30 Dec
2019
30 Dec
'19
5:36 p.m.
Hi. As you all know, Brian Kantor WB6CYT passed away suddenly last
month. Brian did so much for AMPRNet from the very beginning that he'll
be impossible to fully replace. We're trying but it's hard, especially
since he was a close personal friend.
Chris Smith, G1FEF (chris(a)g1fef.co.uk) has kindly volunteered to take
over Brian's portal work and to handle portal and BGP allocation
requests. Please direct queries to him.
73, Phil Karn, KA9Q
President, ARDC
12 Jan
12 Jan
7:29 p.m.
Will Chris be named as a POC in ARIN to be able to provide LOA to
upstreams for BGP announcement?
On Mon, Dec 30, 2019 at 12:39 PM Phil Karn via 44Net
<44net(a)mailman.ampr.org> wrote:
Hi. As you all know, Brian Kantor WB6CYT passed away suddenly last
month. Brian did so much for AMPRNet from the very beginning that he'll
be impossible to fully replace. We're trying but it's hard, especially
since he was a close personal friend.
Chris Smith, G1FEF (chris(a)g1fef.co.uk) has kindly volunteered to take
over Brian's portal work and to handle portal and BGP allocation
requests. Please direct queries to him.
73, Phil Karn, KA9Q
President, ARDC
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
20 Feb
20 Feb
5:18 a.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Hi all,
Sorry to bother you with a rant, but I'm feeling an urge to ask that
what's happening on the AMPR/ARDC.
## Background
A few weeks ago I have received a harsh email from Chris G1FEF accusing
me for announcing a prefix was assigned to me. In that case, the claimed
reason is that the prefix wasn't listed on the AMPR portal.
I tried to clear things up by sending him the LOA from WB6CYT, which he
claims that is NOT legitimate, also denied possibility there could a bug
in the portal caused this. I have also complied with his demands on even
more information including all conversations between me and Brian
regarding that the assignment. Eventually he continued to ask for even
more personal information without justification, threatening that not
complying may cause "close of account".
## Questions
1. Has all previous assignment by WB6CYT been overruled? Or am I singled
out?
2. What are the current rules on allocation now? A snapshot of the
latest version of ToS is at:
https://web.archive.org/web/20190731094938/https://www.ampr.org/terms-of-se…
It does not requires personal information beyond ASN addresses.
3. What is G1FEF's role in the allocation, which are the rights that
ARDC holds has been delegated to this guy along.
4. The holding-the-ID-in-a-photo-of-you practice is pretty common when
dealing with financial institutions and websites frequently deals with
fraudsters. Since LIR, RIR, and BGP upstream also requires and validates
these ID, Why this is necessary to do it again?
5. Is Chris Smith, G1FEF capable of handling sensitive personal data?
He's handling data as natural person, or an legal entity that ARDC
approves?
6. If there's another change, do anyone with a allocation has to go
through the same process again?
I see that we already have a problem with transparency, now we got
bureaucracy? Also it's not my problem that the assignment wasn't added
to the portal.
Best Regards,
Quan
On 12/31/19 1:36 AM, Phil Karn via 44Net wrote:
Hi. As you all know, Brian Kantor WB6CYT passed away
suddenly last
month. Brian did so much for AMPRNet from the very beginning that he'll
be impossible to fully replace. We're trying but it's hard, especially
since he was a close personal friend.
Chris Smith, G1FEF (chris(a)g1fef.co.uk) has kindly volunteered to take
over Brian's portal work and to handle portal and BGP allocation
requests. Please direct queries to him.
73, Phil Karn, KA9Q
President, ARDC
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
7:37 a.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Hi Quan,
Chris is indeed the person responsible for the BGP allocations after Brian's passing
as was mailed by Phil Karn on Dec 30 2019.
--
Chris Smith, G1FEF (chris(a)g1fef.co.uk) has kindly
volunteered to take
over Brian's portal work and to handle portal and BGP allocation
requests. Please direct queries to him.
--
However, the allocation should always be in the portal and approved by your countries
coordinator. Afaik an allocation that is not in the portal is technically not valid.
I won't speak about the personal details which may or may not need to be shared. That
is a discussion to be held with the responsibles from AMPR
73
Ruben ON3RVH
-----Original Message-----
From: 44Net <44net-bounces+on3rvh=on3rvh.be(a)mailman.ampr.org> On Behalf Of Quan Zhou
via 44Net
Sent: Thursday, February 20, 2020 06:19
To: 44net(a)mailman.ampr.org
Cc: Quan Zhou <quan(a)posteo.net>
Subject: [44net] A few more questions Re: BGP portal management after WB6CYT's
passing
Hi all,
Sorry to bother you with a rant, but I'm feeling an urge to ask that what's
happening on the AMPR/ARDC.
## Background
A few weeks ago I have received a harsh email from Chris G1FEF accusing me for announcing
a prefix was assigned to me. In that case, the claimed reason is that the prefix
wasn't listed on the AMPR portal.
I tried to clear things up by sending him the LOA from WB6CYT, which he claims that is NOT
legitimate, also denied possibility there could a bug in the portal caused this. I have
also complied with his demands on even more information including all conversations
between me and Brian regarding that the assignment. Eventually he continued to ask for
even more personal information without justification, threatening that not complying may
cause "close of account".
## Questions
1. Has all previous assignment by WB6CYT been overruled? Or am I singled out?
2. What are the current rules on allocation now? A snapshot of the latest version of ToS
is at:
https://web.archive.org/web/20190731094938/https://www.ampr.org/terms-of-se…
It does not requires personal information beyond ASN addresses.
3. What is G1FEF's role in the allocation, which are the rights that ARDC holds has
been delegated to this guy along.
4. The holding-the-ID-in-a-photo-of-you practice is pretty common when dealing with
financial institutions and websites frequently deals with fraudsters. Since LIR, RIR, and
BGP upstream also requires and validates these ID, Why this is necessary to do it again?
5. Is Chris Smith, G1FEF capable of handling sensitive personal data?
He's handling data as natural person, or an legal entity that ARDC approves?
6. If there's another change, do anyone with a allocation has to go through the same
process again?
I see that we already have a problem with transparency, now we got bureaucracy? Also
it's not my problem that the assignment wasn't added to the portal.
Best Regards,
Quan
On 12/31/19 1:36 AM, Phil Karn via 44Net wrote:
> Hi. As you all know, Brian Kantor WB6CYT passed away suddenly last
> month. Brian did so much for AMPRNet from the very beginning that
> he'll be impossible to fully replace. We're trying but it's hard,
> especially since he was a close personal friend.
>
Chris Smith, G1FEF (chris(a)g1fef.co.uk) has kindly
volunteered to take
over Brian's portal work and to handle portal and BGP allocation
requests. Please direct queries to him.
>
> 73, Phil Karn, KA9Q
>
> President, ARDC
>
>
>
>
> _________________________________________
> 44Net mailing list
> 44Net(a)mailman.ampr.org
> https://mailman.ampr.org/mailman/listinfo/44net
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
8:56 a.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Hi all,
Le 20/02/2020 à 08:37, Ruben ON3RVH via 44Net a écrit :
However, the allocation should always be in the portal
and approved by your countries coordinator. Afaik an allocation that is not in the portal
is technically not valid.
I also have a subnet that is not in the portal... Here are the details :
As we are an island, we developed a specific network topology, which
uses two central gateways in data centers, and what we call "TKBoxes"
(formally, OpenWRT/OpenVPN boxes which establish communications with the
two data centers in a Plug-and-play manner over any Internet provider).
Our initial routing scheme was using private addressing (10.44.0.0/16)
and we are gradually migrating to AMPRNet / HamNet addressing.
My current subnets are :
- 44.190.11.0/24 : Declared in the portal, currently announced via BGP
on Internet, and hosting production services facing public Internet
(WEB, XLX, VoIP, etc...)
