NetWare 5 Knows No Limits
Articles and Tips:
01 May 1998
In just a couple of months, Novell will unveil the shipping version of its next-generation network operating system, NetWare 5. Formerly code-named Moab, NetWare 5 has attracted a great deal of attention during the past year, mainly because of one rather conspicuous difference between NetWare 5 and previous versions of NetWare.
This conspicuous difference is support for pure TCP/IP--that is, TCP/IP without encapsulation. Although NetWare 5 maintains support for Novell's traditional IPX and SPX protocols, you now have the option of running only TCP/IP over the wire--without giving up or modifying any applications that use IPX/SPX.
NetWare 5's support for Java at the kernel level is equally revolutionary. TCP/IP and Java support in NetWare 5 lay the foundation for Novell's vision of a future characterized by open, standards-based networking.
In addition, NetWare 5 offers services that highlight NetWare's development from the file and print server it once was to the Internet and intranet application server it has become. These services include memory protection, virtual memory, and support for both one processor and multiple processors in the same kernel.
NetWare 5 also includes Novell's new file storage and retrieval system, Novell Storage Services (NSS). NSS allows you to store more data than you can now using less memory than the current file system. NSS also maintains full backward compatibility with the current file system.
Finally, NetWare 5 includes several changes that are more evolutionary than revolutionary. (For a complete list of the new and enhanced features in NetWare 5, see "What's New in NetWare 5" and "What's Enhanced in NetWare 5.") Compatibility mode, for example, supports IPX/SPX to help you migrate to NetWare 5's open protocols and standards at your own pace.
This article discusses five of the most important features that are new to NetWare 5:
Support for TCP/IP
Support for Java
An improved kernel
A new file system
TCP/IP--GET WITH THE STANDARD
Why is Novell adding support for TCP/IP to NetWare 5? In a keynote address at COMDEX/Fall '97, Dr. Eric Schmidt, Novell's chief executive officer, shed some light on this issue. Schmidt explained that Novell has renewed its focus "to deliver the kind of technologies that people need to run their networks. That's what we're all about." The move to TCP/IP fits Novell's renewed focus perfectly.
The kind of technologies that people need to run their networks today are Internet technologies. In fact, the vast majority of companies now rely on Internet access and interoperability with networks that are connected to the Internet.
As companies connect to the Internet and to other Internet-connected networks, more of these companies want to standardize on one core protocol. The obvious choice for that protocol is TCP/IP, the protocol used on the Internet and on heterogeneous networks and intranets.
Thus, Novell is adding support for TCP/IP because companies are demanding that support. "There's little doubt," says Brian Faustyn, product manager for NetWare 5 at Novell, "that many of Novell's customers want to move to a TCP/IP-only solution." In fact, according to Mike Wilkinson, product platform manager for NetWare 5 at Novell, up to 80 percent of these customers want to move to a TCP/IP-only solution--a solution available with NetWare 5.
NCP Calls Over TCP/IP
As Novell's first pure TCP/IP network operating system, NetWare 5 uses TCP/IP--rather than IPX/SPX--as the transport mechanism for all NetWare Core Protocol (NCP) calls. NCP is actually a set of protocols that enables a NetWare server to accept and respond to requests for various network services, including creating a network connection, manipulating files and directories on the network, and printing documents to network printers.
When a workstation needs access to one of these services, the NetWare Requester that comes with the workstation's NetWare client software uses NCP to form a request packet for the service. The NetWare Requester then passes the packet to the workstation's TCP/IP stack. (In previous versions of NetWare, this packet would be passed to the workstation's IPX/SPX stack instead.) The TCP/IP stack attaches an IP header that indicates the packet's source and destination addresses and sends this packet over TCP/IP to a NetWare 5 server.
More specifically, NetWare 5 uses TCP to guarantee that NCP and other packets are delivered and that these packets are in the correct sequence. NetWare 5 then uses IP, rather than IPX, to address and route NCP and other packets. (See Figure 1.)
Figure 1: Unlike previous versions of NetWare, NetWare 5 uses TCP as its transport-layer protocol and IP as its network-layer protocol. NetWare 5 also uses SLP instead of SAP.
Although NetWare 5 is Novell's first pure TCP/IP network operating system, it is not Novell's first TCP/IP solution. For years, Novell has been a leading provider of TCP/IP solutions for NetWare, including IP tunneling, IP relay, the IPX-IP gateway, and NetWare/IP.
Many of these solutions (in fact, all of the solutions listed above except for the IPX-IP gateway) support TCP/IP by encapsulating it within an IPX packet at various stages of the packet's journey across the network. NetWare 5, in contrast, runs TCP/IP without encapsulation. In short, as Faustyn says, "With NetWare 5, you can get rid of IPX" on the wire.
