[Top][Contents][Prev][Next][Last]Search

IPX Routing

This chapter covers the following topics:
IPX routing on the WAN
Configuring the IPX router
Configuring IPX LAN interfaces
Configuring IPX WAN interfaces
Configuring IPX static routes
Defining and applying IPX SAP filters

IPX routing on the WAN

A MAX TNT configured for IPX routing enables NetWare clients and distributed Novell networks to use NetWare services across the WAN. Figure 8-1 shows a MAX TNT that routes IPX between WAN interfaces (connections) and a local Novell network.

Figure 8-1. Routing IPX between LAN and WAN interfaces

Note: The NetWare version must be 3.11 or newer.

Ascend has optimized IPX routing for the WAN, which required some modifications of standard IPX behavior as well as IPX extensions to enable the MAX TNT to operate as clients expect for NetWare LANs. This section discusses issues related to scaling LAN protocols to the WAN.

How Ascend units use IPX SAP

The MAX TNT follows standard IPX SAP behavior for routers when connecting to non-Ascend units across the WAN. However, when it connects to another Ascend unit configured for IPX routing, both ends of the connection exchange their entire SAP tables, so all remote services are immediately added to the MAX TNT unit's SAP table and vice versa.

When a NetWare client sends a SAP request to locate a service, the MAX TNT consults its SAP table and replies with its own hardware address and the internal network address of the requested server. This is analogous to proxy ARP in an IP environment. The client can then transmit packets whose destination address is the internal address of the server. When the MAX TNT receives those packets, it consults its RIP table. If it finds an entry for that destination address, it brings up the connection (unless it is already up) and forwards the packet.

How Ascend units use IPX RIP

The MAX TNT follows standard IPX RIP behavior for routers when connecting to non-Ascend units. However, when it connects to another Ascend unit configured for IPX routing, both ends of the connection immediately exchange their entire RIP tables. In addition, the MAX TNT maintains those RIP entries as static until the unit is reset or power cycled.

How IPX RIP works

IPX RIP is similar to the routing information protocol in the TCP/IP protocol suite, but it is a different protocol. IPX routers broadcast RIP updates periodically and when a WAN connection is established. The MAX TNT receives IPX RIP broadcasts from a remote device, adds 1 to the hop count of each advertised route, updates its own RIP table, and broadcasts updated RIP packets on connected networks in a split-horizon fashion.

The IPX RIP default route

The MAX TNT recognizes network number -2 (0xFFFFFFFE) as the IPX RIP default route. When it receives a packet for an unknown destination, the MAX TNT forwards the packet to the IPX router advertising the default route. If more than one IPX router is advertising the default route, the unit makes a routing decision based on Hop and Tick count. For example, if the MAX TNT receives an IPX packet destined for network 77777777 and it does not have a RIP table entry for that destination, the MAX TNT forwards the packet towards network number FFFFFFFE, if available, instead of simply dropping the packet.

Support for IPXWAN negotiation

The MAX TNT supports the IPXWAN protocol, which is essential for communicating with Novell software (such as NetWare Connect2) that supports dial-in connections, and with the Multi-Protocol Router. For full specifications of the IPXWAN protocol, see RFC 1634 and NetWare Link Services Protocol Specification-IPX WAN Version 2.

When an IPX connection is brought up between two Ascend units, all options are negotiated during the IPXCP phase. IPXWAN negotiation never takes place between two Ascend units, because neither unit initiates the negotiation process by sending out an IPXWAN Timer_Request packet.

Connections with non-Ascend devices that use Novell software operating over PPP do not negotiate options during the IPXCP phase, so all options are negotiated during the IPXWAN phase of link establishment. The far-end device sends an IPXWAN Timer_Request packet, which triggers IPXWAN negotiation in the MAX TNT. The devices compare internal network numbers and assign the slave role to the unit with the lower number. The other unit becomes the master of this link for the duration of the IPXWAN negotiation. The slave unit returns an IPXWAN Timer_Response packet, and the master unit initiates an exchange of information about the final router configuration. The MAX TNT supports the following routing options:

Header compression is rejected as a routing option. After IPXWAN negotiation is completed, transmission of IPX packets begins, using the negotiated routing option.

