NetWare/IP: Integrating NetWare to TCP/IP
Articles and Tips: article
01 Jun 1996
Novell has significantly enhanced NetWare 4.1 support for the TCP/IP networking protocol. NetWare/IP 2.2 enables customers to better integrate TCP/IP and leverage the Internet. Enhancements include DHCP /BootP Server to simplify the management of IP addresses.
NetWare 4.1 and NetWare/IP offer a complete TCP/IP connectivity solution for customers who want to integrate NetWare into an existing IP infrastructure, migrate an existing NetWare installation to IP, or establish a mixed IP and IPX environment. For customers migrating to IP and consolidating on a single network protocol, NetWare 4.1 offers a phased transition that enables them to migrate at their own speed.
Customers who want to leverage the strengths of both IP and IPX are ensured full protocol interoperability, giving them the flexibility to leverage the efficiencies of IP over the WAN and the management simplicity of IPX for local connectivity.
NetWare/IP greatly reduces WAN traffic and router overhead, and increases the manageability of IP-based internetworks.
NetWare/IP is fully compatible with all of the IPX-based network applications customers are already using, including all backup, database and host connectivity solutions. Additionally, NetWare/IP enables NetWare 4.1 to be fully managed from any UNIX management console via itsSNMP-standard MIBs and XCONSOLE interface.
NetWare 4.1 enables customers to make a smooth transition to TCP/IPwhile retaining all the NetWare services their businesses rely on as well as all the applications and networking hardware they already have in place.
NetWare /IP: Integration into TCP/IP
NetWare/IP is a set of NetWare Loadable Modules (NLMs) and client software that enables existing NetWare 3 and NetWare 4 servers to use TCP/IP or Novell's IPX (or both) as their transport protocol. This flexibility allows customers to deploy a total IP solution or a mixed IPX-IP solution in their NetWare environment. All existing NetWare services run unmodified with NetWare/IP.
NetWare/IP comes with the following components:
DNS.NLM (BIND 4.8.3):NetWare/IP can be deployed without DNS, with an existing UnixDNS or with this NLM acting as the DNS.
Domain RIP/SAP Service (DSS.NLM):this NLM allows IP nodes to get server and route info.
NetWare Server and Client Files:these NLMs insure 100% backward compatibility
NetWare IP/IPX Gateway:allows IP/IPX coexistence for phased migrations
XCONSOLE, telnet and SNMP MIB support for manageability
NetWare/IP 2.2 Enhancements
NetWare/IP Version 2.2 is for NetWare 4 networks. NetWare/IP Version 2.2 is a replacement/upgrade for NetWare/IP Version 2.1. NetWare 3 customers should use NetWare/IP Version 1.1 plus some patches.
NetWare/IP 2.2 for NetWare 4 is enhanced in the following ways:
The addition of a DHCP Server for IP address leasing (backward compatible with BOOTP clients)
lpr/lpd support for NetWare to Unix or IP-based printing
Supports IP stacks from Microsoft that use the TDI Interface (Win95, Win NT)
Supports 3rd party IP stacks (FTP Software andothers to follow)
Allows NetWare/IP to be deployed with or without DNS
Reduces network traffic and CPU utilization with optimized algorithm for service updates.
The NetWare DHCP server can support those DHCP parameters (e.g NetBIOS) used by Windows 95 and NT workstations.
These NetWare/IP 2.2 enhancements will:
Simplify the management of IP addresses via a DHCP server. Rather than requiring network administrators to manually assign a static IP address to every network client-which can be a time-consuming and difficult management task-the DHCP server manages a pool of IP addresses, automatically leasing addresses to clients as needed. The DHCP server can be configured to automatically provide all IP configuration information to NetWare clients. Because the DHCP server also supports BootP, customers can continue using the IP stack they currently have in place.
Assist NT Workstation users to access NT services via IP. In addition to providing NetWare configuration information to clients, the DHCP server can also provide all of the NT information-such NetBIOS Name Service (WINS)info-that NT clients need to connect to NT services via IP. This enables companies to eliminate redundant IP server systems.
Enable NetWare users to access UNIX and otherIP-based printers on the network. All NetWare clients can access network printers running lpr/lpd.
Improve performance and scalability of NetWarewide area networks. The elimination of Service Advertising Protocol (SAP) traffic and the ability to configure the tuning of services updates enables network administrators to free up significant bandwidth on wide area links, improving performance throughput for LAN-to-LAN communication. NetWare IP2.2 also gives network managers much greater flexibility in where they place IP service databases, which can greatly increase the scalability of the network.