NETWARE 5 AND JAVA--A MARRIAGE MADE IN HEAVEN
As mentioned earlier, NetWare 5 supports Java, a popular programming language developed by Sun Microsystems Inc. Although Java is only two years old, it has attracted a great deal of attention: As Schmidt pointed out in his keynote address at COMDEX/Fall '97, there are already more than 800 Java-related books, 1,000 Java-based applications, and 450,000 Java programmers.
NetWare 5's support for Java is part of Novell's Open Solutions Architecture (OSA) initiative. OSA is not a specific product; rather, OSA is a strategic direction Novell is taking to migrate its products and services to open protocols and standards. (For more information about OSA, see the related article.)
NetWare 5 supports Java through the following features:
A Java virtual machine (JVM)
An OSA software developer's kit (SDK)
Novell's JVM is a set of NetWare Loadable Modules (NLMs) that interprets Java scripts and executes them on a NetWare 5 server. In NetWare 5, Novell implemented the JVM at the kernel level, enabling you to develop and run any Java-based application on a NetWare 5 server. By implementing the JVM at the kernel level in NetWare 5, Novell offers a platform on which Java "just screams," says Chris Stone, Novell's senior vice president of Strategic Business Development. (See the related article.)
Technically speaking, NetWare 5 and Java are ideally suited, according to Faustyn. "NetWare is a very thin operating system," Faustyn explains. "Because Java is its own runtime environment, it needs only a thin operating system like NetWare."
In his keynote address at COMDEX/Fall '97, Schmidt mentioned that Java running on NetWare 5 would "probably" perform better than with other network operating systems. At that time, Schmidt did not have any specific test results to support this claim. But now the facts are in: KeyLabs Inc., an independent hardware and software testing lab, used the VolanoMark benchmark to test Novell's JVM running on NetWare 5, Microsoft's JVM running on Windows NT Server, and Java implementations for leading versions of UNIX. KeyLabs determined that Novell's JVM is more than twice as fast as the nearest contender--Microsoft's JVM running on Windows NT Server.
Preliminary test results also indicate that Novell's JVM is many times faster than Java implementations for leading versions of UNIX running on similarly priced hardware. (KeyLabs conducted its tests on computers with an Intel 300 MHz Pentium II processor and 128 MB of RAM.) These test results confirm Schmidt's claim that NetWare 5 is the best platform for developing and running Java-based applications.
As part of the OSA initiative, Novell plans to gradually converge all of its management utilities into one platform--Java. In fact, Novell has already started this convergence: The third beta version of NetWare 5 includes ConsoleOne, a Java-based application that runs on any computer with a JVM, including a NetWare 5 server.
The version of ConsoleOne that is included with NetWare 5 is a GUI server console that allows you to perform basic NDS management tasks. Future versions of ConsoleOne will provide the same level of functionality--and more--as Novell's NetWare Administrator (NWADMIN) utility.
Michael Simpson, director of Marketing at Novell, explains that in NetWare 5, ConsoleOne is primarily a development framework that also provides some NDS management capabilities. As a development framework, ConsoleOne enables developers to write snap-in modules that you can use to browse and manage virtually any name space. For example, you could use ConsoleOne to browse and manage the NetWare file system and NDS.
Simpson claims that by 1999 Novell will have ported all of its management utilities, including ManageWise and Z.E.N.works, to Java. (These management utilities will also continue to be available as NLMs.) Thus, ConsoleOne will provide a single, Java-based, GUI server console for managing all Novell products. You will also be able to manage any third-party product for which a developer has written a ConsoleOne snap-in module. Ultimately, Novell will deliver a version of ConsoleOne that you can use to manage these products from any web browser that supports Java.
NetWare 5 includes two Java-based utilities that you can plug in to ConsoleOne. First, NetWare 5 includes a new installation utility that offers an X-Windows-based GUI written in Java. (See Figure 2.) If you have grown tired of the old text-based installation utility, this utility should be a welcome change.
Figure 2: NetWare 5 includes a new Java-based GUI installation utility.
Second, NetWare 5 includes a Java-based utility for managing Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) servers. (See Figure 3.) You can access the DHCP/DNS management utility from ConsoleOne, or you can launch this utility from the Tools pull-down menu in the NWADMIN utility.
Figure 3: NetWare 5 includes a new Java-based GUI utility for managing DHCP and DNS servers.
The DHCP/DNS management utility that is included with NetWare 5 can reduce the amount of time you spend managing your company's network. For example, this utility automates the process of assigning IP addresses to users' workstations and eliminates the problems associated with duplicate IP addresses. The DHCP/DNS management utility also automates the process of updating host names and increases security when updating these host names.
