NETWORK PROTOCOLS CONFIGURATION GUIDE PART
Cisco lOS Release 12.0
APPLETALK NOVELL IPX
Documentation also available on CD-ROM and the World Wide Web
Cisce SYSTEMS Network Protocos Configuration Guide Part
Cisco lOS Release 12.0
AppleTalk Novell IPX
Corporate Headquarters Cisco Systems Inc 170 West Tasman Drive San Jose CA 95134-1706 USA http//www.cjsco.com Tel 408 526-4000 800 553-NETS 6387 Fax 408 526-4100
Customer Order Number DOC-785832
Text Part Number 78-5832-01 SUBJECT TO CHANGE WITHOUT THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE TO BE ACCURATE BUT ARE NOTICE ALL STATEMENTS INFORMATION AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED RESPONSIBILITY FOR THEIR PRESENTED WITHOUT WARRANTY OF ANY KIND EXPRESS OR IMPLIED USERS MUST TAKE FULL APPLICATION OF ANY PRODUCTS
FORTH IN THE INFORMATION THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET ARE UNABLE TO PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE IF YOU LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY CONTACT YOUR CISCO REPRESENTATIVE FOR COPY
has been tested and found to with Ihe limits for Class The following information is for FCC compliance of Class devices This equipment comply when the to 15 of the FCC rules These limits are to reasonable protection against harmful interference digital device pursuant part designed provide and used is in commercial environment This uses and can radiate radio-frequency energy and if not installed equipment operated equipment generates
communications of this in residential area is in accordance with the instruction manual may cause harmful interference 10 radio Operation equipment
harmful in which case users will be to correct the interference at their own expense likely to cause interference required
described in this and radiate is for FCC of Class devices The manual generates may radio-frequency The following information compliance equipment
installed in accordance with Ciscos installation instructions it cause interference wilts radio and television reception This equipment energy If it is nol may with the in 15 of the FCC rules These has been tested and found to comply with the limits for Class digital device in accordance specifications part
reasonable such interference in residential installation However there is no guarantee that specifications are designed to provide prolection against
installation interference will not occur in particular
without Ciscos written authorization result in the no longer complying svith FCC requirements for Class or Modifying the equipmelsl may equipment
be limited and maybe rcquired to correct any interference Class digital devices In that event your right louse the equipment may by FcC regulations yosi communications to radio or television at your own expense
it off If the interference it was probably caused by the Cisco equipnsent You can determine whether your equipment is causing interference by turning stops
interference to radio or television to correct the interference by using one or more of or one of its peripheral devices If the equipment causes reception try
the following measures
Tons the television or radio antenna until the interference stops
radio Move the equipment to one side or the ottser of tlse television or
radio Move the equipment farltser asvay from the television or
television or radio is make certain the equipment and tIme television or radio Plug the equipment into an outlet that is on different circuit from the That
are on circuits controlled by different circuit breakers or fuses
could void the FCC and authority to the product Modifications to this product not authorized by Cisco Systems Inc approval negate your operate
of the University of California Berkeley as part of The Cisco implementation of TCP header compression is an adaptation program developed by UCB of of California reserved Copyright 1981 the University UCB public domain version of the UNIX operating system All riglsts Regents
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS WITH ALL FAULTS CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES EXPRESSED FOR PARTICULAR PURPOSE AND OR IMPLIED INCLUDING WITHOUT LIMITATION THOSE OF MERCHANTABILITY FITNESS NONINFRINGEMENT OR ARISING FROM COURSE OF DEALING USAGE OR TRADE PRACTICE
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT SPECIAL CONSEQUENTIAL OR INCIDENTAL OUT OF THE USE OR DAMAGES INCLUDING WITHOUT LIMITATION LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING SUPPLIERS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES INABILITY TO USE THIS MANUAL EVEN IF CISCO OR ITS HAVE
Cisco CiscoLink the Cisco Net Works logo the Cisco Powered AccessPalh Any to Any AlmDirector the CCIE logo CD-PAC Centri the Capital logo
Fast FireRunner IGX lOS JumpStart Kernel Network logo the Cisco Press logo the Cisco Technologies logo ClickStart ControlStream DAGAZ Step
Proxy LoopRunner MGX Natural Network Viewer NetRanger NetSonar Packet PIX Point and Click Internetworking Policy Builder RouteStream TransPath VirtualStream VlanDirector Workgroup Director Secure Script SMARTnet SpeedRunner Stratm StreamView The Cell TrafficDirector The Internet and Workgroup Stack are trademarks Changing the Way We Work Live Play and Learn Empowering the Internet Generation Economy
Cisco the Cisco lOS Cisco the Cisco Systems logo and The New Internet Economy are service marks and BPX Catalyst Cisco lOS logo Systems Phase/IP StrataViesv Plus and Enterprise/Solver EtherChannet FastHub ForeSight FragmenlFree IP/TV IPX LightStream MICA StrataSphere
and certain other countries All other trademarks mentioned in this document are SwitchProbe are registered trademarks of Cisco Systems Inc in the U.S
of their owners the property respective 9809R
Netmmork Protocols Configuration Guide Part
Copyright 1998 Cisco Systems Inc
All rights reserved Printed in USA CONTENTS
About the Cisco lOS Software Documentation xvii
Documentation Objectives xvii
Audience xvii
Documentation Organization xvii
Documentation Modules xvii
Master Indexes xvii
Documentation Set xviii
Supporting Documents xix
Document Conventions xix
Command Syntax Conventions xx
Cisco Connection Online xx
Documentation CD-ROM xxi
Using Cisco lOS Software xxiii
Getting Help xxiii
Example How to Find Command Options xxiv
Understanding Conmiand Modes xxvi Summary of Main Command Modes xxvii
Using the No and Default Forms of Commands xxviii
Saving Configuration Changes xxviii
AppleTalk and Novell IPX Overview P2C-1
AppleTalk P2C-
Background on AppleTalk P2C-1
Ciscos Implementation of AppleTalk P2C-2
Supported Media P2C-2
Standard AppleTalk Services P2C-2
Enhancements to Standard AppleTalk Services P2C-3
Security P2C-4
Novell IPX P2C-4
Background on Novell IPX P2C-4
Cisco Implementation of Novells IPX P2C-4
IPX MIB Support P2C-4
IPX Enhanced IGRP Support P2C-5
LANE Support P2C-5
VLAN Support P2C-5
Configuring AppleTalk P2C-7
AppleTalk Phases P2C-7 AppleTalk Phase P2C-7
AppleTalk Phase P2C-7
Types of AppleTalk Networks P2C-7
Contents iii Networks P2C-8 Comparison of Nonextended and Extended and Network P2C-8 Relationship Between AppleTalk Phases Types Phases P2C-8 Comparison of AppleTalk Phases P2C-9 Cisco-Supported AppleTalk
AppleTalk Addresses P2C-9 Network Numbers P2C9
AppleTalk Phase Network Numbers P2C-9 AppleTalk Phase Network Numbers P2C-9 Node Numbers P2C-l0
AppleTalk Phase Node Numbers P2C-10 AppleTalk Phase Node Numbers P2C-10 AppleTalk Address Example P2C- 10
AppleTalk Zones P2C-10 AppleTalk Phase Zones P2C-l0 AppleTalk Phase Zones P2C-10
and Rules P2C- 10 Configuration Guidelines Compatibility
Combining AppleTalk Phasel and Phase Routers P2C-1 Combining Cisco Routers with Other Vendors P2C- 11
AppleTalk Configuration Task List P2C- 11
Enable AppleTalk Routing P2C-12 Enable AppleTalk Routing Task List P2C-12 Enable AppleTalk Routing P2C-12 P2C-12 Configure an Interface for AppleTalk 13 Manually Configure an Interface P2C Dynamically Configure an Interface P2C- 13 Select an AppleTalk Routing Protocol P2C-15 16 Configure Transition Mode P2C
Enable Concurrent Routing and Bridging P2C- 16 P2C-16 Configure Integrated Routing and Bridging
P2C- 17 Control Access to AppleTalk Networks Types of Access Lists P2C-17 P2C-17 AppleTalk-Style Access Lists
IP-Style Access Lists P2C-18 Entries P2C- 18 Combining AppleTalk-Style and IP-Style
Types of Filters P2C- 18
Implementation Considerations P2C- 19 Task List P2C-20 Control Access to AppleTalk Networks
Create Access Lists P2C-20
Set Priority Queuing P2C-20
Automatic Fast Switching P2C-20
Create AppleTalk-Style Access Lists P2C-20
Create IP-Style Access Lists P2C-21
Create Filters P2C-22
Create NBP Packet Filters P2C-22
Create Data Packet Filters P2C-23
Create Routing Table Update Filters P2C-23
iv Network Protocols Configuration Guide Part Create GetZoneList GZL Filters P2C-24 Enable ZIP Reply Filters P2C-25
Enable Partial Zone Filters P2C-26
Configure the Name Display Facility P2C-26
Set Up Special Configurations P2C-26
Configure AURP P2C-27
Configure Free-Trade Zones P2C-28
Configure SNMP over DDP in AppleTalk Networks P2C-29
Configure AppleTalk Tunneling P2C-29
Configure AppleTalk MacIP P2C-30
Cisco Implementation of AppleTalk MacIP P2C-30
When to Use AppleTalk MacIP P2C-30
Advantages of Using MacIP P2C-3
Implementation Considerations P2C-3
Configure AppleTalk MacIP Task List P2C-32
Establish MacIP Server for Zone P2C-32
Allocate IP Addresses for Macintosh Users P2C-32
Configure IPTalk P2C-33
Configure IP Encapsulation of AppleTalk Packets P2C-35
Specify the UDP Port Ranges P2C-36
Configure SMRP over AppleTalk P2C-36
Configure AppleTalk Control Protocol for Point-to-Point Protocol P2C-38
Tune AppleTalk Network Performance P2C-3
Control Routing Updates P2C-39
Disable the Processing of Routed RTMP Packets P2C-39
Enable RTMP Stub Mode P2C-39
Disable the Transmission of Routing Updates P2C-39
Prevent the Advertisement of Routes to Networks with No Associated Zones P2C-40
Set Routing Table Update Timers P2C-40
Set Routing Update Interval Timer P2C-41
Assign Proxy Network Numbers P2C-4
Enable Round-Robin Load Sharing P2C-4
Disable Checksum Generation and Verification P2C-42
Control the AppleTalk ARP Table P2C-42
Control the Delay Between ZIP Queries P2C-43
Log Significant Network Events P2C-43
Disable Fast Switching P2C-43
Configure AppleTalk Enhanced IGRP P2C-43 Benefits of Using AppleTalk Enhanced IGRP P2C-44
Convergence Technology P2C-44 Enhanced IGRP Features P2C-44
Enhanced IGRP Components P2C-44
Neighbor Discovery/Recovery P2C-44
Reliable Transport Protocol P2C-45 DUAL Finite-State Machine P2C-45
Protocol-Dependent Modules P2C-45
Contents P2C-45 Cisco Enhanced IGRP Implementation P2C-46 Enhanced IGRP Configuration Task List
Enable AppleTalk Enhanced IGRP P2C-46
Configure Miscellaneous Parameters P2C-46
Disable Redistribution of Routing Information P2C-46 Hold Time P2C-47 Adjust the Interval Between Hello Packets and the
Disable Split Horizon P2C-47 P2C-48 Adjust the Active State Time for Enhanced IGRP Routes
Log Enhanced IGRP Neighbor Adjacency Changes P2C-48 Enhanced IGRP P2C-48 Configure the Percentage of Link Bandwidth Used by
Configure AppleTalk Interenterprise Routing P2C-49 Understand AppleTalk Domains P2C-49 Understand Domain Routers P2C-49
AppleTalk Interenterprise Routing Features P2C-49
Redundant Paths Between Domains P2C-49
AppleTalk Interenterprise Routing Task List P2C-50
Enable AppleTalk Interenterprise Routing P2C-50 Remap Network Numbers P2C-5 Control Hop Count P2C-5
Configure AppleTalk over WANs P2C-52
AppleTalk over DDR P2C-52
Configure Static Routes P2C-52
Configure Floating Static Routes P2C-52
AppleTalk over X.25 P2C-53
Monitor and Maintain the AppleTalk Network P2C-53 Monitor and Maintain the AppleTalk Network Using Cisco lOS Software Commands P2C-53
Monitor the AppleTalk Network Using Network Monitoring Packages P2C-55
AppleTalk Configuration Examples P2C-56 Extended AppleTalk Network Example P2C-57 Nonextended AppleTalk Network Example P2C-57
Nonextended Network in Discovery Mode Example P2C-57
AppleTalk Enhanced IGRP Example P2C-58
Transition Mode Example P2C-5
AppleTalk Access List Examples P2C-59
Defining an Access List to Filter Data Packets Example P2C-59 P2C-60 Defining an Access List to Filter Incoming Routing Table Updates Example
Comparison of Alternative Segmentation Solutions P2C-61 P2C-62 Defining an Access List to Filter NBP Packets Example
Configuring Partial Zone Advertisement Example P2C-63
Hiding and Sharing Resources with Access List Examples P2C-65
Establishing Free-Trade Zone Example P2C-65
Restricting Resource Availability Example P2C-66
GZL and ZIP Reply Filter Examples P2C-68
AppleTalk Interenterprise Routing over AURP Example P2C-69 SNMP Example P2C-70 MacIP Examples P2C-70 IPTalk Example P2C-7 AppleTalk Control Protocol Example P2C-74
vi Network Protocols Configuration Guide Part Proxy Network Number Example P2C-74
AppleTalk Enhanced IGRP Bandwidth Configuration Example P2C-75
AppleTalk Interenterprise Routing Example P2C-75 AppleTalk over DDR Example P2C-75 AppleTalk Control Protocol for PPP Example P2C-77
Configuring Novell IPX P2C79
IPX Addresses P2C-79 Network Numbers P2C-79 Node Numbers P2C-79
IPX Address Example P2C-79
IPX Configuration Task List P2C-80
Enable IPX Routing P2C-80 IPX Default Routes P2C-80
Enable IPX Routing Task List P2C-8
Enable IPX Routing P2C-8
Assign Network Numbers to Individual Interfaces P2C-8
Assign Network Numbers to Individual Interfaces Task List P2C-82
Assign Network Numbers to Interfaces That Support Single Network P2C-82
Assign Network Numbers to Interfaces That Support Multiple Networks P2C-82
Enable Concurrent Routing and Bridging P2C-84
Configure Integrated Routing and Bridging P2C-84
Configure IPX Enhanced IGRP P2C-84
Enhanced IGRP Features P2C-85
Enhanced IGRP Components P2C-85
Neighbor Discovery/Recovery P2C-85
Reliable Transport Protocol P2C-85
DUAL Finite-State Machine P2C-86
Protocol-Dependent Modules P2C-86
Configure IPX Enhanced IGRP Task List P2C-86
Enable IPX Enhanced IGRP P2C-86
Customize Link Characteristics P2C-87
Configure the Percentage of Link Bandwidth Used by Enhanced IGRP P2C-87
Configure Maximum Hop Count P2C-87
Adjust the Interval Between Hello Packets and the Hold Time P2C-87
Customize the Exchange of Routing and Service Information P2C-88
Redistribute Routing Information P2C-89
Disable Split Horizon P2C-89
Control the Advertising of Routes in Routing Updates P2C-90
Control the Processing of Routing Updates P2C-90
Control SAP Updates P2C-90
Control the Advertising of Services in SAP Updates P2C-91
Control the Processing of SAP Updates P2C-91
Query the Backup Server P2C-91
Contents vii Configure NLSP P2C-92
Understand Level and Routers P2C-92
Understand NLSP Databases P2C-92
Cisco Support of NLSP P2C-93
Configure NLSP Task List P2C-93
Define an Internal Network P2C-93
Enable NLSP Routing P2C-93
Configure NLSP on an Interface P2C-94
Configure NLSP on LAN Interface P2C-94
Configure NLSP on WAN Interface P2C-94
Customize Link Characteristics P2C-95
Enable NLSP Multicast Addressing P2C-95
Configure the Metric Value P2C-96
Configure the Link Delay and Throughput P2C-96 P2C-97 Configure the Maximum Hop Count
Specify Designated Router P2C-97
Intervals P2C-98 Configure Transmission and Retransmission
Modify Link-State Packet Parameters P2C-98
Limit Partial Route Calculations P2C-99
Configure Route Aggregation P2C-99 Benefits of Route Summarization P2C-99
Understand Area Addresses Route Summaries and Aggregated Routes P2C- 100
Understand NLSP Areas P2C- 101
Understand Route Redistribution P2C-101
Understand Route Summarization P2C- 102
Understand Service and Path Selection P2C-103
Configure Route Aggregation Task List P2C-104 P2C- 104 Configure Route Aggregation for Multiple NLSP Version 11 Areas
Configure Route Aggregation for NLSP Version 1.1 and NLSP Version 1.0
Areas P2C-106
Configure Route Aggregation for Enhanced IGRP and NLSP Version Environments P2C- 109 P2C- 111 Configure Route Aggregation for RIP and NLSP Version Environments
Customize the Exchange of Routing Information P2C- 112
Configure RIP and SAP Compatibility P2C-1 12
Redistribute Routing Information P2C- 113
Configure Next Hop Resolution Protocol P2C- 113
NHRP Configuration Task List P2C-1 14
Enable NHRP on an Interface P2C- 114 1PX-to-NBMA Address P2C-114 Configure Stations Static Mapping Server P2C-1 15 Statically Configure Next Hop P2C-1 15 Configure NHRP Authentication
Control NHRP Initiation P2C-1 15
Packet P2C- 115 Trigger NHRP by IPX Per-Destination Basis P2C-1 16 Trigger NHRP on Control NHRP Packet Rate P2C-1 16 Record P2C-116 Suppress Forward and Reverse Options Address P2C-1 17 Specify the NHRP Responder
Change the Time Period NBMA Addresses Are Advertised as Valid P2C-1 17
viii Network Protocols Configuration Guide Part Configure IPX and SPX over WANs P2C-1 17
Configure IPX over DDR P2C- 118
Configure SPX Spoofing over DDR P2C- 118
Configure IPX Header Compression P2C- 118
Configure the IPXWAN Protocol P2C- 119
Control Access to IPX Networks P2C-1 19
Types of Access Lists P2C-1 19 Types of Filters P2C-120
Implementation Considerations P2C- 121
Control Access to IPX Networks Task List P2C-121
Create Access Lists P2C-121
Create Access Lists Using Numbers P2C-122
Create Access Lists Using Names P2C-122
Create Filters P2C-125
Create Generic Filters P2C-125
Create Filters for Updating the Routing Table P2C-126
Create SAP Filters P2C-126
Create GNS Response Filters P2C- 127
Create IPX NetBIOS Filters P2C- 127
Create Broadcast Message Filters P2C-128
Tune IPX Network Performance P2C- 128
Control Novell IPX Compliance P2C- 129
Control the Forwarding of Type 20 Packets P2C- 129
Control Interpacket Delay P2C-132
Shut Down an IPX Network P2C-133
Achieve Full Novell Compliance P2C-l33
Adjust RIP and SAP Information P2C-134
Configure Static Routes P2C- 134
Adjust the RIP Delay Field P2C-135
Control Responses to RIP Requests P2C-135
Adjust RIP Update Timers P2C-135
Configure RIP Update Packet Size P2C-136
Configure Static SAP Table Entries P2C- 136
Configure the Queue Length for SAP Requests P2C-136
Adjust SAP Update Timers P2C-137
Configure SAP Update Packet Size P2C-138 Enable SAP-after-RIP P2C- 138
Disable Sending of General RIP or SAP Queries P2C-139
Control Responses to GNS Requests P2C-139
Configure Load Sharing P2C-140
Enable Round-Robin Load Sharing P2C-140
Enable Per-Host Load Sharing P2C-140
Specify the Use of Broadcast Messages P2C-141
Use Helper Addresses to Forward Broadcast Packets P2C-141
Enable Fast Switching of IPX Directed Broadcast Packets P2C-142
Disable IPX Fast Switching P2C- 142
Adjust the Route Cache P2C-143
Control Route Cache Size P2C- 143
Control Route Cache Invalidation P2C-143
Contents ix P2C-144 Adjust Default Routes
Disable Network Number -2 as the Default Route P2C- 144
Advertise Only Default RIP Routes P2C-144 Pad Odd-Length Packets P2C-144
Shut Down an IPX Network P2C-145
Configure IPX Accounting P2C- 146
Switching Support P2C- 146
Access List Support P2C-146
IPX Accounting Task List P2C- 146
Enable IPX Accounting P2C-146 Customize IPX Accounting P2C-146
Monitor and Maintain the IPX Network P2C-147
Perform General Monitoring and Maintaining Tasks P2C-147
Monitor and Maintain Caches Tables Interfaces and Statistics P2C-147
Specify the Type and Use of Ping Packets P2C- 148
Repair Corrupted Network Numbers P2C-148
Troubleshoot Network Connectivity P2C- 149 Monitor and Maintain IPX Enhanced IGRP P2C-149
Log Enhanced IGRP Neighbor Adjacency Changes P2C- 149 Monitor and Maintain NLSP P2C- 150
Log Adjacency State Changes P2C-150 Monitor and Maintain NHRP P2C- 150
Monitor and Maintain IPX Accounting P2C- 151
Novell IPX Configuration Examples P2C- 151
IPX Routing Examples P2C- 151
IPX Routing on Single Network Example P2C- 151
IPX Routing on Multiple Networks Examples P2C- 152
IPX Routing Protocols Examples P2C-153 Enhanced IGRP Examples P2C-155 IPX Enhanced IGRP Example P2C-155 IPX SAP-Incremental IGRP Example P2C-155 Enhanced IGRP SAP Update Examples P2C-156
Advertisement and Processing of SAP Update Examples P2C-156
IPX Enhanced IGRP Bandwidth Configuration Example P2C- 157 NLSP Examples P2C-157
NLSP Multicast Addressing Examples P2C-157 Enhanced IGRP and NLSP Route Redistribution Example P2C- 158
NLSP Route Aggregation for Multiple NLSP Version Areas Example P2C- 158
NLSP Route Aggregation for NLSP Version 1.1 and Version 1.0 Areas Example P2C- 158
NLSP Route Aggregation for NLSP Version 1.1 Enhanced IGRP and RIP Example P2C-159 NHRP Examples P2C-160 NHRP Example P2C-160 NHRP over ATM Example P2C- 162
IPX over WAN Examples P2C-164 IPX over WAN Interface Example P2C- 164 IPX over DDR Example P2C-166
Network Protocols Configuration Guide Part IPX Network Access Examples P2C-168 IPX Network Access Example P2C-168
Standard Named Access List Example P2C-170
SAP Input Filter Example P2C-170 SAP Output Filter Example P2C- 171 IPX NetBIOS Filter Examples P2C-172
Helper Facilities to Control Broadcast Examples P2C-173
Forwarding to an Address Example P2C- 174
Forwarding to All Networks Example P2C-175 All-Nets Flooded Broadcast Example P2C-176 IPX Accounting Example P2C-177
Index
Contents xi xii Network Protocols Configuration Guide Part FIGURES
Figure Cisco lOS Software Documentation Modules xviii
Figure IPTalk Configuration Example P2C-34
Figure SMRP Packet Transmission over AppleTalk P2C-37
Figure Allowed Configuration of Domain Router Connecting Two Domains P2C-50
Figure Improper Configuration of Domain Routers Connecting Two Domains P2C-50
Figure InterPoll Output P2C-56
Figure Nonextended AppleTalk Routing between Two Ethernet Networks P2C-57
Figure Routing in Discovery Mode P2C-58
Figure Transition Mode Topology and Configuration P2C-59
Figure 10 Example Topology of Partially Obscured Zone P2C.64
Figure 11 Controlling Access to Common AppleTalk Network P2C-65
Figure 12 Controlling Resource Access among Multiple AppleTalk Zones P2C-66
Figure 13 GZL and ZIP Reply Filters Sample Topology P2C-69
Figure 14 Example Network Topology P2C-74
Figure 15 AppleTalk over DDR Configuration P2C-76
Figure 16 Two Logical NBMA Networks over One Physical NBMA Network P2C-161
Figure 17 Physical Configuration of Sample NBMA Network P2C-162
Figure 18 IPX over WAN Interface P2C-164
Figure 19 IPX over DDR Configuration P2C 166
Figure 20 Novell IPX Servers Requiring Access Control P2C- 169
Figure 21 SAP Input Filter P2C-170
Figure 22 SAP Output Filter P2C-171
Figure 23 IPX Clients Requiring Server Access through Router P2C- 174
Figure 24 Type Broadcast Flooding P2C-176
Figure 25 IPX Accounting Example P2C-177
Figures xiii xiv Network Protocols Configuration Guide Part TABLES
Table How to Find Command Options xxiv
Table Summary of Main Command Modes xxvii
Table Comparison of Nonextended and Extended Networks P2C-8
Table AppleTalk Phase and Phase P2C-8
Table Packet Type to Filter Mapping P2C- 19
Table Zone and Interface Associations for Partial Zone Advertisement Example P2C-64
Table Partial Zone Advertisement Control on Network 30 P2C-64
Table Cisco and Novell IPX Encapsulation Names on IEEE Interfaces P2C-8
Table IPX Filters P2C-120
Tables xv xvi Network Protocols Configuration Guide Part About the Csco OS Software Docu mentaflon
This section discusses the objectives audience organization and conventions of the Cisco lOS
software documentation It also discusses how to obtain documentation on Cisco Connection Online
and the Documentation CD-ROM
Documentation Objectives
This Cisco lOS software documentation describes the tasks and commands necessary to configure
and maintain your access server or router
Audience
The Cisco lOS software documentation is intended primarily for useis who configure and maintain
access servers and routers but are not necessarily familiar with tasks the relationship between tasks commands tasks or the necessary to perform particular
Documentation Organization
The Cisco 105 software documentation is divided into 12 modules and two master indexes In
addition to the main documentation set there are four supporting documents
Documentation Modules
Each module consists of two books configuration guide and coiresponding command reference
Chapters in configuration guide describe protocols configuration tasks and Cisco 105 software
functionality and contain comprehensive configuration examples Chapters in command reference
provide complete command syntax information Each configuration guide can be used in
conjunction with its corresponding command reference
Master Indexes
Two master indexes provide indexing information for the Cisco 105 software documentation set an
index for the configuration guides and an index for the command references In addition individual
books contain book-specific index
About the Cisco OS Software Documentation xvii Documentation Organization
Documentation Set
The Cisco lOS software documentation set is shown in Figure
Figure Cisco lOS Software Documentation Modules
Module FC/FR Module P1C/P1R Module P2C/P2R Module P3C/P3R Module WC/WR Module SC/SR Module IC/IR
Configuration Network Protocols Network Protocols Network Protocols Wide-Area Security Cisco lOS Services Interface Fundamentals Part Part Part Networking AAA Security
Configuration IP Addressing AppleTalk Apollo Domain ATM Security Server Interface
Fundamentals IP Services Novell IPX Banyan VINES Frame Relay Protocols Configuration
Overview IP Routing DECnet SMDS Traffic Filtering and Cisco lOS User Protocols ISO CLNS X.25 and LAPB Firewalls
Interfaces XNS IP Security and
File Management Encryption
System Management Passwords and Privileges Neighbor Router Authentication
IP Security Options
Module DC/DR Module XC/XR Module BC/BR Module VCNR Module QC/QR Configuration
Dial Solutions Cisco lOS Switching Bridging and IBM Voice Video and Quality of Service Guide Master Dial-In Port Setup Services Networking Home Applications Solutions Index
Dial-In Terminal Switching Paths for IP Transparent Bridging Voice over IP Classification
Services Networks Source-Route Bridging Voice over Frame Scheduling Command
Dial-on-Demand Fast Switching Token Ring Inter-Switch Relay Packet Drop Reference Routing DDR Autonomous Switching Link Voice over ATM Traffic Shaping Master Index
Dial Backup NetFlow Switching Remote Source-Route Voice over HDLC ATM QoS
Dial-Out Modem Optimum Switching Bridging Video Support SNA Q0S
Pooling Cisco Express DLSw Universal Broadband Line Protocols Large-Scale Dial Forwarding STUN and BSTUN Features
Solutions Tag Switching LLC2 and SDLC
Cost-Control Multilayer Switching IBM Network Media Solutions Virtual LAN VLAN Translation ISDN Switching and Routing DSPU and SNA Service Point
X.25 over ISDN Inter-Switch Link SNA Frame Relay Access Support VPDN Protocol Encapsulation APPN Dial Business IEEE 80210 Cisco Database Connection
Solutions Encapsulation NCIA Client/Server Topologies and Examples LAN Emulation Cisco Mainframe Channel Connection
Multiprotocol over ATM Airline Product Set
xviii Network Protocols Configuration Guide Part Supporting Documents
Supporting Documents
The following documents support the Cisco lOS software documentation set
Cisco lOS Software Command Summary
Cisco 105 Software System Ermr Messages
Debug Command Reference
Dial Solutions Quick Configuration Guide
Document Convenflons
The Cisco lOS documentation set uses the following conventions
Convention Description
Ctrl the Control For or Represents key example when you read AD or Ctrl-D you should hold the Control down key while you press the key Keys are indicated in capital
letters but are not case sensitive
string string is defined as nonquoted set of characters For example when setting an
SNMP community string to public do not use quotation marks around the string
otherwise the string will include the quotation marks
Examples use the following conventions
Convention Description
screen Shows an example of information displayed on the screen
boldface screen Shows an example of information that you must enter
Nonprinting characters such as passwords appear in angled brackets
Exclamation points at the beginning of line indicate comment line They are also
displayed by the Cisco lOS software for certain processes
Default in responses to system prompts appear square brackets
The following conventions are used to attract the readers attention
Caution Means reader be careful In this situation you might do something that could result in equipment
damage or loss of data
Note Means reader take note Notes contain helpful suggestions or references to materials not
contained in this manual
Timesaver Means the described action saves time You can save time by performing the action described in the paragraph
About the Cisco lOS Software Documentation xix Command Syntax Conventions
Within the Cisco lOS software documentation the term router is used to refer to both access servers
and routers When feature is supported on the access server only the term access server is used
Within examples routers and access servers are alternately shown These products are used only for
example purposes that is an example that shows one product does not indicate that the other product
is not supported
Command Syntax Conventions
Command descriptions use the following conventions
Convention Description
boldface Indicates commands and keywords that are entered literally as shown
italics Indicates arguments for which you supply values in contexts that do not allow italics
arguments are enclosed in angle brackets
Keywords or arguments that appear within square brackets are optional
choice of required keywords represented by and appears in braces separated
by vertical bars You must select one
Braces and vertical bars within square brackets indicate required choice within an
optional element You do not need to select one If you do you have some required choices
Cisco Connection Onfine
Cisco Connection Online CCO is Cisco Systems primary real-time support channel Maintenance
customers and partners can self-register on CCO to obtain additional information and services
Available 24 hours day days week CCO provides wealth of standard and value-added
services to Ciscos customers and business partners CCO services include product information product documentation software updates release notes technical tips the Bug Navigator
configuration notes brochures descriptions of service offerings and download access to public and
authorized files
CCO serves wide variety of users through two interfaces that are updated and enhanced
simultaneously character-based version and multimedia version that resides on the World Wide Web WWW The character-based CCO supports Zmodem Kermit Xmodem FTP and Internet
e-mail and it is excellent for quick access to information over lower bandwidths The WWW version
of CCO provides richly formatted documents with photographs figures graphics and video as well
as hyperlinks to related information
You can access CCO in the following ways
WWW http//www.cisco.com
WWW http//www-europe.cisco.com
WWW http//www-china.cisco.com
Telnet cco.cisco.com
Modem From North America 408 526-8070 from Europe 33 64 46 40 82 Use the
following terminal settings VT100 emulation databits parity none stop bits and connection rates up to 28.8 kbps
xx Network Protocols Configuration Guide Part Documentation CD-ROM
For copy of CCOs Frequently Asked Questions FAQ contact cco-help@ciscocom For
additional information contact cco-team@ cisco .com
Note If you are network administrator and need personal technical assistance with Cisco
product that is under warranty or covered by maintenance contract contact Ciscos Technical
Assistance Center TAC at 800 553-2447 408 526-7209 or [email protected] To obtain general
information about Cisco Systems Cisco products or upgrades contact 800 553-6387 408 526-7208 or cs-rep@ciscocom
Documentaflon CDROM
Cisco documentation and additional literature available in are CD-ROM package which ships with The Documentation member the your product CD-ROM of Cisco Connection Family is updated
it be than monthly Therefore might more current printed documentation To order additional copies of the Documentation CD-ROM contact your local sales representative or call customer service
The is CD-ROM package available as single package or as an annual subscription You can also
access Cisco documentation on the World Wide Web at http//www.cisco.com http//www-china.cisco.com or http//www-europe.cisco.com
If you are reading Cisco product documentation on the World Wide Web you can submit comments
electronically Click Feedback in the toolbar and select Documentation After you complete the
click form Submit to send it to Cisco We appreciate your comments
About the Cisco OS Software Documentation xxi Documentation CD-ROM
xxii Network Protocols Configuration Guide Part Using Cisco OS Software
This for chapter provides helpful tips understanding and configuring Cisco lOS software using the command-line interface CLI
Getting Help
Understanding Command Modes
Using the No and Default Forms of Commands
Saving Configuration Changes
For an overview of Cisco lOS software configuration refer to the Configuration Fundamentals
Configuration Guide
For information on the conventions used in the Cisco lOS documentation set refer to the About the Cisco lOS Software Documentation chapter located at the beginning of this book
Getting Hp
Entering question mask at the system prompt displays list of commands available for each
command mode You also list of commands associated can get any keywords and arguments with the context-sensitive help feature
To get help specific to command mode command keyword or an argument use one of the following commands
Command Purpose
help Obtain brief of the in description help system any command mode
abbreviated-command-en try Obtain list of commands that begin with particular character between and string No space command question mark
abbreviated-cominand-entryTab Complete partial command name
List all commands available for particular command mode command List commands associated keywords Space between command
and question mark
command keyword List keywords associated arguments Space between the
keyword and question mark
Using Cisco lOS Software xxiii Getting Help
Example How to Find Command Options
consist This section provides an example of how to display syntax for command The syntax can mark of optional or required keywords To display keywords for command enter question at Cisco lOS the configuration prompt or after entering part of command followed by space The
available with brief of the For software displays list of keywords along description keywords
the and wanted to see all example if you were in global configuration mode typed command amp the keywords for that command you would type arap
Table shows examples of how you can use the question mark to assist you in entering the commands commands It steps you through entering following
controller ti
cas-group timeslots 1-24 type em-fgb dtmf
Table How to Find Command Options
Command Comment
Router enable Enter the enable command and password to
Password password access privileged EXEC commands Router You have entered privileged EXEC mode
when the prompt changes to Router
Routerif config terminal Enter global configuration mode Enter configuration commands one per line End with CNTL/Z You have entered global configuration Router contig mode when the prompt changes to Routerconfig
Router config controller tl Enter controller configuration mode by
0-3 Controller unit number specifying the Ti controller that you want
Router config controller tl to configure using the controller ti global Router configcontroller configuration command
Enter to display what you must enter
next on the command line In this example
you must enter controller unit number
from to
You have entered controller configuration
mode when the prompt changes to Router config-controller
xxiv Network Protocols Configuration Guide Part Example How to Find Command Options
Table How to Find Command Options continued
Command Comment
Routerconfig-controller Enter to display list of all the controller configuration commands controller configuration commands cablelength Specify the cable length for DS1 link availablefortheTi controller cas-group Configure the specified timeslots for CAS Channel Associate Signals channel-group Specify the timeslots to channel-group mapping for an interface
clock Specify the clock source for DS1 link default Set command to its defaults description Controller specific description dsO ds0 commands exit Exit from controller configuration mode fdl Specify the FDL standard for DS1 data link
framing Specify the type of Framing on DS1 link help Description of the interactive help system linecode Specify the line encoding method for DS1 link loophack Put the entire Ti line into loopback no Negate command or set its defaults prigroup Configure the specified timeslots for PRI shutdown Shut down DS1 link send Blue Alarm Router config-controller
Routerconfig-cootroller cas-group Enter the command that you want to 023 Channel number configure for the controller In this Router config-controller cas-group example the eas-group command is used
Enter to display what you must enter
next on the command line In this example
you must enter channel number from
to 23
Because is cr not displayed it indicates
that you must enter more keywords to
complete the command
Routarconfig-controller cas-group Aftei you enter the channel number enter timeslots List of timeslots in the cas-group todisplaywhatyoumustenternexton Router config-controller casgroup the command line In this example you must enter the timeslots keyword
Because cr is not displayed it indicates
that you must enter more keywords to complete the command
Routerconfigcontroller timeslots cas-group After you enter the timeslots keyword 1-24 List of timeslots which comprise the cas-group enterato display whatyou must enter Router config-controller cas-group timeslots next on the command line In this example
you must enter list of timeslots from to 24
You can specify timeslot ranges for example 1-24 individual timeslots
separated by commas for example
or combination of the two for example
1-3 17-24 The 16th time slot is not
is specified in the command line because it
reserved for transmitting the channel
signaling
Because cr is not displayed it indicates
that you must enter more keywords to
complete the command
Using Cisco lOS Software xxv Understanding Command Modes
Table How to Find Command Options continued
Command Comment
Routerconfig-controller cas-group timeslots 1-24 After you enter the timeslot ranges enter
service Specify the type of service to display what you must enter next on the of type Specify type signaling the command line In this example you Router config-controller cas-group timeslots 1-24 must enter the service or type keyword
Because cr is not displayed it indicates
to that you must enter more keywords complete the command
Routerconfigcontroller caB-group timeslots 1-24 type In this example the type keyword is
ern-fgb Type II FGB entered.Afteryouenterthetypekeyword em- IIFGD fgd Type enter to display what you must enter em-immediate--start Immediate Start next on the command line In this example fxs-ground-start FXS Ground Start you must enter one of the signaling types fxs-loop-start FXS Loop Start
sas-ground-start SAS Ground Start Because cr is not displayed it indicates
sas- loop-s tart SAS Loop Start that you must enter more keywords to timeslots 1-24 Routerconfig-controller cas-group type complete the command
Routerconfig-controller caB-group timeslots 1-24 type em-fgb In this example theem-fgbkeyword is dtmf DTMF tone signaling entered After you enter the em-fgb mf MF tone signaling keyword enter to display what you service Specify the of service type must enter next on the command line In cro this example you can enter the dtmf mf Routerconfigcontroller cas-group timeslots 1-24 type em-fgb or service keyword to indicate the type of
channel-associated signaling available for
the em-fgb signaling type
Because cr is displayed it indicates
that you can enter more keywords or press
ci to complete the command
Routerconfig-controller caB-group timeslots 1-24 type em-fgb dtrnf Inthisexamplethedtmfkeywordis
dnis DNIS addr info provisioned entered After you enter the dtmf keyword service Specify the type of service cr enter to display what you must enter next on the command line In this example Routerconfig-controller cas-group timeslots 1-24 type em-fgb dtnf you can enter the dnis or service keyword
to indicate the options available for dtmf
tone signaling
Because cr is displayed it indicates
that enter or you can more keywords press cr to complete the command
Routerconfig-controller caB-group timeslots 1-24 type em-fgb dtmf In this example enter acr to complete
Router config-controller the command
Understanding Command Modes
The Cisco lOS user interface is divided into many different modes The commands available to you mode in mark the at any given time depend on which you are currently Entering question at system prompt allows you to obtain list of commands available for each command mode
When you start session on the router you begin in user mode often called EXEC mode Only
limited subset of the commands are available in EXEC mode In order to have access to all
commands you must enter privileged EXEC mode Normally you must enter password to enter command privileged EXEC mode From privileged mode you can enter any EXEC or enter global
xxvi Network Protocols Configuration Guide Part Summary of Main Command Modes
of the one-time configuration mode Most EXEC commands are commands such as show
commands which show the current status of something and clear commands which clear counters
or interfaces The EXEC commands are not saved across reboots of the router
The configuration modes allow you to make changes to the running configuration If you later save the these commands stored configuration are across router reboots In order to get to the various
configuration modes you must start at global configuration mode From global configuration mode
can enter interface subinterface you configuration mode configuration mode and variety of
protocol-specific modes
monitor mode is mode used when the ROM separate router cannot boot properly If your router or
does find valid access server not system image when it is booting or if its configuration file is corrupted at startup the system might enter read-only memory ROM monitor mode
Summary of Main Command Modes
Table summarizes the main command modes of the Cisco lOS software
Table Summary of Main Command Modes
Command
Mode Access Method Prompt Exit Method
User EXEC Log in Router Use the logout command
Privileged From user EXEC mode use Router To exit back to user EXEC mode use the disable command EXEC the enable EXEC command To enter global configuration mode use the configure
terminal privileged EXEC command
Global From privileged EXEC Router config if To exit to privileged EXEC mode use the exit or end
use the configuration mode configure command or press CtrI-Z
terminal privileged EXEC To enter interface configuration mode enter an interface command configuration command
Interface From global configuration con if To exit to Router fig-if global configuration mode use the exit command configuration mode enter by specifying an To exit to privileged EXEC mode use the exit command or interface with an interface press Ctrl-Z command
To enter subinterface configuration mode specify
subinterface with the interface command
Subinterface From interface conf ig- subi if To exit to configuration Router global configuration mode use the exit command configuration mode specify To enter privileged EXEC mode use the end command or subinterface with an press Ctrl-Z interface command
ROM monitor From EXEC To exit privileged to user EXEC mode type continue mode use the reload EXEC
command Press the Break
key during the first 60
seconds while the system is booting
For more information regarding command modes refer to the Using the Command Line Interface
chapter of the Configuration Fundamentals Configuration Guide
Using Cisco OS Software xxvii Using the No and Default Forms of Commands
Using the No and Defaufit Forms of Commands
Almost command also has no form In use the no form to disable every configuration general function Use the conm-iand without the keyword no to reenable disabled function or to enable
is enabled default To disable IP function that is disabled by default For example IP routing by
reenable it The Cisco lOS routing specify the no ip routing command and specify ip routing to
software command references provide the complete syntax for the configuration commands and
describes what the no form of command does
of command returns the Configuration commands can also have default form The default form
the default form is the command setting to its default Most commands are disabled by default so
variables set to same as the no form However some commands are enabled by default and have command and variables certain default values In these cases the default command enables the sets
to their default values The Cisco lOS software command references describe what the default form
of command does if the command is not the same as the no form
Saving Configuration Changes
Enter the copy systemrunning-config nvramstartup-config command to save your configuration
that will not be lost if there is reload or changes to your startup configuration so they system power
outage For example
Router copy system running-config nvram startup-config Building configuraLion..
