1 May
2017
1 May
'17
1:18 p.m.
Hello all, and thank you for your assistance. I have 44.10.10.0/24
allocated and announced via BGP. The subnet terminates to an Ubuntu
server in a data center. I want to allocate addresses from this subnet
via tunnels to other locations. For example, I would like to assign an
address or a block of addresses to my home location (Cisco 1900 router)
from this subnet. Is this possible, or do I need to look at a different
option? Thank you!
--
73 de Phil Pacier, AD6NH
APRS Tier2 Network Coordinator
http://www.aprs2.net
1 May
1 May
1:29 p.m.
On Mon, May 1, 2017 at 10:18 AM, Phil Pacier <ad6nh(a)aprs2.net> wrote:
Hello all, and thank you for your assistance. I have
44.10.10.0/24
allocated and announced via BGP. The subnet terminates to an Ubuntu
server in a data center. I want to allocate addresses from this subnet
via tunnels to other locations. For example, I would like to assign an
address or a block of addresses to my home location (Cisco 1900 router)
from this subnet. Is this possible, or do I need to look at a different
option? Thank you!
Hi Phil,
This was actually just discussed:
http://hamradio.ucsd.edu/mailman/private/44net/2017-April/006918.html
It can only be done manually by the portal maintainer.
Your other option is to create your own tunnel system (site-to-site
VPN) at your BGP endpoint.
Tom KD7LXL
7:31 p.m.
Phil,
I am currently doing this. I am announcing my subnet with BGP on a PFSENSE
VPS. I have half of it site to site to my house, and the other is a remote
access vpn for my mobile devices that I am doing HAM stuff with.
I will write up a HOW-TO at some point, but it is definitely possible.
There are even some ways to do OPENVPN with a null cipher, but I am about
to experiment a bit more with some other methods.
Just be weary on the site to site method...you are obviously going to be
using double bandwidth for anything. I am working on setting up caching
for linux packages.
Another thing that is kind of cool is that you can use cloudflare CDN for
free to reduce the load of your webserver if your home connection is slow
or data capped.
My HAM site is still kind of in shambles right now, I am trying to rebuild
it after some hardware difficulties so that's why you wont see much on that
subnet.
Here is a traceroute from one of the hosts on that site to site VPN to my
actual ISP provided network so you can get an idea of the route:
mike@status:~$ curl icanhazip.com
44.20.4.14
mike@status:~$ traceroute HOMEIP
traceroute to HOMEIP (xx.xx.xx.xx), 30 hops max, 60 byte packets
1 router.kf5jxv.net (44.20.4.1) 1.285 ms 1.193 ms 1.126 ms
2 10.20.4.1 (10.20.4.1) 41.441 ms 41.321 ms 42.295 ms
3 * * *
4 vl199-ds1-j2-650.01.05.dal4.choopa.net (173.199.97.65) 57.796 ms
57.702 ms 57.625 ms
5 vl913-br1-cer.dal4.choopa.net (108.61.110.41) 43.415 ms 43.736 ms
44.116 ms
6 dls-b22-link.telia.net (62.115.149.44) 44.368 ms 42.816 ms 42.999 ms
7 dls-b21-link.telia.net (62.115.140.29) 43.874 ms dls-b21-link.telia.net
(62.115.143.58) 42.200 ms dls-b21-link.telia.net (62.115.120.88) 42.505 ms
8 qwest-ic-136700-dls-bb1.c.telia.net (213.248.84.198) 42.258 ms 41.628
ms 41.958 ms
9 hlrn-agw1.inet.qwest.net (208.168.140.73) 75.268 ms 74.908 ms 74.700
ms
10 hlrn-dsl-gw07-50.hlrn.qwest.net (71.217.188.50) 74.893 ms 74.663 ms
75.214 ms
Hop 1 is my local PFSENSE(VM)
Hop 2 is my VPS with the bgp session over the site to site
The only thing I have found with this is that the latency is kind of a
bummer(+40ms). I am trying to find somewhere a bit more local for this BGP
session. I also still do not have it setup to accept incoming IPIP from
the rest of 44net yet.
