-----Original Message----- With all that said, is there anyone out there performing intermediate routing... what I mean is anyone running a tunneled gateway and performing routing for other subnets over RF.

I presume you mean routing other subnets over amateur radio frequencies.

We used to do that. But there are two main problems with it here in the US.

1) Encryption. More than half of websites are now encrypted and the percentage is growing every day. E-mail encryption is also on the rise. And encryption is not allowed over US amateur frequencies. So amateur frequencies are fast becoming impractical/irrelevant for real-world, mainstream network traffic.

2) 3rd party-initiated traffic. Routing inbound e-mail, even if unencrypted, over an amateur frequency is a violation of Part 97, according to the FCC enforcement bureau. At least it was when I asked them about this a few years ago. That's because anyone anywhere could initiate a transmission on an amateur frequency without a license simply by sending you an email. So we allowed only outbound email from hams to traverse the amateur frequencies. Inbound email stopped at the gateway. It wasn't very practical, but at least a message could go out.

We later got internet connections at all of our hub sites. So we turned each of them into their own gateways. Users can access the site over amateur frequencies to download their mail since the ham initiates that connection. But we still have to filter out encrypted email. And we're using Part 15 frequencies between hub sites. I suppose we could still use 44.x addresses. But since a 44.x subnet can only exist behind one gateway in AMPRnet routing, we didn't see much point in that either.

Not trying to be a bummer. But the FCC regulations really squash creativity and innovation.

Michael N6MEF

Hi Tom,

I’ve read your emails and viewed your presentation. You asked for anyone using IP over RF without much detail on the RF part. For that reason, and the fact you mentioned projects similar to what I have collaborated to build, I’m giving this answer on the list, understanding it might be valid for you.

For the sake of being as much detailed as possible without kidnaping the thread I’ll use bullet points:

- I live in the NW coast of Spain, in a Province named Asturias, in a city named Gijón. My locator is IN73dm.

- We advert our assigned part of 44 network (44.133.233.0/24) via BGP (AS205827) directly.

- I have built a core of communications that is interconnected by RF, more precisely, using 5GHz links for transport and 2.4 GHz links for accessing the network. RF area expands over 5000 sq km / 2000 sq mi. Into that area, longer link is about 37 km, whereas shortest link is about 1 km. Average link is distance is 11 km. Higher position is about 1700m ASL, whereas lower position is about 6m ASL. Average elevation is about 400m ASL Local orography is abrupt with several mountain ranges that conform meadows, canyons and defiles, in the upper part of the territory, while at the other side we have the sea. The distance between higher elevations and shoreline is about 50 km.

- We have 5 main sites that corresponds to: a) 3 repeater sites, b) 1 rx-only location and c) 1 technical site. The 3 repeater sites act as our network core and is fully interconnected. Internet access and connection to our ISP for the BGP session is directly present in our network core.

- Our core implements dynamic routing. In more detail, it implements an OSPF backbone area to maintain site adjacency information and network topology. We provide a default route from BGP to the OSPF autonomous system and a default route path is set back from the network in order to reach the Internet.

- The 3 repeater sites itself move DMR traffic, that is, signaling and voice, plus site telemetry. The 2 other sites are OSPF Stub Areas that provide network services (dns, proxy, web, vpn, etc..) to the network users.

- Technologies implemented are: a) Mikrotik for routers (2 per site, 1 for distribution+access and 1 for core); b) Ubiquiti antennas in many form factors, like vertical, parabolic and sector antennas; c) a virtual machine host for Debian servers (VM) for DNS, Proxy, Web), SoftEther VPN concentrator appliance (VM), a Windows 2012 R2 server for Active Directory and Radius/IAS service and a pfSense appliance (VM) for firewalling purposes.

- Network core sites have 2 routers, 1 for distribution+access and 1 for core networking. Core network layer is at full speed (no filters, no mangle, no acl, just packet forwarding). Distribution+access layer implements filtering, mangle, acl, qos/diffserv and other typical network-based services.

- Users (ham radio operators) and user groups (of hams) with direct visibility of one of the main sites can connect to the site via RF using a 2.4Ghz (Wi-Fi) antenna. They can get connected to the distribution+access router to get IP vía PPPoE session.

- Users (ham radio operators) and user groups (of hams) with non-direct view of one of the main sites can connect to the network vía VPN in order to get a 44 IP address from the VPN concentrator with a default route to Internet a specific router to our assigned segment of network 44 in order to access local network services.

- The part of the network 44 we maintain is publicly reachable from Internet and other hams on network 44. Firewall filtering is acting at the edge of the network in bridge mode in order to stop DDoS and malware from affecting hams (at least, in order to stop the biggest hits).

Hope this brief resume helps understand our local project. If you have any doubt or comment, please, do not hesitate to write me.

Best regards, -- Vy73 de EA1HET, Jonathan

El 28 jul 2017, a las 4:59, Tom Cardinal ki4szj@gmail.com escribió:

I gave a talk tonight at one of our local clubs to see if any other local amateurs are interested in AMPRnet. I tried to stay out of the weeds to just give a general overview and did not present any slides. I did use slides as note cards on my iPad to keep from straying that I have now placed on my AMPR web server (n2xu.ampr.org) for the folks in attendance that might be more interested. There were about 20 or so folks in attendance and I think there are 3 or 4 that are interested.

I will be doing another talk at the club where I was once President here in Fort Walton Beach and then for the folks that are more interested I will present another more in the weeds presentation at some point in the future. I'm big on trying to get 44net here on RF (slow 1200 or broadband at 5.8 GHz) down here and need others that are local in order to do so.

I might be leveraging expertise here as I try to grow interest... so please bear with me and any new folks I bring aboard.

With all that said, is there anyone out there performing intermediate routing... what I mean is anyone running a tunneled gateway and performing routing for other subnets over RF. I may request a second but separate allocation to experiment in that realm... I'd like to learn how to do that. I think it's a natural expansion for times when network connectivity goes out for an area where we can act as an RF gateway between the RF and the tunneled AMPRNet. My eventual goal is I'd like to bring the HAMWAN to the Florida panhandle... I think these are all baby steps to get there.

Input, advice ideas and criticism are all welcome.

-- Tom Cardinal/N2XU/MSgt USAF (Ret)/BSCS/CASP, Security+ ce _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net