- 44.168.80.0/23 : Allocated directly with the 44.168.0.0/16 French
coordinator, but *not* declared in the portal yet. It's currently in use
(80% of our old 10.44.0.0 net has been migrated to it). But it's
currently not routed outside of the island. It's still unclear if I
should route it via eBGP over Internet (and probably having trouble with
the rest of the European HamNet), if I should route it only with HamNet
schemes (IP-IP tunnels and iBGP with EU neighbors), or both. After
several discussions here and in private mail with the involved people, I
think the best solution would be to follow DG8NGN's advice, and keep
separate routing schemes :
- 44.190.11.0/24 is an Internet subnet and should be routed on
Internet via BGP
- 44.168.80.0/23 is a Hamnet subnet, with absolutely no need to be
routed on public Internet, and should be routed only with Hamnet techniques
Anyway, as everybody knows ;-) this is done only on our free time. No
formal decision has been taken yet about the routing technique to be
used for 44.168.80.0/23, and no routing of that subnet exists for now
outside of our island. It's in the TODO list, but not done yet ;-)
Then, I agree with you : in an ideal world, all subnets should be
registered in the portal. Anyway, I don't think removing all what is not
in the portal (yet) without any discussion would be a brilliant idea...
73 de TK1BI
4:42 p.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Hello Quan,
I can give you my perspective as an AMPR coordinator on how BGP
allocations usually get processed. When I receive a request from a user
requesting a BGP prefix, I ask a bunch of questions to ensure the person
understands the minimum requirements. My questions include:
- Your callsign (is it valid with your government's amateur radio
licensing body)
- Your current home address (to know if you're in my AMPR
coordination territory or not). The use of PO boxes or otherwise
greatly complicate this Q&A discussion
- I have never requested nor am I aware of Brian Kantor previously
requesting copies of a person's photo-id to prove identity. This does
NOT mean it's never been requested in the past
- Would your use of address space be for primarily Internet-only
focus traffic or RF-servicing traffic?
- Your intended purpose for the address space (to ensure it meets
the guidelines of AMPR's charter)
- Your Justification for any requests larger than a /24 as our
address space isn't unlimited
- Your allocated ARIN ASN number ( associated to your name or to a
company you directly control)
Once I receive appropriate answers for all of the items above, I would
either approve the AMPR subnet in the AMPR Portal or if more
Internet-only facing traffic, have the user to close out the current
AMPR request and create a new request in the 44.190/16 prefix managed by
Jan DG8NGN for an allocation. At that point, Brian Kantor would then
review the allocation with all the above Q&A answers. If Brian was
satisfied with the details, he would begin the LOA process and
ultimately send you an official approval email. At that point, some
hosting ISPs would then send Brian Kantor a "consent letter" request
that he would need to respond to. This response sometimes would require
that it be from the ARDC on ARDC letterhead with Brian's hand
signature. With all the paperwork completed, you or your hosting
provided would then be able to start announcing your allocated prefix.
I know this process can be invasive but you would be surprised how many
bogus requests I've received over the years. I have to assume this is
because of the scarcity of IPv4 addresses and/or people trying to do bad
things over the Internet hoping that AMPR address space would shield
them somehow. I would assume that if you followed a similar process for
your BGP prefixes and can provide all the previous email exchanges with
you, your local AMPR coordinator and Brian Kantor and most importantly
his approval email, I would assume that Chris G1FEF would accept all
that as a valid allocation.
Beyond that, you can consider taking this discussion up with the ARDC board:
https://www.ampr.org/about/who-we-are/
--
President/CEO:
Phil Karn — KA9Q
Treasurer:
Bdale Garbee — KB0G
John Gilmore — W0GNU
K. C. Claffy — KC6KCC
Technical Advisory Committee
John Hays — K7VE
Heikki Hannikainen — OH7LZB
Tim Osburn — W7RSZ
Tim Pozar — KC6GNJ
Hope this helps.
--David
KI6ZHD
Silicon Valley 44.4.x.x/16 AMPR Coordinator
On 02/19/2020 09:18 PM, Quan Zhou via 44Net wrote:
Hi all,
Sorry to bother you with a rant, but I'm feeling an urge to ask that
what's happening on the AMPR/ARDC.
## Background
A few weeks ago I have received a harsh email from Chris G1FEF
accusing me for announcing a prefix was assigned to me. In that case,
the claimed reason is that the prefix wasn't listed on the AMPR portal.
I tried to clear things up by sending him the LOA from WB6CYT, which
he claims that is NOT legitimate, also denied possibility there could
a bug in the portal caused this. I have also complied with his demands
on even more information including all conversations between me and
Brian regarding that the assignment. Eventually he continued to ask
for even more personal information without justification, threatening
that not complying may cause "close of account".
## Questions
1. Has all previous assignment by WB6CYT been overruled? Or am I
singled out?
2. What are the current rules on allocation now? A snapshot of the
latest version of ToS is at:
https://web.archive.org/web/20190731094938/https://www.ampr.org/terms-of-se…
It does not requires personal information beyond ASN addresses.
3. What is G1FEF's role in the allocation, which are the rights that
ARDC holds has been delegated to this guy along.
4. The holding-the-ID-in-a-photo-of-you practice is pretty common when
dealing with financial institutions and websites frequently deals with
fraudsters. Since LIR, RIR, and BGP upstream also requires and
validates these ID, Why this is necessary to do it again?
5. Is Chris Smith, G1FEF capable of handling sensitive personal data?
He's handling data as natural person, or an legal entity that ARDC
approves?
6. If there's another change, do anyone with a allocation has to go
through the same process again?
I see that we already have a problem with transparency, now we got
bureaucracy? Also it's not my problem that the assignment wasn't added
to the portal.
Best Regards,
Quan
On 12/31/19 1:36 AM, Phil Karn via 44Net wrote:
Hi. As you all know, Brian Kantor WB6CYT passed
away suddenly last
month. Brian did so much for AMPRNet from the very beginning that he'll
be impossible to fully replace. We're trying but it's hard, especially
since he was a close personal friend.
Chris Smith, G1FEF (chris(a)g1fef.co.uk) has kindly volunteered to take
over Brian's portal work and to handle portal and BGP allocation
requests. Please direct queries to him.
73, Phil Karn, KA9Q
President, ARDC
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net 
5:24 p.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Quan brings up a very good point. If AMPR is requiring and retaining photo
identification and home address on the ham radio licence is the intention
to be in compliance with Personal Data Privacy Laws for every country in
the world? Note that as an example Russia does not allow this sort of PII
(Personally Identifiable Information) to be stored any place besides inside
the boarders of Russia. In the professional opinion of my wife W4FHL who
is an SPHR (Senior Professional of HR think CPA of HR) who is a director of
HR for a global shipping company this is a very, risk to AMPR.
Basically AMPR would need to retain a lawyer and hire a copanice manage
ensures personal data is protected properly for every country.
AMPR should require only a copy of the licence with the home address
blacked out. Anything else is a violation of PII (personal identifiable
Information) regulations in almost any country in the world. Our
suggestion is conduct an electronic shred what of what AMPR has currently
and remove this requirement ASAP. As AMPR has significant funds on hand
this make a very large target for both regulatory agencies as well as
persons if their data is breached.
Lin and Adrienne Holcomb
NI4Y and W4FHL
On Thu, Feb 20, 2020 at 11:42 AM David Ranch via 44Net <
44net(a)mailman.ampr.org> wrote:
Hello Quan,
I can give you my perspective as an AMPR coordinator on how BGP
allocations usually get processed. When I receive a request from a user
requesting a BGP prefix, I ask a bunch of questions to ensure the person
understands the minimum requirements. My questions include:
- Your callsign (is it valid with your government's amateur radio
licensing body)
- Your current home address (to know if you're in my AMPR
coordination territory or not). The use of PO boxes or otherwise
greatly complicate this Q&A discussion
- I have never requested nor am I aware of Brian Kantor previously
requesting copies of a person's photo-id to prove identity. This does
NOT mean it's never been requested in the past
- Would your use of address space be for primarily Internet-only
focus traffic or RF-servicing traffic?
