148:10: warning: invalid conversion from 'void*' to
'rtmsg*' [-fpermissive]
rm = NLMSG_DATA(rh);
^
ampr-ripd.c:1171:10: warning: invalid conversion from 'void*' to
'rtmsg*' [-fpermissive]
rm = NLMSG_DATA(rh);
^
ampr-ripd.c: In function 'int create_fwsd()':
ampr-ripd.c:1537:23: error: 'IPPORT_ROUTESERVER' was not declared in
this scope
sin.sin_port = htons(IPPORT_ROUTESERVER);
^
ampr-ripd.c: In function 'void on_alarm(int)':
ampr-ripd.c:1630:27: error: 'IPPORT_ROUTESERVER' was not declared in
this scope
sin.sin_port = htons(IPPORT_ROUTESERVER);
^
ampr-ripd.c: In function 'int main(int, char**)':
ampr-ripd.c:1865:29: error: 'IPPORT_ROUTESERVER' was not declared in
this scope
(udh->dest == htons(IPPORT_ROUTESERVER)) &&
^
- Lynwood
2:54 p.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
Those lines have not changed from the previous version (only 2 lines are
changed).
The warnings are specific for the use of a c++ compiler on a c code. So
the compiler setup is probably incorrect.
On 2017-04-19 19:32, lleachii--- via 44Net wrote:
(Please trim inclusions from previous messages)
_______________________________________________
Marius,
I now receive the following when attempting to compile:
ampr-ripd.c:209:70: warning: deprecated conversion from string
constant to 'char*' [-Wwrite-strings]
static char *usage_string = "\nAMPR RIPv2 daemon " AMPR_RIPD_VERSION
" by Marius, YO2LOJ\n\nUsage: ampr-ripd [-d] [-v] [-s] [-r] [-i
<interface>] [-t <table>] [-a <ip|hostnam
^
ampr-ripd.c:215:15: warning: deprecated conversion from string
constant to 'char*' [-Wwrite-strings]
char *tunif = "tunl0";
^
ampr-ripd.c:221:16: warning: deprecated conversion from string
constant to 'char*' [-Wwrite-strings]
char *passwd = "REMOVED THE PASSWORD HERE-KB3VWG";
^
ampr-ripd.c:227:16: warning: deprecated conversion from string
constant to 'char*' [-Wwrite-strings]
char *fwdest = "224.0.0.9";
^
ampr-ripd.c: In function 'uint32_t route_func(rt_actions, uint32_t,
uint32_t, uint32_t)':
ampr-ripd.c:1020:36: warning: invalid conversion from 'void*' to
'rtattr*' [-fpermissive]
struct rtattr *mxrta = (void *)mxbuf;
^
ampr-ripd.c:1148:10: warning: invalid conversion from 'void*' to
'rtmsg*' [-fpermissive]
rm = NLMSG_DATA(rh);
^
ampr-ripd.c:1171:10: warning: invalid conversion from 'void*' to
'rtmsg*' [-fpermissive]
rm = NLMSG_DATA(rh);
^
ampr-ripd.c: In function 'int create_fwsd()':
ampr-ripd.c:1537:23: error: 'IPPORT_ROUTESERVER' was not declared in
this scope
sin.sin_port = htons(IPPORT_ROUTESERVER);
^
ampr-ripd.c: In function 'void on_alarm(int)':
ampr-ripd.c:1630:27: error: 'IPPORT_ROUTESERVER' was not declared in
this scope
sin.sin_port = htons(IPPORT_ROUTESERVER);
^
ampr-ripd.c: In function 'int main(int, char**)':
ampr-ripd.c:1865:29: error: 'IPPORT_ROUTESERVER' was not declared in
this scope
(udh->dest == htons(IPPORT_ROUTESERVER)) &&
^
- Lynwood
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
4:52 p.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
Marius,
As I noted, I could only get version 1.16.2 of your program to compile
with g++. I noted the issues previously and was told that complier is
setup incorrectly. I have verified the compiler is setup correctly and I
have compiled other programs, including ampr-ripd v 1.16.2.
Here's the response when using gcc:
GNU C11 (LEDE GCC 5.4.0 r3101-bce140e) version 5.4.0
(mips-openwrt-linux-musl)
compiled by GNU C version 4.9.2, GMP version 6.1.2, MPFR version
3.1.5, MPC version 1.0.3
GGC heuristics: --param ggc-min-expand=97 --param ggc-min-heapsize=127015
Compiler executable checksum: 0eed14c713c4c6b5c1bb74495a11e5c7
ampr-ripd.c: In function 'create_fwsd':
ampr-ripd.c:1537:23: error: 'IPPORT_ROUTESERVER' undeclared (first use
in this function)
sin.sin_port = htons(IPPORT_ROUTESERVER);
^
ampr-ripd.c:1537:23: note: each undeclared identifier is reported only
once for each function it appears in
ampr-ripd.c: In function 'on_alarm':
ampr-ripd.c:1630:27: error: 'IPPORT_ROUTESERVER' undeclared (first use
in this function)
sin.sin_port = htons(IPPORT_ROUTESERVER);
^
ampr-ripd.c: In function 'main':
ampr-ripd.c:1865:13: error: 'struct udphdr' has no member named 'dest'
(udh->dest == htons(IPPORT_ROUTESERVER)) &&
^
ampr-ripd.c:1865:29: error: 'IPPORT_ROUTESERVER' undeclared (first use
in this function)
(udh->dest == htons(IPPORT_ROUTESERVER)) &&
^
ampr-ripd.c:1866:13: error: 'struct udphdr' has no member named 'source'
(udh->source == htons(IPPORT_ROUTESERVER)))
^
The snipped portion shows that it is finding the headers and libraries.
