Excerpts from TCP/IP on "NetWare 6 - Frequently Asked Questions"
Articles and Tips: article
01 May 2002
This Novell TCP/IP Frequently Asked Questions (FAQ) document provides answers to a selection of common questions on the various protocols (IP, TCP, UDP and others) that make up the TCP/IP protocol suite. The FAQ also provides some implementation details on NetWare, specifically NetWare 6. This excerpt will look at the following subjects:
Administration
IP Addressing
Load Balancing and Fault Tolerance
Routing Protocols
Tools
Administration
Q.
Does NetWare 6 support Native IP?A.
Yes, NetWare 6 completely supports Native IP.Q.
What are the binaries for NetWare 6 TCP/IP?A.
The binaries for NetWare 6 TCP/IP are:TCP.NLM, TCPIP.NLM, BSDSOCK.NLM - both secure and non-secure versions.
NETLIB.NLM - one version which runs with both secure and non-secure versions of the earlier NLMs.
INETCFG.NLM and TCPCFG.NLM - these utilities are used for configuration.
Q.
In which directories do the TCP/IP binaries reside?A.
The TCP/IP binaries reside in the SYS:\SYSTEM directory.Q.
Which utility can I use to configure the TCP/IP stack?A.
The following two utilities are used to configure the stack: INETCFG.NLM and TCPCON.NLM. At the server console prompt, type:inetcfg <Enter>
or
tcpcon <Enter>
Q.
How does one monitor the different statistical variables of the TCP/IP stack?A.
You can use the tools Monitor and TCPCON that list all the sub-options of the stack.Q.
Is the NetWare 6 TCP/IP stack different from the previous version of TCP/IP stack in NetWare? If so, how?A.
Yes this stack is very different from its earlier versions. The NetWare 6 TCP/IP stack gives you many more features like:Load Balancing and Fault Tolerance
SACK and Large Windows
Dead Gateway Detection and Multiple Default Gateways
Path MTU Black hole detection and recovery for TCP connections
MP enabled TCP and UDP stacks
Defense against FIN, SYN and Smurf attacks and many more
IP Addressing
Q.
How can I configure the IP address of a NetWare server?A.
Once you have configured the network boards, go into the INETCFG utility to > Bindings > Configure and put in the IP address with netmask. You can also do this by using the command line:bind ip <driver name> address = <ip address> mask = <netmask>
Q.
Does NetWare 6 support subnetting?A.
Yes NetWare 6 supports subnetting.Q.
Does NetWare 6 support supernetting?A.
Yes it is supported, but only on end hosts.Q.
What should you take care of while configuring a supernetted address on a NetWare server?A.
You can not make a NetWare server a router while supernetting is enabled.Q.
What is an ARP-able and a non-ARP-able primary IP address?A.
ARP-able is the one that responds to an ARP request, non-ARP-able does not propagate the MAC address outside. If an IP address is bound with the no-ARP option enabled, a new IP address will be created on the basis of the MAC address where it is bound.Q.
What is an ARP-able and a non-ARP-able secondary IP address?A.
The ARP-able secondary IP address responds to an ARP request while the non-ARP-able secondary IP address does not propagate the MAC address outside. The IP address will remain the same in case of noARP also.Q.
Why is a secondary IP address used?A.
The secondary IP address can be used to configure NetWare as a multi-homed host. Then the client will see each secondary IP address as a logical host. Secondary IP address can also be used to launch different services on different IP addresses.Another benefit that the secondary IP address provides is that it can be configured as a virtual IP address using the Non-ARP option, which can be used for load balancing in a clustering environment.
Q.
How can I add a Secondary IP Address?A.
To do so, go to the server prompt and enter the following:add secondary ipaddress <ipaddress>
Q.
How can I remove the Secondary IP Address?A.
To do so, go to the server prompt and enter the following:Delete secondary ipaddress <ipaddress>
Q.
How do you display a Secondary IP Address?A.
To do so, go to the server prompt and enter the following:display secondary ipaddress
Q.
Is it possible to add a non-ARP-able Secondary IP Address?A.
You can add non-ARP-able Secondary IP Address using the command line option at the server console. To do so, type the following:add secondary ipaddress <ipaddress> noarp
Q.
How do you add a Secondary IP Address to a specific card?A.
To add a Secondary IP Address to a specific network board, type the following at the console prompt:add secondary ipaddress <ipaddress>
After this, you will be prompted to select which network board you want to specify in case this is a multi-homing machine.
Q.
What is the support for Direct Server Return (DSR) that is provided by the stack?A.
You can configure Direct Server Return by using non-ARP-able Secondary IP Addresses.Q.