the It might take minute or two to save the configuration After the configuration has been saved
following output appears
RouLer
the to nonvolatile random-access On most platforms this step saves configuration memory
this the to the NVRAM On the Class Flash file system platforms step saves configuration environment variable The variable location specified by the CONFIG_FILE CONFIG_FILE
defaults to NVRAM
xxviii Network Protocols Configuration Guide Part AppOeTak and NoveU PX Overview
The Cisco lOS software supports variety of routing protocols The Network Protocols
discusses the Configuration Guide Part following network protocols
AppleTalk
Novell IPX
The Network Protocols Configuration Guide Part discusses the following network protocols
IP
IP Routing
The Net-work Protocols Part discusses the Configuration Guide following network protocols
Apollo Domain
Banyan VINES
DECnet
ISO CLNS
XNS
This overview chapter provides high-level description of AppleTalk and Novell IPX For
configuration information refer to the appropriate chapter in this publication
AppeTak
This section and provides background on AppleTalk briefly describes Ciscos implementation of AppleTalk
Background on AppleTalk
is LAN and AppleTalk system designed developed by Apple Computer Inc It can run over Ethernet Token Ring and Fiber Distributed Data Interface FDDI networks and over Apples media proprietary twisted-pair access system LocalTalk AppleTalk specifies protocol stack
comprising several protocols that direct the flow of traffic over the network
the Apple Computer uses name AppleTalk to refer to the Apple network protocol architecture Apple
refers the Computer to actual transmission media used in an AppleTalk network as LocalTalk TokenTalk AppleTalk over Token Ring EtherTalk AppleTalk over Ethernet and FDDITa1k AppleTalk over FDDI
AppleTalk and Novell IPX Overview P2C-1 AppleTalk
Ciscos Implementation of AppleTalk
Phase For Phase Cisco lOS software supports AppleTalk Phase and AppleTalk AppleTalk extended and nonextended networks Cisco devices support both
advertised routers with Cisco router or access server may receive equivalent routes by neighboring Phase form of the route and another giving an one router giving an AppleTalk for example 101 When routers advertise AppleTalk Phase form of the route for example 101-101 neighboring the router uses the Phase form of the equivalent overlapping routes to router always AppleTalk
route and discards the AppleTalk Phase route
Supported Media
routes over Ethernet Token and FDDI Ciscos implementation of AppleTalk packets Ring LANs Link Control Frame and Switched Multimegabit and over X.25 High-Level Data HDLC Relay Data Service SMDS WANs
Standard AppleTalk Services
the standard The Cisco implementation of AppleTalk supports following AppleTalk protocols
AppleTalk Address Resolution Protocol AARP
AppleTalk Port Group
Datagram Delivery Protocol DDP
Routing Table Maintenance Protocol RTMP
Name Binding Protocol NBP
Zone Information Protocol ZIP
AppleTalk Echo Protocol AEP
AppleTalk Transaction Protocol ATP
between intemetworked nodes AARP AARP DDP and RTMP provide end-to-end connectivity
data thus it maps AppleTalk node addresses to the addresses of the underlying link making possible socket-to-socket of for AppleTalk to run on several data links DDP provides delivery packets
RTMP establishes and maintains routing tables
NBP and ZIP maintain node name and zone information NBP maps network names to AppleTalk
addresses ZIP tracks which networks are in which zones
It that test the of network AEP is an echo or ping-type protocol generates packets reachability nodes
retransmission for ATP is reliable transport protocol that provides data acknowledgment and Protocol transaction-based applications such as file services provided by the AppleTalk Filing the Printer Access Protocol AFP and print services provided by PAP
variables Our software provides support for the AppleTalk Management Information Base MIB as
described in RFC 1243
P2C-2 Network Protocols Configuration Guide Part Ciscos Implementation of AppleTalk
Enhancements to Standard AppleTalk Services
The Cisco AppleTalk implementation includes the following enhancements to standard AppleTalk support
for Support AppleTalk Enhanced Internet Gateway Protocol Enhanced IGRP AppleTalk Enhanced IGRP provides the following features
Automatic redistribution By default AppleTalk Routing Table Maintenance Protocol
RTMP routes are automatically redistributed into Enhanced IGRP and AppleTalk Enhanced IGRP routes redistributed are automatically into RTMP If desired you can turn off redistribution You can also completely turn off AppleTalk Enhanced IGRP and
AppleTalk RTMP on the device or on individual interfaces
of Configuration routing protocols on individual interfaces You can configure interfaces that
are configured for to use either Enhanced AppleTalk RTMP IGRP or both routing protocols If two neighboring routers are configured to use both RTMP and Enhanced IGRP the Enhanced IGRP routing information supersedes the RTMP information However both routers continue to send RTMP routing updates This feature allows you to control the excessive bandwidth of on links Because usage RTMP WAN WAN link is point-to-point
link that is there are no other devices on the there is link no need to run RTMP to perform end-node router Enhanced IGRP discovery Using on WAN links allows you to save bandwidth in the of Packet-Switched Data and case Networks PSDN traffic charges
for Support EtherTalk 1.2 and EtherTalk 2.0 without the need for translation or transition routers
for Ethernet-emulated For Support LANs more information on emulated LANs and routing
between refer to the AppleTalk them Configuring LAN Emulation chapter of the Cisco 105
Switching Services Configuration Guide
for For information Support VLANs more on VLANs and routing AppleTalk between them over
Inter-Switch Link IEEE refer ISL or 802.10 to the Configuring Routing Between VLANs with ISL Encapsulation and Configuring Routing Between VLANs with IEEE 802.10
of the Encapsulation chapters Cisco lOS Suitching Services Configuration Guide
Support for WAN protocols including SMDS Frame Relay X.25 and HDLC
Configurable constants the control of the protocol including aging of entries in the routing table and control of the interval AARP and number of retransmissions
No software limits on the number of zones or routes However per AppleTalk specification you can have maximum only of 255 zones per segment
MacTCP support via MacIP server
of which Support IPTalk provides Internet Protocol IP encapsulation of AppleTalk IPTalk and the Columbia AppleTalk Package CAP
Access control for network traffic network filtering by number ZIP filtering by NBP entity names table and filtering routing updates filtering GetZoneList GZL responses
node Integrated name support to simplify AppleTalk network management
Interactive access to AEP and NBP provided by the test appletalk command
Configured seed and discovered interface configuration
Support for the which is used AppleTalk Responder by network monitoring packages such as InterPoll
SNMP over AppleTalk
Encapsulation tunneling of AppleTalk RTMP packets over an IP backbone
AppleTalk and Novell IPX Overview P2C3 Novell IPX
Support for AppleTalk static routes
SMRP over AppleTalk
Security
for network The of AppleTalk like many network protocols makes no provisions security design be at the AppleTalk protocol architecture requires that security measures implemented higher
distribution lists control of routing updates application levels Cisco supports AppleTalk allowing
This feature is similar to those that Cisco for other on per-interface basis security provides
protocols
with local and Note that Ciscos implementation of AppleTalk does not forward packets source
destination network addresses This behavior does not conform with the definition of AppleTalk in
is to Apple Computers Inside AppleTalk publication However this behavior designed prevent any
table in node that is address possible corruption of the AARP any AppleTalk performing gleaning
through Media Access Control MAC
Novell PX
of Novell This section offers background information and briefly describes Ciscos implementation IPX
Background on Novell IPX
derived the Internet Novell Internet Packet Exchange IPX is from Xerox Network Systems XNS Datagram Protocol IDP IPX and XNS have the following differences
IPX and XNS do not always use the same Ethernet encapsulation format
Protocol to advertise IPX uses Novells proprietary Service Advertisement SAP special
network services File servers and print servers are examples of services that typically are
advertised
the metric in IPX uses delay measured in ticks while XNS uses hop count as primary
determining the best path to destination
Ciscos Implementation of Novells IPX
of Novells IPX is certified to full IPX Ciscos implementation protocol provide routing
functionality
IPX MIB Support
is The IPX Cisco supports the IPX MIB currently read-only access supported Accounting group IPX variables This access to represents one of the local Cisco-specific we support group provides
the active database that is created and maintained if IPX accounting is enabled on router or access
server
P2C-4 Network Protocols Configuration Guide Part Ciscos Implementation of Novells IPX
IPX Enhanced IGRP Support
Cisco lOS software also IPX Enhanced which supports IGRP provides the following features
Automatic redistributionIPX RIP routes are automatically redistributed into Enhanced IGRP and Enhanced IGRP routes are automatically redistributed into Routing Information Protocol
If off redistribution RIP desired you can turn You also can completely turn off Enhanced IGRP and IPX RIP on the device or on individual interfaces
Increased network widthWith IPX the RIP largest possible width of your network is 15 hops
When Enhanced IGRP is the enabled largest possible width is 224 hops Because the Enhanced
IGRP metric is large enough to support thousands of hops the only barrier to expanding the
network is the transport layer hop counter Cisco works around this problem by incrementing the
control field transport only when an IPX packet has traversed 15 routers and the next hop to the destination learned was via Enhanced IGRP When RIP route is being used as the next hop to
the destination the transport control field is incremented as usual
Incremental SAP updatesComplete SAP updates are sent periodically on each interface until Enhanced an IGRP neighbor is found and thereafter only when changes are made to the SAP table This procedure works by taking advantage of Enhanced IGRPs reliable transport
mechanism which means that an Enhanced IGRP peer must be present for incremental SAPs to
be If sent no peer exists on particular interface periodic SAPs will be sent on that interface
until is peer found This functionality is automatic on serial interfaces and can be configured on LAN media
LANE Support
Cisco lOS software also supports routing IPX between Ethernet-emulated LANs and Token
Ring-emulated LANs For more information on emulated LANs and routing IPX between them
refer the to Configuring LAN Emulation chapter of the Cisco 105 Switching Services
Configuration Guide
VLAN Support
Cisco lOS software supports routing IPX between VLANs Users with Novell NetWare environments of the four can configure any one IPX Ethernet encapsulations to be routed using the
Inter-Switch Link ISL encapsulation across VLAN boundaries For more information on VLANs
and IPX between them refer routing over ISL to the Configuring Routing Between VLANs with
ISL of the Encapsulation chapter Cisco lOS Switching Services Configuration Guide
AppleTalk and Novell IPX Overview P2C-5 Novell IPX
P2C-6 Network Protocols Configuration Guide Part Configuring AppleTalk
This chapter describes how to configure AppleTalk and provides configuration examples For of the commands complete description AppleTalk mentioned in this chapter refer to the AppleTalk
Commands chapter in the NelworkProtocols CommandReference Part To locate documentation
of other commands that in this appear chapter use the command reference master index or search online
AppeTak Phases
The AppleTalk network architecture has the following two phases
AppleTalk Phase
AppleTalk Phase
AppleTalk Phase
AppleTalk Phase is the initial implementation of AppleTalk and is designed for logical
workgroups AppleTalk Phase supports single physical network that can have one network number and be in one zone.This network can have up to 254 devices which can consist of 127 end
nodes and 127 servers
AppleTalk Phase
Phase is enhancement to Phase AppleTalk an AppleTalk and is designed for larger networks and has improved routing capabilities It supports multiple logical networks on single physical network
and networks in This multiple logical given zone means that one cable segment can have multiple
network numbers Each network in Phase logical can support up to 253 devices with no
restrictions on the type of devices end nodes or servers Also in AppleTalk Phase network can be in more than one zone
Types of AppleTalk Networks
AppleTalk Phase distinguishes between two types of networks based on their media-level
encapsulation and cable addressing methods The two types of networks are as follows
Nonextended
Extended
Configuring AppleTalk P2C7 AppleTalk Phases
Comparison of Nonextended and Extended Networks
and extended networks Table compares the attributes of nonextended
Table Comparison of Nonextended and Extended Networks
Attribute Nonextended Extended
of the Media-level encapsulation method Encapsulation ISO-type encapsulations
3-byte LocalTalk packet only that is no
in an Ethernet frame encapsulation of the
3-byte LocalTalk
packets
LocalTalk All media Physical media that supports media-level physical LocalTalk encapsulation methods except
Each node number is Each network.iode Node addressing method
unique combination is unique
number number Cable addressing method single per range cable corresponding to one or
more logical networks
Relationship Between AppleTalk Phases and Network Types
Nonextended networks were the sole network type defined in AppleTalk Phase You can consider
AppleTalk Phase networks to be nonextended networks
You can consider AppleTalk Phase networks to be extended networks
Comparison of AppleTalk Phases
Phase and Phase Table compares the capabilities of AppleTalk
Table AppleTalk Phase and Phase
Capability AppleTalk Phase AppleTalk Phase
Networks nodes and zones
652791 Number of logical networks cable segments
Maximum number of devices 2542 253
Maximum number of end nodes 127 Does not apply4
Maximum number of servers 127 Does not apply
Number of zones in which network can be nonextended 255 extended
Media-level encapsulation
Nonextended network Does not apply Yes
P2C-8 Network Protocols Configuration Guide Part Cisco-Supported AppleTalk Phases
Table AppleTalk Phase and Phase continued
Capability AppleTalk Phase AppleTalk Phase
Extended network Does not apply Yes
Cable addressing Does not apply uses Single network number network numbers nonextended
Cable range of or more extended
The 65279 value is per AppleTalk specifications
The node addresses and 255 are reserved
The node addresses 254 and 255 are reserved There is no restriction on the types of devices There can be total of 253 end nodes and servers
In terms of zones an AppleTalk Phase network can be thought of as nonextended AppleTalk Phase network
Cisco-Supported AppleTalk Phases
Routers running Software Release 82 or later support AppleTalk Phase and Phase
AppeTak Addresses
An AppleTalk address consists of network number and node number expressed in decimal in the format network.node
Network Numbers
The network number identifies cable network or segment network is single logical cable
Although the logical cable is frequently single physical cable bridges and routers can interconnect
several physical cables
The network number is 16-bit decimal number that must be unique throughout the entire AppleTalk internetwork
AppleTalk Phase Network Numbers
In AppleTalk Phase networks are identified by single network number that corresponds to
physical network In AppleTalk Phase the network number is reserved
AppleTalk Phase Network Numbers
In AppleTalk Phase networks are identified by cable range that corresponds to one or more
logical networks In Phase single cable can have multiple network numbers
cable is either network number range one or contiguous sequence of several network numbers in the format startend For example the cable range 40964096 identifies logical network that
has network and the cable 1012 identifies single number range logical network that spans three network numbers
In AppleTalk Phase the network number is reserved
Configuring AppleTalk P2C-9 AppleTalk Zones
Node Numbers
is device connected to the network The The node number identifies the node which any AppleTalk
node number is an 8-bit decimal number that must be unique on that network
AppleTalk Phase Node Numbers
In AppleTalk Phase node numbers through 127 are for user nodes node numbers 128 through and 255 reserved 254 are for servers and node numbers are
AppleTalk Phase Node Numbers
nodes attached to the In AppleTalk Phase you can use node numbers through 253 for any network Node numbers 254 and 255 are reserved
AppleTalk Address Example
The following is an example of an AppleTalk network address
3.45
numbers in In this example the network number is and the node number is 45 You enter both
decimal Cisco lOS software also displays them in decimal
AppeTak Zones
The networks in be zone is logical group of networks zone can contiguous or noncontiguous be characters The zone is identified by zone name which can up to 32 long zone name can
include standard characters and AppleTalk special characters To include special character type
that the character in the Macintosh colon followed by two hexadecimal characters represent special
character set
AppleTalk Phase Zones
An AppleTalk Phase network can have only one zone
AppleTalk Phase Zones
In AppleTalk Phase an extended network can have up to 255 zones nonextended network can
have only zone
ConfiguraflonGudeUnes and Compatibflty Rues
AppleTalk Phase and AppleTalk Phase networks are incompatible and cannot run simultaneously
on the same internetwork As result all routers in an internetwork must support AppleTalk Phase
before the network can use Phase routing
P2C-1O Network Protocols Configuration Guide Part Combining AppleTalk Phasel and Phase Routers
ombifliflg AppleTalk Phase and Phase Routers
of Phase If your internetwork has combination AppleTalk and Phase routers you must observe the following configuration guidelines If you do not follow these guidelines unpredictable behavior might result Note however that you do not need to upgrade all end nodes to use the features
provided by our AppleTalk enhancements
The cable range must be one for example 2323
Each AppleTalk network can be member of only one zone
Combining Cisco Routers with Other Vendors
When using Cisco routers with implementations of AppleTalk by other vendors follow these
guidelines
For Macintosh with an Ethernet card to support extended AppleTalk the Macintosh must be
running EtherTalk Version 2.0 or later This restriction does not apply to Macintoshes with only LocalTalk interfaces
Shiva FastPath routers must run K-Star Version 8.0 or later and must be explicitly configured for
extended AppleTalk
Apples Internet Router software Version 2.0 supports transition mode for translation between
nonextended AppleTalk and extended AppleTalk on the same network Transition mode requires
the Apple upgrade utility and special patch file from Apple
AppeTaDk Configuration Task List
To configure AppleTalk routing complete the tasks in the following sections At minimum you
must enable AppleTalk routing The remaining tasks are optional
Enable AppleTalk Routing
Control Access to AppleTalk Networks
Configure the Name Display Facility
Set Up Special Configurations
Configure AppleTalk Control Protocol for Point-to-Point Protocol
Tune AppleTalk Network Performance
Configure AppleTalk Enhanced IGRP
Configure AppleTalk Interenterprise Routing
Configure AppleTalk over WANs
Monitor and Maintain the AppleTalk Network
See the AppleTalk Configuration Examples section at the end of this chapter for configuration examples
Configuring AppleTalk P2C-11 Enable AppleTalk Routing
Enable AppHeTak Roufing
it each You enable AppleTalk routing by first enabling it on the router and then configuring on
interface
nonextended You can also enable the Cisco lOS software to perform transition mode routing from
AppleTalk to extended AppleTalk
You can route AppleTalk on some interfaces and transparently bridge it on other interfaces enable concurrent and simultaneously To do this you must routing bridging
You can also route AppleTalk traffic between routed interfaces and bridge groups or route do enable AppleTalk traffic between bridge groups To this you must integrated routing and
bridging
Enable AppleTalk Routing Task List
Complete the tasks in the following sections to enable AppleTalk routing The first two tasks are
required the rest are optional
Enable AppleTalk Routing
Configure an Interface for AppleTalk
Select an AppleTalk Routing Protocol
Configure Transition Mode
Enable Concurrent Routing and Bridging
Configure Integrated Routing and Bridging
Enable AppleTalk Routing
To enable AppleTalk routing use the following command in global configuration mode
Command Purpose
appletalk routing Enable AppleTalk routing
enables The appletalk routing command without any keywords or arguments AppleTalk routing enable using the Routing Table Maintenance Protocol RTMP routing protocol You can AppleTalk
routing to use AppleTalk Enhanced IGRP routing protocol instead of RTMP For more information
refer to the Enable AppleTalk Enhanced IGRP section in this chapter
For an example of how to enable AppleTalk routing see the Extended AppleTalk Network
Example section at the end of this chapter
Configure an Interface for AppleTalk
You configure an interface for AppleTalk by assigning an AppleTalk address or cable range to the
interface and then assigning one or more zone names to the interface You can perform these tasks
either manually or dynamically
P2C-12 Network Protocols Configuration Guide Part Configure an Interface for AppleTalk
Manually Configure an tnterface
You can manually configure an interface for nonextended AppleTalk or extended AppleTalk routing
Configure for Nonextended AppleTalk Routing
To manually configure an interface for nonextended AppleTalk routing use the following commands
in interface configuration mode
Step Command Purpose
appletalk address networknode Assign an AppleTalk address to the interface
appletalk zone zone-name Assign zone name to the interface
After you assign the address and zone names the interface will attempt to verify them with another
operational router on the connected network If there are any discrepancies the interface will not
become operational If there are no neighboring operational routers the device will assume the
interfaces configuration is correct and the interface will become operational
For an example of how to configure an interface for nonextended AppleTalk routing see the
Nonextended AppleTalk Network Example section in this chapter
Configure for Extended AppleTalk Routing
To manually configure an interface for extended AppleTalk routing use the following commands in
interface configuration mode
Step Command Purpose
appletalk cable-range cable-range Assign cable range to an interface
appletalk zone zone-name Assign zone name to the interface
You can assign more than one zone name to cable range If you do so the first name you assign is considered to be the default zone You can define up to 255 zones
For an example of how to configure an interface for extended AppleTalk routing see the Extended
AppleTalk Network Example section in this chapter
Dynamically Configure an Interface
If nonextended or an extended intel-face is connected to network that has at least one other
operational AppleTalk router you can dynamically configure the interface using discovery mode In
discovery mode an interface acquires information about the attached network from an operational
router and then uses this information to configure itself
Benefits of Dynamically Configuring an Interface
Using discovery mode to configure interfaces saves time if the network numbers cable ranges or
zone names change If this happens you must make the changes on only one seed router on each network
Discovery mode is useful when you are changing network configuration or when you are adding
router to an existing network
Configuring AppleTalk P2C-13 Enable AppleTalk Routing
Restrictions of Dynamically Configuring an Interface
If there is no operational router on the attached network you must manually configure the interface
as described in the previous sections Also if discovery mode interface is restarted another
operational router must be present before the interface will become operational
Discovery mode does not run over serial lines
Caution Do not enable discovery mode on all routers on network If you do so and all the devices restart simultaneously for example after power failure the network will be inaccessible until you manually
configure at least one router
Seed Router Starting Sequence
nondiscovery-mode interface also called seed router starts up as follows
The seed router acquires its configuration from memory
If the stored configuration is not completely specified when you assign an AppleTalk address to
an interface on which you assign cable range and zone name the interface will not start up
If the stored configuration is completely specified the interface attempts to verify the stored
configuration with another router on the attached network If any discrepancy exists the interface will not start up
If there are no neighboring operational routers the device will assume the interfaces stored
configuration is correct and the interface will become operational
Response to Configuration Queries
Using discovery mode does not affect an interfaces ability to respond to configuration queries from
other routers on the connected network once the interface becomes operational
Dynamically Configure Nonextended Interface
You can activate discovery mode on nonextended interface in one of two ways depending on whether you know the network number of the attached network
In the first method you immediately place the interface into discovery mode by specifying an
AppleTalk address of 0.0 Use this method when you do not know the network number of the
attached network For this method use the following command in interface configuration mode
Command Purpose
appletalk address 0.0 Place the interface into discoveiy mode by assigning
it the AppleTalk address 0.0
For an example of how to configure discovery mode using this method see the Nonextended
Network in Discovery Mode Example section at the end of this chapter
P2C-14 Network Protocols configuration Guide Part Select an AppleTalk Routing Protocol
For the second method you first assign an address to the interface and then explicitly enable
discovery mode Use this method when you know the network number of the attached network
Note however that you are not required to use this method when you know the network number For
this method use the following commands in interface configuration mode
Step Command Purpose
appletalk address nerwork.ode Assign an AppleTalk address to the interface
appletalk discovery Place the interface into discovery mode
DynamicaUy Configure an Extended Interface
You can activate discovery mode on an extended interface in one of two ways depending on whether network you kiiow the cable range of the attached
the interface into In the first method you immediately place discovery mode by specifying cable
range of 00 Use this method when you do not know the network number of the attached network
For this method use the following command in interface configuration mode
Command Purpose
appletalk cable-range 00 Place the interface into discovery mode by assigning
it the cable range 0-0
cable and then enable mode Use In the second method you first assign ranges explicitly discovery this method when you know the cable range of the attached network Note however that you are not
the cable For this the required to use this method if you know range method use following
commands in interface configuration mode
Step Command Purpose
appletalk cable-range cable-range Assign an AppleTalk address to the interface node
appletalk discovery Place the interface into discovery mode
Select an AppleTalk Routing Protocol
Once you configure AppleTalk on an interface you can select routing protocol for the interface
You can enable the RTMP or Enhanced IGRP routing protocols on any interface You can also enable
the Apple Update-Based Routing Protocol AURP on tunnel interface
With this command you can enable some AppleTalk interfaces to use RTMP some to use Enhanced
IGRP and others to use AURP as required by your network topology
To select an AppleTalk routing protocol for an interface use the following command in interface
configuration mode
Command Purpose
appletalk protocol aurp eigrp rtmp Create an AppleTalk routing process
This command is optional If you do not select routing protocol for an interface Cisco lOS uses RTMP by default
For an example of how to select an AppleTalk routing protocol using Enhanced IGRP see the
AppleTalk Access List Examples section at the end of this chapter
Configuring AppleTalk P2C-15 Enable AppleTalk Routing
Configure Transition Mode
The Cisco lOS software can route packets between extended and nonextended AppleTalk networks
that coexist on the same cable This type of routing is referred to as transition mode
To use transition mode you must have two router ports connected to the same physical cable One
port is configured as nonextended AppleTalk network and the other port is configured as an
extended AppleTalk network Each port must have unique network number because you are
routing between two separate AppleTalk networks the extended network and the nonextended network
To configure transition mode you must have two ports on the same router that are connected to the
same physical cable You configure one port as nonextended AppleTalk network by using the
following commands in interface configuration mode
Step Command Purpose
appletalk address networknode Assign an AppleTalk address to the interface
appletalk zone zone-name Assign zone name to the interface
You configure the second port as an extended AppleTalk network by using the following commands
in inteiface configuration mode
Step Command Purpose
appletalk cable-range cable-range Assign an AppleTalk cable range to the interface node
appletalk zone zone-name Assign zone name to the interface
When you enter interface configuration mode the type of interface must be the same for both ports for example both could be Ethernet and the interface number must be different for example and
For an example of how to configure transition mode see the Transition Mode Example section at
the end of this chapter
Enable Concurrent Routing and Bridging
You can route AppleTalk on some interfaces and transparently bridge it on other interfaces
simultaneously To do this you must enable concurrent routing and biidging
To enable concurrent routing and bridging use the following command in global configuration mode
Command Purpose
bridge crb Enable concurrent routing and bridging
Configure Integrated Routing and Bridging
Integrated routing and bridging IRB enables user to route AppleTalk traffic between routed
interfaces and bridge groups or route AppleTalk traffic between bridge groups Specifically local or
unroutable traffic is bridged among the bridged interfaces in the same bridge group while routable
traffic is routed to other routed interfaces or bridge groups
P2C16 Network Protocols Configuration Guide Part Control Access to AppleTalk Networks
Using IRB you can do the following
Switch packets from bridged interface to routed interface
Switch packets from routed interface to bridged interface
Switch packets within the same bridge group
For more information about configuring integrated routing and bridging refer to the Configuring
Transparent Bridging chapter in the Bridging and IBM Networking Configuration Guide
Contro Access to AppHeTaDk Networks
An access list is list of AppleTalk network numbers zones or Name Binding Protocol NBP
named entities that is maintained by the Cisco lOS software and used to control access to or from
specific zones networks and NBP named entities
Types of Access Lists
The software supports the following two general types of AppleTalk access lists
AppleTalk-style access lists which are based on AppleTalk zones or NBP named entities
IP-style access lists which are based on network numbers
AppleTalk-Style Access Lists
AppleTalk-style access lists regulate the internetwork using zone names and NBP named entities
Using Zone Names
Zone names and NBP named entities are good control points because they allow for network-level
abstractions that users can access
You can express zones names either explicitly or by using generalized-argument keywords Thus
using AppleTalk zone name access lists simplifies network management and allows for greater
flexibility when adding segments because reconfiguration requirements are minimal Using
AppleTalk zone name access lists allows you to manage and control whole sections of the network
Using NBP Named Entities
NBP named entities allow you to control access at the object level Using NBP named entities you
can permit or deny NBP packets from class of objects based on the type portion of the NBP tuple
name from particular NBP named entity based on the object portion of the NBP tuple name or
from all NBP named entities within particular area based on the zone portion of the NBP tuple
name You can fully or partially qualify an NBP tuple name to refine the access control by specifying
one two or three parts of the NBP name tuple as separate access list entries tied together by the same
sequence number
Benefits of AppleTalk-Style Access Lists
The main advantage of AppleTalk-style access lists is that they allow you to define access regardless
of the existing network topology or any changes in future topologiesbecause they are based on
zones and NBP named entities zone access list is effectively dynamic list of network numbers
Configuring AppleTalk P2C-17 Control Access to AppleTalk Networks
but the effect is as if the user all the The user specifies zone name had specified network numbers
belonging to that zone An NBP named entity access list provides means of controlling access at
the network entity level
IP-Style Access Lists
IP-style access lists control network access based on network numbers This feature can be useful in
defining access lists that control the disposition of networks that overlap are contained by or exactly
match specific network number range
lists to resolve network numbers You Additionally you can use IP-style access conflicting can use
an access list to restrict the network numbers and zones that department can advertise thereby
limiting advertisement to an authorized set of networks AppleTalk-style access lists are typically
insufficient for this purpose
In general however using IP-style access lists is not recommended because the controls are not with optimal they ignore the logical mapping provided by AppleTalk zones One problem IP-style each access lists is that when you add networks to zone you must reconfigure secure router
add network if of Another problem is that because anyone can segments for example one group
this the users gets LaserWriter and installs Cayman GatorBox creates new network segment
potential for confusion and misconfiguration is significant
Combining AppIeTaIk-Stye and IF-Style Entries
You can combine zone network and NBP named entity entries in single access list Cisco lOS
software performs NBP filtering independently on only NBP packets The software applies network
filtering in conjunction with zone filtering However for optimal performance access lists should
not include both zones AppleTalk-style and numeric network IP-style entries
Because the Cisco lOS software applies network filtering and zone filtering simultaneously be sure
to add the appropriate access-list permit other-access or access-list permit additional-zones
statement to the end of the access list when using only one type of filtering For example suppose
You do not want to do network but the software you want to deny only zone any filtering by
default automatically includes an access-list deny other-access entry at the end of each access list
You must then create an access list that explicitly permits access of all networks Therefore the
access list for this example would have an access-list deny zone entry to deny zone an
access-list permit additional-zones entry to permit all other zones and an access-list permit
other-access to explicitly permit all networks
Types of Filters
You can filter the following types of AppleTalk packets
NBP packets
Data packets
Routing table updates
GetZoneList GZL request and reply packets
Zone Information Protocol ZIP reply packets
Table shows the Cisco lOS software filters for each packet type
P2C-18 Network Protocols Configuration Guide Part Implementation Considerations
Table Packet Type to Filter Mapping
Packet type Filters that can be applied
NBP packets appletalk access-group in
appletalk access-group out
Data packets appletalk access-group in
appletalk access-group out
Routing table update appletalk distribute-list in
appletalk distribute-list out
appletalk permit-partial-zones
appletalk zip-reply-filter
ZIP reply packets appletalk zip-reply-filter
GZL request and reply packets appletalk distribute-list in
appletalk distribute-list out
appletalk getzonelist-filter
appletalk permit-partial-zones
Note These types of filters are completely independent of each other This means that if for
example you apply data packet filter to an interface that filter has no effect on incoming routing
that interface The this that table updates or GZL requests that pass through exceptions to are
outgoing routing update filters can affect GZL updates and ZIP reply filters can affect outgoing
routing updates
Implementation Considerations
Unlike access lists in other protocols the order of the entries in an AppleTalk access list is not
constraints in mind important However keep the following when defining access lists
You must design and type access list entries properly to ensure that entries do not overlap each
other An example of an overlap is if you were to use permit network command and then use
deny network command If you do use entries that overlap the last one you used overwrites and
removes the previous one from the access list In this example this means that the permit
network statement would be removed from the access list when you typed the deny network statement
Each access list always has method for handling packets or routing updates that do not satisfy
of the control statements in the list any access access
To how these to be the explicitly specify you want packets or routing updates handled use
access-list other-access global configuration command when defining access conditions for
networks and cable ranges use the access-list additional-zones global configuration command
when defining access conditions for zones and use the access-list other-nbps global
configuration command when defining access conditions for NBP packets from named entities
If you use one of these commands it does not matter where in the list you place it The Cisco lOS
software automatically places an access-list deny other-access command at the end of the list
It also places access-list deny additional-zones and access-list deny other-nbps commands at
the end of the access list when zones and NBP access conditions are denied respectively With
other protocols you must type the equivalent commands last
how handle that do not If you do not explicitly specify to packets or routing updates satisfy any
of the access control statements in the access list the packets or routing updates are automatically
denied access and in the case of data packets are discarded
Configuring AppleTalk P2C-19 Control Access to AppleTalk Networks
Control Access to AppleTalk Networks Task List
You perform the tasks in the following sections to control access to AppleTalk networks
Create access lists
Create filters
Create Access Lists
An access list defines the conditions used to filter packets sent into or out of the interface Each
access list is identified by number All access-list commands that specify the same access list
number create single access list
number and combination commands single access list can contain any any of access-list You can
access-list and include network and cable range commands zone access-list commands NBP
in the named entity access-list commands same access list
if However you can specify only one each of the commands that specify default actions to take none
of the access conditions are matched For example single access list can include only one
access-list other-access command to handle networks and cable ranges that do not match the access
conditions only one access-list additional-zones command to handle zones that do not match the
access conditions and only one access-list other-nbps command to handle NBP packets from
named entities that do not match the access conditions
Set Priority Queuing
You can also set priorities for the order in which outgoing packets destined for specific network
are queued based on the access list
Note For priority queuing the Cisco lOS software applies the access list to the destination network
Automatic Fast Switching
AppleTalk access lists are automatically fast switched Access list fast switching improves the
performance of AppleTalk traffic when access lists are defined on an interface
Create AppleTalk-Style Access Lists
Complete the tasks in the following sections to create AppleTalk-style access lists
Create Zone Access Lists
Create Priority Queuing Access Lists
Create NBP Access Lists
P2C-20 Network Protocols Configuration Guide Part Create Access Lists
Create Zone Access Lists
To create access lists that define access conditions for zones AppleTalk-style access lists use one mode or more of the following commands in global configuration
Command Purpose
access-list access-list-number deny permit zone Define access for zone
zone-name
access-list access-list-number deny permit Define the default action to take for access checks
additional-zones that apply to zones
For examples of how to create access lists see the AppleTalk Access List Examples and Hiding
and Sharing Resources with Access List Examples sections at the end of this chapter
Create Priority Queuing Access Lists
To assign priority in which packets destined for specific zone will be queued based on the zone
access list use the following command in global configuration mode
Command Purpose
priority-list list-number protocol protocol-name Define access for single network number high medium normal low list
access-list-number
Create NBP Access Lists
To create access lists that define access conditions for NBP packets based on the NBP packet type
from particular NBP named entities from classes of NBP named entities or from NBP named
entities within particular zones use one or both of the following commands in global configuration mode
Command Purpose
Define for access-list access-list-number deny permit nbp access an NBP packet type NBP named
sequence-number BrRq FwdRq Lookup entity type of named entity or named entities within
LkReply object string type string zone string specific zone
access-list access-list-number deny permit Define the default action to take for access checks
other-nbps that apply to NBP named entities
For an example of how to create NBP packet filtering access lists see the Defining an Access List
to Filter NBP Packets Example section at the end of this chapter
Create IP-Style Access Lists
conditions for networks and To create access lists that define access cable ranges IP-style access
lists use one or more of the following commands in global configuration mode
Command Purpose
access-list Define for network access-list-number deny permit access single number network network
broadcast-permit
Configuring AppleTalk P2C-21 Control Access to AppleTalk Networks
Command Purpose
access-list access-list-number deny permit Define access for single cable range
cable-range cable-range
broadcast-permit
access-list access-list-number deny permit Define access for an extended or nonextended
network of includes cable-range that overlaps any part the specified range broadcast-permit
access-list access-list-number deny permit Define access for an extended or nonextended
within cable-range network that is included entirely within the specified
broadcast-permit range
access-list access-list-n umber deny permit Define the default action to take for access checks
other-access that apply to network numbers or cable ranges
Create Filters
of that filter examines specific types packets pass through an interface and permits or denies them
based on the conditions defined in the access lists that have been applied to that interface
sections Complete the tasks in the following to filter different types of AppleTalk packets
Create NBP Packet Filters
Create Data Packet Filters
Create Routing Table Update Filters
Create GetZoneList GZL Filters
Enable ZIP Reply Filters
Enable Partial Zone Filters
You number of filters each interface Each filter the list can apply any on can use same access or
different access lists Filters can be applied to inbound and outbound interfaces
Routing update filters data packet filters and ZIP reply filters use access lists that define conditions
for networks cable ranges and zones GZL filters use access lists that define conditions for zones
only NBP packet filters use access lists that define conditions for NBP named entities
Create NBP Packet Filters
To create an NBP packet filter first create an NBP access list as described in the Create NBP Access
Lists section of this chapter and then apply an NBP filter to an interface
To apply an NBP filter to an interface use the following command in interface configuration mode
Command Purpose
appletalk access-group access-list-n umber Apply the data packet filter to the interface out
Note Prior to Cisco lOS Release 11.2 all NBP access lists were applied to inbound interfaces by
default Using Cisco lOS 11.2 or later software the default interface direction for all access lists
including NBP access lists is outbound In order to retain the inbound direction of access lists
created with previous Cisco lOS software releases you must specify an inbound interface for all
NBP access lists using the appletalk access-group command
P2C-22 Network Protocols Configuration Guide Part Create Filters
Create Data Packet Filters
data packet filter checks data packets being received on and interface or sent out an interface If
the source network for the packets has access denied these packets are discarded
Data packet filters use access lists that define conditions for networks cable ranges and zones
When data filter that all networks you apply packet to an interface ensure or cable ranges within zone are governed by the same filters For example create filter that works in the following way
If the router receives packet from network that is in zone that contains an explicitly denied
network the router discards the packet
To create data packet filter first create network-only access list as described in the Create Zone Lists sections Access Lists and Create IP-Style Access of this chapter and then apply data
packet filter to an interface
To apply the data packet filter to an interface use the following command in interface configuration mode
Command Purpose
appletalk access-group access-list-number Apply the data packet filter to the interface
lin out
For an example of how to create data packet filters see the AppleTalk Access List Examples
section at the end of this chapter
Create Routing Table Update Filters
Routing table update filters control which updates the local routing table accepts and which routes
the local router advertises in its routing updates You create distribution lists to control the filtering
of routing updates
Filters for incoming routing updates use access lists that define conditions for networks and cable