To help developers write Java-based applications for NetWare 5, Novell has included the OSA SDK (an updated version of the NetWare SDK for Java). In addition to the JVM mentioned earlier, the OSA SDK includes Java scripts, Java beans, and Java class libraries, which expose NetWare APIs. The Java class libraries enable developers to write Java-based applications that access NetWare 5 services, such as NDS, NSS, and Novell Distributed Print Services (NDPS). (For more information about NSS, see the "NSS--Spoiling You With Space and Speed" section. For more information about NDPS, see "NDPS: Goodbye, Queue World!"NetWare Connection, Oct. 1997, pp. 6-22. )
The OSA SDK also includes a just-in-time compiler that interprets Java codes. The just-in-time compiler converts these Java codes into machine code in real time, dramatically increasing the speed at which a NetWare 5 server runs Java-based applications. In addition, the OSA SDK includes an X-Windows-based GUI written in Java that runs on the server.
Through the OSA SDK, developers can "take advantage of quick-to-develop, easy-to-deploy Java-based applications" in a NetWare 5 environment, says Faustyn. NetWare 5, in other words, allows developers to build, test, and run their Java-based applications on the NetWare 5 operating system.
In addition, Novell plans to promote the cooperative development of Java-based applications. In fact, to jump-start Java development efforts, Novell recently announced a U.S. $50 million fund to invest in companies developing Java-based applications. Because any Java-based application will run on a NetWare 5 server, this fund ensures the development of a potentially huge number of applications for the NetWare platform.
NETWARE 5--AN IDEAL APPLICATION SERVER?
You may be able to run Java-based applications on a NetWare 5 server, but does NetWare 5 really provide a good environment for running applications? The answer, according to Novell, is an emphatic "yes."
In addition to supporting Java, NetWare 5 supports the industry-standard Common Object Request Broker Architecture (CORBA). CORBA enables Internet and intranet users to share objects, such as data and applications, regardless of platform.
Like Java support, CORBA support is part of Novell's OSA model. (For more information about the OSA model, see the related article.) Through its support for CORBA, NetWare 5 supports workstations running all kinds of operating systems, including Windows, Macintosh, and UNIX. In contrast, Windows NT supports only workstations running the Windows operating system.
Both Java and CORBA support are central to NetWare 5's success as an application server. However, NetWare 5 also includes an improved kernel, which offers some key features that solidly position NetWare 5 as an application server:
Making Applications Play Nicely Together
For years, Novell has tried to dispel the myth that NetWare is only a file and print server. Despite Novell's efforts, however, the public perception still seems to be that NetWare is first and foremost a file and print server, albeit a great one.
This perception may be inaccurate, but it is based on a few features--or lack of features--that NetWare did not offer until now. For example, with previous versions of NetWare, you can run applications, in the form of NLMs, in ring 0, where the NetWare kernel runs.
Although running applications at the kernel level offers performance benefits, doing so is also potentially risky. Operations, including application operations, that run in ring 0 do not have a protected memory space. That is, if an operation that is running in ring 0 goes awry, this operation may start overwriting memory outside of its own address space. As a result, the NetWare operating system could crash.
Novell counters this threat by advising you to run only Novell-certified NLMs. Novell Labs subjects NLMs to a comprehensive set of diagnostic tests to ensure that these NLMs won't misbehave before granting them the "Yes, NetWare Tested and Approved" stamp of approval.
Nevertheless, if you are like other network administrators, you probably want the ability to run more applications without risking a server failure. NetWare 5 gives you exactly what you want.
With NetWare 5, you still have the option of installing NLMs at the kernel level. In fact, NetWare 5 installs NLMs at the kernel level by default.
However, NetWare 5 also allows you to install NLMs in protected mode, which provides a protected memory space. NetWare 5 installs Java-based applications in protected mode by default. Applications running in protected mode, including both NLMs and Java-based applications, cannot write to any other address space except their own. Hence, when an application running in protected mode crashes, NetWare 5 continues to run.
Depending on how you configure NetWare 5, it might acknowledge a failed application by shutting the application down, cleaning up memory, and restarting the application. But the main point is that when an application running in protected mode crashes, NetWare 5 doesn't.
Getting More Memory for Your Money
NetWare 5 also spares you the grief of dealing with problems related to insufficient memory by offering more memory whenever you need it. Of course, it's not real memory; NetWare 5 doesn't actually install additional RAM. Instead, NetWare 5 offersvirtual memory, which is better than RAM. After all, virtual memory is free.
Virtual memory is a new feature that enables NetWare 5 to store information temporarily on the hard drive when there is not enough RAM to complete an operation. For example, when an application tries to use more RAM than is available on the server, NetWare 5 uses the hard drive instead, and the application can't tell the difference.
Unlike previous versions of NetWare, NetWare 5 enables you to prioritize the applications running on the server. You can specify how many processor cycles you want to reserve for each application when multiple applications require processing power simultaneously.