Extensions to standard IPX

NetWare uses dynamic routing and service location, so clients expect to be able to locate a server dynamically, regardless of where it is physically located. Because this scheme was designed to work in a LAN environment, not for WAN operations, Ascend provides extensions to standard IPX. The added features enhance WAN functionality, as shown in Table 8-1

Table 8-1. Ascend extensions to IPX

Ascend extension

Purpose
Virtual network for dial-in clients

 To enable the MAX TNT to route IPX to non-routers (NetWare clients), it supports a virtual IPX network defined in the MAX TNT unit's IPX-Global profile. The unit can then assign a unique network address to the client. The client's connection must specify that it is a Dialin-Peer.

Accepting or rejecting RIP and SAP updates

 The MAX TNT can transmit RIP and SAP updates, receive them, or both, or you can disable RIP or SAP updates for any IPX routing connection.

Bringing up connections in response to a SAP query

 The Dial-Query feature is designed for sites that support many clients and connections to only a few remote IPX networks. The MAX TNT brings up all connections that enable Dial-Query when it receives a SAP query for a file server (service type 0x04) and its SAP table has no entry for that service type.

Static routes to servers

 Even though the MAX TNT learns its routes via RIP, it clears the entire RIP table when reset or powered down. Some sites configure a static IPX route to enable the MAX TNT to open a connection to that location and download the RIP table when the unit is powered up.

SAP filters

 IPX SAP filters enable you to prevent the SAP table from becoming too large by explicitly including or excluding servers, services, or service types on any interface.

Recommendations for NetWare client software

NetWare clients on a WAN do not need special configuration in most cases. However, if the local network supports NetWare servers, you should configure NetWare clients with a preferred server on the local network, not at a remote site. If the local network does not support NetWare servers, configure local clients with a preferred server that is on the network with the lowest connection costs. For more information, see the NetWare documentation.

Due to possible performance issues, executing programs remotely is not recommended. For best results, put LOGIN.EXE on each client's local drive.

Both Macintosh and UNIX clients can use IPX to communicate with servers. However, both types of clients also support native protocols: AppleTalk (Macintosh) or TCP/IP (UNIX). If Macintosh clients must access NetWare servers across the WAN by using AppleTalk software (rather than MacIPX), the MAX TNT must support AppleTalk routing. Otherwise, AppleTalk packets will not make it across the connection. If UNIX clients access NetWare servers via TCP/IP (rather than UNIXWare), the MAX TNT must also be configured as an IP router. Otherwise, TCP/IP packets will not make it across the connection.

Note: Packet Burst lets servers send a data stream across the WAN before a client sends an acknowledgment. The feature is included automatically in server and client software for NetWare 3.12 or later. If local servers are running NetWare 3.11, they should have PBURST.NLM loaded. For more information, see your NetWare documentation.

Configuring the IPX router

To create IPX-Interface profiles for routing on the MAX TNT LAN interfaces, you must enable IPX routing in the IPX-Global profile. In addition, to support dial-in NetWare clients that are not routers, you must configure a virtual IPX network to be used for assigning IPX addresses to those clients. Following are the relevant parameters, shown with their default settings:

Enabling IPX routing mode

 The IPX-Routing-Enabled parameter enables IPX routing. When you write the profile, the MAX TNT comes up in IPX routing mode. At that time, it creates an IPX-Interface profile for each installed Ethernet port.

Defining a virtual IPX network for dial-in clients

When a NetWare client dials in, the MAX TNT negotiates a routing session with the client by assigning the client a node address on the virtual IPX network. The client must accept the network number defined in this pool. If it has its own node number, the MAX TNT uses that number to form the full network:node address. If the client does not have a node number, the MAX TNT assigns it a unique node address on the virtual network.