- Your intended purpose for the address space (to ensure it meets
the guidelines of AMPR's charter)
- Your Justification for any requests larger than a /24 as our
address space isn't unlimited
- Your allocated ARIN ASN number ( associated to your name or to a
company you directly control)
Once I receive appropriate answers for all of the items above, I would
either approve the AMPR subnet in the AMPR Portal or if more
Internet-only facing traffic, have the user to close out the current
AMPR request and create a new request in the 44.190/16 prefix managed by
Jan DG8NGN for an allocation. At that point, Brian Kantor would then
review the allocation with all the above Q&A answers. If Brian was
satisfied with the details, he would begin the LOA process and
ultimately send you an official approval email. At that point, some
hosting ISPs would then send Brian Kantor a "consent letter" request
that he would need to respond to. This response sometimes would require
that it be from the ARDC on ARDC letterhead with Brian's hand
signature. With all the paperwork completed, you or your hosting
provided would then be able to start announcing your allocated prefix.
I know this process can be invasive but you would be surprised how many
bogus requests I've received over the years. I have to assume this is
because of the scarcity of IPv4 addresses and/or people trying to do bad
things over the Internet hoping that AMPR address space would shield
them somehow. I would assume that if you followed a similar process for
your BGP prefixes and can provide all the previous email exchanges with
you, your local AMPR coordinator and Brian Kantor and most importantly
his approval email, I would assume that Chris G1FEF would accept all
that as a valid allocation.
Beyond that, you can consider taking this discussion up with the ARDC
board:
https://www.ampr.org/about/who-we-are/
--
President/CEO:
Phil Karn — KA9Q
Treasurer:
Bdale Garbee — KB0G
John Gilmore — W0GNU
K. C. Claffy — KC6KCC
Technical Advisory Committee
John Hays — K7VE
Heikki Hannikainen — OH7LZB
Tim Osburn — W7RSZ
Tim Pozar — KC6GNJ
Hope this helps.
--David
KI6ZHD
Silicon Valley 44.4.x.x/16 AMPR Coordinator
On 02/19/2020 09:18 PM, Quan Zhou via 44Net wrote:
--
Lin Holcomb
Office: +1 404 806 5412
Mobile: +1 404 933 1595
Fax: +1 404 348 4250
Hi all,
Sorry to bother you with a rant, but I'm feeling an urge to ask that
what's happening on the AMPR/ARDC.
## Background
A few weeks ago I have received a harsh email from Chris G1FEF
accusing me for announcing a prefix was assigned to me. In that case,
the claimed reason is that the prefix wasn't listed on the AMPR portal.
I tried to clear things up by sending him the LOA from WB6CYT, which
he claims that is NOT legitimate, also denied possibility there could
a bug in the portal caused this. I have also complied with his demands
on even more information including all conversations between me and
Brian regarding that the assignment. Eventually he continued to ask
for even more personal information without justification, threatening
that not complying may cause "close of account".
## Questions
1. Has all previous assignment by WB6CYT been overruled? Or am I
singled out?
2. What are the current rules on allocation now? A snapshot of the
latest version of ToS is at:
https://web.archive.org/web/20190731094938/https://www.ampr.org/terms-of-se…
It does not requires personal information beyond ASN addresses.
3. What is G1FEF's role in the allocation, which are the rights that
ARDC holds has been delegated to this guy along.
4. The holding-the-ID-in-a-photo-of-you practice is pretty common when
dealing with financial institutions and websites frequently deals with
fraudsters. Since LIR, RIR, and BGP upstream also requires and
validates these ID, Why this is necessary to do it again?
5. Is Chris Smith, G1FEF capable of handling sensitive personal data?
He's handling data as natural person, or an legal entity that ARDC
approves?
6. If there's another change, do anyone with a allocation has to go
through the same process again?
I see that we already have a problem with transparency, now we got
bureaucracy? Also it's not my problem that the assignment wasn't added
to the portal.
Best Regards,
Quan
On 12/31/19 1:36 AM, Phil Karn via 44Net wrote:
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
Hi. As you all know, Brian Kantor WB6CYT passed
away suddenly last
month. Brian did so much for AMPRNet from the very beginning that he'll
be impossible to fully replace. We're trying but it's hard, especially
since he was a close personal friend.
Chris Smith, G1FEF (chris(a)g1fef.co.uk) has kindly volunteered to take
over Brian's portal work and to handle portal and BGP allocation
requests. Please direct queries to him.
73, Phil Karn, KA9Q
President, ARDC
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net 
5:36 p.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Wouldn’t a simple option be to use something like WorldLog
And have the identification code that is mailed to you be used
As proof of identity.
Adam KC7GDY
On Feb 20, 2020, at 10:24 AM, Lin Holcomb via 44Net
<44net(a)mailman.ampr.org> wrote:
Quan brings up a very good point. If AMPR is requiring and retaining photo
identification and home address on the ham radio licence is the intention
to be in compliance with Personal Data Privacy Laws for every country in
the world? Note that as an example Russia does not allow this sort of PII
(Personally Identifiable Information) to be stored any place besides inside
the boarders of Russia. In the professional opinion of my wife W4FHL who
is an SPHR (Senior Professional of HR think CPA of HR) who is a director of
HR for a global shipping company this is a very, risk to AMPR.
Basically AMPR would need to retain a lawyer and hire a copanice manage
ensures personal data is protected properly for every country.
AMPR should require only a copy of the licence with the home address
blacked out. Anything else is a violation of PII (personal identifiable
Information) regulations in almost any country in the world. Our
suggestion is conduct an electronic shred what of what AMPR has currently
and remove this requirement ASAP. As AMPR has significant funds on hand
this make a very large target for both regulatory agencies as well as
persons if their data is breached.
Lin and Adrienne Holcomb
NI4Y and W4FHL
On Thu, Feb 20, 2020 at 11:42 AM David Ranch via 44Net <
44net(a)mailman.ampr.org> wrote:
Hello Quan,
I can give you my perspective as an AMPR coordinator on how BGP
allocations usually get processed. When I receive a request from a user
requesting a BGP prefix, I ask a bunch of questions to ensure the person
understands the minimum requirements. My questions include:
- Your callsign (is it valid with your government's amateur radio
licensing body)
- Your current home address (to know if you're in my AMPR
coordination territory or not). The use of PO boxes or otherwise
greatly complicate this Q&A discussion
- I have never requested nor am I aware of Brian Kantor previously
requesting copies of a person's photo-id to prove identity. This does
NOT mean it's never been requested in the past
- Would your use of address space be for primarily Internet-only
focus traffic or RF-servicing traffic?
- Your intended purpose for the address space (to ensure it meets
the guidelines of AMPR's charter)
- Your Justification for any requests larger than a /24 as our
address space isn't unlimited
- Your allocated ARIN ASN number ( associated to your name or to a
company you directly control)
Once I receive appropriate answers for all of the items above, I would
either approve the AMPR subnet in the AMPR Portal or if more
Internet-only facing traffic, have the user to close out the current
AMPR request and create a new request in the 44.190/16 prefix managed by
Jan DG8NGN for an allocation. At that point, Brian Kantor would then
review the allocation with all the above Q&A answers. If Brian was
satisfied with the details, he would begin the LOA process and
ultimately send you an official approval email. At that point, some
hosting ISPs would then send Brian Kantor a "consent letter" request
that he would need to respond to. This response sometimes would require
that it be from the ARDC on ARDC letterhead with Brian's hand
signature. With all the paperwork completed, you or your hosting
provided would then be able to start announcing your allocated prefix.
I know this process can be invasive but you would be surprised how many
bogus requests I've received over the years. I have to assume this is
because of the scarcity of IPv4 addresses and/or people trying to do bad
things over the Internet hoping that AMPR address space would shield
them somehow. I would assume that if you followed a similar process for
your BGP prefixes and can provide all the previous email exchanges with
you, your local AMPR coordinator and Brian Kantor and most importantly
his approval email, I would assume that Chris G1FEF would accept all
that as a valid allocation.
