handle loops well at all. It is therefore necessary to have some form
of protection for these nodes.
<P>
-<P>This is achieved by using filtering on a route basis. There is a
-default setting to help to protect the network, especially useful for new
-and inexperienced SysOps. The idea is simple. When Spider is started
-for the first time and a connection is made to or from another node,
-the default is to only send the nodes you already have that are in your
-own zone. For example, in the UK the default setting would be to send
-only UK nodes to any connection. This can be filtered further (down to
-a single node if needed) or expanded as required.
-<P>
+<P>In fact DXSpider has had a simple system for some time which is called
+<I>isolation</I>. This is similar to what, in other systems such as
+<B>clx</B>, is called <I>passive mode</I>. A more detailed explanation
+of <I>isolation</I> is given further below. This system is still available
+and, for simple networks, is probably all that you need.
+<P>
+<P>The new functionality introduced in version 1.48 is filtering the node
+and user protocol frames on a "per interface" basis. We call this
+<I>route filtering</I>. This is used <B>instead of</B>
+<I>isolation</I>.
+<P>
+<P>What this really means is that you can control more or less completely
+which PC protocol frames, to do with user and node management, pass to
+each of your partner nodes. You can also limit what comes into your
+node from your partners. You can even control the settings that your
+partner node has for the routing information that it sends to you
+(using the <I>rcmd</I> command).
<P>
<H2><A NAME="ss1.2">1.2 Route Filters</A>
</H2>
-<P>As mentioned in the introduction, a default setting exists. If this is
-all you want to use then that is fine, you have nothing else to do.
-However, if you want to make any alterations then you need to know
-a bit about filters.
-<P>
-<P>It is possible to reset the default setting for node connections should
-you wish to do so, however this can be dangerous to the network unless
-you have some experience in how all this works.... be careful! It is
-also possible to change settings for one connection only. You can,
-therefore, have many different filters set dependent on the amount of
-node links you have.
+<P>Initially when route filters were being tested we generated a
+"default" filter. Unfortunately it quickly became apparent that this
+might suit the UK cluster network but didn't really fit anybody else.
+However using a default filter is an appropriate thing to do. How, is
+explained further on.
+<P>
+<P>The first thing that you must do is determine whether you need to do route filtering <B>at all</B>. If you are a "normal" node with two or three partners
+and you arranged in an "official" non-looping tree type network, then <B>you do
+not need to do route filtering</B> and you will feel a lot better for not
+getting involved. If you are successfully using <I>isolation</I> then you
+also probably don't need to use route filtering.
+<P>
+<P>You will only require this functionality if you are
+"well-connected". What that means is that you are connected to several
+different parts of (say) the EU cluster and, at the same time, also
+connected to two or three places in the US which, in turn are
+connected back to the EU. This is called a "loop" and if you are
+seriously looped then you need filtering.
<P>
<P>I should at this stage give a little bit of background on filters. All
the filters in Spider work in basically the same way. You can either
you wish to achieve. Some filters are user settable, others can only
be altered by the sysop. Route filtering can only be done by the sysop.
<P>
-<H2><A NAME="ss1.3">1.3 The default_node filter</A>
+<P>
+Anyway, without further discouragement, let me start the process
+of explanation.
+<P>
+<H2><A NAME="ss1.3">1.3 The node_default filter</A>
</H2>
-<P>As discussed previously, a default setting exists that only sends nodes
-from your own zone. This can be overridden by using the default_node
-filter option like this ...
+<P>All normal systems should have a default routing filter and it should
+usually be set to send only the normal, unlooped, view of your
+"national" network. Here in the UK that means nodes from the UK and
+Eire, in EU it is more complex as the networks there grew up in a more
+intertwined way.
+<P>
+<P>
+The generic commands are:-
<P>
<BLOCKQUOTE><CODE>
<PRE>
-reject/route default_node <filter_option>
+reject/route node_default <filter_option>
or
-accept/route default_node <filter_option>
+accept/route node_default <filter_option>
</PRE>
</CODE></BLOCKQUOTE>
-<P>
<P>where filter_option is one of the following ...
<P>
<BLOCKQUOTE><CODE>
call_dxcc <numbers>
call_itu <numbers>
call_zone <numbers>
-origin <prefixes>
-origin_dxcc <numbers>
-origin_itu <numbers>
-origin_zone <numbers>
+channel <prefixes>
+channel_dxcc <numbers>
+channel_itu <numbers>
+channel_zone <numbers>
</PRE>
</CODE></BLOCKQUOTE>
-<P>
<P>Please be careful if you alter this setting, it will affect
<B><I>ALL</I></B> your links!