What is multi-homing?A.
Multi-homing is the feature that enables a system to have more than one network interface and it also ensures that the interface assumes multiple IP addresses on the same network. It is typically used for all IP networks bound to a router, irrespective of whether the networks are bound to the same interface or to different interfaces.Q.
What kind of multi-homing support is available in NetWare 6?A.
NetWare 6 supports different kinds of multi-homing combinations; between Single/Multiple NIC and also between Single/Multiple IP Addressing.Q.
What is interface grouping?A.
Grouping is the process of selecting the NICs you want from the available set of multi-homed NICs. After selecting the required NICs (Grouping) they can be enabled for load balancing and fault tolerance. These NICs should be bound to the same subnet.In NetWare 6, two types of grouping enable you to optimize the load balancing and fault tolerance feature. They are:
Single IP Address/Multiple NICs are grouped automatically.
Multiple IP Addresses/Multiple NIC can be manually grouped and later ungrouped as needed.
The advantage of grouping in NetWare 6 is that once you group the NICs, load sharing is automatically enabled. Also, once the NICs are grouped, they are visible as a group of network adapters for a group of IP addresses or for a single IP address.
This group will have a singular identity with its own set of properties and the properties of individual NICs in this group would no longer be valid. After that, each and every IP Address will look like it is associated with more than one Network Adapter. This is the basis of the load balancing and fault tolerance. To optimize the advantages of the grouping feature, the user must ensure that all the NICs to be grouped reside on the same LAN segment.
In NetWare 6, grouping is performed in a way that all the MAC addresses are visible to the outer world and they can use that addressing structure to send their requests. Once the NICs are grouped, their individual identity is no more valid. However, if the network administrator wants to preserve the individual identity, NetWare provides the option of ungrouping the NIC.
Q.
Can I group Interfaces with different IP addresses?A.
Yes, you can group interfaces with multiple IP addresses, provided all the IP addresses belong to the same subnet.Q.
Can I group interfaces bound to different networks?A.
No, you can't do that.Q.
How do I check the multi-homing configuration of the NetWare server?A.
Right now you can verify this by typing the following at the server console prompt:display secondary IP address
In NetWare 6.1, this ability will be available in the "Config" console command.
Q.
Can I ungroup interfaces with different IP addresses?A.
Yes, you can do that. Ungrouping is a process of removing a particular NIC from the grouped set. Ungrouping can be done for the Multiple IP addresses/Multiple NICs type of groups.Ungrouping is most advantageous when the user wants to configure a particular NIC differently from the group. NetWare 6 provides that capability. Also the NICs are LAN-segment independent. Such types of ungrouping can be used for security purposes, for QOS, or for a different configuration on a particular network card.
Load Balancing and Fault Tolerance
Q.
How do I configure load balancing and fault tolerance in NetWare? How do I verify the configuration?A.
You can configure load balancing and fault tolerance using the INETCFG utility. You can verify the same using the TCP/IP (TCPCFG) protocol configuration utility.Q.
Can I configure the load balancing and fault tolerance feature using a command line interface?A.
No, you can't do that. You can configure load balancing and fault tolerance using the INETCFG utility only.Q.
How do I verify load balancing is working?A.
Right now there are no statistics available to provide this information in the production version. However, in the debug version of TCP/IP NLM, this can be viewed by typing:_IP <Enter>
at the server console prompt. The other way of verification is by capturing packets and checking the source MAC address of the outgoing packets.
Q.
Can I group adapters with different capacities, different vendors, and different properties (such as network boards with Hardware check summing support, etc.)?A.
Yes, you can group adapters with different capacities and from different vendors.Q.
What is a primary interface in load balancing and fault tolerance group?A.
When you group a number of interfaces, one interface will automatically become the primary interface. However, you do have the option of changing this interface and making another one the primary interface. The primary interface in the group handles all the broadcasts and routing related issues for the group.Q.
What is the difference between grouped and ungrouped interfaces?A.
Grouped interface will participate in load sharing, load balancing and fault tolerance, while ungrouped interfaces cannot participate in these features. Ungrouping can be done for the Multiple IP addresses/Multiple NICs type of groups.Ungrouping is most advantageous when the user wants to configure a particular NIC differently from the group. Grouped interface adapters will have the same properties, while ungrouped adapters may have different properties.
Q.
What properties are in common when multiple interfaces are grouped?A.
The following properties are in common when multiple interfaces are grouped:Subnet Mask
Frame type
RIP options
OSPF options
Broadcast address
Multicast override IP address
TOS
ARP options
Router Discovery options
NAT options
Load balancing and Fault Tolerance options.
