[HamGateNY] Current NY State DNS Entries

[Brian]

Corey;

On Mon, 2017-01-30 at 17:09 -0500, Corey Reichle wrote:

> My subnet has no relationship to EastNet, and until recently, I had
> only an inkling it existed.

It's been around since the 80's... formed and maintained by K2BJG/SK
until he became SK. Now I'm the engineer, developer, and ip coordinator
for all of EastNet with the exception of 44.68/16 but I do maintain a
great relationship with Charles and helped him with his system recently.
I also contribute to the LinFBB project and JNOS projects.

> Yes, NIH.  As far as the 44/8 net is concerned, IMO, it's an IP space
> reserved for amateur usage, and Brian Kantor is the manager of the
> block.  AMPRGATE is there to be able to act as the AS for the address
> block.
> 
Actually, BK is the "owner" of 44/8. Amprgate is not the AS for 44/8 but
one of the Junipers within UCSD is. Amprgate is the ipencap system for
44/8 and also sends out the Ripv2 broadcasts. Years ago it was referred
to as mirrorshades (you may recall). It's OS is BSD.

> Personally, I would like to see the 44/8 net space, as a whole,
> operate as a modern network functions.  If not that level, I would
> like to see the NYS AMPR network do so.  In any case, I will not be
> employing any kludges just to get my network routed somewhere, as I am
> more than happy to coordinate with individual network operators, and
> set up peering arrangements with them.  Using industry standard
> routing and bridging protocols.
> 
An individual subnet may do what you wish (see my private mail) but the
mass percentage of users are using ipencap. Ipencap is not a kluge. The
true issue is with spoofing and route protocol hijacking which for their
own protection ISPs filter. While it prohibits experimentation there's
nothing you can't do on the other side of the link.

> 
> And that's fine.  At this time, it's the only manner ARCD provides.
> That doesn't mean it's set into stone, and unchanging.  The best way
> to convince ARCD to employ another method is to show (By use) it's
> better.

OpenVPN at amprgate wouldn't be feasible and it'd take up too much of
BK's time from his employment. There's also possible agreement issues
between UCSD and ARDC that may not permit such a thing. This I'm unsure
of. It may not have anything to do with ARDC. I can say, for the cost of
a 44-net block vs leasing one from an ISP is a hell of a deal and one
shouldn't look a gift horse in the mouth.

> Well, seeing as anything going over the public internet would be
> tunneled in the IPSec tunnel, they wouldn't be able to stop any of it,
> as route adverts would be sent to neighboring peers, via their links.
> Just like it works in every large-scale network on the planet.

That would be dependent on the upstream's NOC. Many now scan frames for
such traffic, others could care less.

> Some sort of routing is required to determine where to route IP
> packets.  It's not magic that happens.  And, Flex32, last I checked,
> has no package available for OpenWRT or Cisco routers.

Cisco's support ipencap very well! For years I was routing 44/8 on my
2600 without a glitch using ipip. Most people don't understand it.
Flex32? Would you like fries and a blue screen of death with the ecomm
message sir? :) Again, you need to define the type of RF here, standard
packet ax25 or 802.11ham? In standard packet, there's no IP route tables
within flex yet it routes the frames dynamically. Remember, you only
need to focus on the top layer which is ax25 NOT ip. Since Ip is
encapsulated under ax25, where ax25 goes, so will the IP. Let me present
a quick example of routing IP under flex... w1edh.ampr.org is 2 1200
baud hops from me... not the ideal for IP but there's no netrom
overhead. As you'll see, IP to w1edh (which has no IP at all except what
I built via VHF) does work:
n1uro-15 at n1uro.ampr.org:/uronode$ tra
Executing command...
what IP or HOSTName do you wish to trace? w1edh.ampr.org
Please wait while we trace to w1edh.ampr.org...
traceroute to w1edh.ampr.org (44.88.8.1), 30 hops max, 60 byte packets
 1  gw.ct.ampr.org (44.88.0.1)  6.328 ms  6.499 ms  6.880 ms
 2  k1yon.ampr.org (44.88.4.1)  56.844 ms  61.509 ms  65.469 ms
 3  w1edh.ampr.org (44.88.8.1)  5028.054 ms * *
Tracing complete.
URONode tracer v1.3 - TraceRoute utility by N1URO.
Goodbye.
n1uro-15 at n1uro.ampr.org:/uronode$ t w1edh.ampr.org node
Trying 44.88.8.1:node... <Enter> aborts.
Socket established to 44.88.8.1:node
(w1edh.ampr.org:uronode) login:

There's fbb mail forwarding over that link too so that explains the
temporary latency of 5s, however you don't see flexnet.k1yon or
flexnet.w1edh in the path. It's transparent but it is passing the ax25
frame (with IP under it) to it's destination. I thought the same as you
"you need an ip route table to route ip" however I found in this case it
isn't true at all. pc/FlexNet has no ip/rose/netrom route tables in
it... just ax25. We're actually using the IP feature to do axip within
the native netrom nodes for our NetRom gateways. This also helps gain
EastNet access into my SQL server.


We used to have a nice 9600 baud ax25/ip network from Central Mass
through CT and down the Hudson river however many stations went dark.
it'd be nice to see that rebuilt and act as a nice parallel to an
802.11ham network.

> Sure.  OpenVPN is the single point of failure then, just like ipip
> encaps are the single point of failure today.  Not seeing what the
> difference is?

The difference is, if amprgate went offline for whatever reasoning, I'd
still have 44/8 access to the globe as it's point to point. In the case
of Ireland, the entire country is cut off from the globe. An OpenVPN
server for NYS that's failed for whatever reason could cut NYS off from
the rest of the country, if not itself as well.

> I'm not talking about ipencap.  I'm referring more to the routing
> protocol:  ampr-ripd.

One doesn't have to use that. There's the munge system and loader files
as well. Of course as public IPs change such a system would be out of
date.

> Well, for this discussion, we're talking about the wire-line links
> needed to bridge island networks, not available via RF.  Regardless,
> many routing protocols work just fine for wire-line or wireless, such
> as OSLR.

Why not build the RF? Maybe find some RF sites to act as a bridge
instead? If you can place a wire, you can build RF.
> 
> 
> Praytell:  How does one access an IPv4 address, via RF, without a
> routing table entry for it?  Sure, I can call KC2UGV-8 via KTOWN, and
> NetROM will make it happen.  But, without a routing table and route, I
> cannot ping 44.x.x.x.
> 
Within a Flex based ax25 wan, the route tables are at each end point.
The rest is handled via ax25. Simple. Perhaps you might want to attend
the next EastNet meeting which will be late springtime.
> 
> So, routing protocols ARE required for IPv4 routing.  RF or wireline.

Not in the case of a Flex based system, and it's quite dynamic in
nature. I know for your position this sounds like the impossible, which
was EastNet's stumbling block for about 5 years until I figure out just
how to do this. In the interim, we were fed a lot of misinformation on
getting xNOS to do IP on EastNet by the Gunter Jost himself.
> 
> We are talking about a unified IPv4 network, which is what this
> mailing list is for:  The NYS operators of an IPv4 address space.  The
> physical layer isn't really at issue here, aside from how we link
> island together until we have RF links.

The physical layer is the starting point in reality when you study your
OSI layers, so it does matter. The physical layer of an 802.11ham point
and that of an ax25 point are two totally different beasts as to what
they can and/or can not do especially if you're comparing a PacComm Tiny
2 Mk II with an X1J-4 eprom to a Microtik. You wouldn't use OSPF on
X1J-4, and I don't believe Microtik does NetRom.


-- 
I don't have to worry about body fitness in 2017. All I do is 
show my body to itself in the mirror and it throws plenty of
fits.
--------
73 de Brian - N1URO
email: (see above)
Web: http://www.n1uro.net/
Ampr1: http://n1uro.ampr.org/
Ampr2: http://nos.n1uro.ampr.org
Linux Amateur Radio Services
axMail-Fax & URONode
http://uronode.sourceforge.net
http://axmail.sourceforge.net
AmprNet coordinator for:
Connecticut, Delaware, Maine,
Maryland, Massachusetts, 
New Hampshire, New Jersey, Pennsylvania, 
Rhode Island, and Vermont.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part
URL: <http://n2nov.net/pipermail/hamgateny_n2nov.net/attachments/20170130/7dca139c/attachment.sig>