ranges only Filters for outgoing routing updates use access lists that define conditions for networks and cable ranges and for zones
When each network number and cable in the is filtering incoming routing updates range update
checked against the access list If you have not applied an access list to the interface all network
numbers and cable in the added to the table If list has ranges routing update are routing an access
been the network numbers and cable that applied to interface only ranges are not explicitly or
implicitly denied are added to the routing table
The following conditions are also applied when filtering routing updates generated by the local
router
The is member of that is network number or cable range not zone explicitly or implicitly denied
If network partial zones are permitted at least one number or cable range that is member of the
zone is explicitly or implicitly permitted If partial zones are not permitted the default all members network numbers or cable ranges that are of the zone are explicitly or implicitly
permitted
Create Routing Table Update Filters for Incoming Updates
To create filter for routing table updates received on an interface create an access list as described
in the Create IP-Style Access Lists section of this chapter and then apply routing table update
filter to an interface
Configuring AppleTalk P2C-23 Control Access to AppleTalk Networks
Note Cisco lOS software ignores zone entries Therefore ensure that access lists used to filter
incoming routing updates do not contain any zone entries
To apply the filter to incoming routing updates on an interface use the following command in
interface configuration mode
Command Purpose
appletalk distribute-list access-list-number in Apply the routing update filter
For an example of how to create filter for incoming routing table updates see the AppleTalk
Access List Examples section at the end of this chapter
Create Routing Table Update Filters for Outgoing Updates
To create filter for routing table updates sent out from an interface create an access list as described
in the Create Zone Access Lists and Create IP-Style Access Lists sections of this chapter and
then apply routing table update filter to an interface
Note You can use zone entries in access lists used to filter outgoing routing updates
To apply filter to routing updates sent out from an interface use the following command in
interface configuration mode
Command Purpose
appletalk distribute-list access-list-nwnber out Apply the routing update filter
Note AppleTalk zone access lists on an Enhanced IGRP interface will not filter the distribution of
Enhanced IGRP routes When the appletalk distribute-list out command is applied to an Enhanced
IGRP access-list commands in the interface any zone specified access list will be ignored
Create GetZoneList GZL Filters
The Macintosh Chooser uses ZIP GZL requests to compile list of zones from which the user can
select the network the services Any router on same as Macintosh can respond to these requests with
GZL reply You can create GZL filter to control which zones the Cisco lOS software mentions
in its GZL replies This has the effect of controlling the list of zones that are displayed by the Chooser
When defining GZL filters you should ensure that all routers on the same network filter GZL replies
identically Otherwise the Chooser will list different zones depending on which device responded to
the inconsistent filters in request Also can result zones appearing and disappearing every few
seconds when remains in the the user Chooser Because of these inconsistencies you should
normally apply GZL filters only when all routers in the internetwork are Cisco routers unless the
routers from other vendors have similar feature
P2C-24 Network Protocols Configuration Guide Part Create Filters
When ZIP GZL reply is generated only zones that satisfy the following conditions are included
If at least network number cable partial zones are permitted one or range that is member of the
zone is explicitly or implicitly permitted
If not all network numbers partial zones are permitted the default or cable ranges that are
members of the zone are explicitly or implicitly permitted
The zone is explicitly or implicitly permitted
also filtered Replies to GZL requests are by any outgoing routing update filter that has been applied
to the interface GZL filter if same You must apply only you want additional filtering to be applied
to GZL replies This filter is rarely needed except to eliminate zones that do not contain user services
Using GZL filter is not complete replacement for anonymous network numbers To prevent users from seeing zone all routers must implement the GZL filter If any devices on the network are from
other vendors the GZL filter will not have consistent effect
To create GZL filter create an access list as described in the Create Zone Access Lists section of
this chapter and then apply GZL filter to an interface
To apply the GZL filter to an interface use the following command in interface configuration mode
Command Purpose
appletalk getzonelist-filter access-list-number Apply the GZL filter
For an example of how to create GZL filters see the GZL and ZIP Reply Filter Examples section
at the end of this chapter
Enable ZIP Reply Filters
ZIP reply filters limit the visibility of zones from routers in unprivileged regions throughout the
internetwork These filters filter the zone list for each network provided by router to neighboring
devices to remove restricted zones
ZIP reply filters apply to downstream routers not to end stations on networks attached to the local
router With ZIP reply filters when downstream routers request the names of zones in network the
local router replies with the names of visible zones only It does not reply with the names of zones
that have been hidden with ZIP reply filter To filter zones from end stations use GZL filters
ZIP reply filters determine which networks and cable ranges the Cisco lOS software sends out in
routing updates Before sending out routing updates the software excludes the networks and cable
ranges whose zones have been completely denied access by ZIP reply filters Excluding this
information ensures that routers receiving these routing updates do not send unnecessary ZIP
requests
To create ZIP reply filter create an access list as described in the Create Zone Access Lists
section of this chapter and then apply ZIP reply filter to an interface
To apply the ZIP reply filter to an interface use the following command in interface configuration mode
Command Purpose
appletalk zip-reply-filter access-list-number Apply the ZIP reply filter
For an example of how to create GZL and ZIP reply filters see the GZL and ZIP Reply Filter
Examples section at the end of this chapter
Configuring AppleTalk P2C-25 Configure the Name Display Facility
Enable Partial Zone Filters
network in is to that is also denied default If access to any zone denied access zone by However
other networks in that is denied if you enable partial zones access to zone no longer
The permitting of partial zones provides IP-style access control If enabled the access control list
behavior associated with prior software releases is restored In addition NBP cannot ensure
consistency and uniqueness of name bindings
maintain If you permit partial zones AppleTalk cannot consistency for the nodes in the affected
zones and the results are undefined With this option enabled an inconsistency is created for the
zone and several assumptions made by some AppleTalk protocols are no longer valid
To enable partial zone filters use the following command in global configuration mode
Command Purpose
appletalk peimit-partia1zones Permit access to networks in zone in which access
to anothei network in that zone is denied
Permitting partial zones affects the outgoing routing update and GZL filters
Configure the Name Dsplay FacUty
Protocol associates The AppleTalk Name Binding NBP AppleTalk network entity names that is
AppleTalk network-addressable services with network addresses NBP allows you to specify descriptive or symbolic names for entities instead of their numerical addresses When you specify
the name of an AppleTalk device NBP translates the devices entity name into the devices network address includes The name binding process name registration name confirmation name deletion and name lookup
Node addresses can change frequently because AppleTalk uses dynamic addresses Therefore NBP
associates numerical node addresses with aliases that continue to reference the correct addresses if
node addresses do the addresses change These not change very frequently because each device
keeps track of the last node number it was assigned Typically node numbers change only if device
is shut down for an extended period of time or if it is moved to another network segment
To control the name display facility use one or both of the following commands in global
configuration mode
Command Purpose
appletalk lookup-type service-type Specify which service types are retained in the name cache
appletalk name-lookup-interval seconds Set the interval between service pollings by the
router on its AppleTalk interfaces
Set Up SpecaD Configuraflons
To set up special configurations perform the tasks in the following sections based on desired service
implementations
Configure AURP
Configure Free-Trade Zones
Configure SNMP over DDP in AppleTalk Networks
Configure AppleTalk Tunneling
P2C-26 Network Protocols Configuration Guide Part Configure AURP
Configure AppleTalk MacIP
Configure IPTalk
Configure SMRP over AppleTalk
Configure AURP
The Protocol is AppleTalk Update Routing AURP standard Apple Computer routing protocol
that enhancements the provides to AppleTalk routing protocols that are compatible with AppleTalk
Phase The function is primary of AURP to connect two or more noncontiguous AppleTalk internetworks that are separated by non-AppleTalk network such as IP In these configurations would you want to use AURP instead of RTMP because AURP sends fewer routing packets than RTMP
You configure AURP on tunnel interface Tunneling encapsulates an AppleTalk packet inside an
IP packet which is sent across the backbone to destination router The destination device then
extracts the if routes it AppleTalk packet and necessary to an AppleTalk network The encapsulated
packet benefits from any features normally applied to IP packets including fragmentation default
routes and load balancing
After domain for you configure an AppleTalk AppleTalk interenterprise features you can apply the
features to tunnel interface configured for AURP by assigning the domain number to the interface
Since route redistribution is disabled by default you need to enable it by using the appletalk route-redistribution command Route redistribution is enabled by default only when Enhanced
IGRP is enabled
To configure AURP use the following commands beginning in global configuration mode
Step Command Purpose
appletalk route-redistribution Enable route redistribution
interface nwnber type Configure an interface to be used by the tunnel
ip address ip-address mask Configure an IP address
interface tunnel number Configure tunnel interface
appletalk protocol aurp Create an AURP routing process
tunnel source ip-address type number Specify the interface out of which the encapsulated
packets will be sent
tunnel destination hostname Specify the IP address of the router at the far end of ip-addiess the tunnel
tunnel mode aurp Enable AURP tunneling
You can configure AURP on tunnel interface to inherit AppleTalk interenterprise routing
remapping hop count reduction and loop detections characteristics configured for specific domain AppleTalk To do so these features must first be configured for the AppleTalk domain using the commands described in the tasks Enable AppleTalk Interenterprise Routing Remap Network
within the section Numbers and Control Hop Count Configure AppleTalk Interenterprise
Routing later in this chapter
Configuring AppleTalk P2C-27 Set Up Special Configurations
commands To configure AURP for AppleTalk interenterprise routing features use the following
starting in global configuration mode
Step Command Purpose
interface tunnel number Specify the tunnel interface
appletalk protocol aurp Create an AURP routing process
Enable AURP tunnel mode aurp tunneling
tunnel source ip-address type number Specify the interface out of which the encapsulated
packets will be sent
tunnel destination hostname Specify the IP address of the router at the far end of
the tunnel ip-address
the number of the appletalk domain-group doniain-nwnber Assign predefined AppleTalk domain to which the AppleTalk interenterprise
features aie configure to the tunnel interface
configured for AURP
For an example of how to configure AURP on tunnel interface to inherit AppleTalk interenterprise
routing features for specific AppleTalk domain see the AppleTalk Interenterprise Routing over
AURP Example section at the end of this chapter
seconds this the By default AURP sends routing updates every 30 To modify interval use following
command in global configuration mode
Command Purpose
appletalk aurp update-interval seconds Set the minimum interval between AURP routing updates
To set the AURP last-heard-from timer value use the following command in interface configuration mode
Command Purpose
Set the AURP last-heard-from timer value appletalk aurp tickle-time seconds
Configure Free-Trade Zones
free-trade zone is part of an AppleTalk internetwork that is accessible by two other parts of the
internetwork neither of which can access the other You might want to create free-trade zone to
allow the exchange of information between two organizations that otherwise want to keep their
internetworks isolated from each other or that do not have physical connectivity with one another
To establish free-trade zone use the following command in interface configuration mode
Command Purpose
appletalk free-trade-zone Establish free-trade zone
For an example of how to configure free-trade zone see the Hiding and Sharing Resources with
Access List Examples section and the Establishing Free-Trade Zone Example section at the end
of this chapter
P2C-28 Network Protocols Configuration Guide Part Configure SNMP over DDP in AppleTalk Networks
Configure SNMP over DDP in AppleTalk Networks
The Simple Network Management Protocol SNMP normally uses the IP connectionless datagram service the User Datagram Protocol UDP to monitor network entities The Cisco lOS software lets you run SNMP using Datagram Delivery Protocol DDP the AppleTalk datagram service Use DDP if you have SNMP consoles running on Macintosh
You must configure AppleTalk routing globally and on an interface basis before you configure
SNMP for the router therefore you need to disable SNMP as shown in the following command table
To configure SNMP in AppleTalk networks use the following commands starting in global
configuration mode
Step Command Purpose
no snmp server Disable SNMP
appletalk routing Enable AppleTalk routing
appletalk event-logging Enable AppleTalk event logging
interface type number Enter interface configuration mode
ip address ip-address mask Enable IP routing on the interface
appletalk cable-range cable-range Enable AppleTalk routing on the interface ode
appletalk zone zone-name Set zone name for the AppleTalk network
snmp-server community string Enable SNMP server operations
For an example of how to configure SNMP see the SNMP Example section at the end of this
chapter
For information about configuring SNMP refer to the Monitoring the Router and Network chapter
in the Configuration Fundamentals Configuration Guide
Configure AppleTalk Tunneling
When connecting two AppleTalk networks with non-AppleTalk backbone such as IP the relatively
high bandwidth consumed by the broadcasting of Routing Table Maintenance Protocol RTMP data
packets can severely hamper the backbone network performance You can solve this problem by
tunneling AppleTalk through foreign protocol such as IP Tunneling encapsulates an AppleTalk
packet inside the foreign protocol packet which is then sent across the backbone to destination
router The destination router then de-encapsulates the AppleTalk packet and if necessary routes the
packet to normal AppleTalk network Because the encapsulated AppleTalk packet is sent in directed manner to remote IP address bandwidth usage is greatly reduced Furthermore the
encapsulated packet benefits from any features normally enjoyed by IP packets including default
routes and load balancing
There are two ways to tunnel AppleTalk The first method implements Cayman tunneling as
designed by Cayman Systems This method enables routers to interoperate with Cayman
GatorBoxes The second method is proprietary tunnel protocol known as generic routing
encapsulation GRE
When you use Cayman tunneling you can have Cisco routers at either end of the tunnel or you can have GatorBox at one end and Cisco router at the other end When you use GRE tunneling you
must have Cisco routers at both ends of the tunnel connection
Configuring AppleTalk P2C-29 Set Up Special Configurations
Multiple tunnels originating from the router are supported
links This that tunnel for each Logically tunnels are point-to-point requires you configure separate link
To configure Cayman tunnel use the following commands in interface configuration mode
Step Command Purpose
interface tunnel number Configure tunnel interface
tunnel source ip-address type number Specify the interface out of which the
encapsulated packets will be sent
tunnel destination hostname ip-address Specify the IP address of the router at the far end
of the tunnel
tunnel mode cayman Enable Cayman tunneling
Caution Do not configure Cayman tunnel with an AppleTalk network address
To configure GRE tunnel use the following commands in interface configuration mode
Step Command Purpose
interface tunnel number Configure tunnel interface
tunnel source ip-address type number Specify the interface out of which the
encapsulated packets will be sent
tunnel destination hostname ip-address Specify the IP address of the router at the far end
of the tunnel
tunnel mode gre ip Enable GRE tunneling
Configure AppleTalk MacIP
Cisco lOS software implements MacIP which is protocol that allows routing of IP datagrams to IP
clients using the DDP for low-level encapsulation
Cisco Implementation of AppleTalk MaciP
Cisco lOS software implements the MacIP address management and routing services described in
the draft Internet RFC Standard for the Transmission of Internet Packets over AppleTalk
Networks Our implementation of MacIP conforms to the September 1991 draft RFC with the
following exceptions
The software does not fragment IP datagrams that exceed the DDP maximum transmission unit
MTU and that are bound for DDP clients of MacIP
The software does not route to DDP clients outside of configured MacTP client ranges
When to Use AppleTalk MacIP
Some situations require the use of MacIP For example if some of your Macintosh users use
AppleTalk Remote Access or are connected to the network using LocalTalk or PhoneNet cabling
systems then MacIP is required to provide access to IP network servers for those users
MacIP services also can be useful when you are managing IP address allocations for large dynamic
Macintosh population
P2C-30 Network Protocols Configuration Guide Part Configure AppleTalk MaciP
Advantages of Using MaciP
The following are advantages to using MacIP when you are managing IP address allocations for
large dynamic Macintosh population
Macintosh TCP/IP drivers can be configured in completely standard way regardless of the location of the Macintosh Essentially the dynamic properties of AppleTalk address management
become available for IP address allocation
You can modify all global parameters such as IP subnet masks DNS services and default
routers Macintosh IP users receive the updates by restarting their local TCP/IP drivers
The network administrator monitor can MacIP address allocations and packet statistics remotely
by using the Telnet application to attach to the console This allows central administration of IP
allocations in remote locations For Internet sites it allows remote technical assistance
Implementation Considerations
Consider the following items when implementing MacIP on Cisco routers
Each from Macintosh client destined for IP host vice packet an or versa must pass through the
router if the client is the device MacIP The is using as server router not always necessary hop
so this increases traffic through the device There is also slight increase in CPU use that is
directly proportional to the number of packets delivered to and from active MacIP clients
Memory usage increases in direct proportion to the total number of active MacIP clients about
80 bytes per client
when the Cisco Also you configure MacIP on lOS software you must configure AppleTalk as follows
AppleTalk routing must be enabled on at least one interface
IP routing must be enabled on at least one interface
The MacIP zone name you configure must be associated with configured or seeded zone name
The MacIP server must reside in the AppleTalk zone
Any IF address specified in configuring MacIP server using an appletalk macip command
must be associated to specific IP interface on the router Because the Cisco lOS software is
acting as proxy for MacIP clients you must use an IP address to which ARP can respond
If you are using MacIP to allow Macintoshes to communicate with IP hosts on the same LAN
segment that is the Macintoshes are on the router interface on which MacIP is configured and
the IP hosts have extended IP access lists these access lists should include entries to permit IP
traffic destined for these IP hosts from the MacIF addresses If these entries are not present
packets destined for IP hosts on the local segment will be blocked that is they will not be forwarded
When MacIP the address setting up routing keep following range issues in mind
Static and dynamic resource statements are cumulative and you can specify as many as
if should necessary However possible you specify single all-inclusive range rather than several adjacent ranges For example specifying the range 131.108.121.1 to 131.108.121.10 is
preferable to specifying the ranges 131.108.121.1 to 131108.121.5 and 131.108.121.6 to 131.108.121.10
Configuring AppleTalk P2C-31 Set Up Special Configurations
Overlapping resource ranges for example 131.108.1211 to 131.108.121.5 and 131.108.121.5
to 131.108.121.10 are not allowed If it is necessary to change range in running server use
the negative form of the resource address assignment command such as no appletalk macip
dynamic ip-address ip-address zone server-zone to delete the original range followed by the
corrected range statement
You can add IP address allocations to running server at any time as long as the new address of the current range does not overlap with one ranges
Configure AppleTalk MaciP Task List
To configure MacIP perform the following tasks
Establish MacIP Server for Zone
Allocate IP Addresses for Macintosh Users You do this by specifying at least one dynamic or
static resource address assignment command for each MacIP server
Establish MacP Server for Zone
To establish MacIP server for specific zone use the following command in global configuration mode
Command Purpose
appletalk macip server ip-address zone Establish MacIP server for zone
server-zone
Note Note that the MacIP serve must reside in the default AppleTalk zone
You can configure multiple MacIP servers for router but you can assign only one MacIP server to zone and you can assign only one IP interface to MacIP server In general you must be able to establish an alias between the IP address you assign with the appletalk macip server global configuration command and an existing IP interface For implementation simplicity the address you
specify in this command should match an existing IP interface address
server is not registered by NBP until at least one MacIP resource is configured
Allocate IP Addresses for Macintosh Users
You allocate IP Addresses for Macintosh users by specifying at least one dynamic or static resource
address assignment command for each MacIP server
Allocate IF Addresses Using Dynamic Addresses
Dynamic clients are those that accept any IP address assignment within the dynamic range specified
Dynamic addresses are for users who do not require fixed address but can be assigned addresses from pool
P2C-32 Network Protocols Configuration Guide Part Configure IPTaIk
To allocate IP addresses for Macintosh if users you are using dynamic addresses use the following
command in global configuration mode
Command Purpose
appletalk macip dynamic ip-address rip-address Allocate an IP address to MacIF client
zone server-zone
For an of MacIP with the example configuring dynamic addresses see AppleTalk Interenterprise section Routing over AURP Example at the end of this chapter
Allocate IF Addresses Using Static Addresses
Static addresses are for users who require fixed addresses for IP DNS services and for administrators who do not want addresses to change so they always know the IP addresses of the devices on their network
To allocate IP addresses for Macintosh if static users you are using addresses use the following command in global configuration mode
Command Purpose
appletalk macip static ip-address zone Allocate an IP address to be used by MacIP client
server-zone that has reserved static IP address
For an of with static example configuring MacIP addresses see the MacIP Examples section at the
end of this chapter
In it is recommended that do not use address general you fragmented ranges in configuring ranges
for MacIP However if this is use the unavoidable appletalk macip dynamic command to specify
as addresses or as and use the many ranges required appletalk macip static command to assign specific address or address range
Configure IPTaIk
IPTalk is protocol for encapsulating AppleTalk packets in IP datagrams IPTalk is used to route backbones AppleTalk packets across non-AppleTalk and to communicate with applications on hosts that cannot otherwise communicate via AppleTalk such as the Columbia AppleTalk Package CAP IPTalk also allows serial connections to use IPTalk Serial Line Internet Protocol SLIP drivers
If is Sun your system or Digital Equipment Corporation ULTRIX system it may be possible to run
CAP in mode that EtherTalk In this would look like directly supports case your system any other node and does need AppleTalk not any special IPTa1k support However other UNIX systems for
which EtherTalk is in support not available CAP must run CAP in mode that depends upon IPTalk
The installation instructions for CAP refer to Kinetics IP KIP gateways and to the file ataikatab If Cisco IPTalk you use support it is not necessary nor is it desirable to use atalkatab Cisco IPTalk
that support assumes you want to use the standard AppleTalk routing protocols to perform all wide-area AppleTalk routing KIP and atalkatab are based on an alternative routing strategy in which
AppleTalk packets are transmitted using IP louting It is possible to use both strategies at the same the time however interaction between the two routing techniques is not well defined
Configuring AppleTalk P2C-33 Set Up Special Configurations
other vendors routers that should disable atalkatab If your network has support ataikatab you
avoid the The installation instructions with support on them to mixing routing strategies provided with Cisco some of these products encourage you to use ataikatab for complex networks However because of IPTalk IPTalk into the routers this is not necessary our implementation integrates
standard AppleTalk network routing
The network diagram in Figure illustrates how you should set up IPTalk In this configuration you enable both standard AppleTalk EtherTalk and IPTalk on the Ethernet networks on Router and
Router These routers then use EtherTalk to communicate with the LocalTalk routers and
Macintosh computers and IPTalk to communicate with the UNIX systems On the LocalTalk
routers you also should enable both EtherTalk and IPTalk making sure you configure IPTalk with
atalkatab disabled These routers then use IPTalk to communicate with the UNIX systems adjacent
to them and EtherTalk to communicate with the remainder of the AppleTalk network This
the number of between routers If did not enable IPTalk configuration strategy minimizes hops you
the LocalTalk router that wanted to communicate with the on the LocalTalk routers systems on
Router Router This creates adjacent UNIX system would have to go through or an unnecessary extra hop
sides of the Note In the configuration in Figure all traffic between systems on the left and right
packet-switched network transit via Routers and using AppleTalk routing If you were to enable
LocalTalk this would establish hidden between Routers atalkatab support on the routers path in and unknown to the standard AppleTalk routing protocols In large network this could result
traffic taking inexplicable routes
Figure IPTaIk Configuration Example
UNIX system Macintosh Macintosh UNIX system
U- LocalTalk LocalTalk Roufe Router
LocalTalk LocalTalk
To configure IPTa1k on an interface perform the following tasks
Configure IP encapsulation of AppleTalk packets
used in Specify the UDP port number that is the beginning of the range of UDP ports mapping
AppleTalk well-known DDP socket numbers to UDP ports
P2C-34 Network Protocols Configuration Guide Part Configure IPTaIk
Configure IP Encapsulation of AppleTalk Packets
To allow AppleTalk to communicate with UNIX hosts running older versions of CAP that do not native EtherTalk support AppleTalk encapsulations you must configure IF encapsulation of AppleTalk packets Typically Apple Macintosh users would communicate with these servers by routing their connections through Kinetics FastPath router running KIP software Newer versions of CAP native EtherTalk provide AppleTalk encapsulations so the IPTalk encapsulation is no longer Cisco of IPTalk required implementation assumes that AppleTalk is already being routed on the
backbone because there is currently no LocalTalk hardware interface for our routers
You configure IPTalk on tunnel interface Tunneling encapsulates an AppleTalk packet inside an
IP packet which is sent across the backbone to destination router The destination device then
the extracts AppleTalk packet and if necessary routes it to an AppleTalk network The encapsulated
packet benefits from any features normally applied to IP packets including fragmentation default
routes and load balancing
Cisco implementation of IPTalk does not support manually configured AppleTalk-to-IF-address
mapping The address mapping provided is the same as the Kinetics IPTalk implementation when
AppleTalk-to-IP-address mapping is not enabled This address mapping works as follows The IP
subnet mask used the tunnel interface on router source on which IPTalk is enabled is inverted ones
complement The result is then masked against 255 OxFF hexadecimal and the result of this is
then masked against the low-order bits of the IP address to give the AppleTalk node number
The following example configuration illustrates how the address mapping is done
interface EthernetO ipaddress 172.16.1.118 255.255.255.0 appletalk address 20.129 appletalk zone Native AppleTalk interface TunnelO tunnel source EthernetO tunnel mode iptalk appletalk iptalk 30 UDPZone
First the IF subnet mask of 255.255.255.0 is inverted to give 0.0.0.255 This value then is masked
with 255 to give 255 Next 255 is masked with the low-order bits of the interface IP address 118
to yield an AppleTalk node number of 118 This means that the AppleTalk address of the Ethernet
interface seen in the UDPZone zone is 30.118
Note If the host field of an IF subnet mask for an interface is longer than bits it will be possible obtain to conflicting AppleTalk node numbers For instance if the subnet mask for the Ethernet
interface above is 255.255.240.0 the host field is 12 bits wide
To configure IF encapsulation of AppleTalk packets use the following commands in interface
configuration mode
Step Command Purpose
interface type nwnber Configure an interface to be used by the tunnel
ip address ip-address mask Configure an IP address
interface tunnel number Configure tunnel interface
tunnel source ip-address type number Specify the interface out of which the encapsulated
packets will be sent
tunnel mode iptalk Enable IPTalk tunneling
configuring AppleTalk P2C-35 Set Up Special Configurations
For an example of configuring IPTalk see the IPTalk Example section at the end of this chapter
Specify the UDP Port Ranges
well-known socket numbers to Implementations of IPTalk prior to April 1988 mapped DDP the Network Information Center privileged UDP ports starting at port number 768 In April 1988 well-known sockets at UDP NIC assigned range of UDP ports for the defined DDP starting port and at-zis Release and number 200 and assigned these ports the names at-nbp at-rtmp at-echo
If there later of the CAP program dynamically decides which port mapping to use are no AppleTalk older at service entries in the UNIX systems /etc/services file CAP uses the mapping starting UDP
port number 768
768 If there The default UDP port mapping supported by our implementation of IPTalk is are
AppleTalk service entries in the UNIX systems /etc/services file you should specify the beginning
of the UDP port mapping range
number that is the of the of used in To specify the UDP port beginning range UDP ports mapping in AppleTalk well-known DDP socket numbers to UDP ports use the following command global
configuration mode
Command Purpose
number appletalk iptalk-baseport Specify the starting UDP port
For an example of configuring IPTalk see the IPTalk Example section at the end of this chapter
Configure SMRP over AppleTalk
The Simple Multicast Routing Protocol SMRP provides an internetwork-wide multicast service
stations internetwork with that supports the sending of data from single station to multiple on an
best-effort of minimal packet replication SMRP is connectionless protocol that provides delivery
in multicast packets SMRP operates independently of the network layer use SMRP supports
routing of multicast packets to multicast groups
Ciscos current implementation of SMRP provides multicast routing functions over AppleTalk
allow for networks Advanced multimedia applications such as QuickTime Conferencing QTC members two or more machines to communicate in session By routing AppleTalk packets to all an economical and of multipoint group without replicating packets on link SMRP presents
this kind of communication while network bandwidth efficient way to support conserving
Ciscos implementation of SMRP can be characterized by the following aspects
Group membership services that determine which hosts receive multicast traffic SMRP allows
host to register dynamically for the multicast sessions in which it elects to participate
that Cisco the to the Dynamic multicast routing gives routers ability dynamically identify
multicast traffic optimum path for AppleTalk
Just-in-time packet replication services that duplicate packet when it reaches forks in the send of each each groups destination path Cisco routers only one copy packet over physical network
Fast switching of SMRP data packets that allows higher data traffic throughput and less CPU
utilization
of network The Figure shows how SMRP multicasting packets proceeds across an AppleTalk network source router Router sends multicast packet only once on the local AppleTalk
P2C-36 Network Protocols Configuration Guide Part Configure SMRP over AppleTalk
Figure SMAP Packet Transmission over AppleTalk
Transmits Duplicates
single packet packet
Routeri Router
kSlytopods
with group members
Applications produced by Apple Computer Inc such as QTC will support SMRP To provide this Cisco and support Systems Apple Computer Inc have entered into partnership becoming the first internetworking vendors to license the SMRP technology
To enable SMRP routing over AppleTalk networks use the following command in global configuration mode
Command Purpose smrp routing Enable SMRP
To configure SMRP over AppleTalk for specific interface use the following command in interface configuration mode
Command Purpose snirp protocol appletalk Configure an SMRP on the interface beginning-endj
Note The to the cable network-range maps AppleTalk range by default
Fast switching allows higher throughput by switching packet using cache created by previous packets By default fast switching is enabled on all SMRP ports network protocol and interface comprise an SMRP port
the table forward SMRP uses forwarding to packets for particular SMRP group For each group the forwarding table lists the parent interface and address and one or more child interfaces and addresses When data for arrives an SMRP group on the parent interface the router forwards it to each child interface The SMRP fast switching cache table specifies whether or not to fast switch
SMRP data packets out the interfaces specified by the forwarding table
To disable SMRP fast switching on an interface use the following command from interface configuration mode
Command Purpose no smrp mroute-cache protocol appletalk Disable SMRP fast switching on an interface
Configuring AppleTalk P2C-37 Configure AppleTalk Control Protocol for Point-to-Point Protocol
Configure AppeTak Contro ProtocoD for Pont4oPont Protoco
Cisco to You can configure an asynchronous interface including the auxiliary port on some routers
into the use AppleTalk Control Protocol ATCP so that users can access AppleTalk zones by dialing router via Point-to-Point Protocol PPP to this interface This is done through negotiation protocol and IP as defined in RFC 1378 Users accessing the network with ATCP can run AppleTalk natively available zones from the Chooser use networked on remote Macintosh access any AppleTalk other Macintosh peripherals and share files with users
This is virtual You create an internal network with the appletalk internal-network command
internetwork the server network and exists Qnly for accessing an AppleTalk through
the virtual-net command and use new zone To create new AppleTalk zone issue appletalk
associated with this To add network numbers name this network number is then the only one zone in the the network number is to an existing AppleTalk zone use the existing zone name command
then added to the existing zone
Routing is not supported on these interfaces
To enable ATCP for PPP use the following commands in interface configuration asynchronous mode
Step Command Purpose
interface interface async number Specify an asynchronous
Create internal network on the server appletalk virtual-net network-number an zone-name
Enable PPP the interface encapsulation ppp encapsulation on
Enable client-mode the interface appletalk client-mode on
For an example of configuring ATCP see the AppleTalk Control Protocol Example section at the
end of this chapter
Tune AppHeTak Network Performance
To tune AppleTalk network performance you can perform one or more of the tasks described in the
following sections
Control Routing Updates
Assign Proxy Network Numbers
Enable Round-Robin Load Sharing
Disable Checksum Generation and Verification
Control the AppleTalk ARP Table
Control the Delay Between ZIP Queries
Log Significant Network Events
Disable Fast Switching
P2C-38 Network Protocols Configuration Guide Part Control Routing Updates
Control Routing Updates
The Table Maintenance Protocol establishes and maintains Routing RTMP the AppleTalk routing table You can perform the tasks in the following sections to control packet routing and control
routing updates
Disable the Processing of Routed RTMP Packets
Enable RTMP Stub Mode
Disable the Transmission of Routing Updates
Prevent the Advertisement of Routes to Networks with No Associated Zones
Set Routing Table Update Timers
Set Routing Update Interval Timer
Disable the Processing of Routed RTMP Packets
default the Cisco lOS software strict which discards By performs RTMP checking any RTMP
packets sent by routers not directly connected to the local device that is sent by devices that are not
neighbors This means that the local router does not accept any routed RTMP packets whose source
is remote network
In almost all situations you should leave RTMP checking enabled
To disable RTMP checking and enable the processing of routed RTMP packets use the following
command in global configuration mode
Command Purpose
no appletalk strict-rtmp-checking Disable strict checking of RTMP updates
Enable RTMP Stub Mode
You enable can AppleTalk RTMP stub mode This mode allows routers running Enhanced IGRP and RTMP to reduce the amount of CPU time that RTMP modules use In this mode RTMP modules
send and receive only stub RTMP packets
stub is packet only the first tuple of an RTMP packet The first tuple indicates the network number
range assigned to that network End nodes use stub packets to determine if their node number is in the right network range
To enable AppleTalk RTMP stub mode use the following command in interface configuration mode
Command Purpose
appletalk rtmp-stub Enable RTMP stub mode
Disable the Transmission of Routing Updates
By default routers receive routing updates from their neighboring devices and periodically send
routing updates to their neighbors You can configure the Cisco 105 software so that it only receives
routing updates but does not send any updates You might want to do this to keep particular router
that is unreliable from sending routing updates to its neighbors
Configuring AppleTalk P2C-39 Tune AppleTalk Network Performance
To disable the transmission of routing updates use the following conmand in interface configuration mode
Command Purpose
no appletalk sendrtmps Disable the transmission of routing updates on an
interface
Prevent the Advertisement of Routes to Networks with No Associated Zones
NBP uses ZIP to determine which networks belong to which zones The Cisco lOS software uses
ZIP to maintain table of the AppleTalk internetwork that maps network numbers to zone names
This By default the software does not advertise routes to networks that have no associated zones
of ZIP which arise when routes are prevents the occurrence protocol storms can corrupt propagated
and routers broadcast ZIP requests to determine the network-zone associations By not advertising
routes to networks that do not have associated zones you limit any ZIP protocol storms to single
network rather than allowing them to spread to the entire internetwork
To allow the advertisement of routes to networks that have no associated zones use the following
command in global configuration mode
Command Purpose
no appletalk require-route-zones Allow the advertisement of routes to networks that
have no associated zones
this is The user zone lists can be configured to vary from interface to interface However practice
node in the discouraged because AppleTalk users expect to have the same user zone lists at any end
internetwork This kind of filtering does not prevent explicit access via programmatic methods but
should be considered user optimization whereby unused zones are suppressed Use other forms of
AppleTalk access control lists to actually secure zone or network
Set Routing Table Update Timers
Cisco lOS software sends routing table updates at regular intervals In iare instances you might want
to change this interval such as when router is busy and cannot send routing updates every
10 seconds or when slower devices are incapable of processing received routing updates in large
network If you do change the routing update interval you must do so for all devices on the network
Caution Modifying the iouting timers can degrade or destroy AppleTalk network connectivity Many other
AppleTalk router vendors provide no facility for modifying their routing timers so adjusting Cisco AppleTalk
timers such that routing updates do not arrive at these other routers within the normal interval might result in
loss of information about the network or loss of connectivity
To change the routing table update timers use the following command in global configuration mode
Command Purpose
appletalk timers update-interval valid-interval Change the routing update timers
invalidinterval
P2C-40 Network Protocols Configuration Guide Part Assign Proxy Network Numbers
Set Routing Update Interval Timer
The interval between subsequent routing updates is randomized to reduce the probability of
synchronization with the routing updates from other routers on the same link This is done by
maintaining separate transmission interval timer for each advertising interface
To set interval timer on router between subsequent routing updates use the following command in
global configuration mode
Command Purpose
appletalk rtmp jitter percent Set interval timer between subsequent routing updates
Assign Proxy Network Numbers
It is possible to have an AppleTalk internetwork in which some routers support only nonextended
AppleTalk and others support only extended AppleTalk You can enable interoperability between these two types of AppleTalk networks by assigning proxy network number for each zone in which
there is device that supports only nonextended AppleTalk
To assign proxy network numbers use the following command in global configuration mode
Command Purpose
appletalk proxy-nbp network-number zone-name Assign proxy network number for each zone in
which there is device that supports only
nonextended AppleTalk
For of how network the an example to configure proxy numbers see Proxy Network Number
Example section at the end of this chapter
Caution network number Do not also assign the proxy to router or to physical network
number for each You must assign one proxy network zone You can optionally define additional proxies with different network numbers to provide redundancy Each proxy network number
generates one or more packets for each forward request it receives but discards all other packets sent
it to Thus defining redundant proxy network numbers increases the NBP traffic linearly
Enable RoundRobin Load Sharing
In order to increase throughput in the network router can use multiple equal-cost paths to reach
destination By default the router picks one best path and sends all traffic using this path You can
configure the router to remember two or more paths that have equal costs and to balance the traffic
load across all of the available paths Note that when paths have differing costs the Cisco lOS
software chooses lower-cost routes in preference to higher-cost routes
The software then distributes output on packet-by-packet basis in round-robin fashion That is the
first packet is sent along the first path the second packet along the second path and so on When the
final path is reached the next packet is sent to the first path the next to the second path and so on
This round-robin scheme is used regardless of whether fast switching is enabled
Limiting the number of equal-cost paths can save memory on routers with limited memory or with
very large configurations Additionally in networks with large number of multiple paths and
systems with limited ability to cache out-of-sequence packets performance might suffer when traffic
is split between many paths
Configuring AppleTalk P2C-41 Tune AppleTalk Network Performance
To set the maximum number of paths use the following command in global configuration mode
Command Purpose
appletalk maximum-paths paths Set the maximum number of equal-cost paths to
destination
Disable Checksum Generation and Verification
By default the Cisco lOS software generates and verifies checksums for all AppleTalk packets except routed packets You might want to disable checksum generation and verification if you have
older devices such as LaserWriter printers that cannot receive packets with checksums
To disable checksum generation and verification use the following command in global configuration mode
Command Purpose
no appletalk checksum Disable the generation and verification of
checksums for all AppleTalk packets
Control the AppleTalk ARP Table
You can use the following tasks to control the AppleTalk ARP table
Set the timeout for ARP table entries
Specify the time interval between the retransmission of ARP packets
Specify the number of ARP retransmissions
Disable the gleaning of ARP information from incoming packets
By default entries in the AppleTalk ARP table are removed from the table if no update has been
received in the last hours To change the ARP timeout interval use the following command in
