Cloudflare has announced a new internet-wide DNS resolution service. There's a good writeup on it at
https://blog.cloudflare.com/dns-resolver-1-1-1-1/
This bit of news isn't much advantage to people on the tunneled AMPRNet, but the writeup is nonetheless interesting. - Brian
44.88.0.1 is available as well for a 44-net DNS server, and it's dual stacked. --- Pardon my brevity, I'm on a Samsung Galaxy Note 3. Sent via the axMail-FAX suite.
On April 2, 2018 8:04:05 PM lleachii--- via 44Net 44net@mailman.ampr.org wrote:
Bill,
You are aware, I run one at 44.60.44.3, right?
- Lynwood
KB3VWG
It would be fun if 44.44.44.44 was a server for the 44 net...
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
Le 03/04/2018 à 02:15, Brian a écrit :
44.88.0.1 is available as well for a 44-net DNS server, and it's dual stacked.
Hi,
Is there any information or wiki article about how DNS works in ampr-net ?
We've been operating an island-wide network in Corsica for some years. We are currently using 10.44.x.y internal addressing, and we are now thinking about migrating to AMPR addressing with BGP. We planned to have our own DNS servers attached to our domain name (radioamateur.tk). I was not aware of a hierarchical DNS structure inside AMPR network. Is it possible to know more about it, so that we can add it in our design ?
73 de TK1BI
See: http://wiki.ampr.org/wiki/Ampr.org
For the list of DNS servers, see: http://wiki.ampr.org/wiki/Services
Is there any information or wiki article about how DNS works in ampr-net ?
Hi,
Le 04/04/2018 à 21:44, lleachii@aol.com a écrit :
Not much details there. I see DNS updates are to be done by the coordinators. As they are volunteers, and as they may be very busy, this may not be compatible with a quick update required by a growing network
Our plans were to get a subnet large enough for our island, and to manage the "internal" subnetting locally. We also planned to install our own DNS servers hosted in our 2 data centers (in fact, they are already running, with private addressing; we just have to migrate them to ampr addressing, and move them to the DMZ).
I'm wondering about what would be the best solution : - Use an independant domain name (ie, "radioamateur.tk") - Use a subdomain of ampr.org (ie, "corsica.ampr.org"), with a sub-delegation from the parent "ampr.org" domain In both solutions, we would have immediate access for local updates, on our local DNS servers.
Comments and advices from similar situations are welcome.
73 de TK1BI
On Thu, Apr 05, 2018 at 09:59:20AM +0200, Toussaint OTTAVI wrote:
I'm wondering about what would be the best solution :
- Use an independant domain name (ie, "radioamateur.tk")
- Use a subdomain of ampr.org (ie, "corsica.ampr.org"), with a
sub-delegation from the parent "ampr.org" domain In both solutions, we would have immediate access for local updates, on our local DNS servers.
Comments and advices from similar situations are welcome.
Both of these approaches have been done by different groups.
Several countries have established national sub-domains, and had the forward and reverse lookup delegated to their own DNS servers. I have not heard any complaints about this, so perhaps it is working for them. Eg, se.ampr.org and their 140.44.in-addr.arpa domains are handled by them. Note that the reverse delegation is only done when the block of addresses are directly routed to the Internet backbone (ie., BGP-advertised). Likely you would be doing that.
If, however, you chose to remain in the top level of .ampr.org, as a sub-national coordinator you would likely have access to the master DNS and could make updates at your convenience. Updates to the master DNS database are propagated to the worldwide servers every fifteen minutes, which should be often enough even for a rapidly growing subnet. The master DNS does accept complex hostname entries such as xyz.tk1bi.ampr.org, or even if xyz.tk1bi.tk.ampr.org, if for some strange reason you found the latter preferable. (Remember, callsigns are worldwide unique, so a national subdomain isn't necessary.) - Brian
That is gonna break a lot of stuff because 1.1.1.1 is used a lot as a blackhole address on border routers And also as a dns blackhole ip for unwanted dns domains.. Lots of networks will need remodelling to allow access to this service
Ruben - ON3RVH
On 1 Apr 2018, at 20:46, Brian Kantor Brian@BKantor.net wrote:
Cloudflare has announced a new internet-wide DNS resolution service. There's a good writeup on it at
https://blog.cloudflare.com/dns-resolver-1-1-1-1/
This bit of news isn't much advantage to people on the tunneled AMPRNet, but the writeup is nonetheless interesting.