Going the other direction I have static routes pointing those subnets to my
44net VM router.
Hope this is of use to someone.
Cheers,
Mike KF5JXV
On Mon, May 1, 2017 at 11:29 AM, Tom Hayward <esarfl(a)gmail.com> wrote:
(Please trim inclusions from previous messages)
_______________________________________________
On Mon, May 1, 2017 at 10:18 AM, Phil Pacier <ad6nh(a)aprs2.net> wrote:
Hello all, and thank you for your assistance. I
have 44.10.10.0/24
allocated and announced via BGP. The subnet terminates to an Ubuntu
server in a data center. I want to allocate addresses from this subnet
via tunnels to other locations. For example, I would like to assign an
address or a block of addresses to my home location (Cisco 1900 router)
from this subnet. Is this possible, or do I need to look at a different
option? Thank you!
Hi Phil,
This was actually just discussed:
http://hamradio.ucsd.edu/mailman/private/44net/2017-April/006918.html
It can only be done manually by the portal maintainer.
Your other option is to create your own tunnel system (site-to-site
VPN) at your BGP endpoint.
Tom KD7LXL
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
2 May
2 May
8:55 a.m.
Hi,
I also have a /24 announced via BGP which I have then allocated
sub-allocations to end sites. My coordinator upgraded my portal
account to be able to create sub-allocations within my subnet so I
could do what you seem to be asking about, however it didn't end up
being as useful as I expected. I am using the ability for testing
things, however the "production" stuff is not registered on the portal
and just goes to my /24.
As an example, I have routed a /29 to a server that is used as a VPN
endpoint to give static IPs to a few devices. As I am advertising the
space over BGP, I need to have a tunnelled route available from the
router advertising the /24 to forward to the /29. It is likely that
outbound traffic will also need to go through this path for Internet
access. The router already has AMPRNet connectivity for the /24, so
the /29 automatically "inherits it". The only advantage I can see to
configuring the /29 on the portal as well is for direct traffic to
other 44/8 networks. I came to the conclusion that the "inefficiency"
of sending this traffic through my main router is a lot less hassle
than maintaining RIP44 daemons at every tunnel endpoint and
registering everything on the portal. I am effectively using the
routers advertising the /24 as VPN gateways for the rest of the
subnet.
The latency issue KF5JXV is having appears to be because he's located
in the middle of nowhere in Internet routing terms. I am in the UK so
my traffic goes via London anyway, making a detour via a London VPS
not noticeable. You appear to be in CA and have the prefix advertised
from LA, so your additional latency should be as imperceivable as
mine. While the obvious option might be an OpenVPN server or
something, as you're already using Vultr I can't help but mention the
educational value in setting up stateless services that can be
anycasted from multiple locations*. :)
Thanks,
Mike, M6XCV
*You don't just need to worry about configuration, but also how the
rest of the Internet chooses its "shortest" route!
On 1 May 2017 at 18:18, Phil Pacier <ad6nh(a)aprs2.net> wrote:
(Please trim inclusions from previous messages)
_______________________________________________
Hello all, and thank you for your assistance. I have 44.10.10.0/24
allocated and announced via BGP. The subnet terminates to an Ubuntu
server in a data center. I want to allocate addresses from this subnet
via tunnels to other locations. For example, I would like to assign an
address or a block of addresses to my home location (Cisco 1900 router)
from this subnet. Is this possible, or do I need to look at a different
option? Thank you!
--
73 de Phil Pacier, AD6NH
APRS Tier2 Network Coordinator
https://u4477715.ct.sendgrid.net/wf/click?upn=L7qqYgwPvTwMbUijAihV1lv9mjaTu…
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
https://u4477715.ct.sendgrid.net/wf/click?upn=vS4GjSiF-2F5vYmfX5tr6ez81-2Fe…
2573
days inactive
2574
days old
3 comments
4 participants
participants (4)
-
M6XCV (Mike) -
Mike Nabhan -
Phil Pacier -
Tom Hayward