Beyond that, you can consider taking this discussion up with the ARDC
board:
https://www.ampr.org/about/who-we-are/
--
President/CEO:
Phil Karn — KA9Q
Treasurer:
Bdale Garbee — KB0G
John Gilmore — W0GNU
K. C. Claffy — KC6KCC
Technical Advisory Committee
John Hays — K7VE
Heikki Hannikainen — OH7LZB
Tim Osburn — W7RSZ
Tim Pozar — KC6GNJ
Hope this helps.
--David
KI6ZHD
Silicon Valley 44.4.x.x/16 AMPR Coordinator
On 02/19/2020 09:18 PM, Quan Zhou via 44Net wrote:
--
Lin Holcomb
Office: +1 404 806 5412
Mobile: +1 404 933 1595
Fax: +1 404 348 4250
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net Hi all,
Sorry to bother you with a rant, but I'm feeling an urge to ask that
what's happening on the AMPR/ARDC.
## Background
A few weeks ago I have received a harsh email from Chris G1FEF
accusing me for announcing a prefix was assigned to me. In that case,
the claimed reason is that the prefix wasn't listed on the AMPR portal.
I tried to clear things up by sending him the LOA from WB6CYT, which
he claims that is NOT legitimate, also denied possibility there could
a bug in the portal caused this. I have also complied with his demands
on even more information including all conversations between me and
Brian regarding that the assignment. Eventually he continued to ask
for even more personal information without justification, threatening
that not complying may cause "close of account".
## Questions
1. Has all previous assignment by WB6CYT been overruled? Or am I
singled out?
2. What are the current rules on allocation now? A snapshot of the
latest version of ToS is at:
https://web.archive.org/web/20190731094938/https://www.ampr.org/terms-of-se…
It does not requires personal information beyond ASN addresses.
3. What is G1FEF's role in the allocation, which are the rights that
ARDC holds has been delegated to this guy along.
4. The holding-the-ID-in-a-photo-of-you practice is pretty common when
dealing with financial institutions and websites frequently deals with
fraudsters. Since LIR, RIR, and BGP upstream also requires and
validates these ID, Why this is necessary to do it again?
5. Is Chris Smith, G1FEF capable of handling sensitive personal data?
He's handling data as natural person, or an legal entity that ARDC
approves?
6. If there's another change, do anyone with a allocation has to go
through the same process again?
I see that we already have a problem with transparency, now we got
bureaucracy? Also it's not my problem that the assignment wasn't added
to the portal.
Best Regards,
Quan
On 12/31/19 1:36 AM, Phil Karn via 44Net wrote:
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
Hi. As you all know, Brian Kantor WB6CYT passed
away suddenly last
month. Brian did so much for AMPRNet from the very beginning that he'll
be impossible to fully replace. We're trying but it's hard, especially
since he was a close personal friend.
Chris Smith, G1FEF (chris(a)g1fef.co.uk) has kindly volunteered to take
over Brian's portal work and to handle portal and BGP allocation
requests. Please direct queries to him.
73, Phil Karn, KA9Q
President, ARDC
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
21 Feb
21 Feb
7:17 a.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Hi David,
Thank you for kind and detailed reply, this is Very helpful!
I did not realize that there was so many paper work even after the LOA,
and it totally makes sense that taking some additional steps to reduce
the bogus request. But my major concerns are two things, 1) chain of
trust; 2) personal data.
Trust chain:
- When I've received the complaint from G1FEF, I went through this
mail-list and figured out that he's in charge of the allocation.
- Then, I've verified the mail is actually from him, since I trust my
mail provide "posteo", I briefly checked the mail header
"Authentication-Results", and it says "dkim=pass (1024-bit key)
header.d=g1fef.co.uk".
(Up to this point, I know he's talking about a real concern, so I complied.)
- After a few turns, he demanded a full suite of KYC material: photo
ids, and me holding these ID.
Personal data problem:
- I never send any ID directly to a natural person.
- When submitting to legal entities, they always provide a brief info on
justification, scope of usage, deletion, and their liability, though I
know it's not strictly followed, but hey, I can accept this.
The emerging privacy laws and regulations today are still very new, the
practice is very unclear to both consumers and companies, I believe we
feel equally unsafe over this matter. My employer has provided some
training sessions on data handling and security from legal perspective,
yet those lawyers are still unsure about a lot of things.
Regards,
Quan
On 2/21/20 12:42 AM, David Ranch via 44Net wrote:
Hello Quan,
I can give you my perspective as an AMPR coordinator on how BGP
allocations usually get processed. When I receive a request from a
user requesting a BGP prefix, I ask a bunch of questions to ensure the
person understands the minimum requirements. My questions include:
- Your callsign (is it valid with your government's amateur radio
licensing body)
- Your current home address (to know if you're in my AMPR
coordination territory or not). The use of PO boxes or otherwise
greatly complicate this Q&A discussion
- I have never requested nor am I aware of Brian Kantor previously
requesting copies of a person's photo-id to prove identity. This does
NOT mean it's never been requested in the past
- Would your use of address space be for primarily Internet-only
focus traffic or RF-servicing traffic?
- Your intended purpose for the address space (to ensure it meets
the guidelines of AMPR's charter)
- Your Justification for any requests larger than a /24 as our
address space isn't unlimited
- Your allocated ARIN ASN number ( associated to your name or to a
company you directly control)
Once I receive appropriate answers for all of the items above, I would
either approve the AMPR subnet in the AMPR Portal or if more
Internet-only facing traffic, have the user to close out the current
AMPR request and create a new request in the 44.190/16 prefix managed
by Jan DG8NGN for an allocation. At that point, Brian Kantor would
then review the allocation with all the above Q&A answers. If Brian
was satisfied with the details, he would begin the LOA process and
ultimately send you an official approval email. At that point, some
hosting ISPs would then send Brian Kantor a "consent letter" request
that he would need to respond to. This response sometimes would
require that it be from the ARDC on ARDC letterhead with Brian's hand
signature. With all the paperwork completed, you or your hosting
provided would then be able to start announcing your allocated prefix.
I know this process can be invasive but you would be surprised how
many bogus requests I've received over the years. I have to assume
this is because of the scarcity of IPv4 addresses and/or people trying
to do bad things over the Internet hoping that AMPR address space
would shield them somehow. I would assume that if you followed a
similar process for your BGP prefixes and can provide all the previous
email exchanges with you, your local AMPR coordinator and Brian Kantor
and most importantly his approval email, I would assume that Chris
G1FEF would accept all that as a valid allocation.
Beyond that, you can consider taking this discussion up with the ARDC
board:
https://www.ampr.org/about/who-we-are/
--
President/CEO:
Phil Karn — KA9Q
Treasurer:
Bdale Garbee — KB0G
John Gilmore — W0GNU
K. C. Claffy — KC6KCC
Technical Advisory Committee
John Hays — K7VE
Heikki Hannikainen — OH7LZB
Tim Osburn — W7RSZ
Tim Pozar — KC6GNJ
Hope this helps.
--David
KI6ZHD
Silicon Valley 44.4.x.x/16 AMPR Coordinator
On 02/19/2020 09:18 PM, Quan Zhou via 44Net wrote:
Hi all,
Sorry to bother you with a rant, but I'm feeling an urge to ask that
what's happening on the AMPR/ARDC.
## Background
A few weeks ago I have received a harsh email from Chris G1FEF
accusing me for announcing a prefix was assigned to me. In that case,
the claimed reason is that the prefix wasn't listed on the AMPR portal.
I tried to clear things up by sending him the LOA from WB6CYT, which
he claims that is NOT legitimate, also denied possibility there could
a bug in the portal caused this. I have also complied with his
demands on even more information including all conversations between
me and Brian regarding that the assignment. Eventually he continued
to ask for even more personal information without justification,
threatening that not complying may cause "close of account".
