On 7/16/13 11:00 AM, Brian Kantor wrote:
A solution would be to have the border router at each of the directly-connected subnets also have a full set of tunnel routes and interfaces installed, as it could then participate in the tunnel mesh and should then be in the encap file. I don't see commercial internet providers doing that.
So this means that in order for the the directly-connected subnets to also participate in the tunnel mesh, there has to be a tunnel-enabled router downstream of the connection to the commercial Internet. Thus the only advantage of being directly-connected is simply an independent (quite possibly higher-bandwidth) connection to the commercial Internet backbone. It doesn't improve internal connectivity in the AMPRNet at all. We still need the tunnels for that.
Admittedly, I've been a bit tardy in getting my BGP session up with my provider (summer is always busy for me), but perhaps there is a better way to do this.
What I envision would be to have a few regional AMPR BGP routers/peering points. AMPR would need and ASN of course (I'd be willing to put up the money for this from ARIN), some hardware and a few friendly providers across the globe. I have one friendly provider, and I'm sure we could find a few more. Hardware is up to us, I'd prefer an actual router (ALU/Cisco/JNPR), but there is no reason openbgpd on a *nix box wouldn't work.
So you would have each peering point announcing 44/8 but behind the peering routers would be a set of (GRE) tunnels between all the routers. The 44net BGP routers would run I-BGP across these tunnels (or ISIS/OSPF, but I feel IBGP would make more sense to manage redistribution of routes as it's got more "policy knobs" than OSPF and to a lessor extent ISIS.) The 44net non bgp users would then have IP-IP tunnels to their closest 44net peering router.
For optimized routing (as it makes no sense to me for .AU users to tunnel through UCSD) we could have routing between the 44net routers announce more specific routes for directly connected subnets. We'd have to manage this, as I'm sure we don't want to add another 1000 routes to the global table (and then have filtering), but I don't see it being that many routes when a /16 is for a whole continent, which has 1 or 2 peering routers in this design. This also avoids black holes caused by 44net directly connected peers being filtered by sites that filter at less than a /24 block (don't laugh, I've seen large companies filter at a /19)
Admittedly this is a very "back of a napkin" design, but it's a start. Thoughts?
I really see both of these uses of 44 net as different projects in the same band. Think 440mhz some people do ssb, others FM, while others do SSTV some folks do packet some people do Fast Scan TV. There is not really a need for a 100meg bursting to 1gig connection to interface with a 1200 baud system. Your not going to be able to do much with the content. SIP cant run over 1200baud, you would kill your local lan if you tried to download a 100meg file from an FTP server. I actually think you would want to prevent access to some of what we are going to do.
Now as far as providing an additional de-centralized access to the internet for the tunnels, yes we have said we are happy to help with that in any way and it is really needed. Don't take this the wrong way Brian, but if the big one(earth quake) hits SoCal the whole 44net cant talk to each other anymore. As UCSD is very close to one of the major fault lines in SoCal I would say this is not an if but a when situation. http://en.wikipedia.org/wiki/San_Andreas_Fault
Lin N4YCI
On Tue, Jul 16, 2013 at 11:54 AM, Bryan Fields Bryan@bryanfields.net wrote:
(Please trim inclusions from previous messages) _______________________________________________ On 7/16/13 11:00 AM, Brian Kantor wrote:
A solution would be to have the border router at each of the directly-connected subnets also have a full set of tunnel routes and interfaces installed, as it could then participate in the tunnel mesh and should then be in the encap file. I don't see commercial internet providers doing that.
So this means that in order for the the directly-connected subnets to also participate in the tunnel mesh, there has to be a tunnel-enabled router downstream of the connection to the commercial Internet. Thus the only advantage of being directly-connected is simply an independent (quite possibly higher-bandwidth) connection to the commercial Internet backbone. It doesn't improve internal connectivity in the AMPRNet at all. We still need the tunnels for that.
Admittedly, I've been a bit tardy in getting my BGP session up with my provider (summer is always busy for me), but perhaps there is a better way to do this.
