[nos-bbs] stupid question #6

Barry Siegfried bgs at nnj.k2mf.ampr.org
Tue Sep 13 03:37:19 EDT 2005


["Rick Williams" <mrfarm at mwt.net> wrote]:

> Am I assuming correctly that 44 numbers do not have any kind of domain
> lookup and are just an entry in a database kept by the adminstrator to
> insure that you don't have a duplicate address?

As Demetre said, 44-net numbers resolve just fine on the global internet.
The key to having a "clean" 44-net subnet address space is to make sure
that *only* those 44-net IP addresses that are connected to the internet
through an amprnet gateway and require global resolution are actually in
the domain file.  There is no reason for *any* other entries to be in the
global domain file.

> > [Bill Vodall <wa7nwp at jnos.org> wrote]:
> > 
> > > Who is currently administering the 44.xx.xx.xx (ampr.org) addresses? I
> > 
> > Unless they really need the 44 net connectivity, I'd suggest treating it
> > just like a home lan and use 10. or 192.168 IP numbers.

Agreed!  Over the past few years some of us who do IP address coordination
work in the northeast for 44-net went through all of the assignments in
our regions and cleared out all those which did and do not have any
internet connectivity through an amprnet gateway.  This has been a
*major* help in reducing the amount of spoofed IP traffic through
mirrorshades to our amprnet gateways which are responsible for large
44-net subnets.  Unfortunately, 44-net seems to be one from which
spoofers just love to steal IP addresses.  :(

When I get requests for 44-net numbers in the regions for which I am
responsible I am glad to assign them in the *local* database (i.e.
*my* database), particularly if they will be using them on amateur
packet radio, but I also tell them that I will wait to add them to
the 44-net domain file if and when they will get connected to the
internet through an amprnet gateway and will require global resolution
for them.  I also tell them that in the meantime, they may use any
hostname(s) they like.

> If you have a 44 address and are using say a JNOS2 server and connect
> into the internet with e-mail, how does the internet see that interface
> point?  Just as a regular e-mail based upon whatever currently exists?
> And then you just convert that to the internal 44 system so the outside
> never even knows there is a 44 address?

There are several ways which are beyond the scope of discussion here to
configure an amprnet subnet to be connected to the internet and globally
reachable, with parts of it shielded against incoming non-ampr (i.e. not
ampr-initiated) access when there are amateur packet radio transmitters
to protect.  Suffice it to say that the internet can "see" your interface
point any way you want it to be "seen", or not, depending on your own
security concerns and what kinds of services to which you will permit
or deny non-ampr connections.

It used to be a bit easier to setup an amprnet gateway when everyone
who had an account with an ISP received a static IP address and before
the consumer equipment manufacturers decided which IP protocols their
equipment would be configured to pass, however, like any other restriction
designed for the mass public (which only serve to frustrate the legitimate
experimenting amateur), ways have been designed for eliminating most of
these problems.

73, de Barry, K2MF >>
           o
          <|>      Barry Siegfried
+---------/-\---------------------------+
| Internet | bgs at mfnos.net              |
| HomePage | http://www.mfnos.net/~bgs  |
+----------+----------------------------+
| Amprnet  | k2mf at nnj.k2mf.ampr.org     |
| PBBS     | k2mf at k2ge.#cnj.nj.usa.noam |
+----------+----------------------------+




More information about the nos-bbs mailing list