- Brian
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
It will break stuff that was broken anyway. Anyone who decides to use a valid IP address that’s not RFC1918 for their own internal use deserves what’s coming to them. RFC1918 was specifically to set aside IP address space that is guaranteed not to be globally routable. If 17,891,328 IP addresses set aside for your own personal use isn’t good enough, you’ve engineered a bad network :)
Ian VE7BST
On Apr 1, 2018, at 12:23 PM, Ruben ON3RVH on3rvh@on3rvh.be wrote:
That is gonna break a lot of stuff because 1.1.1.1 is used a lot as a blackhole address on border routers And also as a dns blackhole ip for unwanted dns domains.. Lots of networks will need remodelling to allow access to this service
Ruben - ON3RVH
On 1 Apr 2018, at 20:46, Brian Kantor Brian@BKantor.net wrote:
Cloudflare has announced a new internet-wide DNS resolution service. There's a good writeup on it at
https://blog.cloudflare.com/dns-resolver-1-1-1-1/
This bit of news isn't much advantage to people on the tunneled AMPRNet, but the writeup is nonetheless interesting.
- Brian
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
Filter service subscribers can train this email as spam or not-spam here: http://my.email-as.net/spamham/cgi-bin/learn.pl?messageid=8142CC5435E211E89D...
Very good idea Bill.
--- 73 Δημήτρης - SV1UY 73 de Demetre - SV1UY IP Coordinator for AMPRNet in Greece e-mail: demetre.sv1uy@gmail.com Radio e-mail: sv1uy@winlink.org AMPRnet e-mail: sv1uy@sv1uy.ampr.org PACKET mail: SV1UY@SV1UY.ATH.GRC.EU WEB: http://www.qsl.net/sv1uy
On 1 April 2018 at 20:34, Ian McLaughlin ian@platinum.net wrote:
It will break stuff that was broken anyway. Anyone who decides to use a valid IP address that’s not RFC1918 for their own internal use deserves what’s coming to them. RFC1918 was specifically to set aside IP address space that is guaranteed not to be globally routable. If 17,891,328 IP addresses set aside for your own personal use isn’t good enough, you’ve engineered a bad network :)
Ian VE7BST
On Apr 1, 2018, at 12:23 PM, Ruben ON3RVH on3rvh@on3rvh.be wrote:
That is gonna break a lot of stuff because 1.1.1.1 is used a lot as a
blackhole address on border routers
And also as a dns blackhole ip for unwanted dns domains.. Lots of networks will need remodelling to allow access to this service
Ruben - ON3RVH
On 1 Apr 2018, at 20:46, Brian Kantor Brian@BKantor.net wrote:
Cloudflare has announced a new internet-wide DNS resolution service. There's a good writeup on it at
https://blog.cloudflare.com/dns-resolver-1-1-1-1/
This bit of news isn't much advantage to people on the tunneled AMPRNet, but the writeup is nonetheless interesting.
- Brian
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
Filter service subscribers can train this email as spam or not-spam
here: http://my.email-as.net/spamham/cgi-bin/learn.pl?messageid= 8142CC5435E211E89D828CA193ED0201
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
1.1.1.1 was never a valid address. It’s always been labelled as a research prefix and never publicly routed —
remarks: + Address blocks listed with this contact remarks: + are withheld from general use and are remarks: + only routed briefly for passive testing. remarks: + remarks: + If you are receiving unwanted traffic remarks: + it is almost certainly spoofed source remarks: + or hijacked address usage.
—
Ruben - ON3RVH
On 1 Apr 2018, at 21:36, Ian McLaughlin <ian@platinum.netmailto:ian@platinum.net> wrote:
It will break stuff that was broken anyway. Anyone who decides to use a valid IP address that’s not RFC1918 for their own internal use deserves what’s coming to them. RFC1918 was specifically to set aside IP address space that is guaranteed not to be globally routable. If 17,891,328 IP addresses set aside for your own personal use isn’t good enough, you’ve engineered a bad network :)
Ian VE7BST
On Apr 1, 2018, at 12:23 PM, Ruben ON3RVH <on3rvh@on3rvh.bemailto:on3rvh@on3rvh.be> wrote:
That is gonna break a lot of stuff because 1.1.1.1 is used a lot as a blackhole address on border routers And also as a dns blackhole ip for unwanted dns domains.. Lots of networks will need remodelling to allow access to this service
Ruben - ON3RVH
On 1 Apr 2018, at 20:46, Brian Kantor <Brian@BKantor.netmailto:Brian@BKantor.net> wrote:
Cloudflare has announced a new internet-wide DNS resolution service. There's a good writeup on it at
https://blog.cloudflare.com/dns-resolver-1-1-1-1/
This bit of news isn't much advantage to people on the tunneled AMPRNet, but the writeup is nonetheless interesting. - Brian
_________________________________________ 44Net mailing list 44Net@mailman.ampr.orgmailto:44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
_________________________________________ 44Net mailing list 44Net@mailman.ampr.orgmailto:44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
--- Filter service subscribers can train this email as spam or not-spam here: http://my.email-as.net/spamham/cgi-bin/learn.pl?messageid=8142CC5435E211E89D...