For example, suppose that a database application were running on the same server as an Internet application. Further suppose that your company's financial affairs were dependent on this database application. In this case, you might want to specify that when the database application and the Internet application require processing power simultaneously, the database application should receive 50 percent (or whatever percentage you select) of the processor cycles.
Naturally, when only one application requires processing power, that application, regardless of its priority, receives all of the processor cycles. The percentage of processor cycles you specify for each application takes effect only when multiple applications require processing power simultaneously.
Like NetWare 4, NetWare 5 supports multiple processors. With NetWare 5, however, Novell has significantly improved its support for multiple processors. For example, NetWare 5 supports single and multiple processors through the same kernel. NetWare 4, on the other hand, uses a uniprocessing kernel for servers with a single processor and a multiprocessing kernel for servers with multiple processors.
In addition, NetWare 5 supports up to 32 processors out of the box. NetWare 4 supports only four processors out of the box.
A NetWare 5 server with multiple processors can execute individual threads of a multithreaded application on different processors. In this way, NetWare 5 executes application threads simultaneously, rather than one thread at a time. As a result, NetWare 5 gets more done in less time.
To take full advantage of multiple processors in a server, applications running on the server must be multithreaded. However, with or without multithreaded applications, NetWare 5 increases performance on servers with multiple processors. NetWare 5 increases performance because some of its core processes--such as Open Data-link Interface (ODI), C-library (CLIB), RSA encryption, and routing functions--are multithreaded.
NetWare 5 can run multithreaded processes simultaneously on different processors, significantly improving performance by allowing client and server requests to be processed in parallel. Because these processes are offloaded from the main processor, more system capacity is available for applications that are not multithreaded.
NSS--SPOILING YOU WITH SPACE AND SPEED
Novell didn't stop at improving the NetWare 5 kernel: Novell also improved the NetWare file system by developing NSS, the next-generation NetWare file system. With NSS, you can store more data on your company's network than you have ever stored before, and you can mount volumes faster than you have ever imagined.
NSS eliminates the limitations of the existing NetWare file system, while maintaining full backward compatibility with that file system. NSS runs alongside the existing NetWare file system, intercepting and handling all operations involving NSS volumes.
In addition, NSS supports any existing and future storage device, including today's DVD-ROM and DVD-RAM drives and tomorrow's holographic storage devices, which are currently under development. As Prashant Shukla, product manager at Novell, points out, NSS "has been architected with an eye toward the future."
When 2 GB Just Isn't Enough
NSS supports much larger files and volumes than the existing NetWare file system. The existing file system uses a 32-bit interface, which limits users to files no larger than 2 GB each and volumes no larger than 1 TB each. One volume can hold all of the data you could store on 50 20-GB tape cartridges.
NSS, on the other hand, uses a 64-bit interface, which allows for larger files and volumes. In fact, one volume can hold all of the data you could store on 400 20-GB tape cartridges. Specifically, NSS supports files and volumes of up to 8 TB each.
In addition, NSS supports many more volumes per server and files per volume than the existing NetWare file system. The existing file system supports up to 64 volumes per server and 16 million files per volume.
In contrast, NSS supports an unlimited number of volumes per server and theoretically supports 264files per volume--more files than you will probably generate in a lifetime. Novell engineers have already tested NSS volumes with more than one billion files.
NSS Is Fast--Really Fast
NSS volumes mount far faster than volumes in the existing NetWare file system. For example, in a demonstration at BrainShare '97 in Salt Lake City, Utah, Novell engineers mounted an NSS volume that contained 400 million files in just three seconds.
NSS volumes mount so quickly because, unlike the existing NetWare file system, NSS doesn't use File Allocation Tables (FATs) to organize storage. As a result, NetWare 5 doesn't have to load an NSS volume's entire FAT into memory to create a Directory Entry Table (DET), as previous versions of NetWare must do for the existing NetWare file system. With the existing NetWare file system, the amount of time NetWare takes to mount a volume after a clean dismount is roughly linear to the volume's size.
Instead of using FATs, NSS organizes storage by using memory-efficient organizational structures called balanced trees, orB-trees. With B-trees, NSS can retrieve any file blocks that are not in memory within four processor cycles. NSS also allows more file blocks to be stored in memory than the existing NetWare file system allows.
Because NSS uses B-trees, the amount of time it takes to mount a volume does not depend on the volume's size. After a clean dismount, NetWare 5 can mount an NSS volume in a fraction of a second, regardless of its size.
