[Top][Contents][Prev][Next][Last]Search

Setting Up IPX Routing for WAN Links

This chapter describes how to configure a RADIUS user profile for IPX routing connections, and how to set up static IPX routes. The chapter is divided into the following sections:
Before you begin
Introducing IPX routing
Overview of IPX-routing configuration tasks
Setting up IPX routing in a user profile
Setting up static IPX routes

Before you begin

Before you set up IPX routing for WAN links, you must perform some preliminary tasks at the MAX TNT configuration interface and in RADIUS.

Preliminary MAX TNT tasks

The first task that you carry out at the MAX TNT configuration interface is required for all configurations. The others depend upon the type of configuration you plan to set up.

Setting up the MAX TNT as an IPX router

Before you set up an IPX routing connection in RADIUS, you must set up the MAX TNT as an IPX router by configuring parameters in the IPX-Global, IPX-Interface, and Answer-Defaults profiles. For detailed information, see the MAX TNT Network Configuration Guide.

Specifying an authentication protocol

If you set up a RADIUS user profile that enables IPX routing (but not IP routing), you must specify an authentication protocol for name and password authentication of PPP, MP, and MP+ calls. In the Answer-Defaults profile's PPP-Answer subprofile, set the Receive-Auth-Mode parameter to PAP-PPP-Auth, CHAP-PPP-Auth, MS-CHAP-PPP-Auth, or Any-PPP-Auth. (For descriptions of these settings, see Table 3-5.)

Unlike an IP routing configuration, in which the MAX TNT uniquely identifies the calling device by its IP address, an IPX routing configuration does not include a built-in way to uniquely identify callers. For this reason, you must use PAP, CHAP, or MS-CHAP password authentication, unless you configure IP routing in the same RADIUS user profile.

Specifying a network number for dial-in clients

Dial-in clients do not belong to an IPX network, so you must assign them an IPX network number. When you do so, a dial-in client can establish a routing connection with the MAX TNT. To provide an IPX network number, you must define a virtual IPX network by means of the IPX-Dialin-Pool parameter. The MAX TNT advertises the route to this virtual network and assigns it as the network address for dial-in clients. If the client does not supply its own unique node number, the MAX TNT assigns a unique node number as well.

Preliminary RADIUS tasks

Before you set IPX attributes, you must configure a RADIUS user profile containing:

Table 10-1 lists references for more information.

Table 10-1. Preliminary RADIUS tasks for IPX routing

Task

Reference
Setting User-Name, Password, and other authentication attributes

 Chapter 3, Setting Up RADIUS Authentication

Configuring a PPP, MP, or MP+ connection

 Chapter 4, Setting Up PPP, MP, and MP+ Connections

Setting up a Frame Relay connection

 Chapter 7, Setting Up Frame Relay Connections

Introducing IPX routing

A MAX TNT configured for IPX routing enables NetWare clients and distributed Novell networks to use NetWare services across the WAN. Figure 10-1 shows a MAX TNT that routes IPX between WAN interfaces (connections) and a local Novell network.

Figure 10-1. Routing IPX between LAN and WAN interfaces

The MAX TNT supports IPX routing between sites that run Novell NetWare version 3.11 or later. The MAX TNT operates as an IPX router with one interface on the local Ethernet and the other across the WAN. It supports IPX routing over PPP, MP, MP+, and Frame Relay connections. Each RADIUS user profile that sets up an IPX connection is an IPX WAN interface.

NetWare servers broadcast Service Advertising Protocol (SAP) packets every 60 seconds to make sure that routers (such as the MAX TNT) know about their services. Each router builds a SAP table with an entry for each service that each known server advertises. The router uses the SAP table to respond to client queries.

When a NetWare client sends a SAP request to locate a service, the MAX TNT consults its SAP table and replies with its own hardware address and the internal address of the requested server. The client can then transmit packets whose destination address is the internal address of the server. When the MAX TNT receives the packets, it consults its IPX RIP table. If it finds an entry for that destination address, it brings up the connection or forwards the packet across the active connection.

For complete information about IPX routing, see the MAX TNT Network Configuration Guide.

Overview of IPX-routing configuration tasks

You can carry out the following IPX configuration tasks:

Setting up IPX routing in a user profile

Table 10-2 lists the attributes relevant to IPX routing for a WAN connection.

