Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
42 posts

Geek


  # 2308868 31-Aug-2019 19:31
Send private message

Petenz:

I have also discovered that PiAware cannot connect to Flightaware and is thus down the drain along with PlanePlotter now that I am on Spark wireless Broadband.


I run piaware on Skinny 4g broadband with CGNAT. Works fine. Does not require port forwarding as just uploads data.

7200 posts

Uber Geek

Trusted
Subscriber

  # 2308891 31-Aug-2019 20:21
One person supports this post
Send private message

Hi, just done a bit of reading on Flightaware, there seems absolutely no requirement for port forwarding, if so it should work fine from behind CG-NAT.......ymmv

 

Cyril


 
 
 
 


3508 posts

Uber Geek


  # 2308909 31-Aug-2019 22:36
One person supports this post
Send private message

If users have it on CG-NAT now, it would be needed to check if the servers MLAT data being fed back is on your local map (most people wouldn't bother and just rely on their data going out to get upgraded accounts)

 

It isn't clear if it is coming in via the 2-way link it starts up with FA, or establishes separate inbound. Quite possibly on the same datastream as I don't currently have a pinhole (like you suggest) and get results.

 

FR24 - your data goes out, MLAT is shown on the web only. Flightaware - your data is sent, they combine and calculate it and send results  straight back.

 

By default, multilateration positions resulting from the data that you feed to FlightAware are returned to you by sending them to the local dump1090 process on port 30104; dump1090 will then include them on the web map it generates.

 

Planeplotter, does need inbound traffic (UDP 9742) if you wish to see similar MLAT raw results, or get Master User status and assist with generating them

 

Their system isn't as smart and needs it's own inbound stream

 

 

 

 


7200 posts

Uber Geek

Trusted
Subscriber

  # 2308954 1-Sep-2019 08:35
Send private message

So the following image shows the faup1090 process creates one outbound connection, and the fa-mlat-client creates an outbound connection 30005 and it would appear return traffic is on the same port or possibly 30104 which I assume the client opens to the server for it to return traffic on. ie all are outbound connections, ie no pinhole required, well thats how I read it, I could be wrong. 

 

This is a client/server setup, it would be very poor engineering if the server required the client open inbound connections from it, surely the client initiates and creates all channels required.

 

Click to see full size

 

 

 

Cyril


28593 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 2308958 1-Sep-2019 09:24
Send private message

When I look at that very same image I can't see any requirement for a port forward. It shows two way traffic over the same socket for MLAT traffic to and from the FA server.

That would be an incredibly sloppy design.

It's safe to say most people don't realise the security implications of port forwards.

I know @scottjpalmer has been feeding FR24 and FA for ages using CG-NAT, he might be able to offer some advice.

3508 posts

Uber Geek


  # 2308962 1-Sep-2019 09:42
Send private message

Ok, so looks like the 2way data from Fa sorted. And somewhat established

I too have been feeding all of them since about 2010

Those 2 are very unlikely to see an issue. As I say most tend to be used out only anyway. And more use them than planeplotter

Planeplotter however, has a specific inbound test performed as part of it's setup checks to grant the ground station status that would likely fail.

But again, it's not a feature everyone takes advantage of.

7200 posts

Uber Geek

Trusted
Subscriber

  # 2308967 1-Sep-2019 09:59
Send private message

So only other thought I had is do the servers require you register your public IP with them (be it your real local one or the CG-NAT routers gateway) to let you through there firewall, this would explain why the OP might have been having issues, but not being a user of this service I cannot comment further.

 

Cyril


 
 
 
 


3508 posts

Uber Geek


  # 2308968 1-Sep-2019 10:03
Send private message

Basically this, doesn't occur without one. It is a web-generated test that tells the server to try connect

 

Click to see full size

 

 

 

I believe the MLAT/Raw data results server is different from the one you upload to. But it uses your connection to get the return IP and establish inbound on it

 

But the only advserse effect you would see, was no localised MLAT results (most tracking sites will do this now anyway) and can't use your data to help the others around you be more precise


7200 posts

Uber Geek

Trusted
Subscriber

  # 2308978 1-Sep-2019 11:06
Send private message

Hi so what you are saying is with newer servers its not required, so will work 100% without the port forwarding and or CG-NAT.

I recommend that if you Do require port forwarding and you know the server IP that will be using it then firewall the port forward to just that IP, if your router does not support that filtering then you are using the wrong device.

Cyril

3508 posts

Uber Geek


  # 2308985 1-Sep-2019 11:38
Send private message

cyril7: Hi so what you are saying is with newer servers its not required, so will work 100% without the port forwarding and or CG-NAT.