Minimum RAM for Maximum Performance
Because NSS uses B-trees instead of FATs, NetWare 5 requires far less memory than previous versions of NetWare. With the existing NetWare file system, the amount of memory a server requires is roughly linear to the number of volumes on the server and the size of files in these volumes. The larger a volume gets, the more RAM NetWare needs to mount the volume. For example, a 10-GB volume might require 160 MB of RAM, and a 100-GB volume might require even more RAM--perhaps 1 GB of RAM.
In contrast, the size of an NSS volume has no effect on its RAM requirements. An NSS volume requires only 32 MB of RAM to mount, whether the volume is 10 GB, 100 GB, or 100 TB in size. With only 32 MB of RAM, NetWare 5 can mount any volume, even one with millions or billions of files.
Using NSS, NetWare 5 can repair NSS volumes faster than it can repair volumes in the existing NetWare file system. The existing NetWare file system first records file operations (including creating, modifying, and deleting a file) in memory and then records these operations to the hard drive when the server is not busy. As a result, you have a problem if users make changes on a volume and the server crashes before these changes are written to the hard drive. To restore the volume, you must run Novell's VREPAIR utility, which scans the entire volume and may have to recreate FATs from scratch to match what is found on the volume. This process is time consuming, particularly if the volume is large.
In contrast, NSS associates every change to an NSS volume with a transaction. Atransactionincludes all of the steps required to make one change. For example, renaming a file actually involves several steps (including removing the file from the current directory and placing the file in a new directory). The transaction associated with renaming a file includes all of the steps required to make that change.
NSS records each transaction in a journal on the hard drive. After a transaction is completed (that is, after all of the steps required to make the change have been fully written to the hard drive), NSS deletes the journal entries associated with the transaction.
If the server crashes before a transaction on an NSS volume is completed, you have little to worry about. NSS can use the journal to restore the volume by redoing or undoing the recorded transactions. To restore the volume, NSS simply replays the journal, redoing the transactions that were fully written to the hard drive and undoing the transactions that were only partially written to the hard drive.
Because the size of a journal is based on expected modification rates rather than the NSS volume's size, journals tend to be small. As a result, NSS can replay a journal quickly (far more quickly than the VREPAIR utility can scan an entire volume). Thus, for an NSS volume of any size, NetWare 5 can restore the volume to health in only seconds or less. After a clean dismount, which leaves no significant transactions to replay, NetWare 5 takes approximately one-tenth of one second to remount an NSS volume, regardless of its size.
COMPATIBILITY MODE--HELPING YOU UPGRADE
With all of these big changes, you might assume that upgrading to NetWare 5 will be a nightmare. For example, what do you do with your company's existing IPX-based applications and clients if you decide to implement a pure TCP/IP environment? After all, Novell's installed base of 79 million users have NetWare servers running countless IPX-based applications and clients.
Novell recognized that these users would not have responded well if upgrading to NetWare 5 required them to change applications on every server and protocol stacks on every client. To accommodate this existing installed base, NetWare 5 includes a Compatibility Mode option, which is one of several installation options. When you select this option, you can run IPX-based applications on a NetWare 5 server and link IPX segments to IP segments with ease.
Novell believes that the need for compatibility mode will diminish over time as applications eliminate their dependencies on IPX. In the meantime, the Compatibility Mode option, as Faustyn explains, enables you to "control both the degree and the rate of change on your company's network as you migrate to pure TCP/IP."
Compatibility mode provides three components that essentially perform three functions:
Client and server drivers, for application compatibility
A migration agent, for connectivity compatibility
A bindery agent, for bindery compatibility
Client and Server Drivers
The client and server drivers enable you to run IPX-based applications in a NetWare 5 environment--even a pure TCP/IP environment. You can enable the server drivers when you install NetWare 5 on a server, and you can enable the client drivers when you install Novell's client software on each workstation. When an IPX-based application makes an NCP call in a pure TCP/IP environment, the client and server drivers ensure that the NCP call drops straight down to the TCP/IP stack and is sent out over the wire as an IP packet.
Some IPX-based applications, however, access the IPX stack directly. In this case, the drivers intercept the resulting IPX packets and encapsulate them within IP. (See Figure 4.) This capability is necessary only to accommodate any existing IPX-based applications that developers have written to circumvent NCP. Wilkinson estimates that such "dirty-hooked" applications make up less than 5 percent of all IPX-based applications.
Figure 4: The NetWare 5 compatibility mode allows you to run IPX-based applications in a pure TCP/IP environment. Compatibility drivers append IP headers to the NCP calls that IPX-based applications make and also redirect SAP broadcasts to SLP.
The migration agent provides connectivity compatibility. That is, the migration agent enables you to link IPX segments to IP segments without installing any additional hardware or software. You can enable the migration agent when you install NetWare 5. However, you need the migration agent only if you have both IPX and IP segments that must communicate with one another.