What I envision would be to have a few regional AMPR BGP routers/peering points. AMPR would need and ASN of course (I'd be willing to put up the money for this from ARIN), some hardware and a few friendly providers across the globe. I have one friendly provider, and I'm sure we could find a few more. Hardware is up to us, I'd prefer an actual router (ALU/Cisco/JNPR), but there is no reason openbgpd on a *nix box wouldn't work.
So you would have each peering point announcing 44/8 but behind the peering routers would be a set of (GRE) tunnels between all the routers. The 44net BGP routers would run I-BGP across these tunnels (or ISIS/OSPF, but I feel IBGP would make more sense to manage redistribution of routes as it's got more "policy knobs" than OSPF and to a lessor extent ISIS.) The 44net non bgp users would then have IP-IP tunnels to their closest 44net peering router.
For optimized routing (as it makes no sense to me for .AU users to tunnel through UCSD) we could have routing between the 44net routers announce more specific routes for directly connected subnets. We'd have to manage this, as I'm sure we don't want to add another 1000 routes to the global table (and then have filtering), but I don't see it being that many routes when a /16 is for a whole continent, which has 1 or 2 peering routers in this design. This also avoids black holes caused by 44net directly connected peers being filtered by sites that filter at less than a /24 block (don't laugh, I've seen large companies filter at a /19)
Admittedly this is a very "back of a napkin" design, but it's a start. Thoughts?
-- Bryan Fields
727-409-1194 - Voice 727-214-2508 - Fax http://bryanfields.net
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
On Tue, Jul 16, 2013 at 12:05:26PM -0400, Lin Holcomb wrote:
way Brian, but if the big one(earth quake) hits SoCal the whole 44net cant talk to each other anymore. As UCSD is very close to one of the major fault lines in SoCal I would say this is not an if but a when situation.
Yes, sometime in the next 10,000 years the San Andreas and its contributory faults are expected to knock us off the map. Doubt I'll be around. The rising sea level is likely to get here long before that.
But with the tunnels, "the whole 44net cant talk to each other anymore" is simply not true - that's the advantage of a mesh: its survivability.
I'm for more peering points but there are difficulties. As far as I know, everyone else who is doing multiple peering points has independent connectivity between those points - a fibre network they own, dedicated ATM circuits, etc. I don't see us having that ever. - Brian
On Tue, Jul 16, 2013 at 9:35 AM, Brian Kantor Brian@ucsd.edu wrote: everyone else who is doing multiple peering points has independent
connectivity between those points
In our case, we already have that with the tunnels, so I can totally see this working.
As mentioned before, we would need a new AS number from ARIN. We would also need to designate a small chunk of the 44 space for anycasting on the internet. Every BGP gateway router would send announcements for 44/8 using the new ASN. Each router will also listen on the same anycast IP for tunnel traffic (such as 44.255.255.1). When IPIP packets are received on that address, it will route them using the tunnel matrix. The subnet routers (the ones not using BGP) would need a static route that sends the anycast IP range out through their internet connection instead of through the tunnel.
The advantage of this configuration would not only be redundancy, but anycasting also allows the traffic to automatically route to it's closest gateway. This is what many CDNs and DNS providers do.
On Jul 16, 2013, at 3:29 PM, Cory (NQ1E) cory@nq1e.hm wrote:
As mentioned before, we would need a new AS number from ARIN.
How would the AS number be funded?
There’s an initial $550 fee, plus $100/year
73, -jav k4jh
That is a no brainier to get the AS number. I will chip in for sure. In fact I really think any group that is doing BGP should be requried to flip the bill for part of the re-issue thru donations for direct funding.
Brian are you still waiting on CA or the IRS to get you the 501c3 status. It would really help to raise funds. (maybe we should change the application to be ampr teaparty to speed things up) just kidding, but would probably work. (sorry for DX stations that is a US joke as the IRS just got in a lot of hot water for dragging their feet on any application that contained the words tea or party for a tax exempt status) By being a 501c3 US citizens donations are pretax dollars and in some cases like my wife's employer. (The little beverage company based in Atlanta GA think red and white logo.) They match 2 for 1 aka we write a check for $100 they mail a check for $200 to ampr.
