24 Feb
2016
24 Feb
'16
5:51 a.m.
Hello,
For thos who like experimenting...
I managed to implement the complete AMPR gateway tunnelling setup on a Mikrotik router by
a scheduled script on the router only.
Tested on my RB100AHx2 with ROS 6.34.2
You can find it on http://www.yo2loj.ro/hamprojects/
Direct link: http://www.yo2loj.ro/hamprojects/ampr-gw-1.0.txt
Setup details are in the initial comments of the script.
Enjoy.
Marius, YO2LOJ
24 Feb
24 Feb
6:03 a.m.
Hi Marius -- just joined here glad to see you back. Hope alls ok. I'll
give this a test.
Leon
On 2/24/2016 5:51 AM, Marius Petrescu wrote:
> (Please trim inclusions from previous messages)
> _______________________________________________
> Hello,
>
> For thos who like experimenting...
>
> I managed to implement the complete AMPR gateway tunnelling setup on a Mikrotik
router by a scheduled script on the router only.
> Tested on my RB100AHx2 with ROS 6.34.2
>
> You can find it on http://www.yo2loj.ro/hamprojects/
> Direct link: http://www.yo2loj.ro/hamprojects/ampr-gw-1.0.txt
>
> Setup details are in the initial comments of the script.
>
> Enjoy.
> Marius, YO2LOJ
>
7:51 a.m.
New subject: RIP broadcast based AMPR gateway script for Mikrotik routers
And a small update, to delete obsolete elements only if RIP data is
available...
You can find it on http://www.yo2loj.ro/hamprojects/
Direct link: http://www.yo2loj.ro/hamprojects/ampr-gw-1.1.txt
8:31 a.m.
Hi Marius...
does this look right?
My local Public is 24.115.112.147
My AMPRnet allocation is 44.56.53.1/28
I've defined 44.56.53.1/28 on physical ether 3
I was a little confused about the /8 on the ip address below seeing your
defining the full /8 for AMPR net?
Having a real world commented example in the script would help.
many thanks 73 leon
====================
/interface ipip add !keepalive clamp-tcp-mss=yes
local-address=24.115.112.147 \
remote-address=169.228.66.251 name=ucsd-gw
/ip address add address=44.56.53.1/8 interface=ucsd-gw network=44.0.0.0
# To be able to receive RIPv2 broadcasts into a specific table, first
create a VRF:
/ip route vrf add interfaces=ucsd-gw routing-mark=44rip
# and activate passive RIP for that routing table:
/routing rip set garbage-timer=20m routing-table=44rip timeout-timer=10m
update-timer=5m
/routing rip interface add authentication=simple
authentication-key=ThePAssword \
in-prefix-list=all interface=ucsd-gw out-prefix-list= none
passive=yes receive=v2
/routing rip network add network=44.0.0.0/8
9 a.m.
New subject: RIP broadcast based AMPR gateway script for Mikrotik routers
The /8 is needed to get the RIP announcements which need to have both
endpoints in the same network to receive multicast RIP.
You just need to have some unused 44.56.53.x/8 on the ucsd-gw. It does not
matter what it is.
Since that one will land on the vrf, it will not bother you and will not
interfere with your regular routes..
My setup:
Router public IP: 89.122.215.236 via PPPoE
Router ampr IP: 44.182.21.254
/ip route vrf add interfaces=ucsd-gw routing-mark=44net
/ip address add address=44.182.21.254/8 interface=ucsd-gw network=44.0.0.0
/ip address add address=44.182.21.254/24 interface=bridge-ampr
network=44.182.21.0 <-- this is my local LAN
/routing prefix-lists
add action=discard chain=ampr prefix=44.0.0.1/32
add chain=ampr prefix=44.0.0.0/8
add action=discard chain=ampr
add action=discard chain=none
add chain=all
/routing rip
set garbage-timer=20m routing-table=44net timeout-timer=10m update-timer=5m
/routing rip interface
add authentication=simple authentication-key=<rip_password>
in-prefix-list=ampr interface=ucsd-gw out-prefix-list=none passive=yes
receive=v2
/routing rip network
add network=44.0.0.0/8
This gives me RIP routes in passive mode, as needed by the script.