For example, suppose that your company's Accounting department were running a departmental, IPX-only NetWare 4 LAN and that your company's Sales department were running a departmental, IP-only NetWare 5 LAN. Obviously, the Accounting department would have IPX clients, and the Sales department would have IP clients. So what would you need to do to ensure that the IPX and IP clients in these departments could communicate with one another? Very little, thanks to the migration agent.
Basically, the migration agent knows what is happening in both the IPX and the IP segments and can route any information that needs to be exchanged between the two segments. For an IPX segment, the migration agent uses the Service Advertising Protocol (SAP) to broadcast the segment's network services. In this way, the migration agent announces itself as the nearest hop for IPX clients seeking network services on the IP segment.
For an IP segment, the migration agent uses the Service Location Protocol (SLP), which is new to NetWare 5, to broadcast the segment's network services. Again, the migration agent announces itself as the nearest hop for IP clients seeking network services on the IPX segment.
SLP is an industry-standard protocol defined by the Internet Engineering Task Force (IETF) in Request for Comments (RFC) 2165. Clients and servers use SLP to discover network services in a TCP/IP environment. (NetWare 5 provides several options for discovery services, in addition to SLP. For more information about these options, see "Discovering Network Services in a NetWare 5 Environment.")
SLP, which uses IP over the wire, allows clients to query the network to obtain a quick list of available network services. SLP does not generate the overhead that is characteristic of SAP. SAP is a "chatty protocol," Wilkinson explains, that broadcasts the availability of a network service every 60 seconds.
In contrast, SLP maintains a registry of all network services in NDS and registers a particular service's availability only once when that service first becomes available on the network. (A future issue ofNetWare Connectionwill discuss SLP in more detail.)
In addition to providing both SLP and SAP services, the migration agent routes IPX traffic to each IP segment, and vice versa. For example, when an IPX client sends a request packet for a network service that resides on an IP segment, the migration agent intercepts the packet, encapsulates it within IP, and routes the packet to the appropriate server on the IP segment. Similarly, when an IP client sends a request packet for a network service on an IPX segment, the migration agent intercepts the IP packet, encapsulates it within IPX, and routes the packet to the appropriate server on the IPX segment.
Gradually, as you migrate to pure TCP/IP, you will eliminate the need for the migration agent. However, some companies may use the migration agent for years. For example, suppose that your company had an IP-only NetWare 5 LAN at the corporate office and nearly 150 branch offices running only IPX. Upgrading each branch office to NetWare 5 would be a time-consuming task that you might want to avoid. Accordingly, you could enable the migration agent on a NetWare 5 server so the branch offices could communicate with the corporate office, and vice versa. In such cases, the migration agent offers a practical, long-term solution.
The bindery agent provides full backward compatibility to the NetWare 3 bindery, enabling IP clients to access bindery information. If you are using IPX-based applications that are dependent on the NetWare 3 bindery, you should enable the bindery agent when you install NetWare 5.
NetWare 5 includes several new and enhanced features in addition to the ones discussed in this article. In fact, NetWare 5 includes so many new and enhanced features that it does the product an injustice to mention so few of them. (For a summary of these features, see "What's New in NetWare 5" and "What's Enhanced in NetWare 5".)
But the key change, the change that characterizes NetWare 5 as a revolutionary product, is its support for open protocols and standards, including TCP/IP, Java, CORBA, DHCP, DNS, and SLP. From the IPX/SPX-dependent to the TCP/IP-ready, NetWare 5 offers something for everyone.
Linda Boyer works for Niche Associates, which specializes in technical writing and editing. Niche Associates is based in Salt Lake City, Utah.
NetWare Connection,May 1998, pp. 6-21
What's New in NetWare 5
NetWare 5 includes several new features--some of which might surprise you.
NetWare 5 adds support for TCP/IP while maintaining support for IPX/SPX. As a result, you can implement a pure TCP/IP environment, or you can keep using IPX/SPX, either alone or as part of a mixed TCP/IP and IPX/SPX environment.
NetWare 5 includes a Java Virtual Machine (JVM), which is embedded in the NetWare 5 kernel. NetWare 5 also includes ConsoleOne, a Java-based server console, and several Java-based utilities, such as a GUI installation utility and a Dynamic Host Configuration Protocol (DHCP)/Domain Name System (DNS) management utility. In addition, NetWare 5 includes the Open Solutions Architecture (OSA) software developer's kit (SDK), which enables developers to write Java-based applications that run on any server with a JVM, such as a NetWare 5 server.
NetWare 5 has been enhanced to provide an optimal environment for running applications. For example, the NetWare 5 kernel offers memory protection, virtual memory, application prioritization, and support for both uniprocessing and multiprocessing.
Novell Storage (NSS)
Services NetWare 5 includes NSS, Novell's new high-performance storage and retrieval system, which is backward compatible with the existing NetWare file system.
