Hamradio

Hamnet is a highspeed digital radio network based on TCP/IP and BGP-routing. It interconnects automated hamradio stations and its services, such as Packet Radio, Allstarlink/Echolink/IRLP, APRS, Paging and Amateur Television using radio links on the higher bands like 13cm, 6cm and 3cm. The dream of an amateur radio digital highspeed network has persisted for a long time. Unfortunately it isn't easy, nor cheap to home brew highspeed capable equipment. So we depend on available products on the market which could be modified to fit our needs.

The regulations for hamradio in Germany prohibits the usage of normal wireless lan hardware since the bandwith of 20 MHz is too much. In 2006 the buzz phrase “channel cloaking” appeared on the internet which makes “half” or “quarter” bandwith available. Affordable hardware from Mikrotik or Ubiquiti which complies with the regulatory requirements is now available.

Unfortunately every automated station in Germany needs a special license from the regulatory body. The regulatory body accepted our proposal (http://db0fhn.efi.fh-nuernberg.de/doku.php?id=projects:wlan:proposal) which is compatible to the current hamradio bandplan. Unfortunately on 13cm and 6cm Amateur Radio has only secondary status and every special license request needs to be agreed by the primary frequency user which takes a long time.

Our friends in Austria were lucky and have an agreement with the regulator. They nearly have a network across whole austria now. Read about it at: http://wiki.oevsv.at/index.php/Kategorie:Digitaler_Backbone (german).

The new network uses addresses out of the 44.0.0.0 net (See http://www.ampr.org for more information). In Germany (44.130.0.0/16) we started with 44.130.224.0/20 for the backbone and 44.130.192.0/19 for users and services, since other ranges are still occupied by classic IP-over-AX.25 applications.

The private range for autonomous system numbers (ASN) is 64512 through 65534. In Germany the range 64620-64669 is used.

The coordination in Germany is done by the DL-IP-coordination team and is well documented on http://www.de.ampr.org (german).

Meanwhile the operation shifted to 44.224.0.0/15

Since the new network just has born we don't have a network policy, yet. The experience from other ham radio-related networking projects tells us to discuss an initial policy soon.

Especially the network rules which will affect the routing of other nodes within the network needs to be discussed. For example using internet tunnels between subnetworks.

We should talk about the content since bandwith is limited. Of course using the HamNet as a commercial replacement for users internet connection is prohibited already by law.

I recommend to find a solution for an annually democratic process to vote the network rules. They should not be fixed forever…

We have broadband internet access at the university of applied sciences in Nuernberg (DB0FHN). The telecommunication tower in Nuernberg (DB0VOX) serves the hamradio community with an Allstarlink-voice-repeater, a D-Star-repeater and an APRS-gateway. Moreover, we have a voice-repeater in Fuerth (DB0FUE) and a packet-radio station in Erlangen (DB0FOR). The main goal is to interconnect these stations and feed them with internet, and being able to link to other nodes.

Of course this can be done in a “closed area”, but we like to be compatible with standards. The pyhsical topology looks like this:

          DB0FOR
            |
            |
           20km
            |
 DB0FUE     |
      \     |     DB0FHN
      8km   |     /
        \   |    5km
     -45°\  |0° /+45°
          DB0VOX

We decided to use the Mikrotik boards, since they already speak the BGP protocol.

According to http://www.de.ampr.org/doku.php?id=dokumentation:as-nummern:as-list-de our ASN is 64626, Backbonenetwork is 44.130.230.0/24 and User-/Servicenetwork is 44.130.214.0/24. Since we are the first group starting with hamnet in AS 64626 we need to decide how to 'subnet' our network.

                         DB0FOR
                  BB: 44.130.230.3/28
                 NET: 44.130.214.225/29
                           |
                           |
        DB0FUE             |             DB0FHN
 BB: 44.130.230.4/28       |      BB: 44.130.230.1/28
NET: 44.130.214.241/29     |     NET: 44.130.214.1/28
                     \     |     /
                      \    |    /
                       \   |   /
                         DB0VOX
                  BB: 44.130.230.2/28
                 NET: 44.130.214.129/28

For the management of the hamnet (ASN, IP-nets, Frequencies, QTHs) we put our informations on this page: http://www.de.ampr.org/doku.php?id=dokumentation:as-nummern:hamnet-management (german).

Radio layer: DB0VOX is the master of the Point-to-Multipoint link. We do have the “hidden station” problem. On Packet Radio we would solve this by using “DAMA” on the AX.25 channel. Mikrotik has a proprietary wireless protocol called “Nstreme”. It allows Client polling which is suitable in our situation. Moreover there are no limits on long distance links.

The ESSID is “HAMNET” and the radio name is “DB0VOX”. This way of identification needs to be described on http://db0fhn.efi.fh-nuernberg.de/doku.php?id=projects:wlan:proposal soon. . The local regulator has no problem with “proprietary” protocols unless they can't buy equipment for decoding.

MAC layer: On ethernet we use our User-/Servicenetwork and on wireless we use our Backbonenetwork. Nevertheless we decided to bridge all wireless interfaces. Every new client will cause a new WDS-interface which will be automatically bound to the bridge.

IP layer: We use our assigned User-/Servienetwork and the Backbonenetwork. Further we add some IP-addresses and IP-routes described later.