Just a thought does ARIN not cut a break on the price if your a non-profit? Do they charge UCSD for the AS number?
Lin
On Tue, Jul 16, 2013 at 3:37 PM, Javier Henderson javier@cisco.com wrote:
(Please trim inclusions from previous messages) _______________________________________________
On Jul 16, 2013, at 3:29 PM, Cory (NQ1E) cory@nq1e.hm wrote:
As mentioned before, we would need a new AS number from ARIN.
How would the AS number be funded?
There’s an initial $550 fee, plus $100/year
73, -jav k4jh
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
On Jul 16, 2013, at 3:53 PM, Lin Holcomb LHolcomb@clearqualitygroup.com wrote:
(Please trim inclusions from previous messages) _______________________________________________ That is a no brainier to get the AS number. I will chip in for sure.
I was thinking long term. Interest on these projects comes and goes, so while it might be easy to raise the $550 for the initial issuance, who knows what will happen with the recurring fees.
We do need an AS number for this project to complete it as described, though.
73, -jav k4jh
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
My $DAYJOB company is a LIR with RIPE. An ASN registered with RIPE via a LIR is 50 EUR (~66 USD) per year. I could help with requesting the ASN from RIPE and I can also take care of the costs, if necessary I think it could be possible that a few national or regional HAM clubs provide some funds to cover the yearly costs.
73 de Marc, LX1DUC
On 16/07/2013 21:57, Javier Henderson wrote:
(Please trim inclusions from previous messages) _______________________________________________
On Jul 16, 2013, at 3:53 PM, Lin Holcomb LHolcomb@clearqualitygroup.com wrote:
(Please trim inclusions from previous messages) _______________________________________________ That is a no brainier to get the AS number. I will chip in for sure.
I was thinking long term. Interest on these projects comes and goes, so while it might be easy to raise the $550 for the initial issuance, who knows what will happen with the recurring fees.
We do need an AS number for this project to complete it as described, though.
73, -jav k4jh
_________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
Well......
Maybe your specific 'RIPE' provider is a good guy, but as for 'RIPE' as a company, I've been so inundated with hacker attempts from IP addresses that all belong to 'RIPE' that I finally blocked all IP Addresses from them.
I can say for me personally, 'RIPE' is a company I want nothing to do with and I will continue to block them.
Just one mans opinion, and may not reflect the group.
Bill / KG6BAJ -----------------------------
My $DAYJOB company is a LIR with RIPE. An ASN registered with RIPE via a LIR is 50 EUR (~66 USD) per year. I could help with requesting the ASN from RIPE and I can also take care of the costs, if necessary I think it could be possible that a few national or regional HAM clubs provide some funds to cover the yearly costs.
Ummm, RIPE has nothing to do with the traffic. It just assigns Addresses and AS's to customers.
If you are blocking all address space assigned by RIPE, you are blocking a good portion of the Internet.
On Wed, Jul 17, 2013 at 3:30 PM, Wm Lewis kg6baj@n1oes.org wrote:
(Please trim inclusions from previous messages) _______________________________________________ Well......
Maybe your specific 'RIPE' provider is a good guy, but as for 'RIPE' as a company, I've been so inundated with hacker attempts from IP addresses that all belong to 'RIPE' that I finally blocked all IP Addresses from them.
I can say for me personally, 'RIPE' is a company I want nothing to do with and I will continue to block them.
Just one mans opinion, and may not reflect the group.
Bill / KG6BAJ
My $DAYJOB company is a LIR with RIPE. An ASN registered with RIPE via a LIR is 50 EUR (~66 USD) per year. I could help with requesting the ASN from RIPE and I can also take care of the costs, if necessary I think it could be possible that a few national or regional HAM clubs provide some funds to cover the yearly costs.
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I'm not sure you do understand the concept of IP space allocation and assignement from IANA via RIRs via LIRs to EndUsers or you might have seen some other company (and not the RIR) called RIPE.
73 de Marc, LX1DUC
On 17/07/2013 22:30, Wm Lewis wrote:
(Please trim inclusions from previous messages) _______________________________________________ Well......