inteiface configuration mode
Command Purpose
appletalk arp-timeout interval Set the timeout for ARP table entries
AppleTalk ARP associates AppleTalk network addresses with media data link addresses When
AppleTalk must send packet to another network node the protocol address is passed to AppleTalk
ARP which undertakes series of address negotiations to associate the protocol address with the media address
If network has devices that and overloaded file your AppleTalk respond slowly such as printers
servers you can lengthen the interval between AppleTalk ARP packets in order to allow the from these devices to be received To do both of the commands responses this use one or following
in global configuration mode
Command Purpose
of appletalk arp request interval interval Specify the time interval between retransmission ARP packets
appletalk arp request retransmit-count Specify the number of retransmissions that will
number occur before abandoning address negotiations and
using the selected address
P2C-42 Network Protocols Configuration Guide Part Control the Delay Between ZIP Queries
The Cisco lOS software automatically derives ARP table entries from incoming packets This
is referred the of the process to as gleaning Gleaning speeds up process populating ARP table To
disable the gleaning of ARP table entries use the following command in interface configuration mode
Command Purpose
no appletalk glean-packets Disable the gleaning of ARP information from incoming packets
Control the Delay Between ZIP Queries
By default the Cisco lOS software sends ZIP queries every 10 seconds and uses the information
received to update its zone table To change the ZIP query interval use the following command in
global configuration mode
Command Purpose
appletalk zip-query-interval interval Set the ZIP query interval
Log Significant Network Events
You can log information about significant network events performed on the router including routing
changes zone creation port status and address To do this use the following command in global
configuration mode
Command Purpose
appletalk event-logging Log significant events
Disable Fast Switching
Fast switching allows higher thioughput by switching packet using cache created by previous
packets Fast switching is enabled by default on all interfaces that support fast switching
Packet transfer performance is generally better when fast switching is enabled However you may
want to disable fast switching in order to save memory space on interface cards and to help avoid
congestion when high-bandwidth interfaces are writing large amounts of information to
low-bandwidth interfaces
To disable AppleTalk fast switching on an interface use the following command in interface
configuration mode
Command Purpose
no appletalk route-cache Disable AppleTalk fast switching
Configure AppeTaHk Enhanced DGRP
Enhanced IGRP is an enhanced version of the Interior Gateway Routing Protocol IGRP developed
by Cisco Systems Inc Enhanced IGRP uses the same distance vector algorithm and distance information the as IGRP However the convergence properties and operating efficiency of Enhanced
IGRP have improved significantly over IGRP
Configuring AppleTalk P2C-43 Configure AppleTalk Enhanced IGRP
Benefits of Using AppleTalk Enhanced IGRP
Because Enhanced IGRP supports AppleTalk IPX and IP you can use one routing protocol for
multiprotocol network environments minimizing the size of the routing tables and the amount of
routing information
Convergence Technology
based research conducted The convergence technology is on at SRI International and employs an algorithm referred to as the Diffusing Update Algorithm DUAL This algorithm guarantees
loop-free operation at every instant throughout route computation and allows all routers involved
in topology change to synchronize at the same time Devices that are not affected by topology
changes are not involved in recomputations The convergence time with DUAL rivals that of any
other existing routing protocol
Enhanced IGRP Features
Enhanced IGRP offers the following features
Fast convergenceThe DUAL algorithm allows routing information to converge extremely
quickly
Partial updatesEnhanced IGRP sends incremental updates when the state of destination changes instead of sending the entire contents of the routing table This feature minimizes the
bandwidth required for Enhanced IGRP packets
Neighbor discovery mechanismThis is simple hello mechanism used to learn about
neighboring routers It is protocol-independent
ScalingEnhanced IGRP scales to large networks
Enhanced IGRP Components
Enhanced IGRP has the following four basic components
Neighbor Discovery/Recovery
Reliable Transport Protocol
DUAL Finite-State Machine
Protocol-Dependent Modules
Neighbor Discovery/Recovery
Neighbor discovery/recovery is the process that routers use to dynamically learn of other routers on
their directly attached networks Routers must also discover when their neighbors become
unreachable or inoperative Neighbor discovery/recovery is achieved with low overhead by
periodically sending small hello packets As long as hello packets are received device can
determine that neighbor is alive and functioning Once this status is determined the neighboring
routers can exchange routing information
P2C-44 Network Protocols Configuration Guide Part Ciscos Enhanced IGRP Implementation
Reliable Transport Protocol
The reliable transport protocol is responsible for guaranteed ordered delivery of Enhanced IGRP
packets to all neighbors It supports intermixed transmission of multicast and unicast packets Some
Enhanced IGRP packets must be transmitted reliably and others need not be For efficiency
is when For multiaccess reliability provided only necessary example on network that has multicast
it is send hellos capabilities such as Ethernet not necessary to reliably to all neighbors individually
Therefore Enhanced IGRP sends single multicast hello with an indication in the packet informing
the receivers that the packet need not be acknowledged Other types of packets such as updates
this is indicated in the The require acknowledgment and packet reliable transport has provision
there to send multicast packets quickly when are unacknowledged packets pending Doing so helps
in the ensure that convergence time remains low presence of varying speed links
DUAL Finite-State Machine
The DUAL finite-state machine embodies the decision process for all route computations It tracks
all routes advertised by all neighbors DUAL uses the distance information as routing metric to
select efficient loop-free paths DUAL selects routes to be inserted into routing table based on
feasible successors successor is neighboring router used for packet forwarding that has
least-cost path to destination that is guaranteed not to be part of routing loop When there are no
feasible successors but there are neighbors advertising the destination recomputation must occur
This is the process whereby new successor is determined The amount of time it takes to recompute
the route affects the convergence time Recomputation is processor-intensive It is advantageous to
avoid recomputation if it is not necessary When topology change occurs DUAL will test for
feasible If feasible will them in order successors successors exist DUAL use to avoid unnecessary
recomputation
Protocol-Dependent Modules
The protocol-dependent modules are responsible for network layer protocol-specific tasks They are
also responsible for parsing Enhanced IGRP packets and informing DUAL of the new information
received Enhanced IGRP asks DUAL to make routing decisions but the results are stored in the
AppleTalk routing table Also Enhanced IGRP is responsible for redistributing routes learned by
other AppleTalk routing protocols
Ciscos Enhanced IGRP Implementation
AppleTalk Enhanced IGRP provides the following features
Automatic redistributionBy default AppleTalk RTMP routes are automatically redistributed
into Enhanced IGRP and AppleTalk Enhanced IGRP routes are automatically redistributed into RTMP If desired you can turn off redistribution
Interface-specific decisions about routing protocolsYou can configure AppleTalk interfaces to
use either RTMP Enhanced IGRP or both routing protocols If two neighboring routers are
configured to use both RTMP and Enhanced IGRP the Enhanced IGRP routing information
supersede the RTMP information However both devices continue to send RTMP routing
updates
Because Enhanced IGRP supersedes RTMP you can control the excessive bandwidth usage of
RTMP on WAN links Because WAN link is point-to-point link there are no other devices on
the link and hence there is no need to run RTMP to perform end-node router discovery Using
Enhanced IGRP on WAN limis allows you to save bandwidth and in the case of Public Switched Data Networks PSDNs traffic charges
configuring AppleTalk P2C-45 Configure AppleTalk Enhanced IGRP
Enhanced IGRP Configuration Task List
To configure AppleTalk Enhanced IGRP complete the tasks in the following sections At the Enhanced IGRP minimum you must create AppleTalk routing process Configuring
Miscellaneous Parameters is optional
Enable AppleTalk Enhanced IGRP
Configure Miscellaneous Parameters
Enable AppleTalk Enhanced IGRP
To create an AppleTalk Enhanced IGRP routing process use the following commands
Step Command Purpose
appletalk routing eigrp router-number Enable an AppleTalk Enhanced IGRP routing
process in global configuration mode
appletalk protocol eigrp Enable Enhanced IGRP on an interface in interface
configuration mode
For an example of how to enable AppleTalk Enhanced IGRP see the AppleTalk Access List
Examples section at the end of this chapter
To associate networks with Enhanced IGRP multiple an AppleTalk routing process you can repeat this command
Caution When disabling Enhanced IGRP routing with the no appletalk routing eigrp command all
interfaces enabled for only Enhanced IGRP and not also RTMP lose their AppleTalk configuration If you
want to disable Enhanced IGRP and use RTMP instead on specific interfaces first enable RTMP on each
interface using the appletalk protocol rtmp interface configuration command Then disable Enhanced
IGRP the routing using no appletalk routing eigrp command This process ensures that you do not lose AppleTalk configurations on interfaces for which you want to use RTMP
Configure Miscellaneous Parameters
To miscellaneous Enhanced configure AppleTalk IGRP parameters perform one or more of the tasks
in the following sections
Disable Redistribution of Routing Information
Adjust the Interval Between Hello Packets and the Hold Time
Disable Split Horizon
Adjust the Active State Time for Enhanced IGRP Routes
Log Enhanced IGRP Neighbor Adjacency Changes
Configure the Percentage of Link Bandwidth Used by Enhanced IGRP
Disable Redistribution of Routing Information
By default the Cisco lOS software redistributes AppleTalk RTMP routes into AppleTalk Enhanced
IGRP and vice versa Internal Enhanced IGRP routes are always preferred over external Enhanced
IGRP routes This means that if there are two Enhanced IGRP paths to destination the path that
P2C-46 Network Protocols Configuration Guide Part Configure Miscellaneous Parameters
originated within the Enhanced IGRP autonomous system always will be preferred over the
Enhanced IGRP path that originated from outside the autonomous system regardless of the metric
Redistributed RTMP routes always are advertised in Enhanced IGRP as external
To disable route redistribution use the following command in global configuration mode
Command Purpose
no appletalk route-redistribution Disable redistribution of RTMP routes into
Enhanced IGRP and Enhanced IGRP routes into RTMP
Adjust the Interval Between Hello Packets and the Hold Time
You can adjust the interval between hello packets and the hold time
Routers periodically send hello packets to each other to dynamically learn of other devices on their
directly attached networks This information is used to discover who their neighbors are and to learn
when their neighbors become unreachable or inoperative
By default hello packets are sent every seconds The exception is on low-speed nonbroadcast multiaccess NBMA media where the default hello interval is 60 seconds Low speed is considered
to be rate of Ti or slower as specified with the bandwidth interface configuration command The
default hello interval remains seconds for high-speed NBMA networks Note that for the purposes
of Enhanced IGRP Frame Relay and Switched Multimegabit Data Services SMDS networks may
or may not be considered to be NBMA These networks are considered NBMA if the interface has
not been configured to use physical multicasting otherwise they are considered not to be NBMA
You can configure the hold time in seconds on specified interface for the AppleTalk Enhanced
number is advertised in IGRP routing process designated by the autonomous system The hold time
hello packets and indicates to neighbors the length of time they should consider the sender valid The
default hold time is times the hello interval or 15 seconds
time On very congested and large networks the default hold might not be sufficient time for all
routers to receive hello packets from their neighbors In this case you may want to increase the hold time
Note Do not adjust the hold time without advising Cisco technical support
To change the interval between hello packets and the hold time use the following command in
interface configuration mode
Command Purpose
appletalk eigrp-timers hello-interval hold-tune Set the interval between hello packets and the hold time
Disable Split Horizon
horizon Enhanced IGRP and When Split controls the sending of AppleTalk update query packets
split horizon is enabled on an interface these packets are not sent to destinations for which this
interface reduces the of is the next hop This possibility routing loops
all interfaces By default split horizon is enabled on
configuring AppleTalk P2C-47 Configure AppleTalk Enhanced IGRP
Split horizon prevents route information from being advertised by router out the interface that
originated the information This behavior usually optimizes communication among multiple routers
particularly when links are broken However with nonbroadcast networks such as Frame Relay and
arise for which this SMDS situations can behavior is less than ideal For these situations you may
wish to disable split horizon
To disable split horizon use the following command in interface configuration mode
Command Purpose
Disable horizon no appletalk eigrp-splithorizon split
Adjust the Active State Time for Enhanced IGRP Routes
By default Enhanced IGRP routes remain active for minute When route reaches this active state
time limit of minute the Cisco lOS software logs an error and removes the route from the routing table
You can adjust this active state time limit To specify the length of time that Enhanced IGRP routes
can remain active use the following command in global configuration mode
Command Purpose
appletalk eigrp active-time minutes disabled Adjust the active state time limit
Log Enhanced IGRP Neighbor Adjacency Changes
An adjacency is the next hop router You can enable the logging of neighbor adjacency changes to
monitor the of the and to detect stability routing system help you problems By default adjacency
changes are not logged
To enable logging of Enhanced IGRP neighbor adjacency changes use the following command in
global configuration mode
Command Purpose
appletalk eigrp log-neighbor-changes Enable logging of Enhanced IGRP neighbor
adjacency changes
Configure the Percentage of Link Bandwidth Used by Enhanced IGRP IGRP By default Enhanced packets consume maximum of 50 percent of the link bandwidth as
configured with the bandwidth interface subcommand If different value is desired use the
appletalk eigrp-bandwidth-percent command This command may be useful if different level
of link utilization is required or if the configured bandwidth does not match the actual link
bandwidth it may have been configured to influence route metric calculations
To configure the percentage of bandwidth that may be used by Enhanced IGRP on an interface use
the following command in interface configuration mode
Command Purpose
appletalk eigrp-bandwidth-percentpercent Configure the percentage of bandwidth that may be
used by Enhanced IGRP on an interface
For an example of how to configure the percentage of Enhanced IGRP bandwidth see the
AppleTalk Enhanced IGRP Bandwidth Configuration Example section at the end of this chapter
P2C-48 Network Protocols Configuration Guide Part Configure AppleTalk Interenterprise Routing
Configure AppeTaDk nterenterprse Roufing
AppleTalk interenterprise routing provides support for AppleTalk internets or domains AppleTalk
interenterprise routing allows two or more AppleTalk domains to be connected through domain
also be Cisco allows the router which can access server AppleTalk interenterprise routing
resolution of conflicting AppleTalk network numbers or cable ranges from different domains and
hop-count reduction between domains
Understand AppleTalk Domains
of networks cable An AppleTalk domain is group AppleTalk or ranges that are connected and that
have the following characteristics
within domain is Each network number or cable range unique within that domain
Each domain is separated from another domain by domain router
There is no physical or virtual connection between the two AppleTalk domains other than
through domain router
Understand Domain Routers
The domain router uses split horizon across the entire domain not just across an interface This
means that domain routers do not propagate routes learned from an interface in one domain back into
that domain Rather it propagates routes only to other domains
AppleTalk Interenterprise Routing Features
AppleTalk interenterprise routing provides the following features
Network remappingAllows you to remap remote network numbers to resolve numbering
conflicts with network numbers on the local network segment
creation of Hop-count reductionAllows the larger internetworks When you enable hop-count
is it This reduction the hop count in packet set to as passes from one domain to another allows
you to circumvent the 15-hop limit imposed by DDP and RTMP when forwarding packets
Loop detectionAvoids having multiple routing table entries to the same remote network
segment domain If the domain router detects loop it displays an error message on the domain
router and shuts off domains The presence of loop implies that there is connection between
two separate domains that was not learned through any of the interfaces of the domain router
Fast switchingHas been implemented for networks that have been remapped or on which
hop-count reduction has been configured
Redundant Paths Between Domains
Note that only one domain router can separate two domains That is you cannot have two or more
domain routers to create redundant paths between domains You can however establish redundant
paths between domains by connecting them through more than one interface on the domain router
that separates them Figure illustrates this configuration In this figure one domain router separates
domains and Two of the routers interfaces are in domain Ethernet interfaces and and
three are in domain Ethernet interfaces and thus providing redundant connections
between the domains Figure illustrates an improper configuration This configuration will create
adverse effects because domains and are connected by two domain routers
Configuring AppleTalk P2C-49 Configure AppleTalk Interenterprise Routing
Figure Allowed Configuration of Domain Router Connecting Two Domains
EO E3 Domain Domain Router El Domain E4 so
Figure Improper Configuration of Domain Routers Connecting Two Domains
EO E3 Domain El Router E4 so
Domain Domain
Currently you can configure AppleTalk interenterprise routing only on routers running RTMP or Enhanced IGRP
AppleTalk Interenterprise Routing Task List
You configure AppleTalk interenterprise routing by completing the tasks described in the following At enable sections minimum you must AppleTalk interenterprise routing The remaining tasks are
optional
Enable AppleTalk Interenterprise Routing
Remap Network Numbers
Control Hop Count
After you assign AppleTalk interenterprise routing remapping hop-count reduction and loop-detection features to an AppleTalk domain you can attribute those characteristics to tunnel
interface configured for AURP by assigning the AppleTalk domain group number to the AURP tunnel interface
Enable AppleTalk Interenterprise Routing
To enable AppleTalk interenterprise routing perform the following steps
Enable AppleTalk interenterprise routing on the router
Enable AppleTalk interenterprise routing on an interface
P2C-50 Network Protocols Configuration Guide Part Remap Network Numbers
To enable AppleTalk interenterprise routing use the following command in global configuration mode
Command Purpose
Create appletalk domain domain-number name domain and assign it name and number domain-name
To enable AppleTalk interenterprise routing on an interface use the following command in interface
configuration mode
Command Purpose
appletalk domaingroup domain-nwnber Assign predefined domain number to an
interface
For an example of how to configure AppleTalk interenterprise routing see the AppleTalk
this Interenterprise Routing Example section at the end of chapter
Remap Network Numbers
When connecting two AppleTalk networks conflict can arise between network numbers or
between cables network and those the other You avoid conflicts ranges on one on can by remapping the remote networks network numbers or cable ranges
Each domain can have two mapping ranges to which to remap all incoming or outgoing network
numbers or cable ranges
cable inbound the command in To remap the network numbers or ranges on packets use following
global configuration mode
Command Purpose
appletalk domain domain-number remaprange in Remap packets inbound to the domain
cable-range
in To remap the network numbers or cable ranges on outbound packets use the following command
global configuration mode
Command Purpose
appletalk domain domain-number remaprange Remap packets outbound from the domain
out cable-range
Control Hop Count
When you join AppleTalk network segments to create domains the distance across the combined
internetworks is likely to exceed 15 hops which is the maximum number of hops supported by
RTMP You can extend the network topology by configuring the Cisco lOS software to reduce the
hop-count value of packets that traverse it
Reducing the hop-count value allows an AppleTalk router to control the hop-count field in DDP
packets so as to ensure that the packet reaches its final AppleTalk destination Hop-count reduction
allows the router to bypass the limitation of 16 hops before aging out packets This feature is
supported only on access servers and routers configured for AppleTalk Enhanced IGRP
Configuring AppleTalk P2C-51 Configure AppleTalk over WANs
To enable hop-count reduction use the following command in global configuration mode
Command Purpose
appletalk domain domain-number hop-reduction Enable hop-count reduction
Configure AppeTaHk over WANs
You can configure AppleTalk over dial-on-demand routing DDR Frame Relay SMDS and X.25
networks To do this configure the address mappings as described in the appropriate chapters for
each protocol
AppleTalk over DDR
To use AppleTalk over DDR you must define AppleTalk static routes You can configure the
following two types of static routes
have absolute Static routesThese routes precedence that is they always override any
dynamically learned routes
Floating static routesThese routes can be overridden by dynamically learned routes
Be careful when assigning static routes When links associated with these static routes are lost traffic
may stop being forwarded or traffic may be forwarded to nonexistent destination even though an
alternative path might be available
Note When configuring AppleTalk over DDR the zone name assigned to the interface must be
unique It cannot be the same as zone name assigned to static route If the zone names are not
the of initialization and dialer unique sequence AppleTalk operation will cause the DDR interface
to go up and down
Configure Static Routes
To add static route for an extended or nonextended AppleTalk network use one of the following
commands in global configuration mode
Command Purpose
appletalk static cable-range cable-range to Define static route on an extended AppleTalk network.node zone zone-name network
appletalk static network network-n wnber to Define static route on nonextended AppleTalk neiwork.node zone zone-name network
Configure Floating Static Routes
You can use floating static route to create path of last resort that is used only when no dynamic
routing information is available To avoid the possibility of routing loop occurring floating static
routes by default are not redistributed into other dynamic protocols
P2C-52 Network Protocols Configuration Guide Part AppleTalk over X.25
To add floating static route for an extended or nonextended AppleTalk network use one of the
following commands in global configuration mode
Command Purpose
appletalk static cablerange cable-range to Define floating static route on an extended
network.node floating zone zonename AppleTalk network
nonextended appletalk static network network-number to Define floating static route on
neiwork.node floating zone zone-na/ne AppleTalk network
For an example of how to configure AppleTalk over DDR see the AppleTalk over DDR Example
section at the end of this chapter
AppleTalk over X.25
this network is the For X.25 you can configure only nonextended AppleTalk network Logically
same as LocalTalk network because both are always nonextended networks All AppleTalk nodes
within an X.25 network must be configured with the same AppleTalk network number Also the
network numbers and zone names on both sides of the serial link must be the same When mapping
the AppleTalk address to the 121 address of the router with the x25 map command include the
keyword broadcast to simulate the AppleTalk broadcast capability This is necessary because X.25
does not support broadcasts but AppleTalk does The broadcast simulation is done as follows If
the broadcast flag is set whenever broadcast packet is sent each X.121 address specified will
receive it
Monitor and Maintain the AppeTalk Network
commands that monitor and maintain The Cisco lOS software provides several you can use to an AppleTalk network In addition you can use network monitoring packages such as Apple
is and Use the Computers InterPoll to verify that router configured operating properly
commands described in this section to monitor an AppleTalk network using both Cisco lOS software
commands and network monitoring packages
Monitor and Maintain the AppleTalk Network Using Cisco lOS Software Commands
To monitor and maintain the AppleTalk network use one or more of the following commands at the EXEC prompt
Command Purpose
of appletalk pre4dditalk Enable recognition pre-FDDITa1k packets ARP clear appletalk arp Delete entries from the AppleTalk AARP
table
clear appletalk neighbor all Delete entries from the neighbor table
clear appletalk route network Delete entries from the routing table
clear appletalk traffic Reset AppleTalk traffic counters
fast clear smrp mcache Clear the fast switching entries in the SMRP
switching cache table
ping appletalk network.node Diagnose basic AppleTalk network connectivity
user-level command
Configuring AppleTalk P2C-53 Monitor and Maintain the AppleTalk Network
Command Purpose
ping Diagnose basic AppleTalk network connectivity
privileged command
show appletalk access-lists Display the AppleTalk access lists currently defined
show appletalk adjacent-routes Display the routes to networks that are directly
connected or that are one hop away
show appletalk arp List the entries in the AppleTalk ARP table
show appletalk aurp events Display pending events in the AppleTalk AURP
update-events queue
show appletalk aurp topology Display entries in the AURP private path database
show appletalk cache Display the contents of the AppleTalk fast switching cache
show appletalk domain Display domain-related information
show appletalk eigrp neighbors List the neighbors discovered by AppleTalk Enhanced IGRP
show interfaces appletalk eigrp Display information about interfaces configured for Enhanced IGRP
show appletalk eigrp topology Display the contents of the AppleTalk Enhanced active zero-successors IGRP topology table
show appletalk globals Display information about the routers AppleTalk
internetwork and other parameters
show appletalk interface numberj Display AppleTalk-related interface settings
show appletalk macip-clients Display the status of all known MacIP clients
show appletalk macip-servers Display the status of devices MacIP servers
show appletalk macip-traffic Display statistics about MacIP traffic
show appletalk name-cache Display list of NBP services offered by nearby
routers and by other devices that support NBP
show appletalk nbp Display the contents of the NBP name registration
table
show appletalk neighbors Display information about the AppleTalk routers
directly connected to any network to which the
router is directly connected
show appletalk remap domain-n umber Display domain remapping information out from domain-network
show route appletalk type number Display the contents of the AppleTalk routing table
show appletalk sockets umber Display the process-level operations in all sockets in
an interface
show appletalk static Display the defined static routes
show traffic appletalk Display the statistics about AppleTalk protocol
traffic including MacIP traffic
show appletalk zone Display the contents of the zone information table
show smrp forward Display the SMRP forwarding table
show smrp globals Display global information about SMRP
show smrp group Display the SMRP group table
show smrp mcache Display the SMRP fast switching cache table
P2C-54 Network Protocols Configuration Guide Part Monitor the AppleTalk Network Using Network Monitoring Packages
Command Purpose
show smrp neighbor Display the SMRP neighbor table
show smrp port number Display the SMRP port table
show smrp route type Display the SMRP routing table number
all entries or entries in the SMRP show smrp traffic group neighbor port Display specific route transaction traffic table
test appletalk Enter test mode to test NBP protocols
Monitor the AppleTalk Network Using Network Monitoring Packages
The Cisco lOS software supports network monitoring packages such as Apple Computers
InterPoll which are tools that use the AppleTalk responder and listener for verifying routers
configuration and operation The software answers AppleTalk responder request packets These
which is installed the interface request packets are received by the listener on AppleTalk name
registration socket The responder request packets include the bootstrap firmware version string
followed by the operating software version string These strings are displayed in the Macintosh
System version and the Macintosh printer driver version fields respectively and in applications such similar those the show as Apples InterPoll The response packet contains strings to displayed by version EXEC command
The Cisco lOS software returns the following information in response to responder request packets
System bootstrap version ROM version
Software version
AppleTalk version this is always 56 which is the first Apple Macintosh version that contained AppleTalk Phase support
AppleTalk responder version this is always 100 which indicates support of Version 1.0
responder packets
AppleShare status this is reported as not installed
Figure illustrates typical output display for InteroPoll that lists this information
Configuring AppleTalk P2C-55 AppleTalk Configuration Examples
Figure InterPollOutput
Net 4042 Node De ic ______routerl .Ethernet3-ciscoRoutor-Twllight Zone stop Packets 20 Using ______Echo Pkts Interval 2.5 Secs
Printer Status Packets Timeout 1.5 Soon System Into Packets
Rcvd Lost
Packets Sent Lett 16 Total
Current Average Minimum Maximum
Hops Away 3.00
Delay secs 0.02 0.02 0.02 0.02
System Soalsirap Version 4.415.01 19864991 b.. Status OS Sollware 903 Version 9.21131101 Development Software 1991
Sesponder INIT Version lOS AppleTalk Driver Version 56 AppieShare not Insislied
Cv
AppDeTaHk Configuraflon Exampes
Use the configuration examples in the following sections to help you configure AppleTalk routing
Extended AppleTalk Network Example
Nonextended AppleTalk Network Example
Nonextended Network in Discovery Mode Example
AppleTalk Access List Examples
Transition Mode Example
AppleTalk Access List Examples
AppleTalk Access List Examples
GZL and ZIP Reply Filter Examples
AppleTalk Interenterprise Routing over AURP Example
SNMP Example
MaciP Examples
IPTalk Example
AppleTalk Control Protocol Example
Proxy Network Number Example
AppleTalk Enhanced IGRP Bandwidth Configuration Example
AppleTalk Interenterprise Routing Example
AppleTalk over DDR Example
AppleTalk Control Protocol for PPP Example
P2C56 Network Protocols Configuration Guide Part Extended AppleTalk Network Example
Extended AppleTalk Network Example
The following example configures an extended AppleTalk network It defines the zones Accounting of allows with nonextended and Personnel The cable range one compatibility AppleTalk networks
appletalk routing interface ethernet appletalk cable-range 69-69 69.128 appletalk zone Accounting appletalk zone Personnel
Nonextended AppleTalk Network Example
The following example configures nonextended AppleTalk network that allows routing between
two Ethernet networks Ethernet interface is connected to network at node 128 and Ethernet
interface is connected to network at node 154 Network is in the Twilight zone and network
is in the No Parking zone See Figure
Figure Nonextended AppleTalk Routing between Two Ethernet Networks
No Parking Zone
Network Network
appletalk routing
interface ethernet appletalk address 1.128 appletalk zone Twilight
interface ethernet appletalk address 2.154 appletalk zone No Parking
Nonextended Network in Discovery Mode Example
The following example configures nonextended network in discovery mode There are seed routers
on both networks to provide the zone and network number information to the interfaces when they
start Router supplies configuration information for Ethernet interface and Router supplies
configuration information for Ethernet interface See Figure
Configuring AppleTalk P2C-57 AppleTalk Configuration Examples
Figure Routing in Discovery Mode
Use the following commands to configure this nonextended network in discovery mode
appletalk routing
interface ethernet appletalk address 0.0
interface ethernet appletalk address 0.0
AppleTalk Enhanced IGRP Example
The following example shows how to configure AppleTalk Enhanced IGRP In this example
Ethernet interface is configured for both Enhanced IGRP and RTMP routing and serial interface
is configured for only AppleTalk Enhanced IGRP routing
appletalk routing eigrp appletalk route-redistribution
interface ethernet appletalk cable-range 10-10 10.51 appletalk zone Ethernet appletalk protocol eigrp
interface serial appletalk cable-range 111-111 111.51 appletalk zone Serial appletalk protocol eigrp no appletalk protocol rtmp
Transition Mode Example
When in transition mode the Cisco lOS software can route packets between extended and
nonextended AppleTalk networks that exist on the same cable
To configure transition mode you must have two ports connected to the same physical cable One
port is configured as nonextended AppleTalk network and the other is configured as an extended
AppleTalk network Both ports must have unique network numbers because they are two separate
networks Figure shows an example of the topology of this configuration
P2C-58 Network Protocols Configuration Guide Part AppleTalk Access List Examples
Figure Transition Mode Topology and Configuration
LU
Use the following commands to configure the network shown in Figure Note that networks 2-2
and and in 4-4 must have cable range of one single zone their zone lists This is required to
maintain compatibility with the nonextended network network
This is an extended network interface ethernet appletalk cable-range 2-2 appletalk zone No Parking
This is nonextended network interface ethernet
appletalk address 3.128 appletalk zone Twilight
This is an extended network interface ethernet appletalk cable-range 4-4 appletalk zone Do Not Enter
AppleTalk Access List Examples
Our implementation of AppleTalk provides several methods using access lists to control access to
AppleTalk networks The examples that follow illustrate these methods and show different
approaches in applying access lists
Defining an Access List to Filter Data Packets Example
The following commands create access list 601
Permit packets to be routed from network 55 access-list 601 permit network 55
Permit packets to be routed from network 500 access-list 601 permit network 500
Permit packets to be routed from networks 900 through 950 access-list 601 permit cable-range 900-950
Do not permit packets to be routed from networks 970 through 990 accesslist 601 deny includes 970990
Do not permit packets to be routed from networks 991 through 995 accesslist 601 permit within 991995
Deny routing to any network and cable range not specifically enumerated access-list 601 deny other-access
Configuring AppleTalk P2C-59 AppleTalk Configuration Examples
To use access list 601 to filter data packets you apply it an interface for example Ethernet interface
using the following commands
appletalk routing interface ethernet appletalk cablerange 50-50 appletalk zone No Parking appletalk access-group 601 out
The following examples illustrate how Ethernet interface would handle outgoing data packets
Packets sourced from cable range 5050 would be permitted
Packets sourced from any network in the cable range 972980 are denied because they explicitly
match the access-list deny includes 970-990 command
Defining an Access List to Filter Incoming Routing Table Updates Example
The following commands create access list 602 This example illustrates how packets are processed
such redundant list by access lists you cannot create access
access-list 602 permit network 55 access-list 602 permit cable 55-55 accesslist 602 permit includes 55-55 accesslist 602 permit within 55-55
To use this access list to filter routing table updates received on Ethernet interface apply it to the
interface using the following commands
appletalk routing interface ethernet appletalk cablerange 55-55 appletalk zone No Parking appletalk distributelist 602 in
The following tables illustrate the process for accepting or rejecting routing update information If
the outcome of test is true the condition passes the access list specification and the distribute-list
command specification is then applied
Routing updates containing network 55 would be processed as follows
Access List Command Outcome of Test
access-list 602 permit network 55 True
access-list 602 permit cable range 55-55 False
access-list 602 permit includes 55-55 True
access-list 602 permit within 55-55 True
cable 55-55 would be Routing updates containing range processed as follows
Access List Command Outcome of Test
access-list 602 permit network 55 False
access-list 602 permit cable range 55-55 True
access-list 602 permit includes 55-55 True
access-list 602 permit within 5-55 True
P2C-60 Network Protocols Configuration Guide Part AppleTalk Access List Examples
Routing updates containing cable range 55-56 would be processed as follows
Access List Command Outcome of Test
access-list 602 permit network 55 False
access-list 602 permit cable-range 55-55 False
access-list 602 permit includes 55-5 True
access-list 602 permit within 55-55 False
Comparison of Alternative Segmentation Solutions
With the flexibility allowed by our access list implementation determining the optimal method to
segment an AppleTalk environment using access control lists can be unclear The following scenario
and configuration examples illustrate two solutions to particular problem and point out the
inherent advantages of using AppleTalk-style access lists
Consider situation in which company wants to permit customers to have direct access to several
corporate file servers Access is to be permitted to all devices in the zones named MIS and Corporate
but access is restricted to the Engineering zone because the file servers in these zones contain
sensitive information The solution is to create the appropriate access lists to enforce these access
policies
The companys AppleTalk internetwork consists of the following networks and zones
Zone Network Number or Cable Range
Engineering 6969
41604160
15
MIS 666777
Corporate 7070 55
51004
42624262
World 8888
90009999 multiple networks exist in this range
The router named Gatekeeper is placed betweed the World zone and the various company-specific
zones An arbitrary number of routers can be on either side of Gatekeeper An Ethernet backbone
exists on each side of Gatekeeper connecting these other routers to Gatekeeper On the router
Gatekeeper Ethernet interface connects to the World backbone and Ethernet interface connects
to the Corporate backbone
is the needs For the purposes of this configuration assume Gatekeeper only router that any access
list configuration There are two solutions depending on the level of security desired
minimal configuration might be as follows In this configuration the Engineering zone is secured
but all other zones are publicly accessible
appletalk routing accessJist 603 deny zone Engineering access-list 603 permit additional-zones access-list 603 permit otheraccess
Configuring AppleTalk P2C-61 AppleTalk Configuration Examples
interface ethernet appletalk network appletalk distributelist 603 out appletalk access-group 603
more comprehensive configuration might be the following in which the Corporate and MIS zones
are public and all other zones are secured
appletalk routing access-list 603 permit zone Corporate access-list 603 permit zone MIS access-list 603 deny additional-zones access-list 603 permit otheraccess
interface ethernet appletalk network appletalk distribute-list 603 out appletalk access 603
Both configurations satisfy the basic goal of isolating the Engineering servers but the second
example will continue to be secure when more zones are added in the future
Defining an Access List to Filter NBP Packets Example
The following example adds entries to access list number 607 to allow forwarding of NBP packets
from specific sources and deny forwarding of NBP packets from all other sources The first
command adds an entry that allows NBP packets from all printers of type LaserWrite The second
command adds an entry that allows NBP packets from all AppleTalk file servers of type AFPServe
The third command adds an entry that allows NBP packets from all applications called
HorShotPaint For example an application might have zone name ofAccounting and an application
might have zone name of engineering both having the object name of HotShotPaint NBP packets
forwarded from both applications will be allowed
The final access.list othernbps command denies forwarding of NBP packets from all other sources
access-list 607 permit nbp type LaserWriter access-list 607 permit nbp type AFPServer access-list 607 permit nbp object HotShotPaint access-list 607 deny other-nbps
To use this access list to filter inbound NBP packets on Ethernet interface apply it to the interface
using the following commands
appletalk routing interface ethernet appletalk cable-range 55-55 appletalk zone No Parking appletalk access-group 607 in
The following example adds entries to access list number 608 to deny forwarding of NBP packets
from two specific servers whose fully qualified NBP names are specified It permits forwarding of
NBP packets from all other sources
access-list 608 deny nbp object ServerA access-list 608 deny nbp type AFPServer access-list 608 deny nbp zone Bld3 access-list 608 deny nbp object ServerB access-list 608 deny nbp type AFPServer access-list 608 deny nbp zone B1d3 access-list 608 permit other-nbps accesslist 608 permit other-access
P2C-62 Network Protocols Configuration Guide Part AppleTalk Access List Examples
To use this access list to filter NBP packets on Ethernet interface apply it to the interface using the
following commands
appletalk routing interface ethernet appletalk cable-range 55-55 appletalk zone No Parking appletalk access-group 608 in
Note Prior to Cisco lOS Release 11.2 all NBP access lists were applied to inbound interfaces by
default Using Cisco lOS 11.2 or later software the default interface direction for all access lists
including NBP access lists is outbound In order to retain the inbound direction of access lists
created with previous Cisco lOS software releases you must specify an inbound interface for all
NBP access lists using the appletalk access-group command
The following example creates an access list that denies forwarding of the following
All NBP Lookup Reply packets
NBP packets from the server named Bobr Server
Packets from all AppleTalk file servers of type AFPServer
All NBP Lookup Reply packets that contain the specified named entities belonging to the zone
twilight
access-list 600 deny nbp LkReply access-list 600 deny nbp object Bobs Server access-list 600 deny nbp type AFPServer access-list 600 deny nbp zone twilight access-list 600 permit other-nbps
be filter for will There may case where fully qualified Bob Server.AFPServer@ twilight not
work for an NBP Lookup Reply in response to Lookup generated by the Chooser application This
is because the Lookup Request is transmitted as .AFPServer@ twilight and the Lookup Reply from
Bobs Server comes back as Bobs Serper.AFPServer@
The following example creates an access list to filter Lookup Reply generated by Bob Server to
request by the Chooser application
access-list 609 deny nbp LkReply access-list 609 deny nbp object Bobs Server access-list 609 deny nbp type AfPServer accesslist 609 permit othernbps access-list 609 permit other-access
Configuring Partial Zone Advertisement Example
Figure 10 illustrates configuration in which you might want to allow partial advertisement of
particular zone
Configuring AppleTalk P2C-63 AppleTalk Configuration Examples
Figure 10 Example Topology of Partially Obscured Zone
Router
E0 E4 El
Network 10 Network 15 Network 20 Network 30 Zone Zone Zone Zone
Assume that Router includes router-update filter applied with the appletalk distribute-list
interface configuration command on the Ethernet interface that does not accept routing table
updates from network 10 nor does it send routing table updates to that network
access-list 612 deny network 10 access-list 612 permit otheraccess interface ethernet appletalk distribute-list 612 out appletalk distribute-list 612 in
For Network 30 normal default behavior would be for Network 10 and Network 20 to be
eliminated from any routing updates sent although Network 15 would be included in routing updates
same zone as Network 30 Using the appletalk permit-partial-zones global configuration
command has the following effects
If appletalk permit-partial-zones is enabled the routing updates exclude Network 10 but include Network 15 and Network 20
If no appletalk permit-partial-zones is enabled the routing updates exclude both Network 10
and Network 20 but still include Network 15 This is generally considered the preferred behavior
and is the default
Table summarizes the associations between the networks shown in Figure 10 Table details the
effects of enabling and disabling partial-zone advertisement with the appletalk
permit-partial-zones global configuration command
Table Zone and Interface Associations for Partial Zone Advertisement Example
Network 10 Network 15 Network 20 Network 30
Zone
Interfaces Ethernet Ethernet Ethernet Ethernet
Ethernet
Table Partial Zone Advertisement Control on Network 30
Command
Condition Network 10 Network 15 Network 20 Network 30
Enabled Not Advertised on Advertised on Advertised on
Network 30 Network 30 Network 30
Disabled Not Advertised on Advertised on Not Advertised on Network 30 Network 30 Network 30
P2C-64 Network Protocols Configuration Guide Part Hiding and Sharing Resources with Access List Examples
Hiding and Sharing Resources with Access List Examples The following examples illustrate the use of AppleTalk access lists to manage access to certain resources
Establishing Free-Trade Zone Example
The goal of the configuration shown in Figure 11 is to allow all users on all the networks connected