## Questions
1. Has all previous assignment by WB6CYT been overruled? Or am I
singled out?
2. What are the current rules on allocation now? A snapshot of the
latest version of ToS is at:
https://web.archive.org/web/20190731094938/https://www.ampr.org/terms-of-se…
It does not requires personal information beyond ASN addresses.
3. What is G1FEF's role in the allocation, which are the rights that
ARDC holds has been delegated to this guy along.
4. The holding-the-ID-in-a-photo-of-you practice is pretty common
when dealing with financial institutions and websites frequently
deals with fraudsters. Since LIR, RIR, and BGP upstream also requires
and validates these ID, Why this is necessary to do it again?
5. Is Chris Smith, G1FEF capable of handling sensitive personal data?
He's handling data as natural person, or an legal entity that ARDC
approves?
6. If there's another change, do anyone with a allocation has to go
through the same process again?
I see that we already have a problem with transparency, now we got
bureaucracy? Also it's not my problem that the assignment wasn't
added to the portal.
Best Regards,
Quan
On 12/31/19 1:36 AM, Phil Karn via 44Net wrote:
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net Hi. As you all know, Brian Kantor WB6CYT passed
away suddenly last
month. Brian did so much for AMPRNet from the very beginning that he'll
be impossible to fully replace. We're trying but it's hard, especially
since he was a close personal friend.
Chris Smith, G1FEF (chris(a)g1fef.co.uk) has kindly volunteered to take
over Brian's portal work and to handle portal and BGP allocation
requests. Please direct queries to him.
73, Phil Karn, KA9Q
President, ARDC
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
10:32 a.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Hi all,
Le 20/02/2020 à 17:42, David Ranch via 44Net a écrit :
- Your allocated ARIN ASN number ( associated to
your name or to a
company you directly control)
This points out something I never really understood well.
I don't have any ARIN ASN number, and Brian didn't request for one when
he gave me the LOA for my subnet.
I'm currently announcing BGP via a Vultr VPS. I don't announce directly
via BGP to other BGP peers. My network provider (currently Vultr) does
it for me : I have an iBGP session with them, and they announce to the
rest of the world. Moreover, I do not use BGP routing in my company, so
I don't have any "business" ASN.
So, here are my questions :
Is an ARIN ASN number mandatory in such a situation ? If not mandatory,
would it be a good practice to have one ? If so, would RIPE deliver ASN
numbers to people or companies that do not own any IPv4 range (I am not
the owner of my 44 subnet, ARDC just grants me the right to announce it) ?
Thank you in advance.
73 de TK1BI
10:57 a.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Hi Toussaint,
I think that the reason why they want an ARIN ASN is because they are
under impression that 44net addresses are ARIN addresses. Usually you
don't announce a prefix outside it's RIR area. 44net predates ARIN, in
which case should not be limited by such rules.
And yes, RIPE NCC provides ASNs to people without IPv4, you can buy one
from LIRs, they often gives you a /48 of IPv6 for free. Most of them
will charge you a one time fee around 100 EUR.
It is just my belief that ASNs should be used whenever possible, since
you are an actually running autonomous system, so why not put yourself
in front of it?
Quan BH1XQV
On 2/21/20 6:32 PM, Toussaint OTTAVI via 44Net wrote:
Is an ARIN ASN number mandatory in such a situation ?
If not
mandatory, would it be a good practice to have one ? If so, would RIPE
deliver ASN numbers to people or companies that do not own any IPv4
range (I am not the owner of my 44 subnet, ARDC just grants me the
right to announce it) ?
11:02 a.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Toussaint OTTAVI via 44Net <44net(a)mailman.ampr.org> writes:
Is an ARIN ASN number mandatory in such a situation ?
No. TK1 is not in the ARIN region. ARIN is for networks in North
America. In RIPE region you should normally have a RIPE-assigned ASN.
If not mandatory, would it be a good practice to have
one ?
It's not completely clear from your description of your situation. You
said that you speak iBGP with a provider. What ASN are you using for
this? What happens when you decide to change providers? How will that
transition work? Will you end up announcing your addresses with
inconsistent origins? That is to be avoided. Will you maintain direct
(maybe tunneled) peering relationships with other networks in AMPR
space?
It's important to think through what you want the routing policy to be
for your network, now and in the forseeable future. The point of an ASN
is basically to give an identifier to a network with a distinct routing
policy.
If so, would RIPE deliver ASN numbers to people or
companies that do
not own any IPv4 range (I am not the owner of my 44 subnet, ARDC just
grants me the right to announce it) ?
Yes but you have to justify it. This means explaining how your routing
policy is different from your upstream provider's. The questions above
will help you articulate that. The barrier is fairly low and essentially
designed to check that you know what you're doing and that what you're
doing makes sense. The procedure is similar in other regions.
For RIPE region, you will need to get a member (LIR) to ask for the ASN
on your behalf. Only LIRs can get number resources from RIPE. The LIR
might be but does not have to be your provider. There is a fee from
RIPE, I think it's something like EUR50/year. The LIR may or may not
charge a fee on top of this, depending on how friendly they are.
73s VE3HW
11:40 a.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Hi William, and many thanks for your detailed answer.
Le 21/02/2020 à 12:02, William Waites a écrit :
Currently, we are using a private ASN given by Vultr. They have a good
howto. Several of us are using Vultr services, both for the ease of use
and tiny prices :
https://www.vultr.com/docs/configuring-bgp-on-vultr
The howto says I can use a public ASN if I have one.
No. TK1 is not in the ARIN region. ARIN is for networks in North
America. In RIPE region you should normally have a RIPE-assigned ASN.
Sorry for the confusion. RIPE is our contact in Europe, of course.
If not
mandatory, would it be a good practice to have one ?
It's not completely clear
from your description of your situation. You
said that you speak iBGP with a provider. What ASN are you using for
this? What happens when you decide to change providers? How
will that
transition work? Will you end up announcing your addresses with
inconsistent origins? That is to be avoided.
That's still not decided yet :-) The idea would be to have redundant
announcement with two providers, so that our network still works in case
of Vultr failure (this morning, Paris data center has been down during
an hour). I planned to use a French telco operator to which I am in
contact for my business. The guy is a friend, and he'll be able to
manage BGP HAM stuff for just a few bucks more.
Anyway, it was still unclear how I could achieve redundant BGP routing
in such a setup (Vultr + business telco). And I didn't have time to
investigate yet. But you gave me a nice clue :-)
Will you maintain direct
(maybe tunneled) peering relationships with other networks in AMPR
space?
For now, we are using BGP only for our 44.190 subnet (things that need
to be connected to public Internet, such as Echolink, XLX, etc...).
According to DG8NGN specs, this subnet has been designed to be routed
only to Internet.
We also have "pure" hamnet subnets in 44.168. It's a Work in Progress...
Final routing policy is still undefined for now. But I think I may
follow DG8NGN advice : use only HamNet routing rules (iBGP with European
HamNet, and IP-IP tunnels to the rest of the world). I do not see any
need to announce those on public Internet. And this may/will cause
routing problems with AMPRNet / HamNet partners.
Then, keeping things separated, and use Internet BGP only for 44.190,
may be the solution.
It's important to think through what you want the
routing policy to be
for your network, now and in the forseeable future. The point of an ASN
is basically to give an identifier to a network with a distinct routing
policy.
That's what I missed. And that's why I need a public ASN.
For RIPE region, you will need to get a member (LIR)
to ask for the ASN
on your behalf. Only LIRs can get number resources from RIPE. The LIR
might be but does not have to be your provider. There is a fee from
RIPE, I think it's something like EUR50/year. The LIR may or may not
charge a fee on top of this, depending on how friendly they are.
Thank you. I thought it was required to be a LIR to get an ASN. Becoming
a LIR was not an option for me, because it's over-priced, and I
absolutely do not need it for my business. But $50/year is something I
can afford, and offer to my radio-club :-)
Thank you again for your detailed explanation.