Table 10-2. IPX routing attributes

Attribute

Description

Possible values
Ascend-IPX-Alias (224)

 Specifies the network number you assign to a point-to-point link.

8-digit (4-byte) hexadecimal value. The default value is 00000000.

You need to specify a value for this attribute only if the MAX TNT operates with a non-Ascend router that uses a numbered interface. It does not apply if you are routing from one MAX TNT to another, or to a router that does not use a numbered interface.

Ascend-IPX-Peer-Mode (216)

 Specifies whether the caller is a dial-in PPP client, or an Ethernet client with its own IPX network address.

 IPX-Peer-Router (0) indicates that the calling device is on the Ethernet network and has its own IPX address.

IPX-Peer-Dialin (1) indicates that the caller is a dial-in NetWare client that incorporates PPP software and dial-out hardware, but does not have an Ethernet interface.

IPX-Peer-Router is the default.

Ascend-Route-IPX (229)

 Specifies whether the user profile can use IPX routing.

 Route-IPX-No (0)
Route-IPX-Yes (1)

Route-IPX-No is the default.

To set up IPX routing in a RADIUS user profile:

  1. Set Ascend-Route-IPX=Route-IPX-Yes.

  2. If the MAX TNT operates with a non-Ascend router that uses a numbered interface, set the Ascend-IPX-Alias attribute to specify a network number for the link.

  3. If the caller is a dial-in PPP client, set Ascend-IPX-Peer-Mode=IPX-Peer-Dialin.

    The MAX TNT does not send IPX RIP and SAP advertisements across the connection and ignores IPX RIP and SAP advertisements it receives from the remote end. However, it does respond to IPX RIP and SAP queries it receives from dial-in clients.

Example of configuring a connection between two Novell LANs
 Figure 10-2 shows a MAX TNT providing a connection between an IPX network, which supports both servers and clients, and a remote site that also supports both servers and clients, and an Ascend unit.

Figure 10-2. A connection with NetWare servers on both sides

In this example, to specify a connection to the Ascend unit at site B, you would configure the RADIUS user profile as follows:

Server-2 Password="m2dan", User-Service=Framed-User

          Framed-Protocol=PPP,

          Ascend-Route-IPX=Route-IPX-Yes,

          Ascend-IPX-Peer-Mode=IPX-Peer-Router
Example of configuring a dial-in IPX client connection
 In Figure 10-3, a NetWare client dials into a corporate IPX network that supports both servers and clients.

Figure 10-3. A dial-in NetWare client requiring dynamic IPX network assignment

In this example, the MAX TNT is connected to a corporate NetWare LAN and the dial-in client has a modem, NetWare client software, and PPP dial-up software. This example assumes that you have set the IPX-Dialin-Pool parameter. To configure the MAX TNT to accept a connection from the PC dial-in user, enter the following specifications:

NetWareClient1 Password="m2dan", User-Service=Framed-User

          Framed-Protocol=PPP,

          Ascend-Route-IPX=Route-IPX-Yes,

          Ascend-IPX-Peer-Mode=IPX-Peer-Dialin

Setting up static IPX routes

To create static IPX routes, you configure a pseudo-user profile containing the route specifications. Each static IPX route contains all the information necessary to reach one NetWare server on a remote network. When the MAX TNT receives an outbound packet for that server, it finds the corresponding RADIUS user profile and dials the connection. You do not need to create an IPX route to a server that resides on the local Ethernet network.

When the MAX TNT is reset or power cycled, it clears its RIP and SAP tables from memory. Static routes create entries in new RIP and SAP tables as the unit initializes. The static routes enable the MAX TNT to reach a NetWare server and download more complete tables from there.

If your MAX TNT will be connecting to another Ascend unit, you might not configure any static routes. However, after a power-cycle or reset, you must dial the initial IPX routing connection manually. After that connection is established, the MAX TNT downloads the RIP table from the other Ascend unit and maintains the routes as static until its next power-cycle or reset.

The disadvantage of a static route is that it requires manual updating whenever the specified server is removed or has an address change. However, when you configure a static route, you ensure that the MAX TNT can bring up the connection in response to clients' SAP requests. In addition, a static route helps to prevent timeouts when a client takes a long time to locate a server on the WAN.