- Lynwood
5:33 p.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
Marius,
Again I had success using the following command:
mips-openwrt-linux-musl-g++ ampr-ripd.c -v -fpermissive -Wwrite-strings
I'm now running ampr-ripd 1.16.3.
Thanks,
- Lynwood
5:42 p.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
Ok. Do you get direct routes via WAN for 44.130.121.2, 44.130.122.2 and
44.130.124.2 (eth0.2 if i am not mistaken) ?
On 2017-04-20 00:33, lleachii--- via 44Net wrote:
(Please trim inclusions from previous messages)
_______________________________________________
Marius,
Again I had success using the following command:
mips-openwrt-linux-musl-g++ ampr-ripd.c -v -fpermissive -Wwrite-strings
I'm now running ampr-ripd 1.16.3.
Thanks,
- Lynwood
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
5:57 p.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
Yes; but as I noted in my off-thread email, they appear on table 44.
That would cause my router to sent encapsulated IPENCAP packet to my
carrier's (Verizon's) gateway...
With a source IP of 44.60.44.1...unless I'm mistaken. This won't work.
- Lynwood
5:59 p.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
I would expect that you have a outgoing NAT rule towards your provider.
So they will be sent with your public IP.
On 2017-04-20 00:57, lleachii--- via 44Net wrote:
(Please trim inclusions from previous messages)
_______________________________________________
Yes; but as I noted in my off-thread email, they appear on table 44.
That would cause my router to sent encapsulated IPENCAP packet to my
carrier's (Verizon's) gateway...
With a source IP of 44.60.44.1...unless I'm mistaken. This won't work.
- Lynwood
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
6:04 p.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
Thank Marius,
I'm certain I'd have to configure a masquerade rule from my 44 subnet -
to my carrier's interface. I'll have to test and verify.
- Lynwood
On 04/19/2017 05:59 PM, marius at yo2loj.ro wrote:
I would expect that you have a outgoing NAT rule
towards your provider.
So they will be sent with your public IP.
7:23 p.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
All,
Thanks for testing.
To be clear, I wanted to note that DNS SHOULD be answering requests FROM
both AMPR and the Global Internet (at dstIP 44.60.44.3 dns-mdc.ampr.org)
for the following domains:
AMPR.ORG.
44.IN-ADDR.ARPA.
You should get an NXDOMAIN response from the Global Internet for all
other inquires.
From Global Internet TO my node:
ONLY HTTP: 44.60.44.10
DNS (for domains noted above ONLY)
From AMPRNet to my node:
NTP: 44.60.44.1
DNS: 44.60.44.3 (recursive - you may configure your clients for this DNS
server)
HTTP: 44.60.44.10
URLs Available for 44.60.44.10:
http://44.60.44.10/
http://speedtest.ampr.org
http://whatismyip.ampr.org
http://kb3vwg-010.ampr.org
No other services are available at this time. Let me know, so I can
begin documenting all changes, post ampr-ripd binary for MIPS, etc.
- Lynwood
KB3VWG
20 Apr
20 Apr
9:48 p.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
All,
I've worked on my updated router:
Please test:
On AMPRNet
- DNS: 44.60.44.1 and 44.60.4.3 (full recursive)
- NTP: 44.60.44.1
- HTTP: 44.60.44.10 (directory amprnet_docs appears and you do not need
a password for APRS passcode reset webapp)
On Global Internet
- HTTP: 44.60.44.10
- DNS: 44.60.44.3 dns-mdc.ampr.prg (AMPR.ORG. and 44.IN-ADDR.ARPA. only)
Testing:
- Normal PING ONLY
-- From 44.0.0.0/8
-- From Gateways registered in the Portal
URLs Available for 44.60.44.10:
http://44.60.44.10/
http://speedtest.ampr.org
http://whatismyip.ampr.org
http://kb3vwg-010.ampr.org
73,
- Lynwood
KB3VWG
19 Apr
19 Apr
5:58 p.m.
New subject: OpenWRT 15.05 upgrade to LEDE 17.01.1
These routes are ok.
These are BGP announced endpoints which provide access to the subnets
and need to go directly to the internet.
So the it is correct and as expected.
root@router:/etc/config# ip route get from 44.60.44.1 to 44.130.121.2
44.130.121.2 from 44.60.44.1 via 71.163.58.1 dev eth0.2 table 44
cache
root@router:/etc/config# ip route get from 44.60.44.1 to 44.130.122.2
44.130.122.2 from 44.60.44.1 via 71.163.58.1 dev eth0.2 table 44
cache
root@router:/etc/config# ip route get from 44.60.44.1 to 44.130.124.2
44.130.124.2 from 44.60.44.1 via 71.163.58.1 dev eth0.2 table 44
cache
2584
days inactive
2587
days old
15 comments
4 participants
participants (4)
-
lleachii@aol.com -
Marius Petrescu -
marius@yo2loj.ro
-
Rob Janssen