I had to Google to find out what P2MP was, but in my VERY brief Google education on the subject, I don't think it applies.

The radio doesn't multiplex anything.

The consumer-grade routers I own (Linksys BEFSR41, Netgear WGT624v2) seem to have no way to turn off NAT.  dd-wrt is not possible with the BEFSR41;  it is "work-in-progress" for the WGT624v2.  NAT seems to make routing issues a little more complex to think through.  Both routers have the ability to specify a "DMZ host", but I think that just turns on universal NAT to that host.  Both routers have the capability of manually adding entries to a static routing table, but I don't know if that skips over the NAT.  If we have to have NAT, it seems to me that the best way to set up the router is with the radio connected to the LAN side (with whatever private IP address we want), and have the WAN side connected to the 44.x.x.x network.  That allows incoming (ie, via the radio)  packets to go wherever they can and responses to come back; whereas orienting the router the other way (unless we use the "DMZ host" feature) doesn't.  I suppose I could donate one of my (very) elderly (2005) Dell PowerEdge 1650 1U servers to the effort, but that seems like a bit of overkill ...

What I think would be a good idea is to meet and discuss this face-to-face (pretty much anytime) with diagrams, rather than shoveling eMails back and forth.  Scott, if your schedule permits, you are more than welcome.

-- Dean

ps: Scott, I plan to come to the DEM on Tuesday to start on this, unless you're not going to be there, or other conditions (like ongoing slide work) make it a bad idea.

On 2014-04-27 12:06, Bart Kus wrote:

OK, we can slap some extra security on there.  Shouldn't need an extra router for that.

What about the PtMP story?  One of the advantages you mentioned (Dean) was mobile access.  Can it multiplex access somehow?

--Bart


On 4/27/2014 9:53 AM, Dean Gibson AE7Q wrote:

Exactly (or the equivalent).

On 2014-04-27 09:34, John Hays wrote:

It should be on a dedicated router on its own segment.  

Sent from my iPhone

On Apr 27, 2014, at 9:27 AM, Dean Gibson AE7Q <hamwan@ae7q.com> wrote:

The only "authentication" the radio has, are the following:

1. The radio can be set to only receive remote transmissions that include a two-digit decimal code; or
2. The radio can be set to only receive remote transmissions that are addressed to the callsign programmed into the receiving radio (I would recommend this setting).
   

Any other authentication would have to be provided by a router or firewall.

On 2014-04-26 22:39, Bart Kus wrote:

Any packets on that LAN are considered trusted since they passed authentication.  What's the auth story on the 23cm modems?

--Bart

On 4/26/2014 10:37 PM, Tom Hayward wrote:

On Sat, Apr 26, 2014 at 9:26 PM, Dean Gibson AE7Q <hamwan@ae7q.com> wrote:

At the Snohomish County DEM, place a router (or bridge) between the ID-1 and the 44.24.240.x network.
In this scenario, the ID-1 located at my house would also be connected to a router that acts as though it were directly connected to the 44.24.240.x (or any other) network at the DEM.

We have a router at Snohomish County DEM with an extra port that could be used for this. The subnet there is 44.24.240.128/28. We have another subnet of address pairs set aside for router-to-router links. So as far as networking goes, we could execute your plan. I can't commend about the feasibility of any of the other bits.

Tom

_______________________________________________
PSDR mailing list
PSDR@hamwan.org
http://mail.hamwan.org/mailman/listinfo/psdr_hamwan.org

_______________________________________________
PSDR mailing list
PSDR@hamwan.org
http://mail.hamwan.org/mailman/listinfo/psdr_hamwan.org

_______________________________________________
PSDR mailing list
PSDR@hamwan.org
http://mail.hamwan.org/mailman/listinfo/psdr_hamwan.org