to Routers and to be able to access the AppleShare servers AS and A52 in the zone
FreeAccessZone second requirement is to block cross access through this zone In other words
in the users zones MIS MIS2 and LocalTalk which are connected to Ethernet interface on Router are not allowed access to any of the resources on networks connected to Ethernet interface on Router Similarly users in the zones Engineering Test and LocalTalk which are
connected to Ethernet interface on Router interface allowed E4 are not access to any of the resources on networks connected to Ethernet interface on Router
Figure 11 Controlling Access to Common AppleTalk Network
Access allowed into FreeAccessZone
Zone MIS2 Zone Engineering Network 4081 Network 20
Zone FreeAccessZone
Cable range 5-5
AppleShare servers
in FreeAccessZone
Accessoutbkcked ______
Note Although there are networks that share the same number on interfaces E0 and E4 and there
are zones that have the have the same name none same network number and zone specification except FreeAccessZone The two routers do not broadcast information about these networks
FreeAccessZone The routers broadcast the cable through only range 55 As configured
FreeAccessZone itself since other only sees However no limitations have been placed on
advertisements the FreeAccessZone range of 55 propagates out to the networks attached to E0
Router and E4 Router thus resources in FreeAccessZone are made accessible to users on
all those networks
The Router and following examples configure Router for access control illustrated in Figure 11
You must configure only Ethernet interface on Router and Ethernet interface on Router to
provide the desired access
Configuring AppleTalk P2C-65 AppleTalk Configuration Examples
Configuration for Router
appletalk routing
interface ethernet appletalk cable-range 5-5 appletalk zone FreeAccessZone appletalk free-trade-zone
Configuration for Router
appletalk routing
interface ethernet appletalk cable-range 5-5 appletalk zone FreeAccessZone appletalk free-trade-zone
need define lists When configuring both routers you do not to any access to prevent users on
networks connected to Router from accessing resources on networks connected to Router and
vice versa The appletalk free4rade-zone interface configuration command implements the
necessary restrictions
Restricting Resource Availability Example
In the preceding example shared-resource access was granted to all users in the various AppleTalk
zones connected to the two routers At the same time access between resources on either side of the
control is common zone was completely denied There might be instances where greater degree of
requiredpossibly where resources in some zones are to be allowed access to resources in certain
other zones but are denied access to other specific zones Figure 12 illustrates such situation
Figure 12 Controlling Resource Access among Multiple AppleTalk Zones
Zone MIS
Cable range 7000-7010 imin
Zone Engineering Zone Finance Cable range 22-30
Cable range 1000-1 000
Zone FreeAccessZone2
Cable range 9-9
Router E9
Zone Test-lab
AppleShare servers
in FreeAccessZone
P2C-66 Network Protocols Configuration Guide Part Hiding and Sharing Resources with Access List Examples
The following are the objectives of the configuration in Figure 12
Users in and MIS zones Engineering E7 ED are to be allowed free access to each other
All users in all zones are to be allowed access to FreeAccessZone2 E6
No in with the users any zone exception of users in Finance are to be allowed access to resources
in Finance
To meet these specifications you define the following access lists
access-list 609 permit cable 9-9 access-list 609 deny other-access
access-list 610 permit zone Finance access-list 610 permit zone FreeAccessZone2 access-list 610 deny additional-zones
access-list 611 deny cable-range 1000-1000 access-list 611 deny cable-range 9-9 access-list 611 permit cable-range 7000-7010 access-list 611 permit cable-range 2230
The effects of these access lists are as follows
Access list 609 is intended to be used to allow access to resources on FreeAccessZone2
Access list 610 is intended to be used to control access in and out of the zone Finance
Access list 611 is intended to be used to accommodate the requirement to allow users in zones
Engineering and MIS to mutually access network resources
Configuration for Ethernet Interface
Ethernet interface is associated with the MIS Use the zone following commands to configure this interface
interface ethernet appletalk cable-range 7000-7010 appletalk zone MIS
appletalk distribute-list 611 out appletalk distribute-list 611 in
Specifying access list 611 results in the following filtering
Advertisements of Finance are blocked
Advertisements between Engineering and MIS are allowed
Configuration for Ethernet Interface
Ethernet interface is associated with the Finance zone Use the following commands to configure this interface
interface ethernet appletalk cable-range 1000-1000 appletalk zone Finance appletalk distribute-list 610 out appletalk access-group 610
Configuring AppleTalk P2C-67 AppleTalk Configuration Examples
The effects of these access lists are as follows
limited With the appletalk distribute4ist out interface configuration command Finance is to
accessing Finance and FreeAccessZone2 only
interface command filters traffic it The appletalk access-group configuration packet Thus
devices in Finance from outside of this blocks access to any zone
Configuration for Ethernet Interface
Ethernet interface is associated with the FreeAccessZone2 zone Use the following commands to
configure this interface
interface ethernet appletalk cable 9-9 appletalk zone FreeAccessZone2 appletalk distributelist 609 out appletalk distribute-list 609 in
Configuration for Ethernet Interface
Ethernet interface is associated with the Engineering zone The configuration for this interface
mirrors that for Ethernet interface because the users in both the MIS and Engineering zones must
have access to each others resources Use the following commands to configure Ethernet interface
interface ethernet appletalk cable-range 22-30 appletalk zone Engineering appletalk distribute-list 611 out appletalk distributelist 611 in
of the and Test-Lab Zones Implicit Configuration Admin
Omitted from the configuration example in Figure 12 are any specific configuration commands
pertaining to the zones Test-Lab Ethernet interface on Router and Admin Ethernet interface
on Router No configuration is done for these zones because there are no requirements relating to
them listed in the original objectives The following access control is implicitly handled with the
assignment of the stated access lists
Users in the Admin zone can see the Finance zone but cannot see resources in that zone
in but of the in However as for all zones resources FreeAccessZone2 are available none users in Admin any of the other zones can access resources
In the absence of the assignment of access lists on Router users in Test-Lab can access the
resources in the FreeAccessZone2 and Engineering zones With the exception of Engineering no
other zones can access resources in Test-Lab
GZL and ZIP Reply Filter Examples
The examples in this section show how to configure GZL and ZIP reply filters and they illustrate
the differences between these two types of filters Both examples use the configuration shown in
Figure 13
P2C-68 Network Protocols Configuration Guide Part AppleTalk Interenterprise Routing over AURP Example
Figure 13 GZL and ZIP Reply Filters Sample Topology
Zones
Marketing
Accounting
Engineering
Both and GZL ZIP reply filters control the zones that can be seen on network segment GZL filters control which zones can be seen by Macintoshes on local network segments These filters have no
effect on adjacent routers In order for GZL filters to work properly all routers on the local segment must be configured with the same access list
ZIP reply filters control which zones can be seen by adjacent routers and by all routers downstream from adjacent routers You can use these filters to hide zones from all Macintoshes on all networks
on adjacent routers and from all their downstream routers
the shown in would Using configuration Figure 13 you use GZL filter to prevent the Macintosh on the Ethernet network segment from viewing the zones Engineering and Accounting on network
600 These zones would not be visible via the Macintoshs Chooser To do this you configure
Router as follows
access-list 650 deny zone Engineering access-list 650 deny zone Accounting access-list 650 permit additional-zones access-list 650 permit otheraccess
interface ethernet
appletalk getzonelist-filter 650
the shown in Again using configuration Figure 13 you would use ZIP reply filter to hide the
Engineering and Accounting zones from Routers and This filter would also hide the zones from
Router which is downstream from Router The effect of this filter is that when these routers the of request names zones on network 600 the zones names Engineering and Accounting will not be returned
access-list 650 deny zone Engineering access-list 650 deny zone Accounting access-list 650 permit additionalzones access-list 650 permit other-access
interface ethernet appletalk zip-reply-filter 650
AppleTalk Interenterprise Routing over AURP Example
After an domain for you configure AppleTalk AppleTalk interenterprise features you can apply the features to tunnel interface configured for AURP by assigning the domain number to the interface
Configuring AppleTalk P2C-69 AppleTalk Configuration Examples
interface and it for it the The following example defines tunnel configures AURP Then applies
tunnel interface the domain features configured for domain to by assigning AppleTalk group
to the tunnel interface
appletalk domain name France appletalk domain remap-range in 10000-19999 appletalk domain remap-range out 200-299
interface Tunnel tunnel source ethernet tunnel destination 131.108.1.17
tunnel mode aurp appletalk protocol aurp appletalk domain-group
SNMP Example
activation of and The following example configuration sequence illustrates proper SNMP AppleTalk
Disable SNMP on the router no snmp-server
Enable AppleTalk routing and event logging on the router appletalk routing appletalk event-logging
Configure IP and AppleTalk on Ethernet interface interface Ethernet
ip address 131.108.29.291 255.255.255.0 appletalk cable-range 29-29 29.180 appletalk zone MarketingAl
Enable SNMP on the router snmp-server community MarketingA2 RW snmp-server trap-authentication snmp server host 131.108.2.160 MarketingA2
MacIP Examples
with The following example illustrates MacIP support for dynamically addressed MacIP clients
dynamically allocated IP addresses in the range 131.108.0.2 to 131.108.010
Specify server address and zone appletalk macip server 131.108.0.1 zone Marketing
Specify dynamically addressed clients appletalk macip dynamic 131.108.0.2 131.108.0.10 zone Marketing
Assign the address and subnet mask for Ethernet interface interface ethernet ipaddress 131.108.0.2 255.255.255.0
Enable AppleTalk routing appletalk routing
interface ethernet appletalk cable range 69-69 69.128 appletalk zone Marketing
P2C-70 Network Protocols Configuration Guide Part IPTalk Example
The following example illustrates MacIP support for MacIP clients with statically allocated IP addresses
Specify the server address and zone appletalk macip server 131.108.0.1 zone Marketing
Specify statically addressed clients appletalk macip static 131.108.0.11 131.108.0.20 zone Marketing appletalk macip static 131.108.0.31 zone Marketing appletalk macip static 131.108.0.41 zone Marketing appletalk macip static 131.108.0.49 zone Marketing
Assign the address and subnet mask for Ethernet interface interface ethernet ipaddressl3l.l08.0.1255.255.255.0
Enable AppleTalk routing appletalk routing
interface ethernet appletalk cable range 69-69 69.128 appletalk zone Marketing
IPTalk Example
This section describes how to set up UNIX-based systems and our Cisco lOS software to use CAP
IPTalk and other IPTalk implementations
The following procedure outlines the basic steps for setting up our software and UNIX hosts for
operation using IPTalk implementations
Note This procedure does not provide full instructions about how to install CAP on the UNIX
it does address the system However requirements for setting up the UNIX systems configuration
file that defines addresses other and network information Generally this is the only file that relies
on the routers address and configuration information Refer to your UNIX system and CAP software
manuals for information about building the CAP software and setting up the UNIX startup scripts
Enable on all the routers that will IPTalk and between these AppleTalk routing use any routers routers
Enable IP routing on the interfaces that will communicate with the UNIX system Refer to the Network Protocols Configuration Guide Part for more information about configuring IP These interfaces must be on the same subimet as the UNIX system Also ensure that IP is enabled on the UNIX system
Allocate an AppleTalk network number for IPTalk You need separate AppleTalk network
number for each IP subnet that is to run IPTalk
You can have number of UNIX machines on the same subnet They all use the same AppleTalk
network number for IPTalk However they must have their own individual node identifiers
It is possible for the same router to have IPTalk enabled on several interfaces Each interface must
have different AppleTalk network number allocated to IPTalk because each interface will be
using different IP subnet
Configuring AppleTalk P2C-71 AppleTalk Configuration Examples
Determine the CAP format of the AppleTalk network number The CAP software is based on an
network numbers two octets older AppleTalk convention that expresses AppleTalk as decimal
numbers from to 255 separated by dot The current AppleTalk convention uses decimal
numbers from to 65279 Use the following formula to convert between the two
CAP format x.y
Apple format
To convert from AppleTalk to CAP
d/256 represents truncating integer division
d%256 represents the remainder of the division
To convert from CAP to AppleTalk 256
Example AppleTalk format 14087 CAP format 55.7
Choose zone name for IPTalk No special constraints are placed on zone name choices You can
use the same zone name for several networks and you can combine IPTalk and normal AppleTalk
networks in the same zone
Decide which UDP ports to use for IPTalk The default is to use ports beginning with 768 Thus
RTMP uses port 769 NBP port 770 and so on These are the original AppleTalk ports and their
numbers are hardcoded into older versions of CAP The only problem with using them is that they
the Internets Information Center has are not officially assigned by Network NIC which
assigned set of UDP ports beginning with 200 Thus other applications could use them
possibly causing conflictsalthough this is unlikely With CAP releases 5.0 and later you can
configure CAP to use the officially allocated ports If you do so RTMP will use port 201 NBP
must both and the router to use port 202 and so on Whichever ports you use you configure CAP
the same ones
Enable IPTalk on each inteiface of the router as required This is illustrated by the following
example
appletalk routing
interface ethernet
ip address 128.6.7.22 255.2552550 appletalk cable 17921792 1792.22 appletalk zone MIS-Development interface TunnelO
tunnel source EthernetO tunnel mode iptelk appletalk iptalk 14087 MISUNIX
the In this example AppleTalk routing is enabled on interface in the following two ways
Via EtherTalk phase using the cable range 17921792 and the zone MIS-Development
Via IPTalk using the network number 14087 and the zone MIS-UNIX
P2C-72 Network Protocols Configuration Guide Part IPTaIk Example
Note The IPTalk node identifier is chosen based automatically on the IP address It is normally
the host number portion of the IP address For example with an IP address of 128.67.22 and
subnet mask of 255255.255.0 the host number is 22 Thus the IPTalk node identifier would be
22 If the IP host number is larger than 255 the low-order bits are used although fewer than bits may be available depending on the IP subnet mask If the mask leaves fewer bits the node number will be quietly truncated Be sure to use node address that is compatible with the subnet mask In IPTalk with host any event you may experience problems when using numbers larger than 255
If you choose to use the official UDP ports those beginning with 200 include the following global configuration command in your configuration
appletalk iptalkbaseport 200
Configure each UNIX host with network number zone name and router
As an example the following are the contents of the /etc/atalklocal file from UNIX system with the IP address 128.6.7.26 and network mask of 255.255.255.0
IPTalk on net 128.6.7.0 mynet mynode myzone 55.7 26 MISUNIX bridgenet bridgenode bridgelP 55.7 22 128.6.7.22
The first noncommented line defines the address of the UNIX system and the second noncommented line defines the address of the router In both cases the first column is 55.7 which is the AppleTalk network number in CAP format for use by IPTa1k The second column is the AppleTalk node identifier which must be the same as the IP host number The third column on the first line is the zone name and on the second line it is the IP address of the router
Note the following about the entries in the /etc/atalk local file
The in AppleTalk network number the first column in both lines must agree with the
AppleTalk network number used in the appletalk iptalk command However in the
/erc/atalk local file the number must be in the CAP format while in the configuration
command it must be in the Apple format
The host number in the second column in both lines must agree with the IP host number of
the corresponding system That is on the first line it must be the IP host number of the
UNIX machine and on the second line it must be the IP host number for the router
The zone name in the third column on the first line must agree with the zone name used in
the appletalk iptalk command
The IP address in the third column of the second line must be the IP address of the router
Ensure that your CAP software is using the same UDP port numbers as the router Currently the
CAP default is the same as the router default which is port numbers beginning with 768 If you want to use this default you do not need to take any further action However if you want to use the official UDP port numbers port numbers beginning with 200 ensure that you have included the following command in your configuration
appletalk iptalk-baseport 200
Configuring AppleTalk P2C-73 AppleTalk Configuration Examples
10 On the UNIX system add the following lines to the /etc/services file
at-rtmp 201/udp at-nbp 202/udp at3 203/udp atecho 204/udp at5 205/udp atzis 206/udp at7 207/udp at-8 208/udp
If you are using Network Information Services NIS previously known as the Yellow Pages
remember to do make in /var/yp after changing let c/services If you are using the default ports do need /etc/services those starting with 768 you not to modify
AppleTalk Control Protocol Example
The following example illustrates how to set up router to accept AppleTalk client requests on
interface This example creates virtual network number and the AppleTalk zone Twiddledee
appletalk victual-net Twiddledee interface async encapsulation ppp appletalk client-mode
Proxy Network Number Example
Assume that your network topology looks like the one in Figure 14 Also assume that Router
in supports only nonextended AppleTalk that Router supports only extended AppleTalk not
transition mode and that Router supports only extended AppleTalk
Figure 14 Example Network Topology
Router Router Router
Cable/Range Cable/Range Cable/Range______Network 60 Cisco Phase Cusco Phase AppleTalk Zone Router Router Phase Router
Cisco Phase Cis Ph sŁ Router Router Router Router
Cable/Range 100-100 ______
If Router generates an NBP hookup request for Zone Router will convert this request to
forward request and send it to Router Since Router supports only nonextended AppleTalk it
does not handle the forward request and ignores it Hence the NBP lookup from Router fails
To work around this problem without putting transition router adjacent to the nonextended-only
router Router you could configure Router with an NBP proxy
P2C-74 Network Protocols Configuration Guide Part AppleTalk Enhanced IGRP Bandwidth Configuration Example
If you configured Router with an NBP proxy as follows any forward iquests received for Zone
are converted into lookup requests and therefore the nonextended router for Network 60 can
properly respond to NBP hookup requests generated beyond Router The following example
demonstrates the command needed to describe this configuration
appletalk proxy 60
AppleTalk Enhanced IGRP Bandwidth Configuration Example
The following example shows how to configure the bandwidth used by AppleTalk Enhanced IGRP
In this example Enhanced IGRP process is configured to use maximum of 25 percent or
32 kbps of 128 kbps circuit
interface serial bandwidth 128 appletalk eigrpbandwidth-percent 25
In the following example the bandwidth of 56 kbps circuit has been configured to be 20 kbps for
routing policy reasons EIGRP process is configured to use maximum of 200 percent or 40kbps
of the circuit
interface serial- bandwidth 20 appletalk eigrpbandwidth-percent 200
AppleTalk Interenterprise Routing Example
The following example configures AppleTalk interenterprise routing It configures domain which
is named France and places Ethernet interface into this domain
appletalk domain name France appletalk domain remaprange in 10000-19999 appletalk domain remap-range out 200-299 appletalk domain hop-reduction
interface ethernet
no ip address no keepalive appletalk cable-range 300-300 300.6 appletalk zone Europe appletalk protocol eigrp appletalk domaingroup
AppleTalk over DDR Example
The following example describes how to configure AppleTalk to run over DDR interface as
illustrated in Figure 15 When configuring AppleTalk over DDR you must specify DDR on the interface on which the static neighbor resides before you specify the static route itself Also the Cisco lOS software must know the network address of the static neighbor before you specify the
static route Otherwise the software will not know to which interface the static neighbor is
connected To open an AppleTalk DDR link there must be at least one AppleTalk access list bound
to dialer group
Configuring AppleTalk P2C-75 AppleTalk Configuration Examples
Figure 15 AppleTalk over DDR Configuration
Appleshare Mantosh server ______11 ___DDRZoneRemoteRouter SO
Cable Range 1-1 Cable Range 100-110
To configure AppleTalk over DDR complete the followinf steps on Router
Step Configure an access list and dialer group
access-list 601 permit cable 100110 dialerlist list 601
Step Configure the serial interface
interface serial dialer in-band dialer string 1234 appletalk cable 1-1 1.1 appletalk zone DDR dialer-group apple distribute-list 601 in
Step Create the static route
appletalk static cable 100-110 to 1.2 zone Remote
Step Open the Chooser on the Macintosh
Select service and in Step any AppleTalk such as AppleShare LaserWriter so on zone
Remote This causes Router to dial up Router to open DDR link between them
Step Select an AppleTalk file server in the zone Remote After some time AppleTalk services
Select the that need appear in zone Remote one you
Step Close the Chooser
Step Open the AppleTalk session to the remote service
Step After the AppleTalk session is finished close the connection to the remote service The
DDR link should go down after the DDR idle time has elapsed
Instead of creating static route in Step you can create floating static route The following
example adds floating static route to cable-range 10-11 in the Eng zone with AppleTalk address
6.5 as the next-hop router
appletalk static cable-range 10-11 to 6.5 floating zone Eng
P2C-76 Network Protocols Configuration Guide Part AppleTalk Control Protocol for PPP Example
AppleTalk Control Protocol for PPP Example
The illustrates the following example steps required to set up your router to accept AppleTalk client
requests on interfaces and using the virtual network number and the AppleTalk zone Twiddledee
Router enable Router config terminal Routerconfig appletalk virtual-net Twiddledee Routerconfig interface async Router config-int encapsulation ppp Router configint appletalk client-mode Routerconfig-nt interface async Router config-int encapsulation ppp Router conf ig-int appletalk client-mode
Configuring AppleTalk P2C-77 AppleTalk Configuration Examples
P2C-78 Network Protocols Configuration Guide Part Configuring Novell PX
This chapter describes how to configure Novell Internet Packet Exchange IPX and provides
configuration examples For complete description of the IPX commands in this chapter refer to the
Novell IPX Commands chapter in the Network Pmtocols Command Reference Part To locate
documentation of other commands that appear in this chapter use the command reference master
index or search online
PX Addresses
An IPX network address consists of network number and node number expressed in the format network.node
Network Numbers
The network number identifies physical network It is 4-byte 32-bit quantity that must be unique
throughout the entire IPX internetwork The network number is expressed as hexadecimal digits
The maximum number of digits allowed is eight
The Cisco lOS software does not require that you enter all eight digits you can omit leading zeros
Node Numbers
The node number identifies node on the network It is 48-bit quantity represented by dotted
triplets of four-digit hexadecimal numbers
If you do not specify node number for router to be used on WAN links the Cisco lOS software uses the hardware Media Access Control address MAC currently assigned to it as its node address This is the MAC address of the first Ethernet Token Ring or FDDI interface card If there are no
valid IEEE interfaces then the Cisco lOS software randomly assigns node number using number
that is based on the system clock
IPX Address Example
The following is an example of an IPX network address
4a 0000 OcOO 23fe
In this example the network number is 4a more specifically it is 0000004a and the node number
is 0000.UcOO.23fe All digits in the address are hexadecimal
Configuring Novell IPX P2C-79 IPX Configuration Task List
PX Configuraton Task Ust
in To configure IPX routing complete the tasks the following sections At minimum you must
enable IPX routing The remaining tasks are optional
Enable IPX Routing
Configure IPX Enhanced IGRP
Configure NLSP
Configure Next Hop Resolution Protocol
Configure IPX and SPX over WANs
Control Access to IPX Networks
Tune IPX Network Performance
Shut Down an IPX Network
Configure IPX Accounting
Monitor and Maintain the IPX Network
See the Novell IPX Configuration Examples section at the end of this chapter for configuration examples
EnabDe PX Routing
You enable IPX routing by first enabling it on the router and then configuring it on each interface
Optionally you can route IPX on some interfaces and transparently bridge it on other interfaces You can also route IPX traffic between routed interfaces and bridge groups or route IPX traffic between bridge groups
IPX Default Routes
In IPX default route is the network where all packets for which the route to the destination address
is unknown are forwarded
Original RIP implementations allowed the use of network -2 OxFFFFFFFE as regular network
number in network With the inception of NLSP network -2 is reserved as the default route for
NLSP and RIP Both NLSP and RIP routers should treat network -2 as default route Therefore
you should implement network -2 as the default route regardless of whether you configure NLSP in
your IPX network
Cisco lOS software network -2 the default By default treats as route You should ensure that your
IPX network does not use network -2 as regular network If for some reason you must use network -2 as regular network you can disable the default behavior To do so see the Adjust
Default Routes section in this chapter
For more background information on how to handle IPX default routes refer to Novells NetWare
Link Services Protocol NLSP Specification Revision 1.1
P2C-80 Network Protocols Configuration Guide Part Enable IPX Routing Task List
Enable IPX Routing Task List
the tasks in the sections to enable IPX Complete following routing The first two tasks are required
the rest are optional
Enable IPX Routing
Assign Network Numbers to Individual Interfaces
Enable Concurrent Routing and Bridging
Configure Integrated Routing and Bridging
Enable IPX Routing
The first step in enabling IPX routing is to enable it on the router If you do not specify the node
number of the router to be used on WAN links the Cisco lOS software uses the hardware Media
Access Control address to it its node address MAC currently assigned as This is the MAC address
of the first Ethernet Token Ring or FDDI interface card If there are no valid IEEE interfaces then
the Cisco lOS software randomly assigns node number using number that is based on the system clock
To enable IPX routing use the following global configuration command
Command Purpose
ipx routing Enable IPX routing
For an example of how to enable IPX routing see the IPX Routing Examples section at the end of
this chapter
Caution If you plan to use DECnet and IPX routing concurrently on the same interface you should enable DECnet routing first then enable IPX routing without specifying the optional MAC node number If you enable IPX before enabling DECnet routing routing for IPX will be disrupted because DECnet forces change in the MAC-level node number
Assign Network Numbers to Individual Interfaces
After you have enabled IPX routing you assign network numbers to individual interfaces This
enables IPX routing on those interfaces
You enable IPX routing on interfaces that support single network or on those that support multiple networks
When you enable IPX routing on an interface you can also specify an encapsulation frame type to
use for packets being transmitted on that network Table lists the encapsulation types you can use
on IEEE interfaces and shows the correspondence between Cisco naming conventions and Novell
naming conventions for the encapsulation types
Table Cisco and Novell IPX Encapsulation Names on IEEE Interfaces
Interface Type Cisco Name Novell Name
Ethernet novell-ether Cisco lOS default Ethernet_802.3
arpa Ethernet_TI
sap Ethernet_802.2
snap Ethernet_Snap
Configuring Novell IPX P2C81 Enable IPX Routing
Table Cisco and Novell IPX Encapsulation Names on IEEE Interfaces continued
Interface Type Cisco Name Novell Name
Token Ring sap Cisco lOS default Token-Ring
snap Token-Ring_Snap
FDDI snap Cisco lOS default Fddi_Snap
sap Fddi_802.2
novell-fddi Fddi_Raw
Assign Network Numbers to Individual Interfaces Task List
The following sections describe how to enable IPX routing on interfaces that support single
network and on those that support multiple networks You must perform one of the tasks to enable
IPX routing on an interface
Assign Network Numbers to Interfaces That Support Single Network
Assign Network Numbers to Interfaces That Support Multiple Networks
Assign Network Numbers to Interfaces That Support Single Network
single interface can support single network or multiple logical networks For single network
you can configure any encapsulation type Of course it should match the encapsulation type of the
servers and clients using that network number
To assign network number to an interface that supports single network use the following
interface configuration command
Command Purpose
ipx network network Enable IPX routing on an interface
encapsulation-lype
If you specify an encapsulation type be sure to choose the one that matches the one used by the servers and clients on that network Refer to Table foi list of encapsulation types you can use on IEEE interfaces
For an example of how to enable IPX routing see the IPX Routing Examples section at the end of
this chapter
Assign Network Numbers to Interfaces That Support Multiple Networks
numbers interface that When assigning network to an supports multiple networks you must specify
different encapsulation type for each network Because multiple networks share the physical
medium this allows the Cisco lOS software to identify the packets that belong to each network For IPX example you can configure up to four networks on single Ethernet cable because four Ethernet the encapsulation types are supported for Again the encapsulation type should match
servers and clients using the same network number Refer to Table for list of encapsulation types
you can use on IEEE interfaces
networks You There are two ways to assign network numbers to interfaces that support multiple can
use subinterfaces or primary and secondary networks
P2C-82 Network Protocols Configuration Guide Part Assign Network Numbers to Individual Interfaces
Subinterfaces
You subinterfaces typically use to assign network numbers to inteifaces that support multiple networks
is mechanism that subinteiface allows single physical interface to support multiple logical
interfaces or networks That is several logical interfaces or networks can be associated with single hardware interface Each subinterface must use distinct encapsulation and the encapsulation must
match that of the clients and servers using the same network number
Note When and enabling NLSP configuring multiple encapsulations on the same physical LAN
interface you must use subinterfaces You cannot use secondary networks
interface that Any configuration parameters you specify on an individual subinterface are applied to that subinterface only
To networks configure multiple IPX on physical interface using subinterfaces use the following
commands starting in global configuration mode
Step Command Purpose
interface type nunbeisubinteiface-nwnber Specify subinterface
ipx network network Enable IPX routing specifying the first
encapsulation-typei encapsulation type
To configure more than one subinterface repeat these two steps Refer to Table for list of
encapsulation types you can use on IEEE interfaces
For examples of configuring multiple IPX networks on an interface see the IPX Routing on
Multiple Networks Examples section at the end of this chapter
Primary and Secondary Networks
network numbers interfaces that When assigning to support multiple networks you can also configure primary and secondary networks
Note In future Cisco lOS software releases primary and secondary networks will not be supported
The first logical network you configure on an interface is considered the primary network Any additional networks are considered secondary networks Again each network on an interface must use distinct encapsulation and it should match that of the clients and servers using the same network number
Any interface configuration parameters that you specify on this interface are applied to all the logical networks For example if you set the routing update timer to 120 seconds this value is used on all four networks
Configuring Novell IPX P2C-83 Configure IPX Enhanced IGRP
To use primary and secondary networks to configure multiple IPX networks on an interface use the
following commands in interface configuration mode
Step Command Purpose
ipx network network Enable IPX routing on the primary network encapsulation-type
ipx network network Enable IPX routing on secondary network
encapsulation-type
To configure more than one secondary network repeat as appropriate Refer to Table for list of
encapsulation types you can use on IEEE interfaces
Note When and enabling NLSP configuring multiple encapsulations on the same physical LAN
interface you must use subinterfaces You cannot use secondaiy networks
Enable Concurrent Routing and Bridging
You interfaces can route IPX on some and transparently bridge it on other interfaces simultaneously To do enable this you must concurrent routing and bridging To enable concurrent routing and
bridging use the following command in global configuration mode
Command Purpose
crb bridge Enable concurrent routing and bridging
Configure Integrated Routing and Bridging
Integrated routing and bridging IRB enables user to route IPX traffic between routed interfaces
and bridge groups or route IPX traffic between bridge groups Specifically local or unroutable
traffic is the interfaces in the bridged among bridged same bridge group Routable traffic is routed to other routed interfaces or bridge groups Using IRB you can do the following
Switch packets from bridged interface to routed interface
Switch packets from routed interface to bridged interface
Switch packets within the same bridge group
For more information about configuring integrated routing and bridging refer to the Configuring
in the and Transparent Bridging chapter Bridging IBM Networking Configuration Guide
Configure PX Enhanced GRP
Enhanced IGRP is an enhanced version of the Interior Gateway Routing Protocol IGRP developed Cisco Inc Enhanced IGRP the by Systems uses same distance vector algorithm and distance
information as IGRP the However convergence properties and the operating efficiency of Enhanced
IGRP have improved significantly over IGRP
The convergence technology is based on research conducted at SRI International and employs an
referred to the algorithm as Diffusing Update Algorithm DUAL This algorithm guarantees loop-free operation at every instant throughout route computation and allows all routers involved
P2C-84 Network Protocols Configuration Guide Part Enhanced IGRP Features
in topology change to synchronize at the same time Routers that are not affected by topology
not involved in The time with rivals that of changes are recomputations convergence DUAL any
other existing routing protocol
Enhanced IGRP Features
Enhanced IGRP offers the following features
Fast allows information convergenceThe DUAL algorithm routing to converge as quickly as
any currently available routing protocol
Partial updatesEnhanced IGRP sends incremental updates when the state of destination
changes instead of sending the entire contents of the routing table This feature minimizes the
bandwidth required for Enhanced IGRP packets
because full Less CPU usage than IGRPThis occurs update packets do not have to be processed
each time they are received
Neighbor discovery mechanismThis is simple hello mechanism used to learn about
neighboring routers It is protocol-independent
ScalingEnhanced IGRP scales to large networks
Enhanced IGRP Components
Enhanced IGRP has four basic components discussed in the following sections
Neighbor Discovery/Recovery
Reliable Transport Protocol
DUAL Finite-State Machine
Protocol-Dependent Modules
Neighbor Discovery/Recovery
Neighbor discovery/recovery is the process that routers use to dynamically learn of other routers on
their directly attached networks Routers must also discover when their neighbors become
unreachable or inoperative Neighbor discovery/recovery is achieved with low overhead by
periodically sending small hello packets As long as hello packets are received router can
determine that neighbor is alive and functioning Once this status is determined the neighboring
devices can exchange routing information
Reliable Transport Protocol
The reliable transport protocol is responsible for guaranteed ordered delivery of Enhanced IGRP
packets to all neighbors It supports intermixed transmission of multicast and unicast packets Some
Enhanced IGRP packets must be transmitted reliably and others need not be For efficiency
reliability is provided only when necessary For example on multiaccess network that has multicast
capabilities such as Ethernet it is not necessary to send hellos reliably to all neighbors individually
Therefore Enhanced IGRP sends single multicast hello with an indication in the packet informing
the receivers that the packet need not be acknowledged Other types of packets such as updates
require acknowledgment and this is indicated in the packet The reliable transport has provision
to send multicast packets quickly when there are unacknowledged packets pending Doing so helps
ensure that convergence time remains low in the presence of varying speed links
Configuring Novell IPX P2C-85 Configure IPX Enhanced IGRP
DUAL Finite-State Machine
The DUAL finite-state machine embodies the decision process for all route computations It tracks
all routes advertised by all neighbors DUAL uses the distance information known as metric to
select efficient loop-free paths DUAL selects routes to be inserted into routing table based on
feasible successors successor is neighboring router used for packet forwarding that has
least-cost path to destination that is guaranteed not to be part of routing ioop When there are no
feasible successors but there are neighbors advertising the destination recomputation must occur
This is the process whereby new successor is determined The amount of time it takes to recompute
the route affects the convergence time Recomputation is processor-intensive It is advantageous to
avoid recomputation if it is not necessary When topology change occurs DUAL will test for there feasible feasible successors If are successors it will use any it finds in order to avoid
unnecessary recomputation
Protocol-Dependent Modules
The protocol-dependent modules are responsible for network layer protocol-specific tasks They are
also responsible for parsing Enhanced IGRP packets and informing DUAL of the new information
received Enhanced IGRP asks DUAL to make routing decisions but the results are stored in the IPX
routing table Also Enhanced IGRP is responsible for redistributing routes learned by other IPX
routing protocols
Configure IPX Enhanced IGRP Task List
To enable IPX Enhanced IGRP complete the tasks in the following sections Only the first task is
required the remaining tasks are optional
Enable IPX Enhanced IGRP
Customize Link Characteristics
Customize the Exchange of Routing and Service Information
Query the Backup Server
Enable IPX Enhanced IGRP
To create an IPX Enhanced IGRP routing process use the following commands
Step Command Purpose
ipx router eigrp aufonomous-systein-nwnber Enable an Enhanced IGRP routing process in
global configuration mode
network neiwork-nunbe all Enable Enhanced IGRP on network in IPX
router configuration mode
with Enhanced IGRP To associate multiple networks an routing process you can repeat the
preceding two steps
For an example of how to enable Enhanced IGRP see the IPX Enhanced IGRP Example section
at the end of this chapter
P2C-86 Network Protocols Configuration Guide Part Customize Link Characteristics
Customize Link Characteristics
You might want to customize the Enhanced IGRP link characteristics The following sections describe these customization tasks
Configure the Percentage of Link Bandwidth Used by Enhanced IGRP
Configure Maximum Hop Count
Adjust the Interval Between Hello Packets and the Hold Time
Configure the Percentage of Link Bandwidth Used by Enhanced IGRP
By default Enhanced IGRP packets consume maximum of 50 percent of the link bandwidth as
configured with the bandwidth interface subcornrnand If different value is desired use the ipx
bandwidth-percent command This command may be useful if different level of link utilization
is required or if the configured bandwidth does not match the actual link bandwidth it may have been configured to influence route metric calculations
To configure the percentage of bandwidth that may be used by Enhanced IGRP on an interface use
the following command in interface configuration mode
Command Purpose
ipx bandwidth-percent eigrp as-iiuniberpercem Configure the percentage of bandwidth that may be used by Enhanced IGRP on an interface
For an example of how to configure the percentage of Enhanced IGRP bandwidth see the IPX
Enhanced IGRP Bandwidth Configuration Example section at the end of this chapter
Configure Maximum Hop Count
Note While adjusting the maximum hop count is possible it is not recommended for Enhanced IGRP We recommend that you use the default value for the maximum hop count of Enhanced IGRP
IPX whose exceeds 15 By default packets hop count are discarded In larger internetworks this may
be insufficient You can increase the hop count to maximum of 254 hops for Enhanced IGRP To
modify the maximum hop count use the following command in global configuration mode
Command Purpose
ipx maximum-hops hop Set the maximum hop count accepted from RIP update packets
Adjust the Interval Between Hello Packets and the Hold Time
You can adjust the interval between hello packets and the hold time
Routers periodically send hello packets to each other to dynamically learn of other devices on their
directly attached networks Routers use this information to discovei who their neighbors are and to
discover when their neighbors become unreachable or inoperative
Configuring Novell IPX P2C-87 Configure IPX Enhanced IGRP
By default hello packets are sent every seconds The exception is on low-speed nonbroadcast
multiaccess NBMA media where the default hello interval is 60 seconds Low speed is considered
to be rate of Ti or slower as specified with the bandwidth interface configuration command The
default hello interval remains seconds for high-speed NBMA networks
of Enhanced and be Note For the purposes IGRP Frame Relay SMDS networks may or may not considered to be NBMA These networks are considered NBMA if the interface has not been
configured to use physical multicasting otherwise they are considered not to be NBMA
You can configure the hold time on specified interface for particular Enhanced IGRP routing
process designated by the autonomous system number The hold time is advertised in hello packets
and indicates to neighbors the length of time they should consider the sender valid The default hold
time is times the hello interval 01 15 seconds
To change the interval between hello packets use the following command in inteiface configuration mode
Command Purpose
ipx hello-interval eigrp Set the interval between hello packets
autonoinoussysteinnunbei seconds
On very congested and large networks 15 seconds may not be sufficient time for all routers to
receive hello packets from their neighbors In this case you may want to increase the hold time To
do this use the following command in interface configuration mode
Command Purpose
ipx hold-time eigrp antononous-systen-nuinber Set the hold time seconds
Note Do not adjust the hold time without consulting with Cisco technical support
Customize the Exchange of Routing and Service Information
You might want to customize the exchange of routing and service information The following sections describe these customization tasks
Redistribute Routing Information
Disable Split Horizon
Control the Advertising of Routes in Routing Updates
Control the Processing of Routing Updates
Control SAP Updates
Control the Advertising of Services in SAP Updates
Control the Processing of SAP Updates
P2C-88 Network Protocols Configuration Guide Part Customize the Exchange of Routing and Service Information
Redistribute Routing Information
By default the Cisco lOS software redistributes IPX RIP routes into Enhanced IGRP and vice versa
To disable route the redistribution use following command in IPX router configuration mode
Command Purpose
no redistribute rip Disable redistribution of RIP routes into Enhanced
eigrp autonomous-system-number connected IGRP and Enhanced IGRP routes into RIP
static
The Cisco lOS software does not automatically redistribute NLSP routes into Enhanced IGRP routes and vice versa You must configure this type of redistribution To do so use the following commands
starting in global configuration mode
Step Command Purpose
router ipx eigrp autonomous-system-number From global configuration mode enable Enhanced IGRP
redistribute IPX-router nlsp From configuration mode enable redistribution of NLSP into Enhanced IGRP
ipx router nlsp Enable NLSP
redistribute eigrp autonomous-system-number From IPX-routei configuration mode enable
redistribution of Enhanced IGRP into NLSP
For an example of how to enable redistribution of Enhanced IGRP and NLSP see the Enhanced
1GRP and NLSP Route Redistribution Example section at the end of this chapter
Disable Split Horizon
horizon controls the of Enhanced Split sending IGRP update and query packets If split horizon is enabled on an these interface packets are not sent for destinations if this interface is the next hop to
that destination