_________________________________________ 44Net mailing list 44Net@mailman.ampr.orgmailto:44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
Tell that to Cisco that uses 1.1.1.1 as part of their default config for the wireless access points.
Sent on the go, from somewhere other than here. -------- Original message --------From: Ian McLaughlin ian@platinum.net Date: 2018-04-01 12:34 (GMT-08:00) To: AMPRNet working group 44net@mailman.ampr.org Subject: Re: [44net] New Global DNS server It will break stuff that was broken anyway. Anyone who decides to use a valid IP address that’s not RFC1918 for their own internal use deserves what’s coming to them. RFC1918 was specifically to set aside IP address space that is guaranteed not to be globally routable. If 17,891,328 IP addresses set aside for your own personal use isn’t good enough, you’ve engineered a bad network :)
Ian VE7BST
On Apr 1, 2018, at 12:23 PM, Ruben ON3RVH on3rvh@on3rvh.be wrote:
That is gonna break a lot of stuff because 1.1.1.1 is used a lot as a blackhole address on border routers And also as a dns blackhole ip for unwanted dns domains.. Lots of networks will need remodelling to allow access to this service
Ruben - ON3RVH
On 1 Apr 2018, at 20:46, Brian Kantor Brian@BKantor.net wrote:
Cloudflare has announced a new internet-wide DNS resolution service. There's a good writeup on it at
https://blog.cloudflare.com/dns-resolver-1-1-1-1/
This bit of news isn't much advantage to people on the tunneled AMPRNet, but the writeup is nonetheless interesting. - Brian
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
Filter service subscribers can train this email as spam or not-spam here: http://my.email-as.net/spamham/cgi-bin/learn.pl?messageid=8142CC5435E211E89D...
_________________________________________ 44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
Yes that is because 1.1.1.1 was never meant to be publicly routed. In fact if it was routed or appeared in the global routing tables it was because someone spoofed/hijacked it or accidentally routed it. Or that the APNIC was performing some passive tests.
Ruben - ON3RVH
On 1 Apr 2018, at 22:44, Darcy Buskermolen darcyb@gmail.com wrote:
Tell that to Cisco that uses 1.1.1.1 as part of their default config for the wireless access points.
Sent on the go, from somewhere other than here. -------- Original message --------From: Ian McLaughlin ian@platinum.net Date: 2018-04-01 12:34 (GMT-08:00) To: AMPRNet working group 44net@mailman.ampr.org Subject: Re: [44net] New Global DNS server It will break stuff that was broken anyway. Anyone who decides to use a valid IP address that’s not RFC1918 for their own internal use deserves what’s coming to them. RFC1918 was specifically to set aside IP address space that is guaranteed not to be globally routable. If 17,891,328 IP addresses set aside for your own personal use isn’t good enough, you’ve engineered a bad network :)
Ian VE7BST
On Apr 1, 2018, at 12:23 PM, Ruben ON3RVH on3rvh@on3rvh.be wrote:
That is gonna break a lot of stuff because 1.1.1.1 is used a lot as a blackhole address on border routers And also as a dns blackhole ip for unwanted dns domains.. Lots of networks will need remodelling to allow access to this service
Ruben - ON3RVH
On 1 Apr 2018, at 20:46, Brian Kantor Brian@BKantor.net wrote:
Cloudflare has announced a new internet-wide DNS resolution service. There's a good writeup on it at
https://blog.cloudflare.com/dns-resolver-1-1-1-1/
This bit of news isn't much advantage to people on the tunneled AMPRNet, but the writeup is nonetheless interesting.
- Brian
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
Filter service subscribers can train this email as spam or not-spam here: http://my.email-as.net/spamham/cgi-bin/learn.pl?messageid=8142CC5435E211E89D...
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
On 1 Apr 2018, at 23:17, Ruben ON3RVH on3rvh@on3rvh.be wrote:
Yes that is because 1.1.1.1 was never meant to be publicly routed. In fact if it was routed or appeared in the global routing tables it was because someone spoofed/hijacked it or accidentally routed it. Or that the APNIC was performing some passive tests.
With the IPv4 address space getting exhausted, APNIC begun publishing routes for the 1.0.0.0/8 network in 2010 ago. It was not an accident, but a test. At the same time, prefixes that had never been allocated and were blacklisted by default in some router operating systems were made available.
http://www.potaroo.net/studies/1slash8/1slash8.html
Borja - EA2EKH
-
Bill Vodall -
Borja Marcos -
Brian -
Brian Kantor -
Darcy Buskermolen -
Demetre - SV1UY -
Ian McLaughlin -
lleachii@aol.com -
Ruben ON3RVH -
Toussaint OTTAVI