Hello 44 net list,
I hope there are some people still here.
I am again trying to set up my gateway and route mine and a few others blocks of 44.x addresses.
I have a static IP address at home and have set this up in the portal, however I am monitoring the linux pc by tcpdump and I am not seeing any RIP2 broadcast being sent to me.
From my previous testing I can confirm the Linux PC is in the DMZ and no firewall, it responds to ICMP ping packets too.
My public IP is 92.234.91.114
Is anyone able to help me out here or is there a way to force a rip2 broadcast (how often are these sent?)
Looking forward to catching up with you all soon
Best regards
James Preece M0JFP / 2e1avx
James Preece | Global Services D 01932 582 063 M 07584 480 694 f5.comhttps://www.f5.com | synthesis.f5.comhttps://synthesis.f5.com [Twitter]https://twitter.com/f5networks[LinkedIn]http://www.linkedin.com/company/f5-networks[Facebook]https://www.facebook.com/f5networksinc[YouTube]http://www.youtube.com/f5networksinc[DevCentral]https://devcentral.f5.com/ [F5 Logo and Tagline]
James, You appear to be set up correctly in the portal and on amprgw, so you should be seeing encapsulated traffic arriving at your host at least every 5 minutes, which is how often the encap'd RIP is sent.
I use a command similar to tcpdump -s0 -v -n proto 4 to view that traffic. - Brian
On Fri, Sep 04, 2015 at 03:58:07PM +0000, James Preece wrote:
I am again trying to set up my gateway and route mine and a few others blocks of 44.x addresses.
I have a static IP address at home and have set this up in the portal, however I am monitoring the linux pc by tcpdump and I am not seeing any RIP2 broadcast being sent to me.
From my previous testing I can confirm the Linux PC is in the DMZ and no firewall, it responds to ICMP ping packets too.
My public IP is 92.234.91.114
Is anyone able to help me out here or is there a way to force a rip2 broadcast (how often are these sent?)
Looking forward to catching up with you all soon
Best regards
James Preece M0JFP / 2e1avx
Brian et al;
On Fri, 2015-09-04 at 09:15 -0700, Brian Kantor wrote:
James, You appear to be set up correctly in the portal and on amprgw, so you should be seeing encapsulated traffic arriving at your host at least every 5 minutes, which is how often the encap'd RIP is sent.
James is up and running now. Apparently his ISP (virgin) is filtering ip protocol 4. He verified this by a phone call to their support department and getting such information from a tier 3 tech.
I have him linked into a data center in Boston run by a ham using OpenVPN. Seems to be working quite well for now.
Working really well thanks!
Kudos to Brian for all your help Thank you!
James
Sent from my iPhone
On 14 Sep 2015, at 22:07, Brian n1uro@n1uro.ampr.org wrote:
(Please trim inclusions from previous messages) _______________________________________________ Brian et al;
On Fri, 2015-09-04 at 09:15 -0700, Brian Kantor wrote:
James, You appear to be set up correctly in the portal and on amprgw, so you should be seeing encapsulated traffic arriving at your host at least every 5 minutes, which is how often the encap'd RIP is sent.
James is up and running now. Apparently his ISP (virgin) is filtering ip protocol 4. He verified this by a phone call to their support department and getting such information from a tier 3 tech.
I have him linked into a data center in Boston run by a ham using OpenVPN. Seems to be working quite well for now.
-- Dolphins are so smart that within a few weeks of captivity, they can train people to stand on the very edge of the pool and throw them fish.
73 de Brian Rogers - N1URO email: (see above) Web: http://www.n1uro.net/ Ampr1: http://n1uro.ampr.org/ Ampr2: http://nos.n1uro.ampr.org Linux Amateur Radio Services axMail-Fax & URONode http://uronode.sourceforge.net http://axmail.sourceforge.net AmprNet coordinator for: Connecticut, Delaware, Maine, Maryland, Massachusetts, New Hampshire, Pennsylvania, Rhode Island, and Vermont.
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
For other hams in the UK using Virgin, I am on Virgin Cable, and IP proto 4 works fine here. I had to use a separate Router and switch the supplied Mode/Router to Modem mode.
73, John G8BPQ
Brain wrote:
James is up and running now. Apparently his ISP (virgin) is filtering ip protocol 4. He verified this by a phone call to their support department and getting such information from a tier 3 tech.