By default split horizon is enabled on all interfaces
Split horizon blocks information about routes from being advertised by the Cisco lOS software out
interface from which that information any originated This behavior usually optimizes communication among multiple routers particularly when links are broken However with nonbroadcast networks such as Frame Relay and SMDS situations can arise for which this
behavior is less than ideal these For situations you can disable split horizon
To disable the split horizon use following command in interface configuration mode
Command Purpose
no umber ipx split-horizon eigrp autonomous-system-n Disable split horizon
Note Split horizon cannot be disabled for RIP oi SAP only for Enhanced IGRP
Configuring Novell IPX P2C-89 Configure IPX Enhanced IGRP
Control the Advertising of Routes in Routing Updates
To control which devices learn about routes you can control the advertising of routes in routing
updates To do this use the following command in router configuration mode
Command Purpose
distribute-list access-list-niunber out Control the advertising of routes in rooting
routing-pmcess updates
Control the Processing of Routing Updates
To control the processing of routes listed in incoming updates use the following command in router
configuration mode
Command Purpose
distributelist access-list-number in Control which incoming route updates are
processed
Control SAP Updates
found Cisco If IPX Enhanced IGRP peers are on an interface you can configure the lOS software to
send SAP updates either periodically or when change occurs in the SAP table When no IPX
Enhanced IGRP peer is present on the interface periodic SAPs are always sent
On serial lines by default if an Enhanced IGRP neighbor is present the Cisco lOS software sends
SAP updates only when the SAP table changes On Ethernet Token Ring and FDDI interfaces by
default the software sends SAP updates periodically To reduce the amount of bandwidth required
to send SAP updates you might want to disable the periodic sending of SAP updates on LAN
interfaces Do this only when all nodes out this interface are Enhanced IGRP peers otherwise loss
of SAP information on the other nodes will result
To send SAP updates only when change occurs in the SAP table and to send only the SAP changes
use the following command in interface configuration mode
Command Purpose
ipx sap-incremental eigrp Send SAP updates only when change in the SAP
autoiwinous-systeoi-niunbeirsup-only table occurs and send only the SAP changes
When you enable incremental SAP using the ipx sap-incremental eigrp rsup-only command
Cisco 105 software disables the exchange of route information via Enhanced IGRP for that interface
To send periodic SAP updates use the following command in interface configuration mode
Command Purpose
no ipx sap-incremental eigrp Send SAP updates periodically autononousssteonuniber
For an example of how to configure SAP updates see the Enhanced IGRP SAP Update Examples
section at the end of this chapter
P2C-90 Network Protocols Configuration Guide Part Query the Backup Server
To disable split horizon for incremental use the SAP following command in interface configuration mode
Command Purpose
no ipx sap-incremental split-horizon Disable split horizon for SAP
Note IPX incremental SAP horizon is off for split WAN interfaces and subinterfaces and on for LAN interfaces The default off The global stays interface setting takes precedence if interface is setting modified or when both the global and interface settings are unmodified The global setting is used only when the is modified global setting and the interface setting is unmodified
the Control Advertising of Services in SAP Updates
To control which devices learn about services you can control the adveitising of these services in SAP updates To do this use the following command in router configuration mode
Command Purpose
distribute-sap-list access-list-n umber out Control the advertising of services in SAP
routing-process updates
For configuration of example controlling the advertisement of SAP updates see the Advertisement and Processing of SAP Update Examples section at the end of this chapter
Control the Processing of SAP Updates To control the processing of routes listed in incoming updates use the following command in router configuration mode
Command Purpose
distribute-sap-list access-list-n umber in Control which incoming SAP updates are processed
For configuration of example controlling the processing of SAP updates see the Advertisement and Processing of SAP section Update Examples at the end of this chapter
Query the Backup Server
The backup server table is table for each kept Enhanced IGRP peer It lists the IPX servers that have been advertised by that If server is removed from the main peer server table at any time and for any reason the Cisco lOS software examines the backup server table to see if this just-removed server is known of the by any Enhanced IGRP If it the information peers is from that peer is advertised back into the main server table if just as that peer had readvertised the server information
to this router Using this method to allow the router to keep the backup server table consistent with what is advertised each by peel means that only changes to the table must be advertised between
Enhanced IGRP full routers periodic updates do not need to be sent
Configuring Novell IPX P2C-91 Configure NLSP
By default the Cisco lOS software queries its own copy of each Enhanced IGRP neighbors backup
60 seconds To this the command in server table every change interval use following global
configuration mode
Command Purpose
of time between ipx baekup-server-query4nterval interval Specify the minimum period
successive queries of neighbors backup server
table
Configure NLSP
The NetWare Link Services Protocol NLSP is link-state routing protocol based on the Open
System Interconnection OSI Intermediate System to Intermediate System IS-IS protocol
NLSP is designed to be used in hierarchical routing environment in which networked systems are
into and domains grouped into routing areas Routing areas can then be grouped routing domains
can be grouped into an internetwork
Understand Level and Routers
Level routers connect networked systems within given routing area Areas are connected to each
other by Level routers and domains are connected by Level routers Level router also acts within as Level router within its own area likewise Level router also acts as Level router
its own domain
The router at each level of the topology stores complete information for its level For instance
Level routers store complete link-state information about their entire area This information
includes record of all the routers in the area the links connecting them the operational status of
the devices and their links and other related parameters For each point-to-point link the database
records the end-point devices and the state of the link For each LAN the database records which
routers are connected to the LAN Similarly Level routers would store information about all the
areas in the routing domain and Level routers would store information about all the domains in the internetwork
Although NLSP is designed for hierarchical routing environments containing Level and
routers only Level routing with area route aggregation and route redistribution has been defined
in specification
Understand NLSP Databases
NLSP is link-state protocol This means that every iouter in routing area maintains an identical
copy of the link-state database which contains all information about the topology of the area All
routers synchronize their views of the databases among themselves to keep their copies of the
link-state databases consistent NLSP has the following three major databases
AdjacencyKeeps track of the routers immediate neighbors and the operational status of the
directly attached links by exchanging hello packets Adjacencies are created upon receipt of
periodic hello packets If link or router goes down adjacencies time out and are deleted from
the database
Link stateTracks the connectivity of an entire routing area by aggregating the inunediate
neighborhood information from all routers into link-state packets LSPs LSPs contain lists of
adjacencies They are flooded to all other devices via reliable flooding algorithm every time
P2C-92 Network Protocols Configuration Guide Part Cisco Support of NLSP
link state changes LSPs are refreshed eveiy two hours To keep the size of the link-state database
reasonable NLSP uses fictitious pseudonodes which represent the LAN as whole and
designated routers which originate LSPs on behalf of the pseudonode
ForwardingCalculated from the adjacency and link state databases using Dijkstras shortest
path first SPF algorithm
Cisco Support of NLSP
Ciscos implementation of NLSP supports the Novell NLSP specification version 1.1 Our
implementation of NLSP also includes read-only NLSP MIB variables
Configure NLSP Task List
To must have IPX configure NLSP you configured routing on your router as described previously
in this chapter Then you must perform the tasks described in the following sections
Define an Internal Network
Enable NLSP Routing
Configure NLSP on an Interface
You can optionally perform the tasks described in the following sections
Customize Link Characteristics
Configure Route Aggregation
Customize the Exchange of Routing Information
For an example of enabling NLSP see the IPX Routing Protocols Examples section at the end of
this chapter
Define an Internal Network
An internal network number is an IPX network number assigned to the router For NLSP to operate
you must configure an internal network number for each device
To enable IPX routing and to define an internal network number use the following commands in
global configuration mode
Step Command Purpose
ipx routing Enable IPX routing
ipx internalnetwork netitork-nunber Define an internal network number
Enable NLSP Routing
To enable NLSP use the following commands starting in global configuration mode
Step Command Purpose
ipx router nlsp Enable NLSP
area-address address mask Define set of network numbers to be part of the
current NLSP area
Configuring Novell IPX P2C-93 Configure NLSP
Configure NLSP on an Interface
sections You configure NLSP differently on LAN and WAN interfaces as described in the following
Configure NLSP on LAN interface
Configure NLSP on WAN interface
Configure NLSP on LAN Interface
To configure NLSP on LAN interface use the following commands in interface configuration mode
Step Command Purpose
ipx network network Enable IPX routing on an interface
encapsulation-type
ipx nlsp enable Enable NLSP on the interface
To configure multiple encapsulations on the same physical LAN interfaces you must configure
subinterfaces Each subinterface must have different encapsulation type To do this use the
following commands starting in global configuration mode
Step Command Purpose
interface type nuinbensubinteface-nunber Specify subinterface
ipx network network Enable IPX routing specifying the first
encapsulation-type encapsulation type
ipx nlsp enable Enable NLSP on the subinterface
Repeat these three steps for each subinterface
Note When enabling NLSP and configuring multiple encapsulations on the same physical LAN
interface you must use subinterfaces You cannot use secondary networks
Configure NLSP on WAN Interface
To configure NLSP on WAN interface use the following commands starting in global
configuration mode
Step Command Purpose
interface serial number Specify serial interface
ipx ipxwan unnumbered Enable IPXWAN
local-server-name retiy-interval retiylinitj
ipx nlsp enable Enable NLSP on the interface
P2C-94 Network Protocols Configuration Guide Part Customize Link Characteristics
Customize Link Characteristics
You might want to customize the NLSP link characteristics The following sections describe these customization tasks
Enable NLSP Multicast Addressing
Configure the Metric Value
Configure the Link Delay and Throughput
Configure the Maximum Hop Count
Specify Designated Router
Configure Transmission and Retransmission Intervals
Modify Link-State Packet Parameters
Limit Partial Route Calculations
Enable NLSP Multicast Addressing
Cisco lOS the of supports use NLSP multicast addressing for Ethernet Token Ring and FDDI router
interfaces This is capability oniy possible when the underlying Cisco hardware device or driver
supports multicast addressing
With this the feature router defaults to using multicasts on Ethernet Token Ring and FDDI
interfaces instead of to address all NLSP broadcasts routers on the network If an adjacent neighbor does not support NLSP multicasting the router will revert to using broadcasts on the affected interface
This feature is only available on routers running Cisco lOS Release 11.3 or later software When routers versions of Cisco lOS software running prior are present on the same network with routers
Cisco lOS Release 11.3 broadcasts will running software be used on any segment shared by the two routers
Benefits of NLSP Multicast Addressing The NLSP multicast addressing offers the following benefits
Increases overall efficiency and performance by reducing broadcast traffic
Reduces devices that CPU cycles on use NLSP multicast addressing
Increases Ciscos level of compliance with the Novell NLSP specification version 1.1
Enable NLSP Multicast Addressing Task List
The sections describe following configuration tasks associated with the NLSP multicast addressing
Enable NLSP Multicast Addressing
Disable NLSP Multicast Addressing
Enable NLSP Multicast Addressing
NLSP multicast By default addressing is enabled You do not need to configure anything to turn on
NLSP multicasting
Configuring Novell IPX P2C-95 Configure NLSP
Disable NLSP Multicast Addressing
Typically you do not want to substitute broadcast addressing where NLSP multicast addressing is
available NLSP multicast addressing uses network bandwidth more efficiently than broadcast
addressing However there are circumstances where you might want to disable NLSP multicast
addressing
For want to disable multicast in favor of broadcast example you might NLSP addressing addressing
when one or more devices on segment do not support NLSP multicast addressing You might also
want to disable it for testing purposes
If you want to disable NLSP multicast addressing you can do so for the entire router or for
particular interface
To disable multicast addressing for the entire router use the following commands in IPX-router
configuration mode
Step Command Purpose
ipx router iilsp Enter NLSP router configuration mode
no multicast Disable NLSP multicast addressing on the router
To disable multicast addressing on particular router interface use the following command in
interface configuration mode
Command Purpose
no ipx nlsp multicast Disable multicast addressing on the interface
For examples of how to disable NLSP multicast addressing see the NLSP Multicast Addressing
Examples section at the end of this chapter
Configure the Metric Value
NLSP assigns default link cost metric based on the link throughput If desired you can set the link cost manually
Typically you do not need to set the link cost manually however there are some cases where you might want to For example in highly redundant networks you might want to favor one route over
another for certain kinds of traffic As another example you might want to ensure load sharing
Changing the metric value can help achieve these design goals
To set the NLSP link cost for an interface use the following command in interface configuration mode
Command Purpose
ipx nlsp metric metric-n umber Set the metric value for an interface
Configure the Link Delay and Throughput
of each link used of its calculations The delay and throughput are by NLSP as part route By default
these parameters are set to appropriate values or in the case of IPXWAN are dynamically measured
Typically you do not need to change the link delay and throughput however there are some cases where you might want to change these parameters For example in highly redundant networks you
another for certain kinds of traffic do might want to favor one route over To this you would change
the metric on the less-desirable path to be slightly worse by assigning it higher metric value using
P2C-96 Network Protocols Configuration Guide Part Customize Link Characteristics
the command This forces ipx-link-delay the traffic to route over the favorable path As another example you might want to ensure load sharing To load share you would ensure that the metrics on the equal paths are the same
The link and delay throughput you specify replaces the default value or overrides the value measured
when it by IPXWAN starts The value is also supplied to NLSP for use in metric calculations
To change the link use the command in delay following interface configuration mode
Command Purpose
ipx microseconds link-delay Specify the link delay
To the use the change throughput following command in interface configuration mode
Command Purpose
hi ipx throughput is-per-second Specify the throughput
Configure the Maximum Hop Count
By default IPX packets whose count exceeds 15 discarded hop are In larger internetworks this may be insufficient You increase the can hop count to maximum of 127 hops for NLSP
For example if have network with end nodes you separated by more than 15 hops you can set the maximum hop count to value between 16 and 127
To modify the maximum use the hop count following command in global configuration mode
Command Purpose
ipx maximum-hops hop Set the maximum hop count accepted from RIP update packets
Specify Designated Router
Note In the context of this the discussion term designated router can refer to an access server or router
NLSP elects designated router on each interface The LAN designated router represents all routers that are connected to the same LAN segment It creates virtual router called apseudonode which
generates routing information on behalf of the and LAN transmits it to the remainder of the routing area The iiiformation routing generated includes adjacencies and RIP routes The use of router designated significantly reduces the number of entries in the LSP database
By default router is done electing designated automatically However you can manually affect the
identity of the router the designated by changing priority of the system the system with the highest priority is elected to be the designated router
By default the of the is 44 To priority system change it use the following command in interface configuration mode
Command Purpose
ipxnlsp priority the priority-number Configure designated router election priority
Configuring Novell IPX P2C-97 Configure NLSP
Configure Transmission and Retransmission Intervals
transmission interval and time the You can coafigure the hello holding multiplier complete sequence number PDU CSNP transmission interval the LSP transmission interval and the LSP retransmission interval
The hello transmission interval and holding time multiplier used together determine how long
link failure before neighboring system should wait after or system the holding time declaring
time is the hello transmission interval this system to be unreachable The holding equal to multiplied
by the holding time multiplier
the command in interface To configure the hello transmission interval on an interface use following
configuration mode
Command Purpose
ipx nlsp hello-interval seconds Configure the hello transmission interval
command in interface To specify the holding time multiplier used on an interface use the following
configuration mode
Command Purpose
ipx nlsp hello-multiplier multiplier Configure the hello multiplier
do Although not typically necessary you can configure the CSNP transmission interval To so use
the following command in interface configuration mode
Command Purpose
ipx nlsp csnp-interval seconds Configure the CSNP transmission interval
You can specify how fast LSPs can be flooded out an interface by configuring the LSP transmission
interval To configure the LSP transmission interval use the following command in interface
configuration mode
Command Purpose
ipx nlsp lsp-interval interval Configure the LSP transmission interval
You can set the maximum amount of time that can pass before an LSP will be retransmitted on
WAN link when no acknowledgment is received To configure this LSP retransmission interval use
the following command in interface configuration mode
Command Purpose
ipx nlsp retransmit-interval seconds Configure the LSP retransmission interval
Modify Link-State Packet Parameters
To modify link-state packet LSP parameters use one or more of the following commands in router
configuration mode
Command Purpose
lsp-gen-interval seconds Set the minimum LSP generation interval
max-Isp-lifetime value Set the maximum time the LSP persists
Isp-refresh-interval seconds Set the LSP refresh time
P2C-98 Network Protocols Configuration Guide Part Configure Route Aggregation
Command Purpose
Set the Isp-mtu bytes maximum size of link-state packet
spf-interval seconds Set the minimum time between SPF calculations
Limit Partial Route Calculations
You can control how often the Cisco lOS software performs partial route calculation PRC Because the partial route calculation is processor-intensive it may be useful to limit how often this is slower router models the done especially on Increasing PRC interval reduces the processor load
of the router but it also potentially slows down the rate of convergence
To the the modify partial route calculation use following command in router configuration mode
Command Purpose
prcinteryal seconds Set the hoiddown period between partial route
calculations
Configure Route Aggregation
Prior to Cisco lOS Release 11.1 you could segregate IPX internetworks into distinct NLSP areas
them with IPX RIP With Release 11.1 later only by interconnecting or software you can easily perform the following tasks
Divide large IPX internetworks into multiple NLSP areas
Redistribute route and service information directly from one NLSP area into other areas
Enable route summarization
In this these document independent capabilities are known collectively as the route aggregation
feature Cisco has designed the route aggregation feature to be compatible with Novells Net Ware
Link Services Protocol NLSP Specification Revision 1.1
Note In the sections that follow NLSP version 1.1 routers refers to routers that support the route
aggregation feature while NLSP version 1.0 routers refers to routers that do not Additionally all
NLSP instances configured on router running Release 11.1 are NLSP 1.1 instances They are all
capable of generating and using aggregated routes However in the text and examples that follow
an NLSP 1.0 instance refers to an instance of NLSP that is in an area that includes NLSP version
1.0 routers
Benefits of Route Summarization
NLSP route summarization provides the following benefits to well-designed IPX networks
address route Compact representationA single aggregated efficiently represents many explicit routes
Reduced update bandwidthMost changes in the explicit routes represented by an aggregated
route do not need to be propagated to neighboring areas
Configuring Novell IPX P2C99 Configure NLSP
Reduced computational overheadSince the routers in one area are unaffected by most changes
in adjacent areas the SPF algorithm runs less often
Improved information managementFiltering of route and service information may be done at
area boundaries
As result you can build larger IPX networks using route aggregation
Understand Area Addresses Route Summaries and Aggregated Routes
This section discusses area addresses route summaries and aggregated routes It also describes how
area addresses relate to route summaries
Area Addresses
An area address uniquely identifies an NLSP area The area addresses configured on each router
determine the areas to which router belongs
An area address consists of pair of 32-bit hexadecimal numbers that include an area number and
corresponding mask The mask indicates how much of the area number identifies the area and how
much identifies individual networks in the area For example the area address pair
12345600 FFFFFFOO describes an area composed of 256 networks in the range 12345600 to 123456FF
You can configure up to three area addresses per NLSP process on the router Adjacencies are formed
only between routers that share at least one common area address
Route Summaries
of that the route route summary defines set explicit routes router uses to generate an aggregated the how summarize the of into route summary tells router to set explicit routes single summarized route
similar in form address That the described route summary is to an area is route summary by
summarizes the 256 networks in the 12345600 123456FF 12345600 FFFFFFOO range to
Aggregated Routes
An aggregated route is the single compact data structure that describes many IPX network numbers
simultaneously The aggregated route represents all the explicit routes defined by the route summary
In an LSP the router expresses an aggregated route as 1-byte number that gives the length in bits
of the portion of the 32-bit network number common to all summarized addresses The aggregated
route for 12345600 FFFFFFOO is 18 12345600
Relationship between Area Addresses and Route Summaries
When you enable route summarization in Release 11.1 while running multiple instances of NLSP
the router performs default route summarization based on the area address configured in each NLSP
area That is explicit routes that match the area address in given area are not redistributed
individually into neighboring NLSP areas Instead the router redistributes single aggregated route
that is equivalent to the area address into neighboring areas
P2C-100 Network Protocols Configuration Guide Part Configure Route Aggregation
Understand NLSP Areas
This section describes single versus multiple NLSP areas and discusses the routers behavior when mix you NLSP versions within single NLSP area
Single Versus Multiple NLSP Areas
NLSP version 1.0 routers Level support only single area Two routers form an adjacency only if
share at least address in they one configured area common The union of routers with adjacencies in common form an area
Each router within the NLSP has its area own adjacencies link-state and forwarding databases
Further each routers link-state database is identical Within the these router databases operate collectively as single process or instance to discover select and maintain route information about
the area NLSP version 1.0 and routers NLSP version 1.1 routers that exist within single area use single NLSP instance
With NLSP version 1.1 and Cisco lOS Release 11.1 multiple instances of NLSP may exist on given router Each instance and maintains discovers selects route information for separate NLSP
Each instance has its area own copy of the NLSP adjacency and link state database for its area
all instances However along with other routing protocols such as RIP and Enhanced IGRP share
single copy of the forwarding table
Mixing NLSP Versions in Single Area
You have can NLSP version 1.1 routers and NLSP version 1.0 routers in the same area However version NLSP 1.0 routers do not recognize aggregated routes For this reason the default behavior
of Cisco lOS Release 11.1 software is to not generate aggregated routes To prevent routing loops in mixed environment packets routed via an aggregated route by an NLSP version 1.1 router are
dropped if the next hop is an NLSP version 1.0 router
Note In should ensure that all routers in general you an area are running NLSP version 1.1-capable software before enable you route summarization on any of the routers in an area
Understand Route Redistribution
Because can you configure multiple NLSP areas you must understand how the router passes route information from one area to another Passing route information from one area to another or from
one protocol to another is known as route redistribution Additionally you must understand the routers default route redistribution behavior before configuring route summarization
This section describes the default route redistribution behavior between multiple NLSP areas between NLSP and Enhanced IGRP and between NLSP and RIP
Default Redistribution between Multiple NLSP Areas
of the Cisco lOS Release Regardless NLSP version 11.1 redistributes routes between multiple
NLSP areas default That redistribution between by is multiple NLSP version 1.1 areas between
multiple NLSP version 1.0 areas and between NLSP version 1.1 and NLSP version 1.0 areas is enabled by default All routes are redistributed as individual explicit routes
Configuring Novell IPX P2C-1O1 Configure NLSP
Default Redistribution between NLSP and Enhanced IGRP
Route redistribution between instances of NLSP version 1.1 or version 1.0 and Enhanced IGRP is
Refer the disabled by default You must explicitly configure this type of redistribution to
Redistribute Routing Information section in this chapter for information about configuring
redistribution between NLSP and Enhanced IGRP
Default Redistribution between NLSP and RIP
Route redistribution between instances of NLSP version 1.1 or version 1.0 and RIP is enabled by
default All routes are redistributed as individual explicit routes
Understand Route Summarization
Route summarization is disabled by default to avoid the generation of aggregated routes in an area enable summarization router running mixed versions of NLSP You can explicitly route on running
Cisco lOS Release 11.1 This section describes default route summarization customized route
summarization and the relationship between filtering and route summarization
Default Route Summarization
enable route the default route summarization on the When you explicitly summarization depends
following circumstances
All routers use NLSP version 1.1The area address for each NLSP instance is used as the basis
for generating aggregated routes
Some routers use NILSP version 1.1 and some use NLSP version 1.0The area address for each
version 1.0 NLSP instance is used as the basis for generating aggregated routes however NLSP
the routers do not recognize aggregated routes You must not enable route aggregation on summarization NLSP version 1.0 instance or you must configure customized route to prevent Customized Route generation of aggregated routes from the NLSP version 1.0 areas See the Summarization section
Some routers use Enhanced IGRP and NLSP version 1.1There is no default route
summarization You must configure customized route summarization to generate aggregated
routes from Enhanced IGRP to NLSP version 1.1 See the Customized Route Summarization
section
Some routers use RIP and NLSP version 1.1There is no default route summarization You must
configure customized route summarization to generate aggregated routes from RIP to
NLSP version 1.1 See the Customized Route Summarization section
used the basis In the case of the first two circumstances the area address for each NLSP instance is as
for generating aggregated routes That is all explicit routes that match local area address generate
common aggregated route The router redistributes only the aggregated route into other NLSP
areas explicit routes and more specific aggregated routes represented by particular aggregated
route are filtered
Note The router continues to redistribute into other areas the explicit routes that do not match the
area address
P2C-102 Network Protocols Configuration Guide Part Configure Route Aggregation
Customized Route Summarization
You also customize the routers can route summarization behavior using the redistribute IPX-router
subcommand with an access list The access list specifies in detail which routes to summarize and
which routes redistribute to explicitly In this case the router ignores area addresses and uses only
the access list as template to control summarization and redistribution You can use numbered or
named access lists to control summarization and redistribution
In addition you must use customized route summarization in environments that use either of the
following combinations
Enhanced IGRP and NLSP version 1.1
RIP and NLSP version 1.1
Route summarization between Enhanced IGRP and NLSP is controlled by the access list Route
summarization is possible only in the Enhanced IGRP-to-NLSP direction Routes redistributed from
NLSP to Enhanced IGRP are always explicit routes
Route summarization between RIP and NLSP is also controlled by the access list Route
summarization is possible only in the RIP-to-NLSP direction Routes redistributed from NLSP to RIP Use the default are always explicit routes route instead to minimize routing update overhead
yet maximize reachability in RIP-only area
Note Before introducing the default route into RIP-only area be sure that all routers and servers
in the area are upgraded to understand and use the default route
In well-designed network within each NLSP area most external networks are reachable by few
while all other external networks reachable aggregated routes are either by individual explicit routes or by the default route
Relationship between Filtering and Route Summarization
Redistribution of routes and services into and out of an NLSP area may be modified using filters
Filters are available for both input and output directions Refer to the distribute-list in
distribute-list out distribute-sap-list in and distribute-sap-list out commands in the Novell IPX
Commands Chapter
Filtering is independent of route summarization but may affect it indirectly since filters are always before applied the aggregation algorithm is applied It is possible to filter all explicit routes that could
generate aggregated routes making the router unable to generate aggregated routes even though
route aggregation is turned on
Understand Service and Path Selection
The router always accepts service information as long as the services network is reachable by an
explicit route an aggregated route or the default route When choosing server for Get Nearest
Server the tick value of the route to each is used the metric GNS response eligible server as No
distinction is made between explicit and summary routes in this determination If the tick values are then equal the hop count is used as tiebreaker However because there is no hop value associated with an aggregated route services reachable via an explicit route are always preferred over those
reachable via only an aggregated route
Configuring Novell IPX P2C-103 Configure NLSP
the router An NLSP version 1.1 router always uses the most explicit match to route packets That is
route is used If always uses an explicit route if possible If not then matching aggregated multiple
is used If route is aggregated routes match then the most explicit longest match no aggregated
default route is used as last resort present then the
Configure Route Aggregation Task List
in the sections To configure the route aggregation feature perform one or more of the task following
Configure Route Aggregation for Multiple NLSP Version 1.1 Areas
Configure Route Aggregation for NLSP Version 1.1 and NLSP Version 10 Areas
Configure Route Aggregation for Enhanced IGRP and NLSP Version 1.1 Environments
Configure Route Aggregation for RIP and NLSP Version 1.1 Environments
Areas Configure Route Aggregation for Multiple NLSP Version 1.1
Redistribution between multiple NLSP 1.1 areas is enabled by default Because multiple NLSP
label identifies each For each an processes are present on the router tag or instance configure enable route summarization enable NLSP on appropriate area address and optionally Finally
the correct identifier to associate that interface appropriate interfaces Be sure to use tag process
with the appropriate NLSP area
within the Note Note that the tag used to identify an NLSP instance is meaningful only locally
interfaces for router NLSP adjacencies and areas are determined by the area address and configured
each instance of NLSP running on each router Theie is no need other than administrative
convenience to ensure that individual tags match between routers
Version 1.1 The following sections describe how to configure route aggregation for multiple NLSP
areas
Configure Route Aggregation with Default Route Summarization
Configure Route Aggregation with Customized Route Summarization Using Numbered Access
Lists
Configure Route Aggregation with Customized Route Summarization Using Named Access Lists
Configure Route Aggregation with Default Route Summarization
feature with the default route summarization use the To configure the route aggregation behavior
each in mode following commands for NLSP process starting global configuration
Step Command Purpose
Enable NILSP and the with ipx router iilsp routing identify process
unique tag
area-address address mask From router configuration mode define up to three
area addresses for the process
enable route-aggregation Optional From router configuration mode
route summarization
P2C-104 Network Protocols Configuration Guide Part Configure Route Aggregation
Step Command Purpose
enable ipx nlsp From interface configuration mode enable NLSP on
each network in the area described by the tag argument
For an of how to this of example configure type route aggregation see NLSP Route Aggregation
for NLSP Version and Version 1.0 Areas section Example at the end of this chapter
Route Configure Aggregation with Customized Route Summarization Using Numbered Access Lists
To configure the route aggregation feature with customized route summarization behavior using numbered access the commands lists use following for each NLSP process starting in global configuration mode
Step Command Purpose
router Enable ipx nlsp NLSP routing and identify the process
with unique tag
area-address address mask From router configuration mode define up to
three area addresses for the process
route-aggregation Enable route summarization from router
configuration mode
redistribute nlsp access-list From router configuration mode use the
access-list-number redistribute command with an access list in the
range of 1200 to 1299 In this case the tag
identifies argument unique NLSP process
ipx nlsp enable interface From configuration mode enable NLSP
on each network in the area described by the tag argument
access-list access-list-number network deny From global configuration mode define the network-mask ticks access list to redistribute an aggregated route
area-count instead of the explicit route For each address
range you want to summarize use the deny keyword
access-list access-list-n wnber permit -1 Optional Terminate the access list with
permit all statement to redistribute all other
routes as explicit routes
Route Configure Aggregation with Customized Route Summarization Using Named Access Lists
To configure the route aggregation feature with customized route summarization behavior using named access the lists use following commands for each NLSP process starting in global configuration mode
Step Command Purpose
ipx router Enable nlsp NLSP routing and identify the process
with unique tag
areaaddress address mask From router configuration mode define up to three area addresses for the process
Configuring Novell IPX P2C-105 Configure NLSP
Step Command Purpose
route-aggregation Enable route summarization from router
configuration mode
redistribute nlsp access-list name From router configuration mode use the
redistribute command with named access list
In this case the tag argument identifies unique
NLSP process
ipx nlsp enable From interface configuration mode enable NLSP
on each network in the area described by the tag
argument
ipx access-list summary name From global configuration mode specify named
IPX access list for NLSP route aggregation
deny network network-mask ticks In access-list configuration mode specify the
area-countll redistribution of aggregated routes instead of
explicit routes For each address range you want
to summarize use deny command
permit -1 Optional Terminate the access list with permit all statement to redistribute all other
routes as explicit routes
Configure Route Aggregation for NLSP Version 1.1 and NLSP Version 1.0 Areas
By default redistribution is enabled between multiple instances of NLSP Route summarization
when enabled is possible in one direction onlyfrom NLSP version 1.0 to NLSP version 1.1
The following sections describe how to configure route aggregation for NLSP Version 1.1 and NLSP
Version 1.0 areas
Configure Route Aggregation with Default Route Summarization
Configure Route Aggregation with Customized Route Summarization Using Numbered Access
Lists
Lists Configure Route Aggregation with Customized Route Summarization Using Named Access
Configure Route Aggregation with Default Route Summarization
the To configure the route aggregation feature with default route summarization behavior use
following commands for each NLSP process starting in global configuration mode
Step Command Purpose
ipx router nlsp Enable NLSP routing and identify the process
with unique tag
area-address address mask From router configuration mode define up to
three area addresses for the process
route-aggregation For NLSP version 1.1 areas enable route
summarization from router configuration mode
Skip this step for NLSP version 1.0 areas
ipx nlsp enable From interface configuration mode enable NLSP
on each network in the area described by the tag
argument
P2C-106 Network Protocols Configuration Guide Part Configure Route Aggregation
Route with Configure Aggregation Customized Route Summarization Using Numbered Access Lists
To the configure route aggregation feature with customized route summarization behavior using numbered access lists use the commands in the following two tables
For the NLSP version 11 use the process following commands starting in global configuration mode
Step Command Purpose
ipx router Enable NLSP nlsp routing and identify the process
with unique tag
area-address address mask From router configuration mode define up to three area addresses for the process
For route-aggregation NILSP version 1.1 areas enable route
summarization from router configuration mode
redistribute access-list nlsp Optional From router configuration mode
access-list-number redistribute NLSP version 1.0 into the NLSP
version 1.1 area Include an access list number between 1200 and 1299
ipx nlsp enable interface From configuration mode enable NLSP
on each network in the area described by the tag argument
access-list access-list-n umber network deny Optional From global configuration mode
network-mask ticks define the access list to redistribute an aggregated
area-count route instead of explicit routes learned from the
NILSP version 1.0 area For each address range you want to summarize use the deny keyword
access-list access-list-number permit -1 Optional Terminate the access list with
permit all statement to redistribute all other
routes as explicit routes
For the NLSP version 1.0 the process use following commands starting in global configuration mode
Step Command Purpose
ipx router Enable nlsp NLSP routing and identify the process with unique tag
area-address address mask From router configuration mode define up to three area addresses for the process
ipx enable nlsp From intei-face configuration mode enable NLSP
on each network in the area described by the tag argument
For an of how to example configure the route aggregation feature with this type of customized route summarization refer to the NLSP Route Aggregation for NLSP Version 1.1 and Version 1.0 Areas
Example section at the end of this chapter
Configuring Novell IPX P2C-107 Configure NLSP
Configure Route Aggregation with Customized Route Summarization Using Named
Access Lists
To configure the route aggregation feature with customized route summarization behavior using
named access lists use the commands in the following two tables
1.1 the in For the NLSP version process use following commands starting global configuration mode
Step Command Purpose
ipx router nlsp Enable NLSP routing and identify the process
with unique tag
area-address address mask From router configuration mode define up to
three area addresses for the process
route-aggregation For NLSP version 1.1 areas enable route
summarization from router configuration mode
redistribute nlsp access-list name Optional From router configuration mode redistribute NLSP version 1.0 into the NLSP
version 1.1 area
ipx nlsp enable From interface configuration mode enable NLSP
on each network in the area described by the tag
argument
ipx access-list summary name Optional From global configuration mode
specify named IPX access list for NLSP route
aggregation
deny network network-mask ticks Optional From access-list configuration mode
area-count define the access list to redistribute an aggregated
route instead of explicit routes learned from the
NLSP version 1.0 area For each address range
you want to summarize use deny statement
permit -1 Optional Terminate the access list with
permit all statement to redistribute all other
routes as explicit routes
For the version 1.0 the NLSP process use following commands starting in global configuration mode
Step Command Purpose
ipx router nlsp Enable NLSP routing and identify the process
with unique tag
area-address address mask From router configuration mode define up to
three area addresses for the process
ipx nlsp enable From interface configuration mode enable NLSP
on each network in the area described by the tag
argument
P2C-108 Network Protocols Configuration Guide Part Configure Route Aggregation
Configure Route Aggregation for Enhanced IGRP and NLSP Version 1.1 Environments
Redistribution is not enabled default by Additionally summarization is possible in the Enhanced IGRP to NLSP direction only
The following sections describe how to configure route aggregation for Enhanced IGRP and NLSP
Version 1.1 environments
Configure Route Aggregation Using Numbered Access Lists
Configure Route Aggregation Using Named Access Lists
Configure Route Aggregation Using Numbered Access Lists
For each NLSP version 1.1 use the process following commands starting in global configuration mode
Step Command Purpose
router ipx nlsp Enable NLSP routing and identify the process
with unique tag
area-address address mask From router configuration mode define up to
three area addresses for the process
route-aggregation Optional From router configuration mode
enable route summarization
redistribute eigrp Optional From router configuration mode
autonomous-system-number redistribute Enhanced IGRP into the NLSP
access-list-number version 1.1 area Include an access list number
between 1200 and 1299
ipx nlsp enable From interface configuration mode enable NLSP each on network in the area described by the tag
argument
access-list access-list-n umber network deny Optional From global configuration mode
network-mask ticks define the access list to redistribute an aggregated
area-count route instead of explicit routes learned from Enhanced IGRP For each address range you want to summarize use the deny keyword
access-list access-list-n umber permit -1 Optional Terminate the access list with
permit all statement to redistribute all other
Enhanced IGRP routes as explicit routes
For each Enhanced IGRP autonomous system use the following commands starting in global configuration mode
Step Command Purpose
ipx router eigrp Enable Enhanced IGRP
autonomnoussystemnnmnber
network network-number all From router configuration mode specify the
networks to be enabled for Enhanced IGRP
redistribute nlsp router From configuration mode redistribute NLSP version 11 into Enhanced IGRE
configuring Novell IPX P2C-109 Configure NLSP
For an example of how to configure this type of route aggregation refer to the NLSP Route
Aggregation for NLSP Version 1.1 Enhanced IGRP and RIP Example section at the end of this
chapter
Configure Route Aggregation Using Named Access Lists
the For each NLSP version 1.1 process use following commands starting in global configuration mode
Step Command Purpose
ipx router nlsp Enable NLSP routing and identify the process
with unique tag
area-address address nask From router configuration mode define up to
three area addresses for the process
route-aggregation Optional From router configuration mode
enable route summarization
redistribute eigrp Optional From router configuration mode
autonomous-system-number access-list redistribute Enhanced IGRP into the NLSP
name version 1.1 area
ipx nlsp enable From interface configuration mode enable NLSP
on each network in the area described by the tag
argument
ipx access-list summary miame Optional From global configuration mode
