[arm-allstar] ASL behind CGNAT.
David McGough
kb4fxc at inttek.net
Sat Dec 24 20:54:14 EST 2022
Hi David,
Several years ago I initiated obtaining a 44net subnet allocation to
announce via BGP. This process got disrupted when Brian, WB6CYT, passed
unexpectedly.....and then COVID happened. Since that point, I've not
followed up further. If this approach would be of use, I expect it could
be setup quickly. However, after setup, MANAGING the VPN setup for end
users would probably be the biggest constraint and recurring expense.
I'm curious if the IRLP folks charge any fees for VPN use?? I just
performed a gateway search and it looks like they're using Vultr
(AS20473--constant.com) to advertise their 44net subnet?? A factor to
consider is that AllStar (HamVoIP) has well over a order of magnetude
more active (connected) nodes in use, as compared to IRLP....This likely
would lead to more hosting and bandwidth expense.
The echolink proxy type mechanism isn't needed for AllStar (using IAX2),
since out-bound AllStar connections typically traverse NAT just fine
already. Echolink requires the proxy even for out-bound connections.
Ultimately, the best NAT solution for AllStar is the P2P/STUN approach,
which will work with most NAT scenarios. Then, if P2P fails, fall back to
a transparent network relay point. This is what ZeroTier and many other
"modern" applications/VPNs do these days. Something to ponder.
73, David K4FXC
On Sat, 24 Dec 2022, David McAnally via ARM-allstar wrote:
> On Sat, Dec 24, 2022 at 1:02 PM Michael Champion via ARM-allstar <
> arm-allstar at hamvoip.org> wrote:
>
> > Has anyone used AMPRNet VPN?
> >
>
> I believe this statement in the WiKi for AMPRNet VPN
> <https://wiki.ampr.org/wiki/AMPRNet_VPN> prevents wider use for
> applications like Allstar.
>
> The AMPRNet VPN is only used to access the AMPRNet. While you're connected
> > to the AMPRNet VPN, the VPN client will only transmit packets from you to
> > the AMPRNet via the VPN. Packets from you to the rest of the Internet will
> > not go via the VPN - they'll flow out from your local network connection as
> > before.
> >
>
> This restricts that VPN to only connect with other 44Net addresses only.
>
> IRLP provides a 44Net VPN service as part of the IRLP system for any IRLP
> nodes. EchoLink provides proxy and relay servers
> <https://www.echolink.org/proxylist.jsp>, most using 44Net addresses for
> EchoLink users. Perhaps AllstarLink.org would consider offering a similar
> 44Net VPN service for Allstar nodes?
>
> Otherwise, it's relatively easy to install and run your own VPN server on
> Vultr or similar virtual host providers for $5 per month or less. If you
> join with a group of like minded hams, or operate several nodes, needing
> VPN services you could request a 44Net subnet and share a single VPN
> virtual host using BGP on Vultr or similar BGP providers. I, and many
> others, have requested a 44Net subnet for use with Allstar and other ham
> radio networked applications.
>
> David McAnally
> WD5M
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>
More information about the ARM-allstar
mailing list