NetWare 5 offers a Compatibility Mode option, which enables you to control the rate and the degree of change on your company's network as you migrate from IPX/SPX to TCP/IP.
DHCP and DNS integration with Novell Directory Services (NDS)
NetWare 5 allows DHCP and DNS servers to store information in the NDS database. As a result, you can manage DHCP and DNS services, such as IP addresses, just as you manage the other network resources in your company's NDS tree.
Novell Distributed Print Services (NDPS)
NetWare 5 uses NDPS as its default print service. NDPS allows you to install, configure, and manage printers from a central location. NDPS also offers improved bidirectional print communications, improved job scheduling, and automated print driver installation.
New backup utility
NetWare 5 includes a new GUI backup utility that offers multiple and repetitive job scheduling. This utility, which is protocol independent, also takes full advantage of NDS, enabling you to manage the backup process from a central location.
Service Location Protocol (SLP) support
NetWare 5 includes support for SLP, an industry-standard Internet protocol. In NetWare 5, SLP discovers network services for IP clients in a pure TCP/IP environment and in a mixed IPX and IP environment.
NetWare 5 includes support for an emerging technology known as I20. I20 is an intelligent I/O technology that vastly improves I/O throughput and overall system performance by relieving host resources (such as the processor, memory, and system bus) of interrupt-intensive I/O tasks.
Oracle8 for NetWare
NetWare 5 includes a five-user version of Oracle8 for NetWare, which has been integrated with NDS. As a result, you can use NDS to control access to your company's database. (For more information about Oracle8 for NetWare, see the related article.)
Netscape FastTrack Server for NetWare
NetWare 5 includes Netscape FastTrack Server for NetWare, which is World-Wide Web server software based on open Internet standards. Netscape FastTrack Server for NetWare provides a cross-platform environment for creating and posting web pages and for developing and deploying web and database applications.
Zero Effort Networks (Z.E.N.works) Starter Pack
NetWare 5 includes the Z.E.N.works Starter Pack, which offers all of the functionality currently available in Novell Application Launcher (NAL) 2.5 and Novell Workstation Manager 1.1. The Z.E.N.works Starter Pack is a desktop management tool that uses NDS to simplify the process of managing Windows-based workstations. The Z.E.N.works Starter Pack also makes the network easier for users to use. If you like the Z.E.N.works Starter Pack, you can purchase the complete Z.E.N.works product, which offers even more functionality. For example, this product allows you to take control of workstations from a remote location and to conduct an inventory of these workstations. (For more information about Z.E.N.works, see "Z.E.N.works Zeroes in on Workstations," NetWare Connection, Apr. 1998, pp. 28-34. )
NetWare Connection,May 1998, p.8
What's Enhanced in NetWare 5
NetWare 5 includes many management and performance enhancements to NDS, including several new security features.
NetWare 5 includes catalog services, which provide a flat-file, customizable catalog of the Novell Directory Services (NDS) database. With catalog services, both developers and network administrators can easily write applications that can search the NDS database and extract particular NDS information (for example, users' names and telephone numbers).
NetWare 5 includes a sample application that demonstrates the capabilities of catalog services. This application allows users to log in to the network from anywhere without having to specify their NDS context--a capability that is called contextless login. For example, suppose that user Jane tried to log in to the network from a workstation outside her NDS context, entering only her first name in the login screen. The application would scan the catalog (rather than parsing the NDS database) and quickly return a list of all users in the NDS tree with that first name. Jane could then simply select her own name from the list and continue the login process as usual.
WAN Traffic Manager
NetWare 5 includes both a WAN Traffic Manager NetWare Loadable Module (NLM) and a WAN Traffic Manager snap-in module for Novell's NetWare Administrator (NWADMIN) utility. With WAN Traffic Manager, you can create policies for controlling NDS replication traffic over WAN links. For example, you could create a policy specifying that the NDS servers at your company's branch offices should exchange replication information with the NDS server at your company's corporate office only between midnight and 3:00 a.m Monday through Friday.
Lightweight Directory Access Protocol (LDAP) support
NetWare 5 supports LDAP version 3, an industry-standard protocol that allows users to easily access X.500- based directories such as NDS. In NetWare 5, the performance of LDAP access to NDS has been significantly enhanced. NetWare 5 also includes LDAP Services for NDS, which is a server-based interface between NDS and LDAP-compliant applications running under Secure Sockets Layer (SSL).
NetWare 5 includes cryptographic services that are code-named Novell International Cryptographic Infrastructure (NICI). NICI allows developers to use the Controlled Cryptography Service (CCS) application program interface (API) to integrate cryptographic schemes with their applications. NICI also allows developers to write a single application that can be used in several countries, regardless of the differences in countries' cryptographic laws. For example, a developer could write a single application that uses 128-bit cryptographic keys when used within the United States and 40-bit cryptographic keys when used within countries that allow only keys of that length.