The IPX network number you assign must be unique within the entire IPX routing domain of the MAX TNT. The MAX TNT advertises the route to this virtual IPX network.

Example of an IPX-Global configuration

Following is an example of how to enable IPX routing mode and define a network for address assignment to dial-in clients that are not routers:

When you write the profile, the MAX TNT comes up in IPX routing mode and creates IPX-Interface profiles for each Ethernet interface. Be sure that the network number you assign to the IPX-Dialin parameter is unique in the MAX TNT routing domain.

Configuring IPX LAN interfaces

After you enable IPX routing in the IPX-Global profile, the system creates an IPX-Interface profile for each Ethernet interface in the system. IPX-Interface profiles do not exist until you enable IPX routing globally.

The IPX-Interface profiles contain the following parameters, which are shown with their default settings:

Note: IPX-Routing-Enabled must be set to Yes, and a valid IPX-Frame type must be specified, in the IPX-Interface profile for the shelf-controller Ethernet port.

Enabling IPX routing and spoofing on the interface

To enable the MAX TNT to route IPX on an Ethernet interface, you must set both the IPX-Routing-Enabled parameter and the IPX-Frame parameter. The IPX-Frame parameter specifies which IPX frame type the MAX TNT will route and spoof.

Note: The MAX TNT routes and spoofs only one IPX frame type. If some NetWare software transmits IPX in a frame type other than the type you specify, the MAX TNT drops those packets. If you are not familiar with the concept of packet frames, see the Novell documentation.

To see which frame type to use on a LAN interface, go to a NetWare server's console on that segment and type LOAD INSTALL to view the AUTOEXEC.NCF file. Following is an example AUTOEXEC.NCF line that specifies 802.3 frames:

Assigning an IPX network number

 If there are other NetWare routers (servers) on the LAN interface, the IPX number assigned to the MAX TNT for that interface must be consistent with the number in use by the other routers. The best way to ensure this is to leave the default null address in the IPX-Net-Number parameter. The null address causes the MAX TNT to learn its network number from another router on the interface, or from the RIP packets received from the local IPX server.

If you enter an IPX network number other than zero, the MAX TNT becomes a seed router, and other routers can learn their IPX network number from the MAX TNT. For details about seed routers, see the Novell documentation.

Propagating IPX type 20 packets on a LAN interface

Some applications, such as NetBIOS over IPX, use IPX Type 20 packets to broadcast names over a network. By default, these broadcasts are not propagated over routed links (as Novell recommends) and are not forwarded over links that have less than 1 Mbps throughput. However, if you are using an application such as NetBIOS over IPX, which requires these packets in order to operate, you can enable the router to propagate IPX Type 20 packets over a LAN interface by setting the IPX-Type-20 parameter to Yes.

Applying a SAP filter to the LAN interface

When applied to a LAN interface, a SAP filter includes or excludes specific local services from the MAX TNT SAP table and its responses to SAP queries on the interface. If the directory services feature is not supported, servers or services that are not in the MAX TNT table will be inaccessible to clients across the WAN. A filter applied to a LAN interface takes effect immediately.

For information about defining a SAP filter, see Defining and applying IPX SAP filters. For an example that shows how to apply the filter, see Example of applying an IPX SAP filter to a LAN interface.

Example of an IPX-Interface configuration

Following is an example of input that enables the MAX TNT to route 802.3 IPX frames to and from the LAN interface and propagate IPX Type 20 packets:

Note that this example does not specify an IPX-Net-Number, which means the MAX TNT is a nonseed router that will learn its address from another IPX router on the network or from the RIP packets received from the local IPX server.