73 de TK1BI
22 Feb
22 Feb
6:06 p.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Hi,
Just to clarify on the fees, the RIPE NCC charges nothing for ASN
sponsorships however the LIR may often charge administrative and
maintenance fees.
- Cynthia
On Fri, Feb 21, 2020 at 12:41 PM Toussaint OTTAVI via 44Net <
44net(a)mailman.ampr.org> wrote:
Hi William, and many thanks for your detailed answer.
Le 21/02/2020 à 12:02, William Waites a écrit :
Currently, we are using a private ASN given by Vultr. They have a good
howto. Several of us are using Vultr services, both for the ease of use
and tiny prices :
https://www.vultr.com/docs/configuring-bgp-on-vultr
The howto says I can use a public ASN if I have one.
No. TK1 is not in the ARIN region. ARIN is for networks in North
America. In RIPE region you should normally have a RIPE-assigned ASN.
Sorry for the confusion. RIPE is our contact in Europe, of course.
If not
mandatory, would it be a good practice to have one ?
It's not completely clear
from your description of your situation. You
said that you speak iBGP with a provider. What ASN are you using for
this? What happens when you decide to change providers?
How will that
transition work? Will you end up announcing your addresses with
inconsistent origins? That is to be avoided.
That's still not decided yet :-) The idea would be to have redundant
announcement with two providers, so that our network still works in case
of Vultr failure (this morning, Paris data center has been down during
an hour). I planned to use a French telco operator to which I am in
contact for my business. The guy is a friend, and he'll be able to
manage BGP HAM stuff for just a few bucks more.
Anyway, it was still unclear how I could achieve redundant BGP routing
in such a setup (Vultr + business telco). And I didn't have time to
investigate yet. But you gave me a nice clue :-)
Will you maintain direct
(maybe tunneled) peering relationships with other networks in AMPR
space?
For now, we are using BGP only for our 44.190 subnet (things that need
to be connected to public Internet, such as Echolink, XLX, etc...).
According to DG8NGN specs, this subnet has been designed to be routed
only to Internet.
We also have "pure" hamnet subnets in 44.168. It's a Work in Progress...
Final routing policy is still undefined for now. But I think I may
follow DG8NGN advice : use only HamNet routing rules (iBGP with European
HamNet, and IP-IP tunnels to the rest of the world). I do not see any
need to announce those on public Internet. And this may/will cause
routing problems with AMPRNet / HamNet partners.
Then, keeping things separated, and use Internet BGP only for 44.190,
may be the solution.
It's important to think through what you want
the routing policy to be
for your network, now and in the forseeable future. The point of an ASN
is basically to give an identifier to a network with a distinct routing
policy.
That's what I missed. And that's why I need a public ASN.
For RIPE region, you will need to get a member
(LIR) to ask for the ASN
on your behalf. Only LIRs can get number resources from RIPE. The LIR
might be but does not have to be your provider. There is a fee from
RIPE, I think it's something like EUR50/year. The LIR may or may not
charge a fee on top of this, depending on how friendly they are.
Thank you. I thought it was required to be a LIR to get an ASN. Becoming
a LIR was not an option for me, because it's over-priced, and I
absolutely do not need it for my business. But $50/year is something I
can afford, and offer to my radio-club :-)
Thank you again for your detailed explanation.
73 de TK1BI
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
21 Feb
21 Feb
12:22 p.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Hardly anyone here has their own public ASN. In your case, you would use the ASN of your
provider, Vultr.com. Vultr has extensive documentation on their site, on how to setup BGP
advertisements, although you do have to dig through their support docs a bit to find it.
Vultr will assign you a private ASN, which is then used for all interaction with them,
even if you use multiple Vultr data center sites. The Private ASN is of no value outside
of Vultr, it simply allows their setup process for easily automated. It was amazing (to me
anyway) how easy it was to get BGP advertisements working. Literally within a couple of
hours, a prefix assigned to you can be setup and be fully operational. They also accept
email’d LOA formerly from BrianK, and I assume now from ChrisS.
So, here are my questions :
Is an ARIN ASN number mandatory in such a situation ? If not mandatory, would it be a
good practice to have one ?
It is mandatory. But like IPv4 addresses, they are a limited resource, and you need to
have connections to multiple backbone providers to even apply for one. IOW, you need to be
in the business. Nearly all of us here will use the Public ASN of our provider.
If so, would RIPE deliver ASN numbers to people or
companies that do not own any IPv4 range (I am not the owner of my 44 subnet, ARDC just
grants me the right to announce it) ?
There is no need to involve RIPE (or ARIN), nor any requirement to even communicate with
them. ARDC grants the authority to your SP (Vultr) to advertise a specific prefix on your
behalf, through the ARDC license or LOA process.
--
Dave, K9DC
Indianapolis, Indiana USA
On Feb 21, 2020, at 05:32, Toussaint OTTAVI via 44Net
<44net(a)mailman.ampr.org> wrote:
Hi all,
Le 20/02/2020 à 17:42, David Ranch via 44Net a écrit :
- Your allocated ARIN ASN number ( associated
to your name or to a company you directly control)
This points out something I never really understood well.
I don't have any ARIN ASN number, and Brian didn't request for one when he gave
me the LOA for my subnet.
I'm currently announcing BGP via a Vultr VPS. I don't announce directly via BGP
to other BGP peers. My network provider (currently Vultr) does it for me : I have an iBGP
session with them, and they announce to the rest of the world. Moreover, I do not use BGP
routing in my company, so I don't have any "business" ASN.
So, here are my questions :
Is an ARIN ASN number mandatory in such a situation ? If not mandatory, would it be a
good practice to have one ? If so, would RIPE deliver ASN numbers to people or companies
that do not own any IPv4 range (I am not the owner of my 44 subnet, ARDC just grants me
the right to announce it) ?
Thank you in advance.
73 de TK1BI
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
1:14 p.m.
New subject: Requirements (or not) for ASNs
Dave Gingrich via 44Net <44net(a)mailman.ampr.org> writes:
Sorry Dave, that's just wrong.
1. We have had 32-bit ASNs for a long while now and while they are
limited because 2^32 is a finite number, they are not scarce because
it is a big number. Just as IPv6 numbers (2^128) are finite but not
scarce. Old 16-bit ASNs are scarce but today the need for those is
similar to the need for a personalised license plate.
2. You need to have a distinct routing policy. That is the condition.
One way of doing that is by having multiple backbone providers. That
is not the only way. You do need connections to at least two networks
but there is no prescription about how this must be done or that the
relationship must be IP transit. I know this because I have obtained
ASNs for small networks doing unusual things from RIPE. You do have
to make a coherent case.
3. There is no requirement that it must be an ASN from ARIN. Not from
ARIN or RIPE, not from the networking community, and not from AMPRNet
unless a new policy that is gratuitously at odds with both industry
and amateur radio practice has been invented. There are several ASNs
that I know of in Europe announcing 44 space using ASNs from RIPE. It
would be unusual (but it does happen) for a network operator in
Europe to use an ASN from ARIN.
More generally, learning about and experimenting with networking is
something that we ought to encouraged. Generally, the spirit of autonomy
in Amateur Radio (in the sense of not relying strongly on a single piece
of infrastructure belonging to someone else) is well served by operating
networks. Just because "nearly all of us don't" doesn't mean that those
who want to shouldn't.
There is a perception that running a BGP-speaking network is somehow
complicated or dangerous or magic of some sort. That's complete
nonsense. Yes there is a learning curve, as with everything. Nothing
more than that.
I don't have a view about whether Toussaint wants to do this or whether
their plan will make sense. But let's try not to discourage people from
learning and exploring, shall we? That's not what amateur radio is
about.
73s VE3HW
(Current operator of AS205586, ex of AS{549, 6401, 13901, 60241, ...})
Is an ARIN ASN
number mandatory in such a situation ? If not
mandatory, would it be a good practice to have one ?