Secure Authentication Services (SAS)
NetWare 5 includes SAS, an infrastructure for supporting both existing and emerging authentication mech anisms, such as biometric and token-authentication systems. Through SAS, NetWare 5 also supports SSL version 3. Developers can use the SAS API to write applications that can establish encrypted SSL connections. (Developers can then use NICI to ensure that these SSL connections conform to the laws of each country in which the applications are used.)
Public Key Infrastructure Services (PKIS)
NetWare 5 includes PKIS, which supports public-key cryptography and digital certificates in a NetWare 5 environment. (Digital certificates provide a method for checking the authenticity of keys used in a public-key cryptographic session.) In NetWare 5, PKIS allows you either to act as your own certificate authority or to use the services of third-party certificate authorities. Through PKIS, you can generate and sign various types of digital certificates and store and manage these certificates within NDS.
NetWare 5 includes auditing services, which allow you to monitor users' access to your company's network and to record this monitoring information in audit log files. You can create NDS objects to represent audit log files, and you can then manage these objects just as you manage other objects in the NDS tree. You can also grant rights to the NDS objects representing audit log files just as you grant rights to other objects in the NDS tree. As a result, you can assign administrators to view and manage audit log files.
NetWare Connection,May 1998, p.10
Discovering Network Services in a NetWare 5 Environment
As you might expect, Novell's move to TCP/IP necessitated a change in the way network clients discover network services in a NetWare 5 environment. With NetWare 5, you can configure one of three options to replace the traditional Service Advertising Protocol (SAP) method of discovering network services:
Service Location Protocol (SLP) configuration
Dynamic Host Configuration Protocol (DHCP) configuration
If you enable the Compatibility Mode option, network clients can use SLP in a NetWare 5 environment to discover the addresses of servers that offer the network services these clients need. (For more information about the Compatibility Mode option, see the "Compatibility Mode--Helping You Upgrade" section.) SLP provides full backward compatibility with network services and applications that rely on SAP-based discovery.
Some IPX-based applications depend on SAP to exchange information about available network services. If you do not want IPX traffic on your company's network, however, you can enable the compatibility mode client and server drivers to redirect SAP traffic from IPX-based applications to SLP, which uses IP over the wire.
If your company's network includes both IPX and IP segments, you should enable the compatibility mode migration agent. The migration agent uses SLP to advertise an IPX segment's network services on an IP segment and then uses SAP to advertise an IP segment's services on an IPX segment. The migration agent thus translates all SAP traffic into SLP traffic--and vice versa--to ensure that IP clients can discover network services on IPX segments and that IPX clients can discover network services on IP segments.
You can also use DHCP to enable IP clients to discover network services in a NetWare 5 environment. DHCP is a standard defined by the Internet Engineering Task Force (IETF) for dynamically allocating IP addresses to multiple workstations on a network. In NetWare 5, you can use DHCP as part of the client initialization process and as an ongoing discovery process.
Novell included the DHCP configuration option for companies that already have DHCP servers and DHCP client software installed on each workstation. (NetWare 5 and any other server that supports DHCP is a DHCP server.)
For example, suppose that a user wanted to log in to a NetWare 5 network from a workstation that was running DHCP client software. When the Novell client software running on this workstation tried to attach to the network, the client software's NetWare Requester would send a request to the DHCP client software, asking for the IP address of the nearest server running Novell Directory Services (NDS).
The DHCP client software would then transmit a broadcast packet to locate a DHCP server, which would return the IP address of the nearest NDS server to the workstation's TCP/IP stack. The TCP/IP stack, in turn, would return the IP address to the NetWare Requester. Equipped with the IP address for the nearest NDS server, the Novell client software could attach to the network.
Because NetWare 5 integrates DHCP services with NDS, the IP addresses of all network services are stored in NDS. IP clients running DHCP client software can thus find the IP address of any network service through NDS.
If you do not want to use the SLP configuration option or the DHCP configuration option, you can manually enable IP clients on your company's network to discover network services in a NetWare 5 environment. To do so, you simply include the IP address of one or more NDS servers on each IP client. On Windows 95 workstations, for example, you would include this IP address in a Host file.
When you include the IP address of an NDS server on each IP client, these clients use the IP address to discover network services, instead of using SLP or DHCP. For example, an IP client would use the manually entered IP address of an NDS server to discover a preferred NDS server, attach to the network, and log in. Once connected to the NDS tree, the IP client would use NDS to obtain the IP addresses of other network services.
NetWare Connection, May 1998, p.20
* Originally published in Novell Connection Magazine
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.