Configuring IPX WAN interfaces

You must set Enabled to Yes in the IPX-Answer subprofile of the Answer-Defaults profile to allow the MAX TNT to answer incoming IPX routing calls. In addition, because the MAX TNT does not have a built-in authentication mechanism (such as matching addresses) for IPX connections, they require PPP authentication.

Following are the relevant parameters, shown with their sample settings:

Connection profiles for IPX routing connections typically use PPP authentication (described in the current Appendix A, Access Security Settings ). In addition, they specify one or more of the following IPX options, which are shown with their default values:

Enabling IPX routing on a WAN interface

 To enable IPX routing for this connection, set IPX-Routing-Enabled to Yes. If it is set to No, the MAX TNT will not route IPX packets on this interface.

Specifying whether the remote device is a router or dial-in client

The Peer-Mode parameter specifies whether the remote site is a dial-in NetWare client or another IPX router. When Peer-Mode is set to Dialin-Peer, the MAX TNT negotiates a routing session with the dial-in NetWare client by assigning the client a node address on the virtual IPX network defined in the IPX-Global profile. The client must accept the network number that is assigned. If the client has its own node number, the MAX TNT uses that number to form the full network address. If it does not have a node number, the MAX TNT assigns it a unique node address on the virtual network.

Note: When connecting to a Dialin-Peer, the MAX TNT does not send RIP and SAP advertisements across the connection, and it ignores RIP and SAP advertisements received from the far end. However, it does respond to RIP and SAP queries received from dial-in clients.

Controlling RIP and SAP updates to and from the remote router

When the remote end of the connection is a router (Peer-Mode), you can specify how RIP and SAP packets are handled across this WAN connection. Both parameters are set to Both by default, which means that the MAX TNT both sends updates across the WAN connection (informing other routers on the remote network of its routes or services), and receives updates from the remote router (including those routes or services in its RIP or SAP table).

You can set the RIP parameter to Send to cause the MAX TNT to send its routes to the remote router, but not to receive any updates on this interface. Or, you can set it to Recv to receive updates from the remote router, but not propagate the local IPX routes to the remote site. If you set it to Off, no routes are propagated in either direction.

The same settings apply to the SAP parameter. If SAP is set to both send and receive broadcasts on the WAN interface, the MAX TNT broadcasts its entire SAP table to the remote network and listens for SAP table updates from that network. Eventually, both networks have a full table of all services on the WAN. To control which services are advertised and where, you can disable the exchange of SAP broadcasts across a WAN connection, or specify that the MAX TNT will only send or only receive SAP broadcasts on that connection.

When to use net-number and net-alias

The Net-Number specifies the IPX network number of the remote-end router. This parameter, which is rarely needed, accommodates those remote-end routers that require the MAX TNT to know that router's network number before connecting.

The Net-Alias parameter may specify a second IPX network number, to be used only when connecting to non-Ascend routers that use numbered interfaces.

Applying a SAP filter to a WAN interface

You can apply a SAP filter to a WAN interface by specifying the filter profile name as the value of the SAP-Filter parameter. When applied to a WAN interface, a SAP filter includes or excludes specific services from the MAX TNT unit's SAP table and its responses to SAP queries on the interface. A filter applied to a WAN interface takes effect when the connection next becomes active.

For information about defining a SAP filter, see Defining and applying IPX SAP filters. For an example that shows how to apply the filter, see Example of applying an IPX SAP filter to a LAN interface.

Using dial-query

Dial-Query configures the MAX TNT to bring up a connection when it receives a SAP query for service type 0x04 (File Server) and that service type is not present in the MAX TNT SAP table. If the MAX TNT has no SAP table entry for service type 0x04, it brings up every connection that has Dial Query set. For example, if 20 Connection profiles have Dial-Query set, the MAX TNT brings up all 20 connections in response to the query.

Note: If the MAX TNT unit has a static IPX route for even one remote server, it chooses to bring up that connection as opposed to the more costly solution of bringing up every connection that has Dial-Query set.