Configuration with Winbox: Winbox is the graphical userinterface to configure the routerboard. There is no need to configure IP-addresses, since the winbox-application can connect on Layer-2 directly to the routerboard using the MAC-address. We recommend to update your routerboard to the latest stable firmware (RouterOS → Combined package).

As a first step you need to add the bridge. You don't need to add any ports to the bridge, since new WDS-interfaces are bound automatically to the bridge.

Then we need to configure the wlan-interface. The wireless mode needs to be “ap bridge”. We reduce the bandwith by choosing “5GHz-10MHz”-Band. On 5 GHz you don't need the superchannellicense to adjust the frequency to fit the bandplan (http://db0fhn.efi.fh-nuernberg.de/doku.php?id=projects:wlan:proposal). However we have one (~10€) and could choose 4920 MHz through 6100 MHz. On 2,4 GHz we could choose 2190 MHz through 2539 MHz. The “antenna a” is the “main”-plug if you use a Wistron DCMA-82.

Remember to add new interfaces to your new bridge:

We enable Nstreme and Polling:

There are modifications available to prevent problems when using more than 200mW and the Wistron DCMA-82 wireless card: http://wiki.oevsv.at/images/f/f5/RBmod.pdf. We use “card rates” with up to 23dBm and are fine so far only using the routerboard modification (no modification at the wireless lan card).

IP-addresses: We added 44.130.230.2/28 on the interface “Bridge” for the Backbonenetwork (Network/Broadcast will be adjusted automatically). Further we added 44.130.214.129/28 on the “Ethernet” for the User-/Servicesnetwork. We do have several devices attached by ethernet. For the D-Star-gateway it is recommended to use IP-addresses out of 10.0.0.0/8 (10.0.0.1 = router and 10.0.0.2 = gateway). We decided to add this LAN locally at DB0VOX to be as compatible as possible. To make the D-Star-gateway part of the hamnet, we need to SNAT/DNAT between 10.0.0.0/8 and 44.0.0.0/8. We have choosen the address 44.130.214.130 for the D-Star-gateway. We need to add this address as a local address for the router (44.130.214.130/32). See screenshots for details.

To make SNAT/DNAT work we need to add two rules into the NAT-chain of the firewall. In the chain “dstnat” with destination address 44.130.214.130 we add “Action dst-nat” to address 10.0.0.2. In the chain “srcnat” with source address 10.0.0.2 we add “Action src-nat” to address 44.130.214.130.

IP-Routing:

We change the ASN of the default-instance to 64626. We configure an iBGP-link (iBGP = same ASN) to DB0FHN (44.130.230.1).

We announce our networks 44.130.214.128/28 and 44.130.230.0/28 to our BGP neighbours.

We set a new defaultroute (0.0.0.0/0) over 44.130.230.1 (DB0FHN).

Configuration with Winbox: We don't need a bridge at the clients. First we need to configure the wlan-interface. The wireless mode needs to be “wds station”.

The WDS-mode needs to be “static” and as we have no Bridge we don't need to add the Interface to a bridge.

Remember to enable Nstreme.

We further added an IPIP-tunnel within the LAN of the university to the DB0FHN main server.

IP-addresses: We added 44.130.230.1/28 on the interface “wlan1” for the Backbonenetwork (Network/Broadcast will be adjusted automatically). Currently we don't have hamnet devices attached at DB0FHN. So we don't added the User-/Servicenetwork, yet. To get IPIP-routing to work we added 44.130.230.1/32 as an IP-address of the interface “ipip1”. Further we added several addresses out of the IP-pool from the university on “ether1” to be able to SNAT/DNAT between 44.0.0.0/8 and 141.75.244.0/22.

To make SNAT/DNAT work we need to add rules into the NAT-chain of the firewall. E.g. if we want to make 44.130.214.130 available on the public internet, we add “Action dst-nat” to address 44.130.214.130 in the chain “dstnat” with destination address 141.75.245.244. In the chain “srcnat” with source address 44.130.214.130 we add “Action src-nat” to address 141.75.245.244.

IP-Routing:

We change the ASN of the default-instance to 64626. We configure an iBGP-link (iBGP = same ASN) to DB0VOX (44.130.230.2).

We announce our networks 44.130.214.0/28 and 44.130.230.0/28 to our BGP neighbours.

We set a new defaultroute (0.0.0.0/0) over 141.75.244.1 (university default gateway). Since we added several secondary IP-addresses to the routerboard we need to adjust the prefered source to 141.75.245.251 on 0.0.0.0/0. The DB0FHN main server available through the IPIP-tunnel will handle all the traffic for unknown net-44-addresses. So we added the route 44.0.0.0/8 with the gateway interface “ipip1”.

The DB0FHN main server makes the Hamnet available for classic net-44-routing by adding 44.130.224.0/20 (hamnet backbone) and 44.130.192.0/19 (hamnet user+services) through the IPIP-link. Therefore our hamnet hosts are reachable through IP-over-AX.25 (ARP = IGATE; IGATE is announced by Flexnetrouting) and IP-over-IP. The routing at DB0FHN is described here: http://db0fhn.efi.fh-nuernberg.de/doku.php?id=doc:db0fhn:tcpip:routing (Hamnet to be added).