On 15/09/15 08:23, John Wiseman wrote:
Apparently his ISP (virgin) is filtering ip protocol 4. He verified this by a phone call to their support department and getting such information from a tier 3 tech
Hi John,
I think this illustrates more about ISPs' support services than anything else.
In my experience contacting VM is slow, expensive and pointless. The support people know less than the tech people (which is precious little), even if you do get through. The answers you get are read off a sheet which simply lists their excuses for not caring a toss. Usually what you are doing is "not supported" and their main concern seems to be giving wild promises of upcoming speed increases in an attempt to retain customers.
While the bulk of the ISP business is focussed on gaming and adult entertainment there is no business case for for providing technical fault reports or support calls in the way you get from a professional Internet connection.
I think in this case they have confused what IP protocols their cable connection provides with what happens inside their provided "router". The modem/router I have (SuperHub 1?) runs a crippled version of the manufacturers firmware which has some deficiencies and disabled features, perhaps to make it easier to "support". One annoyance, eg, is that not all frames on the wired LAN ports are forwarded to the default wireless network. Most are, but not all. This breaks IPv6 connectivity unless your by-pass their "router". I do this with an old Access Point I had in the junk box but the cleaner solution is to turn off the VM router and use it as a modem-only, buying another router to provide the wired/wireless bridging you expect.
I also wonder if the OP had put his IP/IP endpoint in the "DMZ" ... I assume this would be necessary since routers don't usually know how to NAT protocol 4? I had to do that for my IPv6 tunnel endpoint (a Raspberry Pi - hooray!) so I guess the same applies to an IP/IP endpoint?
Thanks for the info John, good to hear 44-net is still alive in the UK!
Steve G4WSZ
Hi Steve,
I must be one of the lucky one, I have virgin media fibre at 100MB and its been rock solid since it was installed several months ago. Same IP address as well, which does help mostly.
I used the online chat from the web site into support, and again must have had a lucky break, the chap spoke to level 2 and 3 to confirm protocol 4 and ipencap were indeed blocked, Even had a laugh with me about trying to request my block of 44 IP's be routed direct by them.
I have the super hub 2, everything is disabled fw, upstream adult and virus blocking, port forwarding etc. I had enabled ping (echo reply) and stuck the pi in the dmz.
No cigar...
I had set this up on BT before and it worked great!
I have the raspberry pi in the DMZ and had done plenty of tcp dumps etc to test access and see what was happening out there.
As Brain said solution was to create a VPN tunnel from his server to mine.
You can test 44.131.176.33 is now up and running.
Cheers
James.
-----Original Message----- From: 44Net [mailto:44net-bounces+j.preece=f5.com@hamradio.ucsd.edu] On Behalf Of Steve Platt Sent: 15 September 2015 14:31 To: 44net@hamradio.ucsd.edu Subject: Re: [44net] Virgin Media in the UK
(Please trim inclusions from previous messages) _______________________________________________ On 15/09/15 08:23, John Wiseman wrote:
Apparently his ISP (virgin) is filtering ip protocol 4. He verified this by a phone call to their support department and getting such information from a tier 3 tech
Hi John,
I think this illustrates more about ISPs' support services than anything else.
In my experience contacting VM is slow, expensive and pointless. The support people know less than the tech people (which is precious little), even if you do get through. The answers you get are read off a sheet which simply lists their excuses for not caring a toss. Usually what you are doing is "not supported" and their main concern seems to be giving wild promises of upcoming speed increases in an attempt to retain customers.
While the bulk of the ISP business is focussed on gaming and adult entertainment there is no business case for for providing technical fault reports or support calls in the way you get from a professional Internet connection.
I think in this case they have confused what IP protocols their cable connection provides with what happens inside their provided "router". The modem/router I have (SuperHub 1?) runs a crippled version of the manufacturers firmware which has some deficiencies and disabled features, perhaps to make it easier to "support". One annoyance, eg, is that not all frames on the wired LAN ports are forwarded to the default wireless network. Most are, but not all. This breaks IPv6 connectivity unless your by-pass their "router". I do this with an old Access Point I had in the junk box but the cleaner solution is to turn off the VM router and use it as a modem-only, buying another router to provide the wired/wireless bridging you expect.
I also wonder if the OP had put his IP/IP endpoint in the "DMZ" ... I assume this would be necessary since routers don't usually know how to NAT protocol 4? I had to do that for my IPv6 tunnel endpoint (a Raspberry Pi - hooray!) so I guess the same applies to an IP/IP endpoint?