Home server proxy

For mobile NetWare clients, you can specify the network number of from one to six NetWare servers that should receive SAP queries across this connection. Without this feature, when the client is in a distant location and sends a Get Nearest Server Request query, the client receives responses from servers closer to that location, rather than the expected home server or servers. With the home-server proxy feature, mobile clients can bring up a connection to the server or servers they usually use.

To enable the home-server proxy, set the IPX-SAP-HS-Proxy parameter to Yes, and configure the IPX-SAP-HS-Proxy-Net parameter with from one to six IPX network numbers. The MAX TNT then directs the client's SAP queries only to the specified networks.

Using IPX header compression

The IPX-Header-Compression parameter specifies whether or not the MAX TNT should use IPX header compression on this connection if the specified encapsulation method supports it.

Example of a connection between two Novell LANs

Figure 8-2 shows a MAX TNT providing a connection between an IPX network, which supports NetWare servers and clients, and a remote site that also supports NetWare servers and clients, and an Ascend unit.

Figure 8-2. IPX connection with NetWare servers on both sides

In this example, the NetWare server at site B is configured with the following specifications:

Following is an example of specifying a connection to the Ascend unit at Site B:

Because RIP is turned off, you might want to create a static route to the server at the remote site, to ensure that the MAX TNT can bring up this connection, even immediately after a system reset. The following example shows how to configure a route to Server-2 at Site B:

Note: The destination network number is the server's internal network number. For more information about IPX routes, see Configuring IPX static routes.

Example of a connection to a dial-in client

Figure 8-3 shows a NetWare client dialing into the MAX TNT to reach a corporate IPX network. The caller is running NetWare client software with PPP software to dial in.

Figure 8-3. Dial-in NetWare client

Dial-in NetWare clients do not have an IPX network address. To have an IPX routing connection to the local network, the clients must dial in using PPP software, and the Connection profile must set Peer-Mode to Dialin-Peer. In addition, the MAX TNT must have a virtual IPX network defined for assignment to these clients. For information about defining a virtual IPX network, see Configuring the IPX router.

Following is an example of input that configures an IPX routing connection for the client shown in Figure 8-3:

Example of enabling home-server proxy

 Following is an example of how to enable the home-server proxy feature in an IPX-routing Connection profile:

Setting IPX-SAP-HS-Proxy to Yes enables the feature. You must then specify at least one (and up to six) IPX network addresses to which SAP broadcasts will be directed.

Configuring IPX static routes

When the MAX TNT is reset or power cycled, it clears it RIP and SAP tables from memory. Static routes create entries in new RIP and SAP tables as the unit initializes. The static routes enable the MAX TNT to reach a NetWare server and download more complete tables from there.

In the case where a MAX TNT is connecting to another Ascend unit, you might choose not to configure any static routes. However, that means that after a power-cycle or reset, you must dial the initial IPX routing connection manually. After that connection is established, the MAX TNT downloads the RIP table from the other Ascend unit and maintains the routes as static until its next power-cycle or reset.

The disadvantage of static routes is that they require manual updating whenever the specified server is removed or has an address change. Their advantages are that they ensure that the MAX TNT can bring up the connection in response to clients' SAP requests, and they help to prevent timeouts when a client takes a long time to locate a server on the WAN.

Note: You do not need to create IPX routes to servers that are on the local Ethernet.

Static IPX routes use the following parameters, which are shown with their default settings:

Identifying the target

 The service type is a number included in SAP advertisements. For example, NetWare file servers are SAP Service type 0x04.

The destination of an IPX route is the internal network of a server. For example, NetWare file servers are assigned an internal IPX network number by the network administrator and typically use the default node address of 000000000001. This is the destination network address for file read/write requests. (If you are not familiar with internal network numbers, see your NetWare documentation for details.)