specify named IPX access list for NLSP route
aggregation
deny network network-mask ticks Optional From access-list configuration mode
area-count define the access list to redistribute an aggregated
route instead of explicit routes learned from
Enhanced IGRP For each address range you want
to summarize use deny statement
permit -1 Optional Terminate the access list with
permit all statement to redistribute all other
Enhanced IGRP routes as explicit routes
For each Enhanced IGRP autonomous system use the following commands starting in global
configuration mode
Step Command Purpose
ipx router eigrp Enable Enhanced IGRP autonomoussystemnumber
network network-number all From router configuration mode specify the
networks to be enabled for Enhanced IGRP
redistribute nlsp From router configuration mode redistribute
NLSP version 1.1 into Enhanced IGRP
P2C-11O Network Protocols Configuration Guide Part Configure Route Aggregation
Configure Route Aggregation for RIP and NLSP Version 1.1 Environments
Because redistribution between RIP and NLSP is enabled by default you only need to enable the
route summarization if desired to configure all the capabilities of the route aggregation feature
The following sections describe how to configure route aggregation for RIP and NLSP Version 1.1 environments
Configure Route Aggregation Using Numbered Access Lists
Configure Route Aggregation Using Named Access Lists
Configure Route Aggregation Using Numbered Access Lists
For each NLSP version 1.1 process use the following commands starting in global configuration mode
Step Command Purpose
ipx router nlsp Enable NLSP routing and identify the process
with unique tag
From area-address address mask router configuration mode define up to
three area addresses for the process
route-aggregation Optional From router configuration mode
enable route summarization
redistribute rip Optional From router configuration mode
access-list-n umberjl redistribute RIP routes into the NLSP version 11
area Include an access list number between 1200
and 1299
ipx nlsp enable From interface configuration mode enable NLSP
on each network in the area described by the tag
argument
access-list access-list-n umber deny network Optional From global configuration mode
network-mask ticks define the access list to redistribute an aggregated
area-count route instead of explicit RIP routes For each
address range you want to summarize use the
deny keyword
access-list access-list-number permit -1 Optional Terminate the access list with
permit all statement to redistribute all other RIP
routes as explicit routes
For an example of how to configure this type of route aggregation refer to the NLSP Route
Aggregation for NLSP Version 1.1 Enhanced IGRP and RIP Example section at the end of this
chapter
Configure Route Aggregation Using Named Access Lists
For each NLSP version 1.1 process use the following commands starting in global configuration mode
Step Command Purpose
ipx router nlsp Enable NLSP routing and identify the process
with unique tag
area-address address mask From router configuration mode define up to
three area addresses for the process
Configuring Novell IPX P2C-111 Configure NLSP
route-aggregation Optional From router configuration mode
enable route summarization
redistribute rip access-list name Optional From router configuration mode
redistribute RIP routes into the NLSP version
area
ipx nlsp enable From interface configuration mode enable NLSP
on each network in the area described by the tag
argument
ipx access-list summary name Optional From global configuration mode
specify named IPX access list for NLSP route
aggregation
deny network network-mask ticks Optional From access-list configuration mode
area-countl define the access list to redistribute an aggregated
route instead of explicit RIP routes For each
address range you want to summarize use deny
statement
permit -1 Optional Terminate the access list with
permit all statement to redistribute all other RIP
routes as explicit routes
Customize the Exchange of Routing Information
You might want to customize the exchange of routing information The following sections describe
customization tasks
Configure RIP and SAP Compatibility
Redistribute Routing Information
Configure RIP and SAP Compatibility
Routing Information Protocol RIP and Service Advertisement Protocol SAP are enabled by
default on all interfaces configured for IPX and these interfaces always respond to RIP and SAP
requests When you also enable NLSP on an interface the interface by default generates and sends
RIP and SAP periodic traffic only if another RIP router or SAP service is sending RIP or SAP traffic
To modify the generation of periodic RIP updates on network enabled for NLSP use one of the
following commands in interface configuration mode
Command Purpose
ipx nlsp rip off Never generate RIP periodic traffic
ipx nlsp rip on Always generate RIP periodic traffic
ipx nlsp rip auto Send RIP periodic traffic only if another RIP
router is sending periodic RIP traffic This is the
default on interfaces configured for NLSP
P2C-112 Network Protocols Configuration Guide Part Configure Next Hop Resolution Protocol
To modify the generation of periodic SAP updates on network enabled for NLSP use one of the
following commands in interface configuration mode
Command Purpose
ipx nlsp sap off Never generate SAP periodic traffic
ipx nlsp sap on Always generate SAP periodic traffic SAP ipx nlsp sap auto Send periodic traffic only if another SAP
service is sending periodic SAP traffic This is
the default on interfaces configured for NLSP
Redistribute Routing Information
Automatic redistribution of one routing protocol into another provides simple and effective means
for building IPX networks in heterogeneous routing protocol environment Redistribution is
usually effective as soon as you enable an IPX routing protocol One exception is NLSP and
Enhanced IGRP You must configure the redistribution of Enhanced IGRP into NLSP and vice versa
Once you enable Enhanced IGRP and NLSP redistribution the router makes path decisions based
on predefined nonconfigurable administrative distance and prevents redistribution feedback loops
without filtering via stored external hop count
To enable redistribution of Enhanced IGRP into NLSP and vice versa use the following commands
starting in global configuration mode
Step Command Purpose
ipx router nlsp Enable NLSP
redistribute eigrp From IPX-router configuration mode enable
autonomous-system-number redistribution of Enhanced IGRP into NLSP
ipx router eigrp From global configuration mode enable
autonomous-system-number Enhanced IGRP
redistribute nlsp From IPX-router configuration mode enable
redistribution of NLSP into Enhanced IGRP
For an example of how to enable redistribution of Enhanced IGRP and NLSP see the Enhanced
IGRP and NLSP Route Redistribution Example section at the end of this chapter
Configure Next Hop ResoDuflon ProtocoD
Routers access servers and hosts can use Next Hop Resolution Protocol NHRP to discover the addresses of other routers and hosts connected to nonbroadcast miiltiaccess NBMA network
NHRP provides an ARP-like solution that alleviates some NBMA network problems With NHRP
systems attached to an NBMA network can dynamically learn the NBMA address of the other These then communicate without systems that are part of that network systems can directly
requiring traffic to use an intermediate hop
For more information on NHRP and Ciscos implementation refer to the Configuring IP
Addressing chapter in the Network Protocols Configuration Guide Part
Configuring Novell IPX P2C113 Configure Next Hop Resolution Protocol
NHRP Configuration Task List
To configure NHRP perform the tasks described in the following sections The first task is required
the remainder are optional
Enable NHRP on an Interface
Configure Stations Static IPX-to-NBMA Address Mapping
Server Statically Configure Next Hop
Configure NHRP Authentication
Control NHRP Initiation
Control NHRP Packet Rate
Suppress Forward and Reverse Record Options
Specify the NHRP Responder Address
Change the Time Period NBMA Addresses Are Advertised as Valid
For NHRP configuration examples see the NHRP Examples section at the end of this chapter
Enable NHRP on an Interface
To enable NHRP for an interface on router use the following command in interface configuration
mode In general all NHRP stations within logical NBMA network must be configured with the
same network identifier
Command Purpose
ipx nhrp network-id number Enable NHRP on an interface
For an example of enabling NHRP see the NHRP Examples section at the end of this chapter
Configure Stations Static IPXto-NBMA Address Mapping
To participate in NHRP station connected to an NBMA network must be configured with the IPX
and NBMA addresses of its Next Hop Servers The format of the NBMA address depends on the
medium you are using For example ATM uses network-layer service access point NSAP address Ethernet uses MAC address and SMDS uses an 164 address
These Servers the stationss default Next Hop are most likely or peer routers so their IPX addresses
are obtained from the stations network layer forwarding table
If the station is attached to several link layer networks including logical NBMA networks the
station should also be receive configured to routing information from its Next Hop Servers and peer
routers so that it can determine which IPX networks are reachable through which link layer networks
To configure static IPX-to-NBMA address mapping on station host or router use the following
command in interface configuration mode
Command Purpose
ipx nhrp map ipx-address nbma-address Configure static IPX-to-NBMA address mapping
P2C-114 Network Protocols Configuration Guide Part Statically Configure Next Hop Server
Statically Configure Next Hop Server
Next Hop Server normally uses the network layer forwarding table to determine where to forward from NHRP packets and to find the egress point an NBMA network Next Hop Server may
alternately be statically configured with set of IPX address prefixes that colTespond to the IPX
addresses of the stations it serves and their logical NBMA network identifiers
To statically configure Next Hop Server use the following command in interface configuration mode
Command Purpose
ipx nhrp nhs nhs-address Statically configure Next Hop Server
To configure multiple networks that the Next Hop Server serves repeat the ipx nhrp nhs command
with the same Next Hop Server address but different IPX network addresses To configure
additional Next Hop Servers repeat the ipx nhrp nhs command
Configure NHRP Authentication
Configuring an authentication string ensures that only routers configured with the same string can
intercommunicate using NHRP Therefore if the authentication scheme is to be used the same string
must be configured in all devices configured for NHRP on fabric To specify the authentication
string for NHRP on an interface use the following command in interface configuration mode
Command Purpose
ipx nhrp authentication string Specify an authentication string
Control NHRP Initiation
Complete one of the tasks in the following sections to control when NHRP is initiated
Trigger NHRP by IPX Packet
Trigger NHRP on Per-Destination Basis
Trigger NHRP by IPX Packet
You can specify an IPX access list that is used to decide which IPX packets trigger the sending of
NHRP requests By default all non-NHRP packets can trigger NHRP requests To limit which IPX
packets trigger NHRP requests you must define an access list and then apply it to the interface
To define an access list use one of the following commands in global configuration mode
Command Purpose source-neiwokaccess-list access-list-number deny permit Define standard IPX access list etwork .destination-node
Configuring Novell IPX P2C-115 Configure Next Hop Resolution Protocol
Command Purpose
access-list access-list-number deny permit Define an extended IPX access list
protocol
source-node-mask
source-n etwork-mask.source-node-naskl
network
ode destination-node-mask
destination-n etwork-inask
.destination-nodemaskj
Then apply the IPX access list to the interface by using the following command in interface
configuration mode
Command Purpose
ipx nhrp interest access-list-number Specify an IPX access list that controls NHRP
requests
Trigger NHRP on Per-Destination Basis
By default when the software attempts to transmit data packet to destination for which it has
determined that NHRP can be used it transmits an NHRP request for that destination You can
configure the system to wait until specified number of data packets have been sent to particular
destination before NHRP is attempted To do so use the following command in interface
configuration mode
Command Purpose
ipx nhrp use usage-count Specify how many data packets are sent to
destination before NHRP is attempted
Control NHRP Packet Rate
the maximum rate at which the software sends is By default NHRP packets packets per
10 seconds The software maintains per-interface quota of NHRP packets whether generated
locally or forwarded that can be transmitted To change this maximum rate use the following
command in interface configuration mode
Command Purpose
ipx nhrp max-send pkt-count every interval Change the NHRP packet rate per interface
Suppress Forward and Reverse Record Options
To dynamically detect link-layer filtering in NBMA networks for example SMDS address screens
and to provide loop detection and diagnostic capabilities NHRP incorporates route record in record contain requests and replies The route options the network and link layer addresses of all
intermediate Next Hop Servers between source and destination in the forward direction and
between destination and source in the reverse direction
P2C-116 Network Protocols Configuration Guide Part Specify the NHRP Responder Address
By default forward record options and reverse record options are included in NHRP request and
reply packets To suppress the use of these options use the following command in interface
configuration mode
Command Purpose
no ipx nhrp record Suppress forward and reverse record options
Specify the NHRP Responder Address
If an NHRP requester wants to know which Next Hop Server generates an NHRP reply packet it can
request that information by including the responder address option in its NHRP request packet The
that the then its Next Hop Server generates NHRP reply packet complies by inserting own IPX
address in the NHRP reply The Next Hop Server uses the primary IPX address of the specified
interface
To specify which interface the Next Hop Server uses for the NHRP responder IPX address use the
following command in interface configuration mode
Command Purpose
ipx nhrp responder lype number Specify which interface the Next Hop Server uses to determine the NHRP responder address
If an NHRP reply packet being forwarded by Next Hop Server contains that Next Hop Servers indication and own IPX address the Next Hop Server generates an NHRP Loop Detected error
discards the reply
Change the Time Period NBMA Addresses Are Advertised as Valid
You can change the length of time that NBMA addresses are advertised as valid in positive and
negative NHRP responses In this context advertised means how long the Cisco lOS software tells
other routers to keep the addresses it is providing in NHRP responses The default length of time for
each response is 7200 seconds hours To change the length of time use the following command
in interface configuration mode
Command Purpose
ipx nhrp holdtime seconds-positive Specify the number of seconds that NBMA
addresses are advertised as valid in positive or
negative NHRP responses
Configure PX and SPX over WANs
You can configure IPX over dial-on-demand routing DDR Frame Relay Point-to-Point Protocol PPP Switched Multimegabit Data Service SMDS and X.25 networks To do this you configure
address mappings as described in the appropriate chapter
When you configure IPX over PPP address maps are not necessary for this protocol Also you can
enable IPX header compression over point-to-point links to increase available useful bandwidth of
time for interactive of the link the link and reduce response uses
You can use fast-switching IPX serial interfaces configured for Frame Relay and SMDS and you
can use fast-switching SNAP-encapsulated packets over interfaces configured for ATM
Additionally you can configure the IPXWAN protocol
Configuring Novell IPX P2C117 Configure IPX and SPX over WANs
For an example of how to configure IPX over WAN interface see the IPX over WAN Interface
Example section at the end of this chapter
Configure IPX over DDR
IPX sends periodic watchdog keepalive packets These are keepalive packets that are sent from
servers to clients after client session has been idle for approximately minutes On DDR link
this that call would be made means every minutes regardless of whether there were data packets
to send You can prevent these calls from being made by configuring the Cisco lOS software to
respond to the servers watchdog packets on remote clients behalf This is sometimes referred to
as spoofing the server
When configuring IPX over DDR you might want to disable the generation of these packets so that
minutes This is call is not made very not an issue for the other WAN protocols because they connections rather establish dedicated than establishing connections oniy as needed
To keep the serial interface idle when only watchdog packets are being sent refer to the tasks
described in the Deciding and Preparing to Configure DDR chapter of the Dial Solutions Configuration Guide For an example of configuring IPX over DDR see the IPX over DDR
Example section at the end of this chapter
Configure SPX Spoofing over DDR
Sequenced Packet Exchange SPX sends periodic keepalive packets between clients and servers
Similar to IPX watchdog packets these are keepalive packets that are sent between servers and
clients after the data has stopped being transferred On pay-per-packet or byte networks these
packets can incur large customer telephone connection charges for idle time You can prevent these
calls from being made by configuring the Cisco lOS software to respond to the keepalive packets on behalf of remote system
When configuring SPX over DDR you might want to disable the generation of these packets so that
call has the opportunity to go idle This may not be an issue for the other WAN protocols because
they establish dedicated connections rather than establishing connections only as needed
To keep the serial inteiface idle when only keepalive packets are being sent refer to the tasks
described in the Deciding and Preparing to Configure DDR chapter of the Dial Solutions
Configuration Guide
For an example of how to configure SPX spoofing over DDR see the IPX over DDR Example
section at the end of this chapter
Configure IPX Header Compression
You can configure IPX header compression over point-to-point links With IPX header compression point-to-point link can compress IPX headers only or the combined IPX and NetWare Core
Protocol headers links Currently point-to-point must first negotiate IPX header compression via IPXCP The Cisco lOS software or IXPWAN supports IPX header compiession as defined by RFC 1553
For details on configuring IPX header compression refer to the Configuring Media-Independent
PPP and Multilink PPP chapter in the Dial Solutions Configuration Guide
P2C-118 Network Protocols Configuration Guide Part Configure the IPXWAN Protocol
Configure the IPXWAN Protocol
The Cisco lOS software supports the IPXWAN protocol as defined in RFC 1634 IPXWAN allows
router that is running IPX routing to connect via serial link to another router possibly from
another manufacturer that is also routing IPX and using IPXWAN
IPXWAN is connection start-up protocol Once link has been established IPXWAN incurs little
or no overhead
You can use the IPXWAN protocol over PPP You can also use it over HDLC however the devices
at both ends of the serial link must be Cisco routers
To configure IPXWAN use the following commands in interface configuration mode on serial
interface
Step Command Purpose
no ipx network Ensure that you have not configured an IPX
network number on the interface
encapsulation ppp Enable PPP
ipx ipxwan network-nwnber Enable IPXWAN
unnumbered local-server-name
retiyinterval retryli nit
ipx ipxwan error resume shutdown Optionally define how to handle IPX WAN
when serial link fails
ipx ipxwan static Optionally enable static routing with
IPXWAN Note that the remote site must also
use static routing
Contro Access to PX Networks
To control access to IPX networks first create access lists and then apply them to individual
interfaces using filters
Types of Access Lists
You can create the following IPX access lists to filter various kinds of traffic
Standard access listRestricts traffic based on the source network number You can further
restrict traffic by specifying destination address and source and destination address mask
Standard IPX access lists use numbers from 800 to 899 or names to identify them
Extended access listRestricts traffic based on the IPX protocol type You can further restrict
traffic by specifying source and destination addresses and address masks and source and
destination sockets Extended IPX access lists use numbers from 900 to 999 or names to identify them
SAP access listRestricts traffic based on the IPX Service Advertisement Protocol SAP type
filters and Get Server filters Novell These lists are used for SAP Nearest GNS response SAP
access lists use numbers from 1000 to 1099 or names to identify them
IPX NetBIOS access listRestricts IPX NetBIOS traffic based on NetBIOS names not numbers
NLSP route aggregation access listSpecifies in detail which routes to summarize and which
routes to redistribute explicitly Route aggregation is discussed in detail in the Configure Route
Aggregation section Refer to that section for more information
Configuring Novell IPX P2C-119 Control Access to IPX Networks
Types of Filters
There are more than 14 different IPX filters that you can define for IPX interfaces They fall into the following six groups
Generic filtersControl which data packets are routed in or out of an interface based on the
packets source and destination addresses and IPX protocol type
Routing table filtersControl which Routing Information Protocol RIP updates are accepted
and advertised by the Cisco lOS software and from which devices the local router accepts RIP
updates
SAP filtersControl which SAP services the Cisco lOS software accepts and advertises and
which Get Nearest Server GNS response messages it sends out
IPX NetBIOS filtersControl incoming and outgoing IPX NetBIOS packets
Broadcast filtersControl which broadcast packets are forwarded
NLSP route aggregation filtersControl the redistribution of routes and services into and out of
an NLSP area
Table summarizes the filters the access lists they use and the commands used to define the filters
in the first five groups Use the show ipx interfaces command to display the filters defined on an
interface Route aggregation is discussed in detail in the Configure Route Aggregation section
Refer to that section for additional information
Table IPX Filters
Filter Type Access List Used by Filter Command to Define Filter
Generic filters
Filter inbound or outbound packets based the Standard or Extended on ipx access-group access-list-number name Em contents of the IPX network header Out
Routing table filters
Control which networks added to the Standard Extended are routing or ipx input-network-filter access-list -number name
table
Control which networks are advertised in Standard or Extended ipx output-network-filter access-list-nwnber
routing updates name
Control which networks are advertised in the Standard or Extended distribute-list access-list-number name out
sent out the Enhanced IGRP routing updates by face-name routing-process Cisco lOS software
Control the routers from which Standard Extended updates are or ipx router-filter access-list -number name accepted
SAP filters
Filter service advertisements SAP incoming ipx input-sap-filter access-list-number name
Filter service advertisements SAP outgoing ipx output-sap-filter access-list-number name
Control the routers from which SAP updates are SAP ipx router-sap-filter access-list-numbe name accepted
Filter list of servers in GNS SAP response messages ipx output-gns-filter access-list-number name
IPX NetBIOS filters
Filter incoming packets by node name IPX NetBIOS ipx netbios input-access-filter host name
Filter incoming packets by byte pattern IPX NetBIOS ipx netbios input-access-filter bytes name
Filter outgoing packets by node name IPX NetBIOS ipx netbios output-access-filter host name
P2C-120 Network Protocols Configuration Guide Part Implementation Considerations
Table IPX Filters continued
Filter Type Access List Used by Filter Command to Define Filter
Filter outgoing packets by byte pattern IPX NetBIOS ipx netbios output-access-filter bytes name
Broadcast filters
Control which broadcast packets are forwarded Standard or Extended ipx helper-list access-list-nwnber name
Implementation Considerations
Keep the following information in mind when configuring IPX network access control
in the order Access lists entries are scanned you enter them The first matching entry is used To
improve performance it is recommended that you place the most commonly used entries near the
beginning of the access list
An implicit deny everything entry is defined at the end of an access list unless you include an
explicit permit everything entry at the end of the list
For numbered access lists all new entries to an existing list are placed at the end of the list You
cannot add an entry to the middle of list This means that if you have previously included an
explicit per/nit everything entry new entries will never be scanned The solution is to delete the
access list and re-enter it with the new entries
For named access lists all new entries to an existing list are placed at the end of the list You
cannot add entries to the middle of list However you can remove specific entries using the no
deny and no permit commands rather than deleting the entire access list
Do not to set up conditions that result in packets getting lost One way this can happen is when
device or interface is configured to advertise services on network that has access lists that deny
these packets
You cannot filter SAP packets within an NLSP area You can filter them at the boundary of NLSP
and RIP/SAP areas though restrictions do apply For more information about filtering at these
boundaries refer to the Relationship between Filtering and Route Summarization section in
the chapter and the Novell NetWare Link Services Protocol NLSP Specification
Control Access to IPX Networks Task List
You perform the required tasks in the following section to control access to IPX networks
Create Access Lists
Create Filters
Create Access Lists
You can create access lists using numbers or names You can choose which method you prefer If
you use numbers to identify your access lists you are limited to 100 access lists per filter type If
you names to identify your access lists you can have an unlimited number of access lists per filter
type
The following sections describe how to perform these tasks
Create Access Lists Using Numbers
Create Access Lists Using Names
Configuring Novell IPX P2C-121 Control Access to IPX Networks
Create Access Lists Using Numbers
To create access lists using numbers you can use one or more of the following commands in global
configuration mode
Command Purpose
access-list access-list-nwnber deny permit Create standard IPX access list using number source-n etwork source-node Generic routing and broadcast filters use this
etwork destination-node type of access list
access-list access-list-number deny permit Create an extended IPX access list using
protocol number Generic routing and broadcast filters
etwork-nask.source-node-maskl use this type of access list
source-socket
etworknask.destinationnodemaskl
destination-socket
access-list access-list-number Create list deny permit SAP filtering access using number
network node-maskll SAP and GNS response filters use this type of
access list
Once you have created an access list using numbers apply it to the appropriate interfaces using filters
as described in the Create Filters section of this chapter This activates the access list
Create Access Lists Using Names
lists allow to lists with IPX named access you identify IPX access an alphanumeric string name
rather than number You can configure an unlimited number of the following types of IPX named
access lists
Standard
Extended
SAP
NLSP route aggregation summarization
NetBIOS
If list with rather than the you identify your access name number mode and command syntax are
slightly different
Benefits of IPX Named Access Lists
IPX named lists allow maintain Using access you to security by using separate and easily
identifiable access list for each user or interface IPX named access lists also remove the limit of
100 lists filter per type
Implementation Considerations for Configuring IPX Named Access Lists
Consider the following information before configuring IPX named access lists
Except for NetBIOS access lists access lists specified by name are not compatible with releases Cisco Release 11 prior to lOS .24F
Access list names must be unique across all protocols
Except for NetBIOS access lists numbered access lists are also available
P2C-122 Network Protocols Configuration Guide Part Create Access Lists
IPX Named Access List Configuration Task List
To configure IPX named access lists for standard extended SAP NLSP route aggregation summarization or NetBIOS access lists complete one or more of the tasks in the following sections
Create Named Standard Access List
Create Named Extended Access List
Create Named SAP Filtering Access List
Create Named NLSP Route Aggregation Access List
Create NetBIOS Access List
Create Named Standard Access List
To create named standard access list use the following commands starting in global configuration mode
Step Command Purpose
ipx access-list standard name Define standard IPX access list using name
Generic routing and broadcast filters use this
type of access list
deny permit source-n etwork .source-node In access-list configuration mode specify one
or more conditions allowed or denied This
determines whether the packet is passed or
dropped
exit Exit access-list configuration mode
For an example of creating named standard access list see the Standard Named Access List
Example section at the end of this chapter
Create Named Extended Access List
To create named extended access list use the following commands starting in global configuration mode
Step Command Purpose
ipx access-list extended name Define an extended IPX access list using
name Generic routing and broadcast filters
use this type of access list
deny permit protocol In access-list configuration mode specify the
source-node-mask conditions allowed or denied Use the log
keyword to get access list logging messages
source-n etwork-mask.source-node-mask including violations
network
destinationn ode-mnaskll
destination-n etvork-mask.destination-node-mna sk
exit Exit access-list configuration mode
Configuring Novell IPX P2C-123 Control Access to IPX Networks
Create Named SAP Filtering Access List
To create named access list for filtering SAP requests use the following commands starting in
global configuration mode
Step Command Purpose
ipx access-list sap name Define SAP filtering access list using name
SAP and GNS response filters use this type of
access list
deny permit network In access-list configuration mode specify the
conditions allowed or denied
exit Exit access-list configuration mode
Create Named NLSP Route Aggregation Access List
NLSP route aggregation access lists perform one of the following functions
Permit networks to be redistributed as explicit networks without summarization
Deny the redistribution of explicit networks and generate an appropriate aggregating summary
route for redistribution
To create named access list for NLSP route aggregation use the following commands starting in
global configuration mode
Step Command Purpose
ipx access-list summary name Define an IPX access list for NLSP route
aggregation using name
deny permit network network-mask In access-list configuration mode specify the
ticks conditions allowed or denied Foi each address
area-count range you want to redistribute as single aggregated route use the deny keyword For each
address that you want to redistribute explicitly use the permit keyword
exit Exit access-list configuration mode
For information on how to use named access list when configuring route aggregation refer to the
tasks listed in the Configure Route Aggregation Task List section of this chapter
Create NetBIOS Access List
To create NetBIOS access list use one or more of the following commands in global configuration mode
Command Purpose
host Create list for IPX netbios access-list name deny permit stming an access filtering NetBIOS
node filters this packets by name NetBIOS use
type of access list
netbios access-list bytes name deny permit offset Create an access list for filtering IPX NetBIOS
byte-pattern packets by arbitrary byte pattern NetBIOS filters
use this type of access list
P2C-124 Network Protocols Configuration Guide Part Create Filters
Modifying IPX Named Access Lists
After you initially create an access list you place any subsequent additions possibly entered from
the terminal at the end of the list In other words you cannot selectively add access list command
lines to the middle of specific access list However you can use no permit and no deny commands
to remove entries from named access list
Note When creating access lists remember that by default the end of the access list contains an
implicit deny statement for everything if it did not find match before reaching the end
For an example of creating generic filter see the IPX Network Access Examples section at the end of this
chapter
Applying Named Access Lists to Interfaces
After it creating an access list you must apply to the appropriate interface using filters as described
in the Create Filters section of this chapter This activates the access list
Create Filters
Filters allow you to control which traffic is forwarded or blocked at routers interfaces Filters apply
specific numbered or named access lists to interfaces
The following sections describe how to perform the tasks for creating filters
Create Generic Filters
Create Filters for Updating the Routing Table
Create SAP Filters
Create GNS Response Filters
Create IPX NetBIOS Filters
Create Broadcast Message Filters
Create Generic Filters
Generic filters determine which data packets to receive from or send to an interface based on the
packets source and destination addresses IPX protocol type and source and destination socket numbers
To create generic filters first create standard or an extended access list as described in the Create
Access Lists section of this chapter and then apply filter to an interface
To apply generic filter to an interface use the following command in interface configuration mode
Command Purpose
ipx access..group access-list-minber name Apply generic filter to an interface out
You can apply oniy one input filter and one output filter per interface or subinterface You cannot
configure an output filter on an interface where autonomous switching is already configured
Similarly you cannot configure autonomous switching on an interface where an output filter is
Configuring Novell IPX P2C-125 Control Access to IPX Networks
filter interface if autonomous is already present You cannot configure an input on an switching
already configured on any interface Likewise you cannot configure input filters if autonomous interface switching is already enabled on any
For an example of creating generic filter see the IPX Network Access Examples section at the
end of this chapter
Create Filters for Updating the Routing Table
Routing table update filters control the entries that the Cisco lOS software accepts for its routing
table and the networks that it advertises in its routing updates
To create filters to control updating of the routing table first create standard or an extended access
list as described in the Create Access Lists section of this chapter and then apply one or more
routing filters to an interface
To apply routing table update filters to an interface use one or more of the following commands in
interface configuration mode
Command Purpose
ipx input-network-filter access-list-nwnber name Control which networks are added to the routing
table when IPX routing updates are received
ipx output-network-filter access-list-nuinber Control which networks are advertised in RIP
name routing updates sent out by the Cisco lOS software
distribute-list access-list-number name out Control which networks are advertised in the
routing-processll Enhanced IGRP routing updates sent out by the Cisco lOS software
ipx router-filter access-list-nuinber name Control the routers from which routing updates
are accepted
Note The ipx output-network-filter command applies to the IPX RIP only To control the
advertising of routes when filtering routing updates in Enhanced IGRP use the distribute-list out
command See the Control the Advertising of Routes in Routing Updates section in this chapter
for more information
Create SAP Filters
common source of traffic on Novell networks is SAP messages which are generated by NetWare
servers and the Cisco lOS software when they broadcast their available services
SAP from network routed To control how messages segments or specific servers are among IPX
networks first create SAP filtering access list as described in the Create Access Lists section of
this chapter and then apply one or more filters to an interface
To apply SAP filters to an interface use one or more of the following commands in interface
configuration mode
Command Purpose
ipx input-sap-filter access-list-number name Filter incoming service advertisements
ipx output-sap-filter access-list-number name Filter outgoing service advertisements
ipx router-sap-filter access-list-number name Filter service advertisements received from
particular router
P2C-126 Network Protocols Configuration Guide Part Create Filters
You can apply one of each SAP filter to each interface
For examples of creating and applying SAP filters see the SAP Input Filter Example and SAP
Output Filter Example sections at the end of this chapter
Create GNS Response Fflters
To filters for which create controlling servers are included in the GNS responses sent by the
Cisco lOS software first create SAP filtering access list as described in the Create Access Lists
section of this chapter and then apply GNS filter to an interface
To apply GNS filter to an interface use the following command in interface configuration mode
Command Purpose
Filter the list of ipx output-gns-filter access-list-nwnber name servers in GNS response messages
Create IPX NetBIOS Filters
Novells IPX NetBIOS allows messages to be exchanged between nodes using alphanumeric names
and node addresses the Cisco lOS software lets Therefore you filter incoming and outgoing
NetBIOS FindName packets by the node name or by an arbitrary byte pattern such as the node address in the packet
Note These filters apply to IPX NetBIOS FindName packets only They have no effect on LLC2
NetBIOS packets
Implementation Considerations
Keep the following in mind when configuring IPX NetBIOS access control
Host node names are case sensitive
Host and byte access lists can have the same names because the two types of lists are independent of each other
the in the When filtering by node name names access lists are compared with the destination
name field for IPX NetBIOS find name requests
Access filters that filter by byte offset can have significant impact on the packet transmission
rate because each packet must be examined You should use these access lists only when
absolutely necessary
If node name is not found in an access list the default action is to deny access
IPX NetBIOS Filters Configuration Task List
To create filters for controlling IPX NetBIOS access first create NetBIOS access list as described
in the Create Access Lists section of this chapter and then apply the access list to an interface
Configuring Novell IPX P2C-127 Tune IPX Network Performance
of the commands in To apply NetBIOS access list to an interface use one or more following
interface configuration mode
Command Purpose
ipx netbios input-access-filter host name Filter incoming packets by node name
ipx netbios input-access-filter bytes name Filter incoming packets by byte pattern
ipx netbios output-access-filter host name Filter outgoing packets by node name
ipx netbios output-access-filter bytes name Filter outgoing packets by byte pattern
You can apply one of each of these four filters to each interface
For an example of how to create filters for controlling IPX NetBIOS see the IPX NetBIOS Filter
Examples section at the end of this chapter
Create Broadcast Message Filters
Routers normally block all broadcast requests and do not forward them to other network segments
of inherent in broadcast traffic the entire This is done to prevent the degradation performance over
network You can define which broadcast messages get forwarded to other networks by applying interface broadcast message filter to an
first standard extended list To create filters for controlling broadcast messages create or an access
Lists section this and then broadcast as described in the Create Access of chapter apply message
filter to an interface
in interface To apply broadcast message filter to an interface use the following commands
configuration mode
Step Command Purpose
ipx helper-address network.node Specify helper address for forwarding broadcast
messages
ipx helper-list access-list-number name Apply broadcast message filter to an interface
unless issued Note broadcast message filter has no effect you have an ipx helper-address or an
ipx type-20-propagation command on the interface to enable and control the forwarding of
broadcast messages These commands are discussed later in this chapter
For examples of creating and applying broadcast message filters see the Helper Facilities to Control Broadcast Examples section at the end of this chapter
Tune PX Network Performance
You can tune IPX network performance by completing the tasks in one or more of the following sections
Control Novell IPX Compliance
Adjust RIP and SAP Information
Configure Load Sharing
Specify the Use of Broadcast Messages
P2C-128 Network Protocols Configuration Guide Part Control Novell IPX Compliance
Disable IPX Fast Switching
Adjust the Route Cache
Adjust Default Routes
Pad Odd-Length Packets
Control Novell IPX Compliance
Ciscos of Novells IPX is implementation protocol certified to provide full IPX router functionality
as defined by Novells IPX Router Specification Version 1.10 published November 17 1992
You control Novell can compliance to specifications by performing the tasks in the following sections
Control the Forwarding of Tpe 20 Packets
Control Interpacket Delay
Shut Down an IPX Network
Achieve Full Novell Compliance
Control the Forwarding of Type 20 Packets
NetBIOS over IPX uses 20 broadcast type propagation packets flooded to all networks to get
information about the named nodes the network NetBIOS on uses broadcast mechanism to get this
information because it does not implement network layer
Routers block all broadcast normally requests By enabling type 20 packet propagation IPX
interfaces on the router may accept and forward type 20 packets
How Type 20 Packet Propagation Works
When interface for an configured type 20 propagation receives type 20 packet Cisco lOS software the processes packet according to Novell specifications Cisco lOS software propagates the packet
to the interface next The type 20 packet can be propagated for up to eight hop counts
Loop Detection and Other Checks
Before forwarding flooding the packets the router performs loop detection as described by the IPX
router specification
You can configure the Cisco lOS software to apply extra checks to type 20 propagation packets above and beyond the loop detection described in the IPX specification These checks are the same
ones that are to all-nets broadcast limit applied helpered packets They can unnecessary duplication of type 20 broadcast packets The extra helper checks are as follows
Accept type 20 propagation packets only on the primary network which is the network that is the
primary path back to the source network
Forward type 20 propagation packets only via networks that do not lead back to the source network
Configuring Novell IPX P2C-129 Tune IPX Network Performance
While this extra checking increases the robustness of type 20 propagation packet handling by
it has the two side effects decreasing the amount of unnecessary packet replication following
is all these be blocked If type 20 packet propagation not configured on interfaces packets might
when the primary interface changes
manual for 20 It might be impossible to configure an arbitrary spanning tree type packet
propagation
Relationship between Type 20 Propagation and Helper Addresses
For You use helper addresses to forward non-type 20 broadcast packets to other network segments
information on forwarding other broadcast packets see the Use Helper Addresses to Forward
Broadcast Packets section in this chapter
You can use helper addresses and type 20 propagation together in your network Use helper
addresses to forward non-type 20 broadcast packets and use type 20 propagation to forward type 20
broadcast packets
Type 20 Packets Configuration Task List
You can enable the forwarding of type 20 packets on individual interfaces Additionally you can
restrict the acceptance and forwarding of type 20 packets You can also choose to not comply with
Novell specifications and forward type 20 packets using helper addresses rather than using type 20
propagation The following sections describe these tasks
Enable the Forwarding of Type 20 Packets
Restrict the Acceptance of Incoming Type 20 Packets
Restrict the Forwarding of Outgoing Type 20 Packets
Forward Type 20 Packets Using Helper Addresses
Enable the Forwarding of Type 20 Packets
By default type 20 propagation packets are dropped by the Cisco lOS software You can configure
the software to receive type 20 propagation broadcast packets and forward flood them to other
network segments subject to loop detection
To enable the receipt and forwarding of type 20 packets use the following command in interface
configuration mode
Command Purpose
ipx type-20-propagation Forward IPX type 20 propagation packet
broadcasts to other network segments
interface When you enable type 20 propagation Cisco lOS propagates the broadcast to the next up
to eight hops
P2C-130 Network Protocols Configuration Guide Part Control Novell IPX Compliance
Restrict the Acceptance of Incoming Type 20 Packets
For 20 the Cisco lOS software is incoming type propagation packets configured by default to accept
on all interfaces enabled to receive 20 packets type propagation packets You can configure the software to accept packets only from the single network that is the primary route back to the source
network This means that similar packets from the same source that are received via other networks will be dropped
of 20 broadcast Checking incoming type propagation packets is done only if the interface is
configured to receive and forward type 20 packets
To restrictions the of impose on receipt incoming type 20 propagation packets in addition to the
checks defined in the IPX the specification use following command in global configuration mode
Command Purpose
Restrict ipx type-2Oinput-checks the acceptance of IPX type 20
propagation packets
Restrict the Forwarding of Outgoing Type 20 Packets
For outgoing type 20 propagation packets the Cisco lOS software is configured by default to send
packets on all interfaces enabled to send type 20 propagation packets subject to loop detection You
can configure the software to send these packets only to networks that are not routes back to the
source network The software uses the current routing table to determine routes
Checking of outgoing type 20 propagation broadcast packets is done only if the interface is
configured to receive and forward type 20 packets
To impose restrictions on the transmission of type 20 propagation packets and to forward these