It is mandatory. But like IPv4 addresses, they are a limited resource,
and you need to have connections to multiple backbone providers to
even apply for one. IOW, you need to be in the business. Nearly all of
us here will use the Public ASN of our provider.
24 Feb
24 Feb
9:40 a.m.
New subject: Requirements (or not) for ASNs
Le 21/02/2020 à 14:14, William Waites via 44Net a écrit :
More generally, learning about and experimenting with
networking is
something that we ought to encouraged. Generally, the spirit of autonomy
in Amateur Radio (in the sense of not relying strongly on a single piece
of infrastructure belonging to someone else) is well served by operating
networks.
That's not an easy thing, HI :-) The first time I tried to talk about
"autonomy" here (we are an island, so the idea of having a technically
autonomous network was even more obvious), I received flames by personal
mail and on the air. Some people seem to have interpreted it out of the
technical scope :-) Thats was not really discouraging, that was just
funny, HI :-D
We are still experimenting and developing new things on our free time.
One of our future steps would be a fully redundant routing, with two
data centers in the two main cities of the island, and a fully redundant
BGP setup spread over the two data centers via two different providers.
After all, the meaning of "AS" is "Autonomous System" :-) In such a
setup, I think having our own ASN may help.
Again, thank you all for your help.
73 de TK1BI
22 Feb
22 Feb
4:09 a.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
On 21/02/20 23:22, Dave Gingrich via 44Net wrote:
Hardly anyone here has their own public ASN. In your
case, you would use the ASN of your provider, Vultr.com. Vultr has extensive
documentation on their site, on how to setup BGP advertisements, although you do have to
dig through their support docs a bit to find it.
For the record, my setup is
slightly different, and probably a rather
common one. My provider's ASN was the one I used for my BGP setup,
because my provider is the one doing the BGP routing. I don't have any
ASN whatsoever. Routing is done statically between my provider and the
VPS that hosts my IP range.
It is mandatory. But like IPv4 addresses, they are a
limited resource, and you need to have connections to multiple backbone providers to even
apply for one. IOW, you need to be in the business. Nearly all of us here will use the
Public ASN of our provider.
That's what I did, because I have no need to peer
with anyone. My
provider does all of that. All I had to do was to get the LOA (then
from Brian) to them and possibly their upstream (there wa san extra
little step required in the paperwork from memory), and once the
paperwork was sorted, everything started working. :)
--
73 de Tony VK3JED/VK3IRL
http://vkradio.com
24 Feb
24 Feb
9:18 a.m.
New subject: A few more questions Re: BGP portal management / ASN required ?
Hi,
Thank you all for your answers and comments
Le 22/02/2020 à 05:09, Tony Langdon via 44Net a écrit :
That's what I did with Vultr. That's also what I'm planning to do with
my new business operator. With a single BGP operator, there's no need to
have my own public ASN.
But how could I manage redundancy / fault tolerance between two BGP
operators ?
For incoming traffic, there's no problem, I can handle any incoming
packet whatever the provider.
But how could I handle outgoing traffic ? F/ex, my current Vultr VPS is
hosted in Paris, and I'm tunneling from Corsica to Paris. Last week,
they had a network problem, and the BGP routing was down. All outbound
packets sent from my local router to the Vultr BGP VPS were dropped.
Locally, I do not have any easy way to see if Vultr network is working
or not, so that I could redirect outbound traffic to my 2nd provider.
For now, I do not have any idea about how to handle outbound redundancy.
Having a public ASN, and a local BGP router which peers with the two
providers, may be a clue. Am I wrong ?
73 de TK1BI
It is
mandatory. But like IPv4 addresses, they are a limited resource, and you need to have
connections to multiple backbone providers to even apply for one. IOW, you need to be in
the business. Nearly all of us here will use the Public ASN of our provider.
That's what I did, because I have no need to peer with anyone. My
provider does all of that. All I had to do was to get the LOA (then
from Brian) to them and possibly their upstream (there wa san extra
little step required in the paperwork from memory), and once the
paperwork was sorted, everything started working. :)
12:18 p.m.
New subject: A few more questions Re: BGP portal management / ASN required ?
Hi,
That won't be much trouble, even in the NAT scenario if these traffic
originates/ends on the same router/redundancy group, in case of switch
over, the connections over the old routes will hit a dead end, but new
ones will reach you. Outage can last only a few seconds.
If you are not using NAT, just peer with your upstream and configure
preferences, one link down, the routes will be gone automatically.
There's way too much fun in the BGP!
73,
BH1XQV
On 2/24/20 5:18 PM, Toussaint OTTAVI via 44Net wrote:
Hi,
Thank you all for your answers and comments
Le 22/02/2020 à 05:09, Tony Langdon via 44Net a écrit :
That's what I did with Vultr. That's also what I'm planning to do with
my new business operator. With a single BGP operator, there's no need
to have my own public ASN.
But how could I manage redundancy / fault tolerance between two BGP
operators ?
For incoming traffic, there's no problem, I can handle any incoming
packet whatever the provider.
But how could I handle outgoing traffic ? F/ex, my current Vultr VPS
is hosted in Paris, and I'm tunneling from Corsica to Paris. Last
week, they had a network problem, and the BGP routing was down. All
outbound packets sent from my local router to the Vultr BGP VPS were
dropped. Locally, I do not have any easy way to see if Vultr network
is working or not, so that I could redirect outbound traffic to my 2nd
provider.
For now, I do not have any idea about how to handle outbound
redundancy. Having a public ASN, and a local BGP router which peers
with the two providers, may be a clue. Am I wrong ?
73 de TK1BI
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
It is
mandatory. But like IPv4 addresses, they are a limited
resource, and you need to have connections to multiple backbone
providers to even apply for one. IOW, you need to be in the
business. Nearly all of us here will use the Public ASN of our
provider.
That's what I did, because I have no need to peer with anyone. My
provider does all of that. All I had to do was to get the LOA (then
from Brian) to them and possibly their upstream (there wa san extra
little step required in the paperwork from memory), and once the
paperwork was sorted, everything started working. :)
21 Feb
21 Feb
11:23 a.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Quan Zhou via 44Net <44net(a)mailman.ampr.org> writes:
5. Is Chris Smith, G1FEF capable of handling sensitive
personal data?
He's handling data as natural person, or an legal entity that ARDC
approves?
It is important to clarify who the data controller is in this instance.
The GDPR still applies in the UK even now after Brexit. There are
specific obligations on the data controller who is handling information
belonging to people in Europe or the UK that apply even if it happens to
be an entity outwith Europe (such as the ARDC). One of those obligations
is to specify who, precisely, the data controller is.
73s VE3HW
22 Feb
22 Feb
5:25 a.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Sounds like Chris needs some help!
By the way, did those guys ever get the DNS RRs straightened out for the
44.224.x.x & 44.225.x.x namespaces? I think not! I thought AMAZON owns
those now!!! Oh WAIT, Google's public dns server shows that they do.
Hey, I'll volunteer my services to administer the DNS zones if given the
tools. Really! I'm retired and bored, so WHY NOT?
Here's why I ask about this:
-----------
Query from 44.0.0.1 =
; <<>> DiG 9.10.3-P4-Debian <<>> @44.0.0.1 -x 44.225.2.2
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23181
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.2.225.44.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
225.44.in-addr.arpa. 3600 IN NS db0fhn.efi.fh-nuernberg.de.
225.44.in-addr.arpa. 3600 IN NS ns.db0fhn.ampr.org.
225.44.in-addr.arpa. 3600 IN NS db0res.de.