Typically, Novell file servers use socket 0x451. The number you specify must be a well-known socket number. Services that use dynamic socket numbers may use a different socket each time they load, and will not work with IPX Route profiles. To bring up a connection to a remote service that uses a dynamic socket number, specify a master server with a well-known socket number on the remote network.

Specifying how to get to the server's network

To reach the remote server's network, the default hop count of 2 and tick count of 12 are usually appropriate, but you might need to increase these value for very distant servers. Ticks are IBM PC clock ticks (1/18 second). Note that best routes are calculated on the basis of on tick count, not hop count.

The Profile-Name parameter specifies the Connection profile to use. When the MAX TNT receives a query for the specified server or a packet addressed to that server, it finds the referenced Connection profile and dials the connection.

Activating the route

For the MAX TNT to use this route, the Active-Route parameter must be set to Yes.

Example of a static IPX route

The following example shows how to create a new IPX-Route profile for a remote server named Server-1.

Defining and applying IPX SAP filters

IPX SAP filters contain a set of rules that determine which remote NetWare services will be excluded from (or included in) the MAX TNT SAP table or SAP response packets.

Note: SAP filters work only when IPX SAP is enabled on the interface (as it is by default). You can prevent the MAX TNT from sending or receiving any SAP udpates on a WAN interface by setting SAP to No in the IPX-Options subprofile of a Connection profile.

Following are the SAP filter parameters, which are shown with their default values:

Each of the eight Input and Output filters include the same parameters.

Parameter

Effect
IPX-SAP-Filter-Name

 You must assign each SAP filter a name, so that it can be applied by name to an interface. The name you assign becomes the IPX-SAP-Filter profile's index.

Input-IPX-SAP-Filters (1-8)

 Each SAP filter can contain up to 8 Input-Filter specifications, which are defined individually and applied in order (1-8) to SAP packets the MAX TNT receives. Input filters determine which remote services are accessible to local NetWare users.

Output-IPX-SAP-Filters (1-8)

 Each SAP filter can contain up to 8 Output-Filter specifications, which are defined individually and applied in order (1-8) to SAP response packets. The MAX TNT transmits SAP responses in reply to a SAP request packet. Output filters determine which local NetWare services are available to remote users.

Valid-Filter

 Enables or disables the Input or Output filter. When it is set to No (the default), that filter is skipped when filtering the SAP data. Set it to Yes for each defined filter you intend to use.

Type-Filter

 Specifies whether to include or exclude the service defined by the Server-Name or Server-Type parameters (or both). Exclude is the default. The Include setting is typically used to include a specific service when previous filters have excluded a general type of service.

Server-Type

 Specifies a NetWare service type. Service types are hexadecimal numbers representing a type of NetWare service. You can use the FFFF type to indicate all types. The number for File Service is 0004. For complete information about SAP service types, refer to your NetWare documentation.

Server-Name

 Specifies the name of a local or remote NetWare server. You can use the wildcard characters * and ? for partial name matches.

Example of filtering out a file server

The following example shows how to create a SAP filter that identifies a particular file server and filters it from the SAP table. If the directory services feature is not supported, servers or services that are not in the MAX TNT SAP table will be inaccessible to clients on other MAX TNT interfaces. Following are the commands that define the SAP filter:

Example of filtering all remote services

 The following example shows how to create a SAP filter that excludes all NetWare services on the interface from the MAX TNT SAP table. When this filter is applied in a Connection profile, WAN users CAN access local services, but local users cannot access any services on the remote network. Following are the commands that define the SAP filter:

Example of applying an IPX SAP filter to a LAN interface

 Following is an example of applying a SAP filter to a LAN interface:

For background information, see Applying a SAP filter to the LAN interface.

Example of applying an IPX SAP filter to a WAN interface

Following is an example of applying a SAP filter to a WAN interface:


[Top][Contents][Prev][Next][Last]Search

techpubs@eng.ascend.com

Copyright © 1998, Ascend Communications, Inc. All rights reserved.