Maybe your specific 'RIPE' provider is a good guy, but as for 'RIPE' as a company, I've been so inundated with hacker attempts from IP addresses that all belong to 'RIPE' that I finally blocked all IP Addresses from them.
I can say for me personally, 'RIPE' is a company I want nothing to do with and I will continue to block them.
Just one mans opinion, and may not reflect the group.
Bill / KG6BAJ -----------------------------
My $DAYJOB company is a LIR with RIPE. An ASN registered with RIPE via a LIR is 50 EUR (~66 USD) per year. I could help with requesting the ASN from RIPE and I can also take care of the costs, if necessary I think it could be possible that a few national or regional HAM clubs provide some funds to cover the yearly costs.
_________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
Bill, this almost qualifies as the joke of the day...
ARIN, RIPE NCC, AfriNIC, APNIC and LACNIC are the 5 regional Internet registrars managing IP/AS allocation worldwide. All european IPs are managed by RIPE NCC.
-----Original Message----- Well......
Maybe your specific 'RIPE' provider is a good guy, but as for 'RIPE' as a company, I've been so inundated with hacker attempts from IP addresses that all belong to 'RIPE' that I finally blocked all IP Addresses from them.
I can say for me personally, 'RIPE' is a company I want nothing to do with and I will continue to block them.
How would an AS number be funded? In direct answer to that I thought I saw one of the previous commenter volunteer to put that up themselves (at least the initial fee) but bthe broader question is really how AMPRnet as a whole ought be funded on a continuing basis. Has anyone worked out and determined what the annual operating costs are estimated to be (peering, transit, colocation, ARIN fees, core hardware upkeep & maintenance, etc. ). The reality is that it costs something to keep infrastructure running. How is that paid for? Maybe those who have address sapace assigned ought to chip in something like $5-10 for the processing of the assignment & somewhere between say $0.10-1.00/address assigned per year possibly with some consideration given toward larger allocations that actually built out useful projects that served to expand and further AMPRnet goals.
Eric AF6EP
On Tue, Jul 16, 2013 at 12:37 PM, Javier Henderson javier@cisco.com wrote:
(Please trim inclusions from previous messages) _______________________________________________
On Jul 16, 2013, at 3:29 PM, Cory (NQ1E) cory@nq1e.hm wrote:
As mentioned before, we would need a new AS number from ARIN.
How would the AS number be funded?
There’s an initial $550 fee, plus $100/year
73, -jav k4jh
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
On Tue, Jul 16, 2013 at 03:37:27PM -0400, Javier Henderson wrote:
How would the AS number be funded?
Despite some support, the donation and grant funding models haven't worked; we're still in debt to the tune of about $2,000, with more expenses on the way.
In addition to whatever its activities require, it costs around $500 a year to just maintain a non-profit corp in California.
Donations haven't kept up with that, much less to defray the initial startup costs. We have no money. - Brian
I think this is an issue we need to open as a new thread. Fund raising.
On Tue, Jul 16, 2013 at 4:17 PM, Brian Kantor Brian@ucsd.edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ On Tue, Jul 16, 2013 at 03:37:27PM -0400, Javier Henderson wrote:
How would the AS number be funded?
Despite some support, the donation and grant funding models haven't worked; we're still in debt to the tune of about $2,000, with more expenses on the way.
In addition to whatever its activities require, it costs around $500 a year to just maintain a non-profit corp in California.
Donations haven't kept up with that, much less to defray the initial startup costs. We have no money. - Brian _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
Just curious, is someone having to pay $100 a year to ARIN for a LRSA agreement?
https://www.arin.net/fees/agreements/legacy.html
On Tue, Jul 16, 2013 at 3:20 PM, Lin Holcomb <LHolcomb@clearqualitygroup.com
wrote:
(Please trim inclusions from previous messages) _______________________________________________ I think this is an issue we need to open as a new thread. Fund raising.
On Tue, Jul 16, 2013 at 4:17 PM, Brian Kantor Brian@ucsd.edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ On Tue, Jul 16, 2013 at 03:37:27PM -0400, Javier Henderson wrote:
How would the AS number be funded?
Despite some support, the donation and grant funding models haven't worked; we're still in debt to the tune of about $2,000, with more expenses on the way.