Add full support for Microsoft's 32-bit TCP/IP stack used in Windows 95 and NT Workstation. NetWare/IP 2.2 also supports IP stacks from FTP and the IP stack that is standard with all NetWare clients.
Support NetWare SFT III,enabling customers to implement fault-tolerant networking via IP.
Leveraging the Internet
Using NetWare 4.1 with IP enables customers to use the Internet to access NetWare servers, giving them public network access to private network resources. This allows customers to use the Internet to link geographically dispersed LANs, providing LAN-to-LAN file sharing and enabling network administrators to manage remote LANs without the need for privately managed network connections. Any mobile user with a SLIP or PPP connection can use a local Internet service provider to access NetWare servers anywhere in the world.
TCP/IP and DHCP Client Matrix
The following table describes the TCP/IP stacks usage of BOOTP or DHCP in getting IP address, subnetwork mask, default router address and other information the stack needs.
Novell 16-bit TCP/IP stack
Novell 32-bit TCP/IP stack
Microsoft 32-bit TCP/IP stack
The DOS/Windows client (VLM) exploiting NetWare/IP uses the Novell 16-bit TCP/IP protocol stack or any other TCP/IP protocol stack (e.g., FTP) that adheres to the NetWare/IP protocol definition. The Novell 16-bit TCP/IP protocol stack only supports BOOTP; whereas, the NetWare/IP client uses DHCPINFO message defined in the latest DHCP RFC draft to obtain NetWare/IP parameters.
NetWare Client (Client 32) for DOS/Windows exploiting NetWare/IP uses the Novell 32-bit TCP/IP protocol stack. No other TCP/IP protocol stack is supported. The Novell 32-bit TCP/IP protocol stack supports BOOTP and DHCP. Since the stack supports DHCP, IP addressing and NetWare/IP configuration parameters for the NetWare/IP client can be obtained from the server.
NetWare Client (Client 32) for Win95 exploiting NetWare/IP supports the Microsoft 32-bit TCP/IP protocol stack or any other TCP/IP protocol stack that adhere to the Microsoft Transport Driver Interface (TDI). The Microsoft TCP/IP protocol stack supports only DHCP. The NetWare/IP client uses DHCPREQUEST message to get NetWare/IP configuration parameters.
NetWare Client for NT exploiting NetWare/IP uses the Microsoft 32-bit TCP/IP protocol stack or any other TCP/IP protocol stack that adheres to the Microsoft TDI interface. The Microsoft TCP/IP protocol stack only supports DHCP. The NetWare/IP client uses the DHCPREQUEST message to get NetWare/IP parameters.
NetWare/IP 2.2 Frequently Asked Questions
Domain Name Services (DNS)
Q. How does NetWare/IP use DNS?
A. NetWare/IP servers and client may optionally query DNS during initialization to locate domain SAP/RIP servers (DSSes). NetWare/IP servers and client are usually configured for specific DSSes and NetWare/IP servers, but DNS may be used as a last resort to locate NetWare/IP services during initialization.
Q. Is DNS required for NetWare/IP?
A. No. However, Novell strongly recommends configuring DNS with the NetWare/IP domain information to provide an additional level of fault tolerance for client initialization. DNS is also used in NetWare/IP DSS management to "Display All DSSes" for the NetWare/IP domain. If DNS isn't configured for NetWare/IP, administrators may experience lengthy timeouts during administration as NetWare/IP attempts to verify NWIP information within DNS.
Q. Does NetWare/IP 2.2 provide DNS services?
A. Yes. NetWare/IP 2.2 includes DNS that is BIND 4.8.3 compatible. Any NetWare 4.1 server may be configured as a master or replica name server of a DNS domain. The master or replica DNS database may exist on any DNS platform-for example, it is possible to configure a NetWare 4.1 server to maintain a replica DNS database where the master DNS database resides on a Unix machine.
Q. Does the NetWare/IP DNS domain contain entries for all NetWare/IP servers and clients?
A. No. The NetWare/IP DNS domain only contains name server records (ns) for selected DSSes of the NetWare/IP domain. NetWare/IP servers and client that use DNS host names may be located anywhere in the DNS hierarchy.