Q.
How do I enable Load Balancing and Fault Tolerance for a group?A.
In the INETCFG utility, there are two switches: system and group. You have to enable load balancing and fault tolerance at both the places within INETCFG (under the Protocols and Bindings options). When the same IP address is bound to multiple interfaces, load sharing and fault tolerance is enabled by default.Q.
How does NetWare 6 handle broadcast and multicast packets?A.
If a group already exists, then broadcast packets are handled by the primary interface. Otherwise, every interface will handle the broadcast. Multicast would also be handled by every interface.Q.
What will happen to TCP connections when one of the adapters fails and the other one takes over?A.
Nothing, thanks to fault tolerance, the TCP connections would remain intact.Q.
Will there be any packet drop during adapter failover?A.
Yes, there could be a minor packet drop during failover. Connection-oriented applications like TCP won't find out any difference, whereas datagram applications like UDP will see a packet drop based the configured fault tolerance interval.Q.
How does the client come to know that the adapter to which it is connected is failed and it has to send request to the new adapter?A.
When an adapter fails, a Gratuitous ARP would be sent to the client with the new adapter's MAC address.Q.
How is this solution different than the Compaq teaming solution?A.
In this solution, the MAC addresses are visible and multiple configurations are possible, which is not the case in the Compaq teaming solution. The Novell teaming solution is vendor-independent and operates from Layer 3.Q.
Do clients see the same MAC address for all the interfaces in the grouped network?A.
No, all the MAC addresses are visible.Q.
Does the load balancing and fault tolerance solution co-exist with third party solutions like Compaq's ALB and NFT feature?A.
No, the NetWare solution is different from Compaq's solution. The main difference being that in the NetWare solution the MAC addresses are visible and multiple configurations are possible.Q.
Is this feature supported on all network adapters? Does it require specific driver to be installed?A.
This feature is supported on all those network adapters that strictly follow ODI specifications.Q.
Why have load balancing when you already have load sharing?A.
This feature is an enhancement of what load sharing gives you. This is an intelligent algorithm and is helpful when the drivers are heavily loaded.Q.
Can load balancing alone be configured, without having fault tolerance on as well?A.
Yes, load balancing alone can also work.Q.
Can Load Balancing be an overhead with the increase in the number of NICs?A.
Load balancing has a slight overhead, but the benefits it gives surpass the cost it takes to run.Q.
Is fault tolerance and load balancing supported with Token-Ring and FDDI?A.
No, it is supported in the Ethernet protocol only. This would be supported in future releases.Q.
How do I know when any of the network boards fail? Would fault tolerance give me any alert messages?A.
Yes, fault tolerance would give you an alert on the logger screen. It will appear from the following command:display secondary IP address
The command will display DOWN if the interface is faulty.
Q.
How do ARP entries of our server at routers get flushed in case of fault tolerance? How does load balancing happen across different NICs?A.
By using Gratuitous ARP, fault tolerance can advertise the new MAC address for any IP address so that the older entry would be flushed at the router. For load balancing, fault tolerance sends a reply for the ARP request of the client with the least-loaded MAC address. For send packets, we use any of the grouped interfaces, depending on the load.Q.
Does the load get balanced between gateways?A.
No, the load is not balanced. The NetWare 6 stack provides fault tolerance only between gateways.Routing Protocols
Q.
What routing protocols are supported on the NetWare 6 TCP/IP stack?A.
This stock provides the following routing protocols:RIP I and RIP II
OSPF
EGP
ICMP Router Discovery
Tools
Q.
What kind of tools are available to check the network connectivity?A.
The TCP/IP stack itself gives you Ping and tping to help you check network connectivity.Q.
Does NetWare support trace route utility?A.
Yes, such a utility is supported and it's called IPTrace.Q.
Can I use the IPTrace utility with more Hops?A.
Yes, you can change the Hops option.Q.
Is the IPTrace utility different from the one released in NetWare 5? If so, what are its new features?A.
Yes, NetWare 6's IPTrace utility is different. A number of new features that are provided include:PMTUBHR - used for detecting a PMTU Black Hole router
STARTHOP - starting a TTL value
PKT - number of packets sent for each Hop (default 3)
Q.
How do I monitor TCP/IP statistics?A.
You can monitor the TCP/IP statistics using the TCPCON utility. You can also type _TCP <Enter> at the server console prompt, then select 1.Q.
How can I find a black hole router between any two hosts?A.
You can find a black hole between any two hosts with the tping utility and using a different packet size along with the "set don't fragment bit" parameter.* Originally published in Novell AppNotes
Disclaimer
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.