[HamWAN PSDR] PSDR Address Migration - Client Updates

Doug Kingston dpk at randomnotes.org
Sun May 12 13:43:59 PDT 2024 

As of May 2024, HamWAN is in the process of migrating our IP address usage
off of 44.24.240.0/20 to a larger allocation, 44.25.0.0/16. This migration
is a part of the agreement HamWAN made with ARDC for receiving the larger
allocation and needs to be completed by Dec 31, 2024. Our infrastructure
has been almost entirely migrated over the past few months, and we are
currently serving all services
<https://hamwan.org/Puget%20Sound%20Data%20Ring/Services.html> from both
the old and new addresses. The major item in front of us is the update of
clients.

The following changes impact some or all clients configured prior to
mid-February or so:

   - SNMP address range (44.24.240.0/20 => 44.24.240.0/20,44.25.0.0/16)
   - Logging destination (44.24.244.8 => 44.25.0.8)
   - NTP servers (44.24.{244,245}.4 => 44.25.{9.1}.4)

as configured in steps 8, 9, and 10 of our client setup instructions (GET
CONNECTED
<https://hamwan.org/Standards/Network%20Engineering/Client%20Node%20Configuration.html>),
which we updated back in February and have our new recommended settings.
Luckily, none of these settings impact your ability to connect or current
connectivity, and they don't require a reboot to take effect. The logging
and SNMP setting help us monitor and manage the network, and the NTP client
in your devices helps ensure they have the correct time for logging.

In addition, many users have configured DHCP servers on their clients for
local LAN connected devices behind their device. If the DHCP server is
announcing DNS or NTP servers to the local clients, these will also need to
be updated. In this case one other change needs to be taken into
consideration.

   - DNS servers (resolvers, 44.24.{244,245}.1 => 44.25.{0,1}.1)

We recognize that not all clients are online all the time, and HamWAN
Netops does not have credentials to all devices, though we encourage it to
allow us to keep the network healthy. Our plan for this conversion is as
follows:

   1. Inform all users of the needed changes and provide instructions for
   how to make those changes themselves (this email).
   2. Netops will apply updates (see below) to any clients that we have
   access to which have old settings.
   3. Contact owners of devices we were not able to access.

The following commands issued in a RouterOS terminal window will update
your client. Note that Mikrotik updated the command format for NTP client
settings between RouterOS 6 and 7, so use the correct command for your
version. To find your routeros, look at the banner when you log into the
device or type /system resource print. Look for the version field. A
version 7 device would be something like: 7.13.3 (stable), a version 6
device would look something like: 6.43.4 (stable).

Common update commands:

/snmp community set [ find name=hamwan ] name=hamwan
addresses=44.24.240.0/20,44.25.0.0/16
/system logging action set [find name=remote] remote=44.25.0.8

NTP client update if your device is running RouterOS 6.x:

/system ntp client set primary-ntp=44.25.0.4 secondary-ntp=44.25.1.4 enabled=yes

NTP client settings if your device is running RouterOS 7.x:

/system ntp client set servers=44.25.0.4,44.25.1.4 enabled=yes

Additionally, if you have configured a DHCP server, you may want to run the
following or similar commands:

/ip dhcp-server network set [ find dns-server~"44.24.24" ]
dns-server=44.25.0.1,44.25.1.1
/ip dhcp-server network set [ find ntp-server~"44.24.24" ]
ntp-server=44.25.0.4,44.25.1.4

What happens if you ignore this request?

Nothing catastrophic. You will not be disconnected. You may have trouble
reaching other internet sites due to lack of DNS service when we turn off
servers on the 44.24.{244,245}.0 networks. Likewise, your device time may
drift due to lack of NTP. These issues can be resolved if and when they
become an issue for you. We will announce the shutdown of these servers
later this year.
If you are making updates...

Our IRC channel changed some time ago and many devices list the wrong IRC
channel for support. You can make this update:

/snmp set contact="IRC #hamwan-support on libera.chat"

If you access your device to update it as above, you may also want to
consider upgrading RouterOS to a current version to ensure you have all the
latest security updates. This is typically done with:

/system package update install

which reboots the system, followed by:

/system routerboard upgrade

and then another system reboot:

/system reboot

We are moving the infrastructure to RouterOS 7.x, but at this time we do
not see any need for users to switch from the 6.x release track. If you
consider doing this, be sure to read the Mikrotik documentation on
upgrading to RouterOS 7
<https://help.mikrotik.com/docs/display/ROS/Upgrading+to+v7>. There are
some special cases particularly for wireless devices.
Getting help

HamWAN Netops and other community members are available to help. You can
reach us in near real-time on our IRC channel: #hamwan-support on
irc.libera.chat. You can also post queries to netops at hamwan.org, or to
PSDR at hamwan.org <psdr at hamwan.org> if you believe the question and answer
would be of general interest to this community.

These instructions are also available on the HamWAN website: Address
Conversion
<https://hamwan.org/Puget%20Sound%20Data%20Ring/Address%20Conversion.html>

-Doug-, KD7DK
HamWAN Netops
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail01.fmt.hamwan.net/pipermail/psdr/attachments/20240512/679eafa7/attachment.html>

More information about the PSDR mailing list