Recommended configurations

Most sites configure only a few IPX routes and rely on IPX RIP for most other connections. If you have servers on both sides of the WAN connection, Ascend recommends that you define a static route to the remote site even if your environment requires dynamic routes. If you have one static route to a remote site, it should specify a master NetWare server that knows about many other services. NetWare workstations can then learn about other remote services by connecting to that remote NetWare server. If the MAX TNT does not receive IPX RIP broadcasts from a remote unit, you should configure a static route to at least one server on the remote network.

Configuring static IPX routes in a pseudo-user profile

To set up static IPX routes in a RADIUS pseudo-user profile, you must perform the following tasks:

Creating the first line of a pseudo-user profile for static IPX routes

 You can configure pseudo-users for both global and MAX TNT-specific configuration control of IPX dialout routes. The MAX TNT loads the unit-specific dialout routes in addition to the global dialout routes.

For a unit-specific IPX dialout route, specify the first line of a pseudo-user profile in the following format:

ipxroute-name-num Password="ascend", User-Service=Dialout-Framed-User
For a global IPX dialout route, specify the first line of a pseudo-user profile in the following format:

ipxroute-num Password="ascend", User-Service=Dialout-Framed-User
The name argument is the system name of the MAX TNT (the name specified by the Name parameter in the System profile), and num is a number in a sequential series, starting at 1.

Specifying static IPX routes with the Ascend-IPX-Route attribute

In each pseudo-user profile, specify one or more routes with the Ascend-IPX-Route attribute. Use the following format:

Ascend-IPX-Route="profile_name network# [node#] [socket#] 
[server_type] [hop_count] [tick_count] [server_name]"
The MAX TNT fetches information from each pseudo-user profile in order to gather routing information. Table 10-3 describes each Ascend-IPX-Route argument.

Table 10-3. Ascend-IPX-Route arguments

Argument

Specifies
profile_name

 RADIUS user profile the MAX TNT uses to reach the network. The default value is null.

network#

 Unique internal network number for the NetWare server. The default value is 00000000.

node#

 Node number for the NetWare server. The default value is 000000000001 (the typical node number for a NetWare file server.)

socket#

 Socket number for the NetWare server. Typically, NetWare file servers use socket 0451. The default value is 0000.

The number you specify must be a well-known socket number. Services that use dynamic socket numbers might use a different socket each time they load, and will not work with static IPX routes. To bring up a connection to a remote service that uses a dynamic socket number, specify a remote master server that uses a well-known socket number.

server_type

 SAP service type of the NetWare server. NetWare file servers have SAP service type 0004. The default value is 0000.

hop_count

 Distance to the destination network, in hops. The default value is 1.

tick_count

 Distance to the destination network, in IBM PC clock ticks (one-eighteenth of a second). This value is for round-trip timer calculation and for determining the nearest server of a given type.The default value is 12. Note that the best routes are calculated on the basis of the tick count, not the hop count.

server_name

 Name of an IPX server. The default value is null.

How the MAX TNT adds IPX dialout routes to the routing table

Whenever you power on or reset the MAX TNT, RADIUS adds IPX dialout routes to the routing table as follows:

  1. RADIUS looks for profiles having the format ipxroute-name-1, where name is the system name.

  2. If at least one such profile exists, RADIUS loads all existing profiles having the format ipxroute-name-num to initialize the IPX routing table. The variable num is a number in a sequential series, starting with 1.

  3. The MAX TNT queries ipxroute-name-1, then ipxroute-name-2, and so on, until it receives an authentication reject from RADIUS.

  4. RADIUS loads the global configuration profiles. These configurations have the form ipxroute-num.

  5. The MAX TNT queries ipxroute-1, then ipxroute-2, and so on, until it receives an authentication reject from RADIUS.

Example of configuring static IPX routes
 In Figure 10-4, the dial-in user Emma needs a static IPX route to the IPX server across the WAN.

Figure 10-4. Using a static IPX route

The following example shows how to configure a unit-specific IPX route to Server-1:

ipxroute-CA-1 Password="ascend", User-Service=Dialout-Framed-User

 Ascend-IPX-Route="Emma 9999ABFF 000000000002 0451 0004 2 10 Server-1"
Here is an example of how to define a global IPX route to Server-1:

ipxroute-1 Password="ascend", User-Service=Dialout-Framed-User

 Ascend-IPX-Route="Emma 9999ABFF 000000000002 0451 0004 2 10 Server-1"

[Top][Contents][Prev][Next][Last]Search

techpubs@eng.ascend.com

Copyright © 1998, Ascend Communications, Inc. All rights reserved.