;; Query time: 84 msec
;; SERVER: 44.0.0.1#53(44.0.0.1)
;; WHEN: Sat Feb 22 00:16:44 EST 2020
;; MSG SIZE rcvd: 166
-----------
Query from 8.8.8.8
$ dig @8.8.8.8 -x 44.225.2.2
; <<>> DiG 9.10.3-P4-Debian <<>> @8.8.8.8 -x 44.225.2.2
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48135
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;2.2.225.44.in-addr.arpa. IN PTR
;; ANSWER SECTION:
2.2.225.44.in-addr.arpa. 299 IN PTR
ec2-44-225-2-2.us-west-2.compute.amazonaws.com.
;; Query time: 23 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Feb 22 00:19:55 EST 2020
;; MSG SIZE rcvd: 112
This has to be fixed ASAP!
Chris? Phil? I'll help in any way I can if you need to spread the
workload!
Thomas / KG5ZI /8 -- DAYTON
On Thu, Feb 20, 2020 at 12:20 AM Quan Zhou via 44Net <44net(a)mailman.ampr.org>
wrote:
Hi all,
Sorry to bother you with a rant, but I'm feeling an urge to ask that
what's happening on the AMPR/ARDC.
## Background
A few weeks ago I have received a harsh email from Chris G1FEF accusing
me for announcing a prefix was assigned to me. In that case, the claimed
reason is that the prefix wasn't listed on the AMPR portal.
I tried to clear things up by sending him the LOA from WB6CYT, which he
claims that is NOT legitimate, also denied possibility there could a bug
in the portal caused this. I have also complied with his demands on even
more information including all conversations between me and Brian
regarding that the assignment. Eventually he continued to ask for even
more personal information without justification, threatening that not
complying may cause "close of account".
## Questions
1. Has all previous assignment by WB6CYT been overruled? Or am I singled
out?
2. What are the current rules on allocation now? A snapshot of the
latest version of ToS is at:
https://web.archive.org/web/20190731094938/https://www.ampr.org/terms-of-se…
It does not requires personal information beyond ASN addresses.
3. What is G1FEF's role in the allocation, which are the rights that
ARDC holds has been delegated to this guy along.
4. The holding-the-ID-in-a-photo-of-you practice is pretty common when
dealing with financial institutions and websites frequently deals with
fraudsters. Since LIR, RIR, and BGP upstream also requires and validates
these ID, Why this is necessary to do it again?
5. Is Chris Smith, G1FEF capable of handling sensitive personal data?
He's handling data as natural person, or an legal entity that ARDC
approves?
6. If there's another change, do anyone with a allocation has to go
through the same process again?
I see that we already have a problem with transparency, now we got
bureaucracy? Also it's not my problem that the assignment wasn't added
to the portal.
Best Regards,
Quan
On 12/31/19 1:36 AM, Phil Karn via 44Net wrote:
Hi. As you all know, Brian Kantor WB6CYT passed
away suddenly last
month. Brian did so much for AMPRNet from the very beginning that he'll
be impossible to fully replace. We're trying but it's hard, especially
since he was a close personal friend.
Chris Smith, G1FEF (chris(a)g1fef.co.uk) has kindly volunteered to take
over Brian's portal work and to handle portal and BGP allocation
requests. Please direct queries to him.
73, Phil Karn, KA9Q
President, ARDC
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
6:39 p.m.
New subject: A few more questions Re: BGP portal management after WB6CYT's passing
Amazon owns those addresses, nothing can be done about them as they are not
ours.
44.192.0.0/10 is not AMPRNet anymore since the Amazon sale.
On Sat, Feb 22, 2020 at 5:10 PM Thomas Jones via 44Net <
44net(a)mailman.ampr.org> wrote:
Sounds like Chris needs some help!
By the way, did those guys ever get the DNS RRs straightened out for the
44.224.x.x & 44.225.x.x namespaces? I think not! I thought AMAZON owns
those now!!! Oh WAIT, Google's public dns server shows that they do.
Hey, I'll volunteer my services to administer the DNS zones if given the
tools. Really! I'm retired and bored, so WHY NOT?
Here's why I ask about this:
-----------
Query from 44.0.0.1 =
; <<>> DiG 9.10.3-P4-Debian <<>> @44.0.0.1 -x 44.225.2.2
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23181
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.2.225.44.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
225.44.in-addr.arpa. 3600 IN NS db0fhn.efi.fh-nuernberg.de.
225.44.in-addr.arpa. 3600 IN NS ns.db0fhn.ampr.org.
225.44.in-addr.arpa. 3600 IN NS db0res.de.
;; Query time: 84 msec
;; SERVER: 44.0.0.1#53(44.0.0.1)
;; WHEN: Sat Feb 22 00:16:44 EST 2020
;; MSG SIZE rcvd: 166
-----------
Query from 8.8.8.8
$ dig @8.8.8.8 -x 44.225.2.2
; <<>> DiG 9.10.3-P4-Debian <<>> @8.8.8.8 -x 44.225.2.2
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48135
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;2.2.225.44.in-addr.arpa. IN PTR
;; ANSWER SECTION:
2.2.225.44.in-addr.arpa. 299 IN PTR
ec2-44-225-2-2.us-west-2.compute.amazonaws.com.
;; Query time: 23 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Feb 22 00:19:55 EST 2020
;; MSG SIZE rcvd: 112
This has to be fixed ASAP!
Chris? Phil? I'll help in any way I can if you need to spread the
workload!
Thomas / KG5ZI /8 -- DAYTON
On Thu, Feb 20, 2020 at 12:20 AM Quan Zhou via 44Net <
44net(a)mailman.ampr.org>
wrote:
Hi all,
Sorry to bother you with a rant, but I'm feeling an urge to ask that
what's happening on the AMPR/ARDC.
## Background
A few weeks ago I have received a harsh email from Chris G1FEF accusing
me for announcing a prefix was assigned to me. In that case, the claimed
reason is that the prefix wasn't listed on the AMPR portal.
I tried to clear things up by sending him the LOA from WB6CYT, which he
claims that is NOT legitimate, also denied possibility there could a bug
in the portal caused this. I have also complied with his demands on even
more information including all conversations between me and Brian
regarding that the assignment. Eventually he continued to ask for even
more personal information without justification, threatening that not
complying may cause "close of account".
## Questions
1. Has all previous assignment by WB6CYT been overruled? Or am I singled
out?
2. What are the current rules on allocation now? A snapshot of the
latest version of ToS is at:
https://web.archive.org/web/20190731094938/https://www.ampr.org/terms-of-se…
It does not requires personal information
beyond ASN addresses.
3. What is G1FEF's role in the allocation, which are the rights that
ARDC holds has been delegated to this guy along.
4. The holding-the-ID-in-a-photo-of-you practice is pretty common when
dealing with financial institutions and websites frequently deals with
fraudsters. Since LIR, RIR, and BGP upstream also requires and validates
these ID, Why this is necessary to do it again?
5. Is Chris Smith, G1FEF capable of handling sensitive personal data?
He's handling data as natural person, or an legal entity that ARDC
approves?
6. If there's another change, do anyone with a allocation has to go
through the same process again?
I see that we already have a problem with transparency, now we got
bureaucracy? Also it's not my problem that the assignment wasn't added
to the portal.
Best Regards,
Quan
On 12/31/19 1:36 AM, Phil Karn via 44Net wrote:
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
Hi. As you all know, Brian Kantor WB6CYT passed
away suddenly last
month. Brian did so much for AMPRNet from the very beginning that he'll
be impossible to fully replace. We're trying but it's hard, especially
since he was a close personal friend.
Chris Smith, G1FEF (chris(a)g1fef.co.uk) has kindly volunteered to take
over Brian's portal work and to handle portal and BGP allocation
requests. Please direct queries to him.
73, Phil Karn, KA9Q
President, ARDC
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
1531
days inactive
1585
days old
22 comments
14 participants
participants (14)
-
air gapped -
Alistair Mackenzie -
Cynthia Revström -
Dave Gingrich -
David Ranch -
Lin Holcomb -
Phil Karn -
Quan Zhou -
Ruben ON3RVH -
Scott Nicholas -
Thomas Jones -
Tony Langdon -
Toussaint OTTAVI -
William Waites