Marius, YO2LOJ
-----Original Message-----
From: Leon Zetekoff
Sent: Wednesday, February 24, 2016 15:31
To: 44net(a)hamradio.ucsd.edu
Subject: Re: [44net] RIP broadcast based AMPR gateway script for Mikrotik
routers
(Please trim inclusions from previous messages)
_______________________________________________
Hi Marius...
does this look right?
My local Public is 24.115.112.147
My AMPRnet allocation is 44.56.53.1/28
I've defined 44.56.53.1/28 on physical ether 3
I was a little confused about the /8 on the ip address below seeing your
defining the full /8 for AMPR net?
Having a real world commented example in the script would help.
many thanks 73 leon
====================
/interface ipip add !keepalive clamp-tcp-mss=yes
local-address=24.115.112.147 \
remote-address=169.228.66.251 name=ucsd-gw
/ip address add address=44.56.53.1/8 interface=ucsd-gw network=44.0.0.0
# To be able to receive RIPv2 broadcasts into a specific table, first
create a VRF:
/ip route vrf add interfaces=ucsd-gw routing-mark=44rip
# and activate passive RIP for that routing table:
/routing rip set garbage-timer=20m routing-table=44rip timeout-timer=10m
update-timer=5m
/routing rip interface add authentication=simple
authentication-key=ThePAssword \
in-prefix-list=all interface=ucsd-gw out-prefix-list= none
passive=yes receive=v2
/routing rip network add network=44.0.0.0/8
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
25 Feb
25 Feb
5:26 a.m.
New subject: RIP broadcast based AMPR gateway script for Mikrotikrouters
Just some clarifications on the setup of the ucst gateway IPIP tunnel.
It seems that the RIP messages receiving is not that easy to set up.
So, from what I found out, these are the steps. These are CLI commands but
they are also available in winbox and webfig.
1. Create the IPIP tunnel. Please use your own public address :-)
/interface ipip
add comment="UCSD AMPR Gateway" !keepalive local-address=89.122.215.236
name=ucsd-gw remote-address=169.228.66.251
2. Set up a VRF (virtual routing and forward) entry for the ucsd-gw
interface for net 44.0.0.0/8 and use some routing mark. I used "44rip".
(Important - This will associate all traffic on that interface with the
routing mark used)
/ip route vrf
add interfaces=ucsd-gw routing-mark=44rip
3. Add an accept filter rule on the input chain for RIP, which uses UDP, src
and dest port 520 on top of your fw rules
/ip firewall filter
add chain=input comment=RIP dst-port=520 in-interface=ucsd-gw protocol=udp
src-address=44.0.0.1 src-port=520
It also doesn't hurt to set up an accept rule for the encap protocol:
add chain=input comment="IP Encap" in-interface=RTC-PPPoE protocol=ipencap
4. Set up passive RIP routing to use routing table 44rip for the whole ampr
network. Don't forget to use the proper auth key - get it from a friend).
/routing rip
set garbage-timer=20m routing-table=44rip timeout-timer=10m update-timer=5m
/routing rip interface
add authentication=simple authentication-key=<password here>
in-prefix-list=ampr interface=ucsd-gw out-prefix-list=none passive=yes
receive=v2
/routing rip network
add network=44.0.0.0/8
This should give proper RIP routes in routing table 44rip. You can check it
using "/routing rip route print"
Output should be like this:
[admin@RT1-YO2LOJ] /routing rip route> print
Flags: C - connect, S - static, R - rip, O - ospf, B - bgp
# DST-ADDRESS GATEWAY FROM METRIC TIMEOUT
0 R 44.0.0.0/8 1
1 R 44.2.2.0/24 157.130.198.190 44.0.0.1 2 5m46s
2 R 44.2.4.0/29 50.250.204.153 44.0.0.1 2 5m46s
3 R 44.2.5.0/25 176.183.139.74 44.0.0.1 2 5m46s
4 R 44.2.10.0/29 71.130.72.52 44.0.0.1 2 5m46s
5 R 44.2.14.0/29 50.79.156.221 44.0.0.1 2 5m46s
[...]
