<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.12.3">
</HEAD>
<BODY>
Barry, I jumped the gun on this one - at least I included "maybe" in the title...<BR>
<BR>
On Mon, 2007-04-16 at 03:11 -0400, Barry Siegfried wrote:
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">["(Skip) K8RRA" <<A HREF="mailto:k8rra@ameritech.net">k8rra@ameritech.net</A>> wrote]:</FONT>
<FONT COLOR="#000000">> We both fail to serve browsers at the other site across radio links.</FONT>
<FONT COLOR="#000000">> We are both successful with telnet to the other site over radio between</FONT>
<FONT COLOR="#000000">> jnos.</FONT>
<FONT COLOR="#000000">I'm sorry but that makes no sense unless you are somehow blocking HTTP</FONT>
<FONT COLOR="#000000">(port 80) connections and not blocking telnet (port 23) connections</FONT>
<FONT COLOR="#000000">over the radio link. Also, are you sure your HTTP client (presumably</FONT>
<FONT COLOR="#000000">a machine with an operating system that supports a web browser) is using</FONT>
<FONT COLOR="#000000">the radio link to communicate to the HTTP server?</FONT>
</PRE>
</BLOCKQUOTE>
When I responded to Maiko, you note I suspected asymmetrical routing?<BR>
It is exactly what happened on my site.<BR>
The http query arrived on asy from the radio and the server response departed tun on it's way into cyberspace.<BR>
I suspect there are few solutions.<BR>
The one that pops into mind is to extend the 44... network beyond the jnos stack back into the LAN.<BR>
Except that violates other "rules"?
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">> NO NAT may be the entire answer in a nutshell?</FONT>
<FONT COLOR="#000000">Doubtful.</FONT>
</PRE>
</BLOCKQUOTE>
You are right from the "many ways to skin a cat" perspective, maybe you even taught me that before today...<BR>
My existing "problem" is lack of solution.<BR>
Each alternative I know messes up somebody somewhere it seems.<BR>
<BR>
The missing NAT seems elegant...
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">> > The trace would be helpful of course :-)</FONT>
<FONT COLOR="#000000">A trace is always helpful.</FONT>
</PRE>
</BLOCKQUOTE>
Postmortems are enhanced for sure.
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">> What are the chances I can install NAT as a service from the opsys</FONT>
<FONT COLOR="#000000">> on jnos?</FONT>
<FONT COLOR="#000000">Very low.</FONT>
<FONT COLOR="#000000">> Need to learn C first?</FONT>
<FONT COLOR="#000000">Yes. You would have to either lift or write 'C' code for insertion</FONT>
<FONT COLOR="#000000">into ip_route() (IPROUTE.C) that implements several things in order</FONT>
<FONT COLOR="#000000">to make IPNAT (for outgoing frames) and IP forwarding (for incoming</FONT>
<FONT COLOR="#000000">frames) work. There was a time when you might have had to do that</FONT>
<FONT COLOR="#000000">in order to do what you want with JNOS over the internet (Linux was</FONT>
<FONT COLOR="#000000">the first O/S to have IPNAT capabilities in the mid-1990s). Then</FONT>
<FONT COLOR="#000000">one or two lunatics wrote IPNAT and IP forwarding code for some</FONT>
<FONT COLOR="#000000">"specialty" NOSs in order to make them mimic what Linux does. Then</FONT>
<FONT COLOR="#000000">after that, we became a dynamically IP-assigned world and IPNAT</FONT>
<FONT COLOR="#000000">appeared in Windows for the masses.</FONT>
<FONT COLOR="#000000">But with small consumer DHCP/PPPoE/IPNAT routers today, why would</FONT>
<FONT COLOR="#000000">you want (or need) to do that anymore? These routers handle these</FONT>
<FONT COLOR="#000000">functions very nicely now leaving your JNOS program to be very happy</FONT>
<FONT COLOR="#000000">running behind them.</FONT>
<FONT COLOR="#000000">> Or am I being erratic?</FONT>
<FONT COLOR="#000000">Possibly.</FONT>
</PRE>
</BLOCKQUOTE>
OK - I can accept that, then let me ask your opinion of this:<BR>
IP Masquerade is a kernal function used routinely on those "old" machines serving as gateway in their second life.<BR>
They sit in a corner with gateway to internet and sometimes a squid proxy to cache frequent pages.<BR>
No "C" required - configure it into the kernel and add the external configuration to install it.<BR>
<BR>
Might IP Masquerade be configured to work in the Linux host stack on the tun device traffic?<BR>
<BR>
Certainly that is the point you want to place the 44... static network (masqueraded) bridge to the "any IP" LAN network. Even if the Linux host has no network beyond it, the host stack is a "foreign IP" as far as jnos is concerned and the host stands to gain "visability" from the 44... network.<BR>
There may be a significant difference between an eth0 device and a tun device, but the network location seems correct. And if not IP Masquerade, then there are other options than writing it all over again?
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">73, de Barry, K2MF >></FONT>
<FONT COLOR="#000000"> o</FONT>
<FONT COLOR="#000000"> <|> Barry Siegfried</FONT>
<FONT COLOR="#000000">+---------/-\---------------------------+</FONT>
<FONT COLOR="#000000">| Internet | <A HREF="mailto:bgs@mfnos.net">bgs@mfnos.net</A> |</FONT>
<FONT COLOR="#000000">| HomePage | <A HREF="http://www.mfnos.net/~bgs">http://www.mfnos.net/~bgs</A> |</FONT>
<FONT COLOR="#000000">+----------+----------------------------+</FONT>
<FONT COLOR="#000000">| Amprnet | <A HREF="mailto:k2mf@k2mf.ampr.org">k2mf@k2mf.ampr.org</A> |</FONT>
<FONT COLOR="#000000">| PBBS | k2mf@k2ge.#cnj.nj.usa.noam |</FONT>
<FONT COLOR="#000000">+----------+----------------------------+</FONT>
<FONT COLOR="#000000">_______________________________________________</FONT>
<FONT COLOR="#000000">nos-bbs mailing list</FONT>
<FONT COLOR="#000000"><A HREF="mailto:nos-bbs@lists.tapr.org">nos-bbs@lists.tapr.org</A></FONT>
<FONT COLOR="#000000"><A HREF="https://lists.tapr.org/cgi-bin/mailman/listinfo/nos-bbs">https://lists.tapr.org/cgi-bin/mailman/listinfo/nos-bbs</A></FONT>
</PRE>
</BLOCKQUOTE>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<BR>
73<BR>
de [George (Skip) VerDuin] K8RRA k
</TD>
</TR>
</TABLE>
</BODY>
</HTML>