Thanks for the info John, good to hear 44-net is still alive in the UK!
Steve G4WSZ _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
Hi,
My current Amprnet Gateway subnet is 44.163.22.2/32. I will like to change the subnet to 44.163.22.0/24 to be able to access other IP behind the Gateway.
I try to do it in Amprnet Portal but it have predefined subnet network and not been able to enter the subnet manually.
I tried yesterday e-mail with my gmail account to gateways@ampr.org with commands to the robot but no response back. Until this morning with Gmail Warning "Technical details of temporary failure: The recipient server did not accept our requests to connect."
Please anyone who have access to the Gateway Database can help me with the change.
Thanks,
73s Jose / HP2AT
Hi Jose, I have made that change for you.
There is no longer any gateways robot; all changes have to be made in the portal. - Brian
On Tue, Sep 15, 2015 at 12:49:41PM -0500, Jose Ng Lee wrote:
My current Amprnet Gateway subnet is 44.163.22.2/32. I will like to change the subnet to 44.163.22.0/24 to be able to access other IP behind the Gateway.
I try to do it in Amprnet Portal but it have predefined subnet network and not been able to enter the subnet manually.
I tried yesterday e-mail with my gmail account to gateways@ampr.org with commands to the robot but no response back. Until this morning with Gmail Warning "Technical details of temporary failure: The recipient server did not accept our requests to connect."
Please anyone who have access to the Gateway Database can help me with the change.
Thanks,
73s Jose / HP2AT
Many Thanks Brian for your help.
73s Jose / HP2AT
----- Original Message ----- From: "Brian Kantor" Brian@ucsd.edu To: "AMPRNet working group" 44net@hamradio.ucsd.edu Sent: Tuesday, September 15, 2015 1:13 PM Subject: Re: [44net] Amprnet Gateway Subnet change help
(Please trim inclusions from previous messages) _______________________________________________ Hi Jose, I have made that change for you.
There is no longer any gateways robot; all changes have to be made in the portal.
- Brian
On Tue, Sep 15, 2015 at 12:49:41PM -0500, Jose Ng Lee wrote:
My current Amprnet Gateway subnet is 44.163.22.2/32. I will like to change the subnet to 44.163.22.0/24 to be able to access other IP behind the Gateway.
I try to do it in Amprnet Portal but it have predefined subnet network and not been able to enter the subnet manually.
I tried yesterday e-mail with my gmail account to gateways@ampr.org with commands to the robot but no response back. Until this morning with Gmail Warning "Technical details of temporary failure: The recipient server did not accept our requests to connect."
Please anyone who have access to the Gateway Database can help me with the change.
Thanks,
73s Jose / HP2AT
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
Have you set up your router to forward ipip packets to your gateway machine?
Not all home routers can do this. Most allow you to place the machine in a DMZ, but of you do that make sure you have a robust firewall on the gateway machine.
You should see RIP broadcasts every 5 mins. I am seeing yours:
44.131.176.32/29 0 T 1 3459 encap 92.234.91.114
73, John G8BPQ
-----Original Message----- From: 44Net [mailto:44net-bounces+john.wiseman=cantab.net@hamradio.ucsd.edu] On Behalf Of James Preece Sent: 04 September 2015 16:58 To: 44net@hamradio.ucsd.edu Subject: [44net] 2e1avx.ampr.org / 44.131.176.32/29 sunbet and rip2 routingissues
(Please trim inclusions from previous messages) _______________________________________________
Hello 44 net list,
I hope there are some people still here.
I am again trying to set up my gateway and route mine and a few others blocks of 44.x addresses.
I have a static IP address at home and have set this up in the portal, however I am monitoring the linux pc by tcpdump and I am not seeing any RIP2 broadcast being sent to me.
From my previous testing I can confirm the Linux PC is in the DMZ and no
firewall, it responds to ICMP ping packets too.
My public IP is 92.234.91.114
Is anyone able to help me out here or is there a way to force a rip2 broadcast (how often are these sent?)
Looking forward to catching up with you all soon
Best regards
James Preece M0JFP / 2e1avx
James Preece | Global Services
-
Brian -
Brian Kantor -
James Preece -
John Wiseman -
Jose Ng Lee -
Steve Platt