510 R 44.208.58.0/28 87.10.236.252 44.0.0.1 2 9m12s
511 R 44.224.0.0/15 141.75.245.225 44.0.0.1 2 9m12s
I hope this helps.
Marius, YO2LOJ
5:35 a.m.
New subject: RIP broadcast based AMPR gateway script forMikrotikrouters
And of course I forgot something:
Step 1a:
Assign one of your subnet's ampr IPs to the gateway interface, but using
netmask /8:
/ip address
add address=44.182.21.254/8 interface=ucsd-gw network=44.0.0.0
-----Original Message-----
From: Marius Petrescu
Sent: Thursday, February 25, 2016 12:26
To: AMPRNet working group
Subject: Re: [44net] RIP broadcast based AMPR gateway script
forMikrotikrouters
(Please trim inclusions from previous messages)
_______________________________________________
Just some clarifications on the setup of the ucst gateway IPIP tunnel.
It seems that the RIP messages receiving is not that easy to set up.
So, from what I found out, these are the steps. These are CLI commands but
they are also available in winbox and webfig.
1. Create the IPIP tunnel. Please use your own public address :-)
/interface ipip
add comment="UCSD AMPR Gateway" !keepalive local-address=89.122.215.236
name=ucsd-gw remote-address=169.228.66.251
2. Set up a VRF (virtual routing and forward) entry for the ucsd-gw
interface for net 44.0.0.0/8 and use some routing mark. I used "44rip".
(Important - This will associate all traffic on that interface with the
routing mark used)
/ip route vrf
add interfaces=ucsd-gw routing-mark=44rip
3. Add an accept filter rule on the input chain for RIP, which uses UDP, src
and dest port 520 on top of your fw rules
/ip firewall filter
add chain=input comment=RIP dst-port=520 in-interface=ucsd-gw protocol=udp
src-address=44.0.0.1 src-port=520
It also doesn't hurt to set up an accept rule for the encap protocol:
add chain=input comment="IP Encap" in-interface=RTC-PPPoE protocol=ipencap
4. Set up passive RIP routing to use routing table 44rip for the whole ampr
network. Don't forget to use the proper auth key - get it from a friend).
/routing rip
set garbage-timer=20m routing-table=44rip timeout-timer=10m update-timer=5m
/routing rip interface
add authentication=simple authentication-key=<password here>
in-prefix-list=ampr interface=ucsd-gw out-prefix-list=none passive=yes
receive=v2
/routing rip network
add network=44.0.0.0/8
This should give proper RIP routes in routing table 44rip. You can check it
using "/routing rip route print"
Output should be like this:
[admin@RT1-YO2LOJ] /routing rip route> print
Flags: C - connect, S - static, R - rip, O - ospf, B - bgp
# DST-ADDRESS GATEWAY FROM METRIC TIMEOUT
0 R 44.0.0.0/8 1
1 R 44.2.2.0/24 157.130.198.190 44.0.0.1 2 5m46s
2 R 44.2.4.0/29 50.250.204.153 44.0.0.1 2 5m46s
3 R 44.2.5.0/25 176.183.139.74 44.0.0.1 2 5m46s
4 R 44.2.10.0/29 71.130.72.52 44.0.0.1 2 5m46s
5 R 44.2.14.0/29 50.79.156.221 44.0.0.1 2 5m46s
[...]
510 R 44.208.58.0/28 87.10.236.252 44.0.0.1 2 9m12s
511 R 44.224.0.0/15 141.75.245.225 44.0.0.1 2 9m12s
I hope this helps.
Marius, YO2LOJ
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
3192
days inactive
3193
days old
6 comments
2 participants
participants (2)
-
Leon Zetekoff -
Marius Petrescu