Domain SAP Server (DSS)
Q. What improvements to DSS does NetWare/IP 2.2 include?
A. The DSS.NLM includes two important features. First, NetWare/IP 2.2 provides the capability to filter SAP/RIP records between DSSes. Second, NetWare/IP 2.2's DSS.NLM has been optimized for greater scalability while consuming fewer server resources. Existing NetWare/IP 2.1 customers generally notice a 25% gain in DSS performance (evidenced by CPU utilization decreasing) after upgrading NetWare/IP 2.1 to NetWare/IP 2.2.
Q. How does NetWare/IP 2.2 DSS SAP filtering work?
A. DSS SAP filtering determines the type of SAP/RIP records exchanged between the secondary DSSes and the primary DSS. It is possible to filter on a SAP type (i.e., advertising print server), SAP name, including wildcards (i.e., NWIPDEMO-FS1, LEX*, HP*), or even subnet (i.e., don't include records from 22.214.171.124). Note that this only affects DSS-DSS synchronization, NOT DSS-NWIP synchronization.
Q. Should every NetWare/IP server also be configured as a DSS?
A. No. The DSS functionality should be limited to a few select NetWare 4.1 servers. It is not necessary to place a DSS at every geographical site that contains a NetWare/IP server or client. DSSes should be placed at aggregation points within your WAN infrastructure, or at locations were where several (>15) NetWare/IP servers are located.
Q. How many DSSes should I deploy?
A. Each DSS can handle between 50 to 100 NetWare/IP servers, depending upon such factors as the DSS hardware (CPU, memory), number of SAP/RIP records, DSS-DSS and DSS-NetWare/IP synchronization intervals, and how often SAP/RIP information changes within your network. Generally, plan on at least one DSS per 50 NetWare/IP servers. If your configuration is less than 50 servers, you should have at least two DSSes to provide fault tolerance.
Q. Should all DSSes have name server (ns) records in DNS?
A. No. Only a few selected secondary DSSes should have ns records in DNS. Remember that these secondary DSSes will be contacted by NetWare/IP servers and clients if other DSSes aren't available during the initialization process. Plan accordingly.
Q. Should I enter a name server (ns) record in DNS for my primary DSS?
A. No, unless your configuration is less than 50 servers and you've only deployed two DSSes. Generally, the primary DSS doesn't have a name server (ns) record in DSS to prevent NetWare/IP servers and client from using the resources of the primary DSS. In larger configurations (>50 NetWare/IP servers), the processing power of the primary DSS is reserved to maintain synchronization of the DSS database with secondary DSSes.
Q. Should I dedicate servers to perform the DSS functionality.
A. If your configuration is very large (>200 NetWare/IP servers), strongly consider configuring a lightly-loaded or dedicated NetWare 4.x server as the primary DSS. If a single secondary DSS will provide DSS services to more than 50 NetWare/IP servers, consider dedicating a NetWare server to provide this functionality. If a DSS will provide DSS services to fewer than 30 NetWare/IP servers, there is no need to dedicate a server as just a secondary DSS. Of course, several factors previous listed will affect DSS performance, but these numbers generally work in most configurations.
Q. Can a single NetWare server provide both DNS and DSS services?
A. Yes. DNS and DSS may run concurrently on a NetWare server.
Q. Is there any way to track CPU utilization on a DSS server?
A. Yes. Load the MONITOR.NLM, select "Processor Utilization", and look for DSS related processes-there are about 6 and they're pretty descriptive.
Q. Is there any way to track the amount of data transferred during DSS-DSS and DSS-NWIP synchronization?
A. Yes. From the NetWare/IP server or DSS, load Unicon, select "Configure Error Reporting", select "Configure Error Logging/SNMP Alert Levels", and set the first two selections to "DEBUG." You'll notice new entries on the PKERNEL screen that show the type of synchronization traffic (either DSS2DSS or DSS2NWIP), the number of SAPs and RIPs exchanged, and the size of the data transmitted in bytes.
Q. What happens when the Primary DSS is unavailable? How long before records time out?
A. If the primary DSS is unavailable, all secondary DSSes will 'freeze' records that are learned from other DSSes. The secondary DSS will continue to accept and distribute SAP/RIP records to/from any NetWare/IP server, thereby permitting all NetWare/IP servers that share a common DSS to function normally. The secondary DSS will also continue to report the SAP/RIP records learned from the primary DSSes to NetWare/IP servers for up to 36 hours.