<P>
+<P>For the default routing filter then you have two real choices: either
+a "national" view or the "safe" option of only your own
+callsign. Examples of each (for my node: GB7DJK) are:-
+<P>
+<BLOCKQUOTE><CODE>
+<PRE>
+acc/route node_default call_dxcc 61,38
+acc/route node_default call gb7djk
+</PRE>
+</CODE></BLOCKQUOTE>
+<P>GB7DJK uses the first of these. The DXCC countries can be obtained from the
+<I>show/prefix</I> command.
+<P>
+<P>The example filters shown control <I>output</I> <B>TO</B> all your
+partner nodes unless they have a specific filter applied to them (see
+next section).
+<P>
+<P>It is also possible to control the <I>incoming</I> routing
+information that you are prepared to accept <B>FROM</B> your partner
+nodes. The reason this is necessary is to make sure that stuff like
+mail, pings and similar commands a) go down the correct links and b)
+don't loop around excessively. Again using GB7DJK as an example a typical
+default input filter would be something like:
+<P>
+<BLOCKQUOTE><CODE>
+<PRE>
+rej/route node_default input call_dxcc 61,38 and not channel_dxcc 61,38
+</PRE>
+</CODE></BLOCKQUOTE>
+<P>What this does is accept node and user information for our national
+network from nodes that are in our national network, but rejects such
+information from anyone else. Although it doesn't explicitly say so,
+by implication, any other node information (not from the UK and Eire)
+is accepted.
+<P>
+<P>As I imagine it will take a little while to get one's head around all of this you
+can study the effect of any rules that you try by watching the debug output
+after having done:-
+<P>
+<BLOCKQUOTE><CODE>
+<PRE>
+set/debug filter
+</PRE>
+</CODE></BLOCKQUOTE>
+<P>After you have got tired of that, to put it back the way it was:-
+<P>
+<BLOCKQUOTE><CODE>
+<PRE>
+unset/debug filter
+</PRE>
+</CODE></BLOCKQUOTE>
+<P>
<H2><A NAME="ss1.4">1.4 General route filtering</A>
</H2>
</PRE>
</CODE></BLOCKQUOTE>
<P>
-<P>where filter_option is one of the following ...
+<P>Here are some examples of route filters ...
<P>
<BLOCKQUOTE><CODE>
<PRE>
-call <prefixes>
-call_dxcc <numbers>
-call_itu <numbers>
-call_zone <numbers>
-origin <prefixes>
-origin_dxcc <numbers>
-origin_itu <numbers>
-origin_zone <numbers>
+rej/route gb7djk call_dxcc 61,38 (everything except UK+EIRE nodes)
+rej/route all (equiv to [very] restricted mode)
+acc/route gb7djk call_dxcc 61,38 (send only UK+EIRE nodes)
+acc/route gb7djk call gb7djk (equiv to SET/ISOLATE)
</PRE>
</CODE></BLOCKQUOTE>
+<P>In practice you will either be opening the default filter out for a
+partner by defining a specific filter for that callsign:-
<P>
-<P>Here are some examples of route filters ...
+<BLOCKQUOTE><CODE>
+<PRE>
+acc/route gb7baa all
+acc/route gb7baa input all
+</PRE>
+</CODE></BLOCKQUOTE>
+<P>or restricting it quite a lot, in fact making it very nearly like an <I>isolated</I> node, like this:-
<P>
<BLOCKQUOTE><CODE>
<PRE>
-rej/route gb7djk call_dxcc 61,38 (everything except UK+EIRE nodes)
-rej/route all (equiv to [very] restricted mode)
-acc/route gb7djk call_dxcc 61,38 (send only UK+EIRE nodes)
-acc/route gb7djk call gb7djk (equiv to SET/ISOLATE)
+acc/route pi4ehv-8 call gb7djk
+rej/route pi4ehv-8 input call_dxcc 61,38
</PRE>
</CODE></BLOCKQUOTE>
+<P>This last example takes everything except UK and Eire from PI4EHV-8
+but only sends him my local configuration (just a PC19 for GB7DJK and
+PC16s for my local users).
+<P>
+<P>It is possible to do <B>much</B> more complex rules, there are up to 10
+accept/reject pairs per callsign per filter. For more information see the
+next section.
+<P>
<P>
<H2><A NAME="ss1.5">1.5 General filter rules</A>
</H2>
generally at filtering. There are a number of things you can filter in the
DXSpider system. They all use the same general mechanism.
<P>
-<P>In general terms you can create a 'reject' or an 'accept' filter which can have
+<P>In general terms you can create a "reject" or an "accept" filter which can have
up to 10 lines in it. You do this using, for example ...
<P>
<BLOCKQUOTE><CODE>
projects / spider.git / blobdiff