User Tools

Site Tools


radio:db0fhn:tcpip:routing

The network-44 has been subnetted. You can have a look on the allocation on Brian Kantors “AMPRNet IP address coordinators” list at http://noh.ucsd.edu/~brian/amprnets.txt.

There's a central router at the university of california, san diego announcing the network-44 by BGP. Traffic from the internet will be routed to this central server. Further announcements are unwanted by the network owner Brian Kantor, WB6CYT.

To debug routingproblems I double checked whether there are really no other announcements active, but there are. Try telnet://route-server.belwue.de and type “show ip route 44.0.0.0”.

route-server>show ip route 44.0.0.0
Routing entry for 44.0.0.0/8, 3 known subnets
Variably subnetted with 2 masks

B 44.0.0.0/8 [160/0] via 188.1.38.205, 01:23:11
B 44.16.15.0/24 [160/0] via 188.1.38.205, 2w2d
B 44.130.99.0/24 [160/0] via 80.81.192.74, 2w2d

The border router will tunnel incoming packages with IP-ENCAP protocol 4 (/etc/protocols) to corresponding gateways. There is some documentation how gateways can take part: http://www.ampr-gateways.org. Traffic to IP-addresses without DNS-entry is blocked as well as port 135-139, 435 and 1025-1028 (TCP/UDP).

You can check current routes by ipencap at the Linux shell of DB0FHN with “cat /opt/encap/encap.txt”. DB0FHN is the central router for germany 44.130.0.0/16, austria 44.143.0.0/16, switzerland 44.142.0.0/16, france 44.151.0.0/16 and luxembourg 44.161.0.0/16.

To debug routingproblems I double checked whether there are no other gateways active, but there are:

db0fhn:~# grep 44.130 /opt/encap/encap.txt |grep -v 141.75.245.225
route addprivate 44.130.12/24 encap 139.13.100.33
route addprivate 44.130.98/24 encap 193.22.2.254
route addprivate 44.130.99/24 encap 193.22.2.254
route addprivate 44.130.176.120/29 encap 213.239.233.155
route addprivate 44.130.177.135/32 encap 213.239.233.155
route addprivate 44.130.146/24 encap 87.139.127.97
route addprivate 44.130.18/24 encap 87.139.127.97
db0fhn:~# grep 44.142 /opt/encap/encap.txt |grep -v 141.75.245.225
db0fhn:~# grep 44.143 /opt/encap/encap.txt |grep -v 141.75.245.225
db0fhn:~# grep 44.151 /opt/encap/encap.txt |grep -v 141.75.245.225
db0fhn:~# grep 44.161 /opt/encap/encap.txt |grep -v 141.75.245.225

IP-Routing at DB0FHN is complex but I try to explain it. DB0FHN uses iproute2 for all the routing stuff. There are some rules and tables at DB0FHN:

db0fhn:~# ip rule
0: from all lookup 255
210: from all lookup funk
220: from 44.0.0.0/8 lookup ampr2inet
230: from all lookup amprtun
32766: from all lookup main
32767: from all lookup default

Every table has some entries. DB0FHN-10 runs an patched ax25rtd. ax25rtd will learn IP-hostroutes on incoming AX.25 connections and pass the routes to the kernel. Our ax25rtd writes these routes into the table “funk”. Assume the kernel has to route an IP-package: The kernel will start with table 0 to 32767 until it will find a match and route the package. So highest priority have routes learned by ax25rtd. Our border node DB0FHN-0 (Xnet) could do this job also, but at DB0FHN are the developers of ax25-apps and ax25-tools working on this piece of software.

db0fhn:~# ip route show table funk
44.143.144.160 dev ax0 proto ax25rtd scope link
44.130.18.200 dev ax0 proto ax25rtd scope link
44.130.18.203 dev ax0 proto ax25rtd scope link
44.130.42.3 dev ax0 proto ax25rtd scope link
44.130.60.180 dev ax0 proto ax25rtd scope link

The next table “ampr2inet” will only route packages from the network-44 back to the internet. The border gateway at university of california, san diego doesn't support reverse routing. I did find a partner in sweden (Pontus Falk) who can transport IP-packages with source-IP from 44.0.0.0/8 to the internet (I'm source route filtered at the provider). I like to route all packages from 44.0.0.0/8 to NOT 44.0.0.0/8 and this was a bit tricky to add into the table:

db0fhn:~# ip route show table ampr2inet
45.0.0.0/8 via 130.237.41.44 dev tunl0 onlink
46.0.0.0/7 via 130.237.41.44 dev tunl0 onlink
40.0.0.0/6 via 130.237.41.44 dev tunl0 onlink
32.0.0.0/5 via 130.237.41.44 dev tunl0 onlink
48.0.0.0/4 via 130.237.41.44 dev tunl0 onlink
0.0.0.0/3 via 130.237.41.44 dev tunl0 onlink
64.0.0.0/2 via 130.237.41.44 dev tunl0 onlink
128.0.0.0/1 via 130.237.41.44 dev tunl0 onlink

The next table is filled with IP-ENCAP routes from the gateways-project. Every night this table will be automatically updated using a cronjob. I deleted listed iproutes to 44.130.x.x as I prefer to deliver IP-packages by IP over AX.25 through our AX.25 network. The reason is easy. The ax25rtd will learn host routes to be able to answer incoming packages, but I don't have a routing daemon on the tunneling interface running which could do this job. This of course could be improved.

db0fhn:~# ip route show table amprtun
44.131.94.240 via 82.33.62.185 dev tunl0 onlink
44.4.28.50 via 66.134.69.212 dev tunl0 onlink
44.131.93.240 via 82.33.62.185 dev tunl0 onlink
44.134.208.241 via 146.48.126.28 dev tunl0 onlink
44.135.96.17 via 132.213.22.244 dev tunl0 onlink
44.4.92.50 via 66.134.69.212 dev tunl0 onlink

DB0FHN is connected to the european rf radio network and its central IGATE-server. We do have the route for 44.0.0.0/8 via 44.130.254.254 in the default table which will be routed by IP over AX.25 to IGATE. IGATE is a patched Xnet AX.25 router (see IGATE-project on mainpage) which supports IP over AX.25. Users will be able to use IGATE as their default IP-router as described at “Basics with Windows and PC/Flexnet”.

radio/db0fhn/tcpip/routing.txt · Last modified: 2014/01/12 19:07 by jann