If the secondary DSS can't establish communication with the primary DSS within 36 hours, all records learned from the primary DSS will age out, and will no longer be reported to NetWare/IP servers. Therefore, if the primary DSS fails, you have approximately 36 hours to resolve the problem, or configure a new primary DSS, before functionality will be severely affected.
Q. Is there any way to look at the contents of the DSS database?
A. Yes. From UNICON, you may browse the DSS database for either SAP or RIP entries. You'll see the number of sources reporting the service/route, the local subnet of the service or gateway, and the DSS responsible for maintaining the DSS record. You may also save the DSS database to a text file by selecting "Save SAP Records" or "Save RIP Records".
Q. Does DSS and NetWare/IP use SNMP? Does it include a MIB?
A. Yes. NWIP.NLM and DSS.NLM both provide SNMP alerting and a common management MIB (DSSMIB.MIB).
Q. What new features does NetWare/IP 2.2 includes for the NetWare/IP server?
A. There are two very important enhancements to NWIP.NLM. First, the NWIP.NLM keeps a local copy of the DSS Btrieve database. In prior versions of NetWare/IP, NWIP.NLM would download the entire DSS SAP/RIP database every time the NLM was initialized. Since NetWare/IP keeps a local copy of the DSS Btrieve database, only changes to the DSS database are synchronized during DSS initialization. This greatly reduces DSS-NWIP traffic during NWIP.NLM initialization.
Secondly, the NWIP.NLM may now respond to client queries during initialization. In previous versions of NetWare/IP, NetWare/IP clients were required to contact a DSS to initialize, often requiring a DSS to be located at any site that contained NetWare/IP clients. However, with NetWare/IP 2.2, a NetWare/IP client needs only to contact a NetWare/IP server-there is no requirement to place a DSS at every site where NetWare/IP clients exist.
Q. Can I use INETCFG to configure NetWare/IP?
A. Yes. NetWare/IP 2.2 includes the necessary files for managing some functions of the NetWare/IP interface from INETCFG. Not all functionality available in UNICON is available in INETCFG.
Q. Can I use FILTCFG.NLM to filter SAPs and RIPs with NetWare/IP 2.2?
A. Yes. Be sure to load the NWIP.NLM with 'board=(name)' so that FILTCFG.NLM will recognize the NetWare/IP interface.
Q. I have multiple adapters in my server, all configured with TCP/IP. \Is it possible to bind NetWare/IP to multiple adapters?
A. Yes, it is possible to bind NetWare/IP to multiple adapters with NetWare/IP 2.2. See the NetWare/IP documentation for more information.
Q. Is NetWare/IP supported on SFT III?
A. Yes. NetWare/IP 2.2 is supported on SFT III.
Q. Is NetWare/IP enabled for SMP (symmetric multi processing)?
A. Not currently. A scalability increase will result when BTRIEVE.NLM is fully SMP enabled, thereby improving the performance of DSS. BTRIEVE.NLM is no longer owned by Novell, but is currently undergoing SMP enabling. However, many customers have successfully implemented very large NetWare/IP implementations without the need for SMP.
Q. What clients are currently support by NetWare/IP?
A. NetWare/IP currently supports DOS, Windows 3.1, Windows for Workgroups, Windows 95, and Windows NT Server and Workstation. OS/2 and Macintosh versions are under consideration.
Q. What TCP/IP stacks are supported by NetWare/IP?
A. For DOS, Windows 3.1, and Windows for Workgroups- Novell's 16-bit LAN WorkPlace TCP/IP stack, Client32 32-bit TCP/IP stack, and FTP's ONNET. Another major TCP/IP vendor will soon announce NetWare/IP availability on their stack.
For Windows 95 and Windows NT-any stack written to Microsoft's TDI spec, including the 32-bit TCP/IP stack that ships with both of these products.
Q. Does Novell provide DHCP (Dynamic Host Configuration Protocol)?
A. Yes. NetWare/IP 2.2 include DHCPSRVR.NLM, which can answer both DHCP and BOOTP requests. The DHCPSRVR.NLM may be loaded on any NetWare 4.x server, including servers that provide DNS and DSS information.
Q. How do I configure the DHCP server?
A. Load the DHCPCFG.NLM. Future versions may include a snap-in DLL for the NWAdmin GUI utility
Q. What information can your DHCP server provide?
A. Novell's DHCP server provides the standard IP information, including leasing of an IP address, subnet mask, IP gateway, DNS domain name and up to three name servers. In addition to the standard IP information, Novell's DHCP server may also distribute specific NetWare/IP information, such as NetWare/IP domain, NSQ broadcast, up to five nearest NWIP servers, and up to 5 preferred DSSes. Lastly, Novell's DHCP can provide NetBIOS Name Server information (a.k.a. WINS) and NetBIOS node types (b, p, h, m).
