An APRS-IS server primarily performs 2 functions: verifying client logins and
broadcasting all received packets unchanged to all clients. Verifying client
logins is done using the algorithm discussed in Connecting to APRS-IS and
available from me by contacting me directly. If a client does not pass
verification, the client may not send any packets to APRS-IS. The
unverified client may receive packets which facilitates receive-only clients
The basic concept of a server is to allow all clients to receive all packets
seen by the server. Because of the growth of APRS-IS, Roger Bille SM5NRK
designed and implemented javAPRSFilter to work as an adjunct to javAPRSSrvr to
allow the clients to reduce the flow of packets from the server to them. I
will first address the basic server principles here and then comment on what is
necessary for a server to implement javAPRSFilter or any other filtering
technique on a client port.
The following are basic "musts" in a server:
- Send server identification line at connect time on TCP ports:
# softwarename softwareversion
softwarename=name of the software (one word, no spaces)
softwareversion=version of the software (no spaces)
- Verify logins per the format shown on
Connecting to APRS-IS
- Respond to logins with a login response line (aprsd excluded from this
# logresp logincall verifystatus, server servercall
logincall=callsign-SSID used as login
verifystatus=verified or unverified
servercall=callsign-SSID of the server
Other information such as server command may follow servercall with a space
- Pass all non-duplicate TNC2 format lines with the data unchanged (no
modification of the portion following the colon)
- All lines must be terminated by a CR/LF sequence
- AEA format lines should be converted to TNC2 format before rebroadcast
- Mangled packets (packets with non-standard TNC2/AEA headers) must be either cleaned or dropped.
- All callsign-SSIDs must conform to callsign-SSID requirements:
- Origin callsigns are at least 3 characters, all others are at least 1 character.
- SSID is either not present or 1 or 2 alphanumeric characters
- SSID -0 is dropped as conflicts with not present SSID
- Total length of callsign-SSID is maximum of 9 characters
- Implement the q algorithm on all valid lines
- Duplicate checking is based on the origin call and SSID, destination call (SSID ignored), data length,
and data content. Note that the path is ignored in duplicate checking. The
origin and destination calls are case-sensitive. (Data content checking may be modified by non-compliant clients and servers by stripping white space, non-printable characters, etc. Duplicate checking should take these factors into account.)
- Duplicate checking is done over a 30 second sliding window for each packet.
- All packets originated by the station with a verified login shall only
have TCPIP* in the path. The packet may have the qAZ or qAI construct followed only by station's login.
- Gated packets (not from the logged-in station) shall not have the path
modified except per the q algorithm.
Servers should only connect to a single upstream server and should never be
connected to more than one server at a time. This is critical to preventing
loops. All lines received from an upstream server or client shall not
be echoed back (by definition, echoing is a loop).
The case of the header fields (origin, destination, and path) shall not be
changed and considered unique.
There are references to unverified logins using TCPXX* in the path. This has
been depricated and no packets from unverified logins shall be passed by the
server on APRS-IS.
If filtering of packets to the client is to be done, the server must properly
support APRS messaging. APRS messaging requires that the client receive any APRS
messages destined for the client or any station the client has gated to APRS-IS.
The client must also receive the next available position packet for the sending
station of those message packets.