In addition to whatever its activities require, it costs around $500 a year to just maintain a non-profit corp in California.
Donations haven't kept up with that, much less to defray the initial startup costs. We have no money. - Brian _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
-- Lin Holcomb
Office: +1 404 806 5412 Mobile: +1 404 933 1595 Fax: +1 404 348 4250 _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html
There are grandfathered networks -- I own one.
------------------------------ John D. Hays K7VE PO Box 1223, Edmonds, WA 98020-1223 http://k7ve.org/blog http://twitter.com/#!/john_hays http://www.facebook.com/john.d.hays
On Tue, Jul 16, 2013 at 1:47 PM, Neil Johnson neil.johnson@erudicon.comwrote:
(Please trim inclusions from previous messages) _______________________________________________ Just curious, is someone having to pay $100 a year to ARIN for a LRSA agreement?
Heikki Well no it is not necessary as we are using the space alocated to ham radio for ham radio use these will be APs and clients that are operating on ham radio frequencies.
As for as use of the 44net I guess one could ask the same of you. If your project is not routable to the internet why not use 10/8? Answer on both counts because it is allocated for ham radio use. One "project" is not necessarily exclusive of the other on the 44 net just like SSB and FM are both used in 440mhz.
Lin N4YCI
On Tue, Jul 16, 2013 at 3:29 PM, Cory (NQ1E) cory@nq1e.hm wrote:
(Please trim inclusions from previous messages) _______________________________________________
On Tue, Jul 16, 2013 at 9:35 AM, Brian Kantor Brian@ucsd.edu wrote: everyone else who is doing multiple peering points has independent
connectivity between those points
In our case, we already have that with the tunnels, so I can totally see this working.
As mentioned before, we would need a new AS number from ARIN. We would also need to designate a small chunk of the 44 space for anycasting on the internet. Every BGP gateway router would send announcements for 44/8 using the new ASN. Each router will also listen on the same anycast IP for tunnel traffic (such as 44.255.255.1). When IPIP packets are received on that address, it will route them using the tunnel matrix. The subnet routers (the ones not using BGP) would need a static route that sends the anycast IP range out through their internet connection instead of through the tunnel.
The advantage of this configuration would not only be redundancy, but anycasting also allows the traffic to automatically route to it's closest gateway. This is what many CDNs and DNS providers do.
On Tue, Jul 16, 2013 at 10:59 PM, Lin Holcomb LHolcomb@clearqualitygroup.com wrote:
Well no it is not necessary as we are using the space alocated to ham radio for ham radio use these will be APs and clients that are operating on ham radio frequencies.
Ok, so wouldn't it be great if those clients could access services within other amprnet sites in addition to the Internet (assuming that some cool services would exist)? And that your local services could be accessed from other radio-based networks, not just from the rest of the Internet? For now, you'll need to have tunnel routing in addition to the BGP announcement to be able to have that. Without tunnel routing you only have access to the Internet and other BGP-enabled sites.
As for as use of the 44net I guess one could ask the same of you. If your project is not routable to the internet why not use 10/8? Answer on both counts because it is allocated for ham radio use.
Cut-n-pasting the answer from my previous email:
I always thought that the cool thing about using 44/8 with BGP announcements would be that [services in the network would] be accessible over both the normal Internet routing infrastructure *and* over radio from various Amprnet gateway sites. And that whenever a 44/8 source address would be seen at my service, I could tell that it would be originated by an amateur radio operator.
Interoperability with the Internet, thanks to the BGP announcements and not using 10/8, *and* at the same time, access to the same services from ham radio networks which are not allowed to access the Internet over ham radio due to local regulations. That'd be cool. Run a nice web service having a net-44 address, but when the visitor comes from within the amprnet with a net-44 address, allow extra features like being able to key a transmitter.
- Hessu
-
Brian Kantor -
Bryan Fields -
Cory (NQ1E) -
Eric Fort -
Heikki Hannikainen -
Javier Henderson -
K7VE - John -
Lin Holcomb -
Marc, LX1DUC -
Marius Petrescu -
Neil Johnson -
Wm Lewis