Q. Which clients can use your DHCP server?
A. Both BOOTP and DHCP clients. BOOTP clients, such as Novell's 16-bit TCP/IP, may even obtain an address lease from the DHCP server, and receive NetWare/IP information. Windows 95 and Windows NT clients may also receive all information, including WINS and NWIP, from a NetWare/IP DHCP server.
Q. What is the best tool for analyzing NetWare/IP communication?
A. Use Novell's LANAlyzer for Windows. It will properly decode NetWare/IP packets, including DSS-DSS and DSS-NWIP synchronization. You may also try protocol forcing with Network General's SNIFFER-force all UDP packets on port 0xABCD (default NWIP port) to decode the data portion as XNS.
Q. How does NetWare/IP's performance compare to IPX?
A. Technically, NetWare/IP is 5-8% slower than native IPX. However, when implemented over slow WAN links, most customers actually notice a net performance increase as NetWare/IP eliminates SAP/RIP traffic from consuming unnecessary WAN bandwidth. Most end-users will never notice a performance difference between NetWare/IP and IPX.
Q. Do all applications work with NetWare/IP?
A. Yes. NetWare/IP was engineered to provide complete backwards compatibility with existing IPX applications. Novell has yet to discover an application that won't run with NetWare/IP.
Q. I've heard that NetWare/IP is tunnelling? Is this true?
A. NetWare/IP isn't tunneling-tunneling implies that ALL information is sent through the IP tunnel, whether the information is a broadcast or point-to-point communication. NetWare/IP encapsulates point-to-point information inside a UDP packet. Broadcasts are never encapsulated; instead, they are handled directly by a NetWare/IP server or DSS. Novell determined that by maintaining the IPX header in the NetWare/IP packet we could ensure maximum backwards compatibility.
Novell encapsulates an IPX header in a UDP packet, while Microsoft encapsulates a NetBIOS header inside of a TCP packet. While both solutions use encapsulation, only Novell has committed to provide a truly native IP solution by removing the IPX header from the UDP packet. An NCP within a UDP or TCP packet is currently under investigation and may be implemented in as little as 6 months.
Q. How well does NetWare/IP scale?
A. Very well. Novell currently has several customers that have implemented single NetWare/IP domain solutions with more than 5000 NetWare/IP clients and 200 servers. One customer has successfully deployed 15,000 NetWare/IP clients and more than 600 NetWare/IP servers. Testing in Novell's SuperLab facility verified that NetWare/IP could scale to more than 1000 NetWare/IP servers within a single NetWare/IP domain. Novell even has two customers who are deploying NetWare/IP to potentially 70,000 - 120,000 NetWare/IP desktops, and 5,000 - 11,000 file servers. Implementations of these magnitudes take time, but Novell is committed to make these configuration successful.
Q. I would like to completely remove IPX from my local segment, but can't because many of my printers require IPX to service NetWare queues. Do you have any suggestions?
A. Yes. If your printer supports LPR-LPD printing, use the LPR_GWY.NLM that is included with NetWare/IP 2.2. This NLM works in conjunction with PSERVER to pull print jobs from a NetWare print queue for printing on a LPD (line printer daemon) device, such as a printer.
Q. How do I configure LPR_GWY printing?
A. When configuring a printer with NWAdmin, select "Unix or TCP/IP" as the type, and enter the DNS name of the IP printer.
Availability and Pricing
NetWare/IP 2.2 is available immediately to all customers, free of charge, via the World Wide Web (http://netware.novell.com), the NetWire forum on CompuServe (GO NOVFF, files NIPS22.EXE and NIPW22.EXE) and ftp (ftp://ftp.novell.com/pub/updates/unixconn/nwip22).
NetWare/IP 2.2 is also available from Novell Fulfilment for $49 by calling or faxing the following numbers:
U.S. and Canada: phone, 800-395-7135; fax, 510-657-0182
In all other countries: phone, 353-1703-8910;fax, 353-1703-8955
For additional information, customers can contact Novell at 1-800-NETWARE, or download information from NetWire on CompuServe or the World Wide Web (http://www.novell.com).
* Originally published in Novell AppNotes
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.