I recommend that if you Do require port forwarding and you know the server IP that will be using it then firewall the port forward to just that IP, if your router does not support that filtering then you are using the wrong device.

Cyril


More, the chap who does planeplotter hasn't seem to considered public IPs disappearing. And as such his peer2peer / 2 source connection requirements implemented (1 server receive/send data and a 2nd separate MLAT results server or near neighbour direct) are going to bite anyone on CGNathat wish to use those
MLAT functions

(The planeplotter server so kindly offers others your IP as a source for data too to allow somewhat of a mesh calculation :/)

Whereas flightaware has taken care of it with sending the different MLAT data back down the same single connection you make.

In short. OP shouldn't see any change In operation. Other than noone will be able to use his data directly, and likely won't be able to calculate mlat targets within the planeplotter screen.

Anything out side of that is likely coincidental as I see no reason for it not to work. Planeplotter is the only odd one that needs open inbound

7200 posts

Uber Geek

Trusted
Subscriber

  # 2308988 1-Sep-2019 11:49
Send private message

Hi, if you do happen to enage with the flightawre developers I suggest you advise them to redesign both in the interest of security and with the increasing CG-NAT situation.

 

Also would it not make sense that data you forward to their servers, you can elect if this is forwarded to others, but not from you but from the server, surely a better engineered solution.

 

Cyril


3508 posts

Uber Geek


  # 2308990 1-Sep-2019 12:01
Send private message

cyril7:

Hi, if you do happen to enage with the flightawre developers I suggest you advise them to redesign both in the interest of security and with the increasing CG-NAT situation.


Also would it not make sense that data you forward to their servers, you can elect if this is forwarded to others, but not from you but from the server, surely a better engineered solution



Flightaware is fine. It's all server side. And the data uses a sngle stream that we establish. Not the issue here.

Planeplotter is, and that spawned his later concerns of potential for flightaware to be the same. But now identified as fine/out only.

Planeplotter is the bugbear. And it is opt-in somewhat. As part of the request to enable the master user/ground station status.

Explained under security considerations http://www.coaa.co.uk/multilat.pdf

2952 posts

Uber Geek

Trusted
Lifetime subscriber

  # 2308993 1-Sep-2019 12:04
One person supports this post
Send private message

Static IP on Wireless Broadband has been available for at almost 2 years since around November/December 2017 since that was when I built it. 😁

 

You have a Static IP address in the same range as the current Fixed Broadband Static IPs as your Wireless session gets terminated on the same BNGs that terminate fixed broadband and it gets terminated exactly the same way BUBA customers get terminated for the moment.

 

But I personally would recommend against getting a Static IP on Wireless Broadband unless you absolutely need it as if you get DDoSed there isn't much you can do to stop it plus there is a constant stream of background noise on the internet all of which you will go against your data cap. I remember there wasn't an easy way to flick between static and dynamic much like there is on fixed broadband putting in the username "NoStatic".





and


1 | 2 
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Switch your broadband provider now - compare prices


Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Ring launches indoor-only security camera
Posted 23-Jan-2020 17:26


New report findings will help schools implement the digital technologies curriculum content
Posted 23-Jan-2020 17:25


N4L to upgrade & support wireless internet inside schools
Posted 23-Jan-2020 17:22


Netflix releases 21 Studio Ghibli works
Posted 22-Jan-2020 11:42


Vodafone integrates eSIM into device and wearable roadmap
Posted 17-Jan-2020 09:45


Do you need this camera app? Group investigates privacy implications
Posted 16-Jan-2020 03:30


JBL launches headphones range designed for gaming
Posted 13-Jan-2020 09:59


Withings introduces ScanWatch wearable combining ECG and sleep apnea detection
Posted 9-Jan-2020 18:34


NZ Police releases public app
Posted 8-Jan-2020 11:43


Suunto 7 combine sports and smart features on new smartwatch generation
Posted 7-Jan-2020 16:06


Intel brings innovation with technology spanning the cloud, network, edge and PC
Posted 7-Jan-2020 15:54


AMD announces high performance desktop and ultrathin laptop processors
Posted 7-Jan-2020 15:42


AMD unveils four new desktop and mobile GPUs including AMD Radeon RX 5600
Posted 7-Jan-2020 15:32


Consolidation in video streaming market with Spark selling Lightbox to Sky
Posted 19-Dec-2019 09:09


Intel introduces cryogenic control chip to enable quantum computers
Posted 10-Dec-2019 21:32



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.