to all networks the checks defined packets using only in the IPX specification use the following
command in global configuration mode
Command Purpose
Restrict the ipx type-20-output-checks forwarding of IPX type 20
propagation packets
Forward Type 20 Packets Using Helper Addresses
You also can forward type 20 packets to specific network segments using helper addresses rather
than using the type 20 packet propagation
You want to forward 20 addresses when in may type packets using helper some routers your network
are running versions of Cisco lOS that do not support type 20 propagation When some routers in
your network support type 20 propagation and others do not you can avoid flooding packets
everywhere in the network by using helper addresses to direct packets to certain segments only
Cisco lOS Release 9.1 and earlier versions do not support type 20 propagation
Note Forwarding type 20 packets using helper addresses does not comply with the Novell IPX router specification
Configuring Novell IPX P2C-131 Tune IPX Network Performance
the To forward type 20 packets addresses using helper addresses use following commands starting
in global configuration mode
Step Command Purpose
ipx type-20-helpered Forward IPX type 20 packets to specific networks
segments This step turns off type 20 propagation
ipx helper-address networknode From interface configuration mode specify
helper address for forwarding broadcast
messages including IPX type 20 packets
the The Cisco lOS software forwards type 20 packets to only those nodes specified by ipx
helper-address command
Note Using the ipx type-20-helpered command disables the receipt and forwarding of type 20 command propagation packets as directed by the ipx type-20-propagation
Control Interpacket Delay
combination of and interface To control interpacket delay you can use global configuration
configuration commands
You can use one or more of the following commands in global configuration mode
Command Purpose
ipx default-output-rip-delay delay Set the interpacket delay of multiple-packet
routing updates sent on all interfaces
ipx default-triggered-rip-delay delay Set the interpacket delay of multiple-packet
triggered routing updates sent on all interfaces
ipx default-output-sap-delay delay Set the interpacket delay of multiple-packet SAP
updates sent on all interfaces
ipx default-triggered-sap-delay delay Set the interpacket delay of multiple-packet
triggered SAP updates sent on all interfaces
You can also use one or more of the following commands in interface configuration mode
Command Purpose
of ipx output-rip-delay delay Set the interpacket delay multiple-packet
routing updates sent on single interface
ipx triggered-rip-delay delay Set the interpacket delay of multiple-packet
triggered routing updates sent on single
interface
of SAP ipx output-sap-delay delay Set the interpacket delay multiple-packet
updates sent on single interface
ipx triggered-sap-delay delay Set the interpacket delay of multiple-packet
triggered SAP updates sent on single interface
P2C-132 Network Protocols Configuration Guide Part Control Novell IPX Compliance
Note We recommend that you use an ipx output-rip-delay and ipx output-sap-delay on slower
speed WAN interfaces.The default delay for Cisco lOS Release 11.1 and later versions is
55 milliseconds
Shut Down an IPX Network
To shut down an IPX network using Novell-compliant method use the following command in interface configuration mode
Command Purpose
down ipx network Administratively shut down an IPX network on an
interface This removes the network from the
interface
is faster when shut down Convergence you an IPX network using the ipx down command than when using the shutdown command
Achieve Full Novell Compliance
To achieve full compliance use the following interface configuration commands on each interface
configured for IPX
Step Command Purpose
55 ipx output-rip-delay Set the interpacket delay of multiple-packet routing
updates to 55 milliseconds
55 ipx output-sap-delay Set the interpacket delay of multiple-packet SAP
updates to 55 milliseconds
enable ipx type-20-propagation Optionally type 20 packet propagation if you
want to forward type 20 broadcast traffic across the
router
You also can globally set interpacket delays for multiple-packet RIP and SAP updates to achieve full the compliance eliminating need to set delays on each interface To do so use the following
commands from global configuration mode
Step Command Purpose
ipx default-output-rip-delay 55 Set the interpacket delay of multiple-packet routing
updates sent on all interfaces to 55 milliseconds
55 Set ipx default-output-sap-delay the interpacket delay of multiple-packet SAP
updates sent on all interfaces to 55 milliseconds
Note The default delay for Cisco lOS Release 11.1 and later versions is 55 milliseconds
Configuring Novell IPX P2C-133 Tune IPX Network Performance
Adjust RIP and SAP Information
of the tasks in the You can adjust RIP and SAP information by completing one or more optional
following sections
Configure Static Routes
Adjust the RIP Delay Field
Control Responses to RIP Requests
Timers Adjust RIP Update
Packet Size Configure RIP Update
Table Entries Configure Static SAP
SAP Configure the Queue Length for Requests
Adjust SAP Update Timers
Configure SAP Update Packet Size
Enable SAP-after-RIP
Disable Sending of General RIP or SAP Queries
Control Responses to GNS Requests
Configure Static Routes
IPX uses RIP Enhanced IGRP or NLSP to determine the best path when several paths to
the table destination exist The routing protocol then dynamically updates routing However you
certain destinations might want to add static routes to the routing table to explicitly specify paths to
Static routes always override any dynamically learned paths
static traffic Be careful when assigning static routes When links associated with routes are lost may
forwarded traffic be forwarded to nonexistent destination even an stop being or may though
alternative path might be available
mode To add static route to the routing table use the following command in global configuration
Command Purpose
Add static route to the table ipx route network default networkn ode routing
inteiftice
These You can configure static routes that can be overridden by dynamically learned routes routes
are referred to floating static routes You can use floating static route to create path of last resort
that is used only when no dynamic routing information is available
redistributed into other Note By default floating static routes are not dynamic protocols
To add floating static route to the routing table use the following command in global configuration mode
Command Purpose
ipx route netwoik default network.node Add floating static route to the routing table
inteiface
P2C-134 Network Protocols Configuration Guide Part Adjust RIP and SAP Information
Adjust the RIP Delay Field
all interfaces have RIP of and all By default LAN delay WAN interfaces have RIP delay of
Leaving the delay at its default value is sufficient for most interfaces However you can adjust the
RIP delay field by setting the tick count To set the tick count use the following command in
interface configuration mode-
Command Purpose
ipx delay number Set the tick count which is used in the IPX RIP
delay field
Control Responses to RIP Requests
To control responses to RIP requests use the following command
Command Purpose
ins Set the when ipx rip-response-delay delay responding to RIP requests
Adjust RIP Update Timers
You the can set interval between IPX RIP updates on per-interface basis You can also specify the
between the delay packets of multiple-packet RIP update on per-interface or global basis
can the between of Additionally you specify delay packets multiple-packet triggered RIP update on per-interface or global basis
You can set RIP update timers only in configuration in which all routers are Cisco routers or in
which the IPX routers allow configurable timers The timers should be the same for all devices
connected to the same cable The value choose segment update you affects internal IPX timers as follows
IPX routes are marked invalid if no routing updates are heard within three times the value of the
interval and advertised with update interval are metric of infinity
IPX routes are removed from the routing table if no routing updates are heard within four times
the value of the update interval interval
If define timer for than in you more one interface router the granularity of the timer is
determined by the lowest value defined for one of the interfaces in the router The router wakes
at this interval and sends up granularity out updates as appropriate For more information about
granularity see the Novell IPX Commands chapter in the Network Protocols Command
Reference Part
You want to between the might set delay packets in multiple-packet update if there are some
slower PCs on the network or on slower-speed interfaces
To RIP timers adjust update on per-interface basis use any or all of the following commands in
interface configuration mode
Command Purpose
ipx update interval rip sap value Adjust the RIP update timer changes-only
ipx output-rip-delay delay Adjust the delay between multiple-packet routing
updates sent on single interface
ipx triggered-rip-delay delay Adjust the delay between multiple-packet
triggered routing updates sent on single
interface
Configuring Novell IPX P2C-135 Tune IPX Network Performance
all of the commands in To adjust RIP update timers on global basis use any or following global
configuration mode
Command Purpose
ipx default-output-rip-delay delay Adjust the delay between multiple-packet routing
updates sent on all interfaces
ipx default-triggered-rip-delay delay Adjust the delay between multiple-packet
triggered routing updates sent on all interfaces
interval to three times the RIP By default the RIP entry for network or server ages out at an equal the command in interface timer To configure the multiplier that controls the interval use following
configuration mode
Command Purpose
ipx alp-multiplier multiplier Configure the interval at which network RIP
entry ages out
Configure RIP Update Packet Size
This size allows for By default the maximum size of RIP updates sent out an interface is 432 bytes
50 routes at bytes each plus 32-byte IPX RIP header To modify the maximum packet size use
the following command in interface configuration mode
Command Purpose
the maximum size of RIP ipx rip-max-packetsize bytes Configure packet updates
sent out an interface
Configure Static SAP Table Entries
Servers use SAP to advertise their services via broadcast packets The Cisco lOS software stores this
information in the SAP table also known as the Server Information Table This table is updated
add to the Server Information Table so that clients dynamically You might want to explicitly an entry
of Static SAP override identical always use the services particular server assignments always any
entries in the SAP table that are learned dynamically regardless of hop count If dynamic route that
is associated with static SAP entry is lost or deleted the software will not announce the static SAP
entry until it relearns the route
the command in mode To add static entry to the SAP table use following global configuration
Command Purpose
network.node socket static SAP table ipx sap service-type name Specify entry hop-count
Configure the Queue Length for SAP Requests
The Cisco lOS software maintains list of SAP requests to process including all pending GNS
queries from clients attempting to reach servers When the network is restarted following power of for failure or other unexpected event the router can be inundated with hundreds requests servers the Typically many of these are repeated requests from the same clients You can configure when the maximum length allowed for the pending SAP requests queue SAP requests received
queue is full are dropped and the client must resend them
P2C-136 Network Protocols Configuration Guide Part Adjust RIP and SAP Information
To set the queue length for SAP requests use the following command in global configuration mode
Command Purpose
ipx sap-queue-maximum number Configure the maximum SAP queue length
Adjust SAP Update Timers
You the SAP can adjust interval at which updates are sent You can also set the delay between packets of multiple-packet SAP update on per-interface or global basis Additionally you can specify the
delay between packets of multiple-packet triggered SAP update on per-interface or global basis
Changing the interval at which SAP updates are sent is most useful on limited-bandwidth
point-to-point links such as slower-speed interfaces You should ensure that all IPX servers and
routers on given network have the same SAP interval Otherwise they might decide that server
is down when it is really up
It is not possible to change the interval at which SAP updates are sent on most PC-based servers
This means that you should never change the interval for an Ethernet or Token Ring network that has
servers on it
You can set the router to send an update only when changes have occurred Using the changes-only
the of SAP when the link keyword specifies sending update only comes up when the link is
downed administratively or when the databases change The changes-only keyword causes the
router to do the following
Send single full broadcast update when the link comes up
Send appropriate triggered updates when the link is shut down
Send appropriate triggered updates when specific service information changes
To the SAP timers modify update on per-interface basis use any or all of the following commands
in interface configuration mode
Command Purpose
ipx update interval rip sap value Adjust the interval at which SAP updates are sent changes-only
ipx output-sap-delay delay Adjust the interpacket delay of multiple-packet
SAP updates sent on single interface
ipx triggered-sap-delay delay Adjust the interpacket delay of multiple-packet
triggered SAP updates sent on single interface
To adjust SAP update timers on global basis eliminating the need to configure delays on
per-interface basis use any or all of the following commands in global configuration mode
Command Purpose
ipx default-output-sap-delay delay Adjust the interpacket delay of multiple-packet
SAP updates sent on all interfaces
ipx default-triggered-sap-delay delay Adjust the inteipacket delay of multiple-packet
triggered SAP updates sent on all interfaces
Configuring Novell IPX P2C-137 Tune IPX Network Performance
network interval to three times the SAP By default the SAP entry of or server ages out at an equal that controls the the command in update interval To configure the multiplier interval use following
interface configuration mode
Command Purpose
ipx sap-multiplier multiplier Configure the interval at which networks or
servers SAP entry ages out
Configure SAP Update Packet Size
By default the maximum size of SAP updates sent out an interface is 480 bytes This size allows for
servers 64 bytes each plus 32-byte IPX SAP header To modify the maximum packet size use
the following command in interface configuration mode
Command Purpose
ipx sap-max-packetsize bytes Configure the maximum packet size of SAP
updates sent out an interface
Enable SAP-after-RIP
The IPX SAP-after-RIP feature links Service Advertisement Protocol SAP updates to Routing
Information Protocol RIP updates so that SAP broadcast and unicast updates automatically occur
immediately after the completion of the corresponding RIP update This feature ensures that
remote router does not reject service information because it lacks valid route to the service As
result of this feature periodic SAP updates are sent at the same interval as RIP updates
The default behavior of the router is to send RIP and SAP periodic updates with each using its own
update interval depending on the configuration In addition RIP and SAP periodic updates are
jittered slightly such that they tend to diverge from each other over time This feature synchronizes
SAP and RIP updates
Benefits of SAP-after-RIP
Sending all SAP and RIP information in single update reduces bandwidth demands and eliminates
erroneous rejections of SAP broadcasts
Linking SAP and RIP updates populates the remote routers service table more quickly because
services will not be rejected due to the lack of route to the service This can be especially useful on
WAN circuits where the update intervals have been greatly increased to reduce the overall level of
periodic update traffic on the link
Send SAP Update after RIP Broadcast
To configure the router to send SAP update following RIP broadcast use the following command
in interface configuration mode
Command Purpose
ipx update sap-after-rip Configure the router to send SAP broadcast
immediately following RIP broadcast
P2C-138 Network Protocols Configuration Guide Part Adjust RIP and SAP Information
Disable Sending of General RIP or SAP Queries
You can disable the sending of general RIP and/or SAP queries on link when it first comes up to reduce traffic and save bandwidth
RIP and SAP general queries are normally sent by remote routers when circuit first comes up On
WAN circuits two full updates of each kind are often sent across the link The first update is full
broadcast update triggered locally by the link-up event The second update is specific unicast
reply triggered by the general query received from the remote router By disabling the sending of
the link first it is to reduce traffic general queries when comes up possible to single update and
save bandwidth
To disable the of RIP and/or SAP when sending general query an interface comes up use the
following command in interface configuration mode
Command Purpose
no ipx linkup-request iip sap Disable the sending of general RIP and/or SAP Query when an interface comes up
To re-enable the sending of general RIP and/or SAP query use the positive form of the command
Control Responses to GNS Requests
You can set the method in which the router responds to SAP GNS requests you can set the delay
time in responding to these requests or you can disable the sending of responses to these requests
altogether
By default the router responds to GNS requests if appropriate For example if local server with
better metric exists then the router does not respond to the GNS request on that segment
The default method of responding to GNS requests is to respond with the server whose availability
was learned most recently
To control responses to GNS requests use one or both of the following commands in global
configuration mode
Command Purpose
ipx gns-round-robin Respond to GNS requests using round-robin
selection method
ipx gns-response-delay Set the delay when responding to GNS requests
Note The ipx gns-response-delay command is also supported as an interface configuration
command To override the global delay value for specific interface use the
ipx gns-response-delay command in interface configuration mode
You can also disable GNS queries on per-interface basis To do so use the following command in
interface configuration mode
Command Purpose
ipx gns-reply-disable Disable the sending of replies to GNS queries
Configuring Novell IPX P2C-139 Tune IPX Network Performance
Configure Load Sharing
You can configure IPX to perform round-robin or per-host load sharing as described in the following
sections
Enable Round-Robin Load Sharing
Enable Per-Host Load Sharing
Enable Round-Robin Load Sharing
You can set the maximum number of equal-cost parallel paths to destination Note that when
paths have differing costs the Cisco lOS software chooses lower-cost routes in preference to
higher-cost routes The software then distributes output on packet-by-packet basis in round-robin
fashion That is the first packet is sent along the first path the second packet along the second path
and so on When the final path is reached the next packet is sent to the first path the next to the
second path and so on This round-robin scheme is used regardless of whether fast switching is enabled
limited Limiting the number of equal-cost paths can save memory on routers with memory or very and large configurations Additionally in networks with large number of multiple paths systems
when traffic is with limited ability to cache out-of-sequence packets performance might suffer split
between many paths
To set the maximum number of paths use the following command in global configuration mode
Command Purpose
ipx maximum-paths paths Set the maximum number of equal-coit paths to
destination
Enable Per-Host Load Sharing
Round-robin load sharing is the default behavior when you configure ipx maximum-pathsto
value greater than Round-robin load sharing works by sending data packets over successive equal
cost paths without regard to individual end hosts or user sessions Path utilization is good but
because packets destined for given end host may take different paths they might arrive out of order
You can address the possibility of packets arriving out of order by enabling per-host load sharing
With per-host load sharing the router still uses multiple equal-cost paths to achieve load sharing
however packets for given end host are guaranteed to take the same path even if multiple
equal-cost paths are available Traffic for different end hosts tend to take different paths but true load
balancing is not guaranteed The exact degree of load balancing achieved depends on the exact
nature of the workload
To enable per-host load sharing use the following conimands in global configuration mode
Step Command Purpose
ipx maximum-paths paths Set the maximum number of equal cost paths to
destination to value greater than
ipx per-host-load-share Enable per-host load sharing
P2C-140 Network Protocols Configuration Guide Part Specify the Use of Broadcast Messages
Specify the Use of Broadcast Messages
You can specify the use of broadcast messages as described in the following sections
Use Helper Addresses to Forward Broadcast Packets
Enable Fast Switching of IPX Directed Broadcast Packets
Use Helper Addresses to Forward Broadcast Packets
Routers normally block all broadcast requests and do not forward them to other network segments
the entire This is done to prevent the degradation of performance over network However you can
enable the router to forward broadcast packets to helper addresses on other network segments
How Helper Addresses Work
Helper addresses specify the network and node on another segment that can receive unrecognized
broadcast packets Unrecognized broadcast packets are non-RIP and non-SAP packets that are not
addressed to the local network
When the interface configured with helper addresses receives unrecognized broadcast packet
Cisco lOS software changes the broadcast packet to unicast and sends the packet to the specified
network and node on the other network segment Unrecognized broadcast packets are not flooded
in network everywhere your
With helper addresses there is no limit on the number of hops that the broadcast packet can make
Fast Switching Support
Cisco lOS supports fast switching of helpered broadcast packets
When to Use Helper Addresses
You use helper addresses when you want to forward broadcast packets except type 20 packets to other network segments
Forwarding broadcast packets to helper addresses is sometimes useful when network segment does
not have an end-host capable of servicing particular type of broadcast request You can specify the
that the broadcast address of server network or networks can process packet
Relationship between Helper Addresses and Type 20 Propagation
You use type 20 packet propagation to forward type 20 packets to other network segments For Packets information on forwarding type 20 packets see the Control the Forwarding of Type 20
section in this chapter
You can use helper addresses and type 20 propagation together in your network Use helper
addresses to forward non-type 20 broadcast packets and use type 20 propagation to forward type 20
broadcast packets
Implementation Considerations
Using helper addresses is not Novell-compliant however it does allow routers to forward broadcast
packets to network segments that can process them without flooding the network It also allows
routers running versions of Cisco lOS that do not support type 20 propagation to forward type 20
packets
Configuring Novell IPX P2C141 Tune IPX Network Performance
The Cisco lOS software supports all-networks flooded broadcasts sometimes refelTed to as all-nets
flooding These are broadcast messages that are forwarded to all networks Use all-nets flooding
carefully and only when necessary because the receiving networks may be overwhelmed to the point
that no other traffic can traverse them
Use the ipx helper-list command described earlier in this chapter to define access lists that control
which broadcast packets get forwarded
Use Helper Addresses
To specify helper address for forwarding broadcast packets use the following command in
interface configuration mode
Command Purpose
ipx helper-address networknode Specify helper address for forwarding broadcast
messages
You can specify multiple helper addresses on an interface
For an example of using helper addresses to forward broadcast messages see the Helper Facilities
to Control Broadcast Examples section at the end of this chapter
Enable Fast Switching of IPX Directed Broadcast Packets
By default Cisco lOS software switches packets that have been helpered to the broadcast address
To enable fast switching of these IPX-directed broadcast packets use the following command in
global configuration mode
Command Purpose
ipx broadcast-fastswitching Enable fast switching of IPX directed broadcast
packets
Disable IPX Fast Switching
By default fast switching is enabled on all interfaces that support fast switching However you
might want to turn off fast switching
Fast switching allows higher throughput by switching packet using cache created by previous
packets Fast switching is enabled by default on all interfaces that support fast switching
Packet transfer is better fast performance generally when switching is enabled However you might
want disable fast in order to switching to save memory space on interface cards and to help avoid
congestion when high-bandwidth interfaces are writing large amounts of information to low-bandwidth interfaces
Caution Turning off fast switching increases system overhead
To disable IPX fast switching use the following command in interface configuration mode
Command Purpose
no ipx route-cache Disable IPX fast switching
P2C-142 Network Protocols configuration Guide Part Adjust the Route Cache
Adjust the Route Cache
Adjusting the route cache allows you to control the size of the route cache reduce memory
consumption and improve router performance You accomplish these tasks by controlling the route
cache size and invalidation The following sections describe these optional tasks
Control Route Cache Size
Control Route Cache Invalidation
Control Route Cache Size
You can limit the number of entries stored in the IPX route cache to free up router memory and aid
router processing
Storing too many entries in the route cache can use significant amount of router memory causing
router processing to slow This situation is most common on large networks that run network
management applications for NetWare
For example if network management station is responsible for managing all clients and servers in
Novell the very large greater than 50000 nodes network routers on the local segment can
become inundated with route cache entries You can set maximum number of route cache entries
on these routers to free up router memory and aid router processing
To set maximum limit on the number of entries in the IPX route cache use the following command
in global configuration mode
Command Purpose
ipx route-cache max-size size Set maximum limit on the number of entries in
the IPX route cache
If the route cache has more entries than the specified limit the extra entries are not deleted However
they may be removed if route cache invalidation is in use See the Control Route Cache
Invalidation section in this chapter for more information on invalidating route cache entries
Control Route Cache Invalidation
You can configure the router to invalidate fast switch cache entries that are inactive If these entries
remain invalidated for one minute the router purges the entries from the route cache
Purging invalidated entries reduces the size of the route cache reduces memory consumption and
improves router performance Also purging entries helps ensure accurate route cache information
You specify the period of time that valid fast switch cache entries must be inactive before the router
invalidates them You can also specify the number of cache entries that the router can invalidate per minute
To configure the router to invalidate fast switch cache entries that are inactive use the following
command in global configuration mode
Command Purpose
ipx route-cache inactivity-timeout period Invalidate fast switch cache entries that are
inactive
When you use the ipx route-cache inactivity-timeout command with the ipx route-cache max-size command you can ensure small route cache with fresh entries
Configuring Novell IPX P2C-143 Tune IPX Network Performance
Adjust Default Routes
You can adjust the use of default routes in your IPX network You can turn off the use of network
number -2 as the default route You can also specify that the router advertise only default RIP routes
out an interface The following sections describe these optional tasks
Disable Network Number -2 as the Default Route
Advertise Only Default RIP Routes
Disable Network Number -2 as the Default Route
The default is used when route to destination network is All for route any unknown packets which
route to the destination address is unknown are forwarded to the default route By default IPX
treats network number -2 OxFFFFFFFE as the default route
For an introduction to default routes see the IPX Default Routes section in this chapter For more
background information on how to handle IPX default routes refer to Novells NetWare Link
Services Protocol NLSP Specification Revision 1.1
By default Cisco lOS software treats network -2 as the default route You can disable this default
and -2 network in behavior use network as regular number your network
To disable the use of network number -2 as the default route use the following command in global
configuration mode
Command Purpose
no ipx default-route Disable default route handling
Advertise Only Default RIP Routes
Unless configured otherwise all known RIP routes are advertised out each interface However you
can choose to advertise only the default RIP route if it is known This greatly reduces the CPU
overhead when routing tables are large
To advertise only the default route via an interface use the following command in interface
configuration mode
Command Purpose
ipx advertise-default-route-only network Advertise only the default RIP route
Pad OddLength Packets
Some IPX end hosts accept only even-length Ethernet packets If the length of packet is odd the
packet must be padded with an extra byte so that end host can receive it By default Cisco lOS pads
odd-length Ethernet packets
However there are cases in certain topologies where non-padded Ethernet packets are being
forwarded onto remote Ethernet network Under specific conditions you can enable padding on
intermediate media as temporary workaround for this problem Note that you should perform this
task only under the guidance of customer engineer or other service representative
P2C-144 Network Protocols Configuration Guide Part Shut Down an IPX Network
To enable the padding of odd-length packets use the following commands in interface configuration mode
Step Command Purpose
no ipx route-cache Disable fast switching
ipx pad-process-switched-packets Enable the padding of odd-length packets
Shut Down an PX Network
You can administratively shut down an IPX network in two ways In the first way the network still
exists in the configuration but is not active When shutting down the network sends out update
packets informing its neighbors that it is shutting down This allows the neighboring systems to
update their routing SAP and other tables without having to wait for routes and services learned via
this network to time out
To shut down an IPX network such that the network still exists in the configuration use the following
command in interface configuration mode
Command Purpose
ipx down network Shut down an IPX network but have the network
still exist in the configuration
In the second way you shut down an IPX network and remove it from the configuration To do this
use one of the following commands in interface configuration mode
Command Purpose
no ipx network Shut down an IPX network and remove it from the
configuration
no ipx network network When multiple networks are configured on an
where network is the primary interface interface shut down all networks and remove
them from the interface
no ipx network network When multiple networks are configured on an
where network is the number of the secondary interface shut down one of the secondary
interface networks and remove it from the interface
When multiple networks are configured on an interface and you want shut down one of the
secondary networks and remove it from the interface use the second command in the previous table
specifying the network number of one of the secondary networks
Note In future Cisco lOS software releases primaly and secondary networks will not be supported
For an example of shutting down an IPX network see the IPX Routing Examples section at the
end of this chapter
Configuring Novelt IPX P2C145 Configure IPX Accounting
Configure PX Accounting
collect IPX accounting enables you to information about IPX packets and the number of bytes that
are switched through the Cisco lOS software You collect information based on the source and
destination IPX address IPX accounting tracks only IPX traffic that is routed out an interface on
which IPX accounting is configured it does not track traffic generated by or terminated at the router
itself
The Cisco lOS software maintains two accounting databases an active database and checkpoint
database The active database contains accounting data tracked until the database is cleared When
the active database is cleared its contents are copied to the checkpoint database Using these two
databases together enables you to monitor both current traffic and traffic that has previously traversed the router
Switching Support
Process and fast switching support IPX accounting statistics Autonomous and SSE switching do not
support IPX accounting statistics
Access List Support
IPX access lists support IPX accounting statistics
IPX Accounting Task List
You can configure IPX accounting by completing the tasks in the following sections The first task
is required The remaining tasks are optional
Enable IPX Accounting
Customize IPX Accounting
Monitor and Maintain IPX Accounting
Enable IPX Accounting
To enable IPX accounting use the following command in interface configuration mode
Command Purpose
ipx accounting Enable IPX accounting
Customize IPX Accounting
To customize IPX accounting use one or more of the following commands in global configuration mode
Command Purpose
ipx accounting-threshold threshold Set the maximum number of accounting entries
ipx accounting-transits count Set the maximum number of transit entries
ipx accounting-list number mask Filter networks for which IPX accounting
information is kept Use one command for each network
P2C-146 Network Protocols Configuration Guide Part Monitor and Maintain the IPX Network
Transit entries are entries in the database that do not match any of the networks specified by the ipx
accounting-list commands
If you enable IPX accounting on an interface but do not specify an accounting list IPX accounting
tracks all traffic through the interface all transit entries up to the accounting threshold limit
For an example of how to configure IPX accounting see the IPX Accounting Example section at
the end of this chapter
Monitor and Mantan the PX Network
You can monitor and maintain your IPX network by performing the optional tasks described in the
following sections
Perform General Monitoring and Maintaining Tasks
Monitor and Maintain IPX Enhanced IGRP
Monitor and Maintain NLSP
Monitor and Maintain NHRP
Monitor and Maintain IPX Accounting
Perform General Monitoring and Maintaining Tasks
You can perform one or more of these general monitoring and maintaining tasks as described in the
following sections
Monitor and Maintain Caches Tables Interfaces and Statistics
Specify the Type and Use of Ping Packets
Repair Corrupted Network Numbers
Troubleshoot Network Connectivity
Monitor and Maintain Caches Tables Interlaces and Statistics
To monitor and maintain caches tables interfaces or statistics in Novell IPX network use one or
more of the following commands at the EXEC prompt
Command Purpose
clear ipx cache Delete all entries in the IPX fast-switching cache
clear ipx route Delete entries in the IPX routing table
show ipx cache List the entries in the IPX fast-switching cache
show ipx interface nwnber Display the status of the IPX interfaces
configured in the router and the parameters
configured on each interface
show ipx route List the entries in the IPX routing table
show ipx servers sorted net List the servers discovered through SAP
type na/ne advertisements
show ipx traffic Display information about the number and type of
IPX packets transmitted and received
show sse summary Display summary of SSP statistics
Configuring Novell IPX P2C-147 Monitor and Maintain the IPX Network
Specify the Type and Use of Ping Packets
The Cisco lOS software can transmit Cisco pings and standard Novell pings as defined in the NLSP
specification or diagnostic request packets By default the software generates Cisco pings To
choose the ping type use the following command in global configuration mode
Command Purpose
ipx ping-default cisco novell diagnostic Select the ping type
The IPX diagnostic ping feature addresses diagnostic related issues by accepting and processing
unicast or broadcast diagnostic packets It makes enhancements to the current IPX ping command to
ping other stations using the diagnostic packets and display the configuration information in the
response packet
Note When is sent from station to the is back ping one another response expected to come
when is set to the could consist of than immediately ipx ping-default diagnostics response more
one packet and each node is expected to respond within 05 seconds of receipt of the request Due to
the absence of there is and the wait for all an end-of-message flag delay requester must responses
arrive in verbose mode there be brief of seconds before to Therefore may delay 0.5 the response
data is displayed
The ipx ping command using the diagnostic keyword can be used to conduct reachability test and
should not be used to measure accurate roundtrip delay
To initiate ping use one of the following commands in EXEC mode
Command Purpose
ping ipx network.node Diagnose basic IPX network connectivity user-level command
ping Diagnose basic IPX network connectivity
privileged command
Repair Corrupted Network Numbers
To repair corrupted network numbers on an interface use the following commands in interface
configuration mode
Step Command Purpose
no ipx route-cache Disable fast switching
ipx source-network-update Repair corrupted network numbers
Caution The interface command interferes with ipx source-network-update configuration the proper working of OS/2 Requestors Do not use this command in network that has OS/2 Requestors
Caution Do not use the ipx source-network-update interface configuration command on interfaces on
which NetWare servers are using internal network numbers that is all NetWare lx 4.x and NetWare
IntraNetWare servers
P2C-148 Network Protocols Configuration Guide Part Monitor and Maintain IPX Enhanced IGRP
Troubleshoot Network Connectivity
To trace the IPX destination and measure roundtrip delays use the following commands in EXEC mode
Command Purpose
trace Trace packet routes through the network
privileged
trace Trace packet routes through the network user
Note In user EXEC mode you are not allowed to change the trace route timeout interval probe count minimum and maximum time to live and verbose mode To do so use the trace EXEC
privileged command
Monitor and Maintain IPX Enhanced IGRP
To monitor and maintain Enhanced IGRP on an IPX network use one or more of the following
commands at the EXEC prompt
Command Purpose
show ipx eigrp neighbors List the neighbors discovered by IPX Enhanced
inteiface IGRP name
show ipx eigrp interfaces umnber Display information about interfaces configured
for Enhanced IGRP
show ipx eigrp topology Display the contents of the IPX Enhanced IGRP
topology table
show ipx route Display the contents of the IPX routing table
including Enhanced IGRP entries
show ipx traffic Display information about IPX traffic including
Enhanced IGRP traffic
Log Enhanced IGRP Neighbor Adjacency Changes
You can enable the logging of neighbor adjacency changes to monitor the stability of the routing detect not system and to help you problems By default adjacency changes are logged
To enable logging of Enhanced IGRP neighbor adjacency changes use the following command in
global configuration mode
Command Purpose
IGRP log..neighbor-changes Enable logging of Enhanced neighbor adjacency changes
Configuring Novell IPX P2C-149 Monitor and Maintain the IPX Network
Monitor and Maintain NLSP
To monitor and maintain NLSP on an IPX network use one or more of the following commands at
the EXEC prompt
Command Purpose
clear ipx nlsp neighbors Delete all NLSP adjacencies from the adjacency database
show ipx nlsp database Display the entries in the link-state packet LSP database
show ipx nlsp neighbors Display the devices NLSP neighbors and their
states
show ipx nlsp spf-log Display history of the SPF calculations for NLSP
Log Adjacency State Changes
You can allow NLSP to generate log message when an NLSP adjacency changes state up or This be useful down may very when monitoring large networks Messages are logged using the
system error message facility Messages are of the following form
%CLNS5-ADJCHANGE NLSP Adjacency to 0000.0000.0034 SerialO Up new adjacency %CLNS-5-ADJCHANGE NLSP Adjacency to 0000.0000.0034 SerialO Down hold time expired
To generate log messages when an NLSP adjacency changes state use the following command in
router configuration mode
Command Purpose
log-adjacency-changes Log NLSP adjacency state changes
Monitor and Maintain NHRP
To monitor the NHRP cache or traffic use either of the following commands in EXEC mode
Command Purpose
show ipx nhrp static number Display the IPX NHRP cache optionally limited
to dynamic or static cache entries for specific
interface
show ipx nhrp traffic Display NHRP traffic statistics
The NHRP cache can contain static entries caused by statically configured addresses and dynamic
entries caused by the Cisco lOS software learning addresses from NHRP packets To clear static entries use the no ipx nhrp map command To clear the NHRP cache of dynamic entries use the
following command in EXEC mode
Command Purpose
clear ipx nhrp Clear the IPX NHRP cache of dynamic entries
P2C-150 Network Protocols Configuration Guide Part Monitor and Maintain IPX Accounting
Monitor and Maintain IPX Accounting
To monitor and maintain IPX accounting in your IPX network use the following commands in EXEC mode
Command Purpose
clear ipx accounting Delete all entries in the IPX accounting or accounting checkpoint database
show ipx accounting List the entries in the IPX accounting or
accounting checkpoint database
Novell IIPX Configuraflon Exampes
This section provides configuration examples for the following IPX configuration situations
IPX Routing Examples
Enhanced IGRP Examples
NLSP Examples
NHRP Examples
IPX over WAN Examples
IPX Network Access Examples
Helper Facilities to Control Broadcast Examples
IPX Accounting Example
IPX Routing Examples
This section shows examples for enabling IPX routing on interfaces with single network and with
multiple networks It also shows how to enable and disable various combinations of routing
protocols
The following sections contain these examples
IPX Routing on Single Network Example
IPX Routing on Multiple Networks Examples
IPX Routing Protocols Examples
IPX Routing on Single Network Example
The following configuration commands enable IPX routing defaulting the IPX host address to that
of the first IEEE-conformance interface in this example Ethernet Routing is then enabled on
Ethernet and Ethernet for IPX networks 2abc and idef respectively
ipx routing interface ethernet
ipx network 2abc interface ethernet
ipx network idef
Configuring Novell IPX P2C-151 Novell IPX Configuration Examples
IPX Routing on Multiple Networks Examples
There are two ways to enable IPX on an interface that supports multiple networks You can use
subinterfaces or primary and secondary networks This section gives an example of each
Subinterfaces Example
The following example uses subinterfaces to create four logical networks on Ethernet interface
Each subinterface has different encapsulation Any interface configuration parameters that you
specify on an individual subinterface are applied to that subinterface only
ipx routing interface ethernet 0.1 ipx network encapsulation novell-ether interface ethernet 0.2
ipx network encapsulation snap interface ethernet 0.3 ipx network encapsulation arpa interface ethernet 0.4
ipx network encapsulation sap
Note When enabling NLSP and configuring multiple encapsulations on the same physical LAN
interface you must use subinterfaces You cannot use secondary networks
You can administratively shut down each of the four subinterfaces separately by using the shutdown
interface configuration command for each subinterface For example the following commands
administratively shut down subinterface
interface ethernet 0.3 shutdown
To bring down network use the following commands
interface ethernet 0.1
ipx down
To bring network back up use the following commands
interface ethernet 0.1
no ipx down
To remove all the networks on the interface use the following interface configuration commands
interface ethernet 0.1
no ipx network interface ethernet 0.2
no ipx network interface ethernet 0.3
no ipx network interface ethernet 0.4
no ipx network
Primary and Secondary Networks Example
Note The following examples discuss primary and secondary networks In future Cisco lOS
software releases primary and secondary networks will not be supported Use subinterfaces
P2C-152 Network Protocols Configuration Guide Part IPX Routing Examples
The following example uses primary and secondary networks to create the same four logical
networks as shown earlier in this section Any interface configuration parameters that you specify
on this interface are applied to all the logical networks For example if you set the routing update
timer to 120 seconds this value is used on all four networks
ipx routing interface ethernet ipx network encapsulation novell-ether ipx network encapsulation snap secondary ipx network encapsulation arpa secondary
ipx network encapsulation sap secondary
Using this method to configure logical networks if you administratively shut down Ethernet
interface using the shutdown interface configuration command all four logical networks are shut
down You cannot bring down each logical network independently using the shutdown command
do this the however you can using ipx down command
To shut down network use the following command
interface ethernet
ipx down
To bring the network back up use the following command
interface ethernet
no ipx down
To shut down all four networks on the interface and remove all the networks on the interface use one
of the following interface configuration commands
no ipx network
no ipx network
To remove one of the secondary networks on the interface in this case network use the following
interface configuration command
no ipx network
The following example enables IPX routing on FDDI interfaces 0.2 and 0.3 On FDDI interface
0.2 the encapsulation type is SNAP On FDDI interface 0.3 the encapsulation type is Novells FDDI_RAW
ipx routing interface fddi 0.2
ipx network f02 encapsulation snap interface fddi 0.3
ipx network f03 encapsulation novell-fddi
IPX Routing Protocols Examples
Three routing protocols can run over interfaces configured for IPX RIP Enhanced IGRP and NLSP
This section provides examples of how to enable and disable various combinations of routing
protocols
Configuring Novell IPX P2C-153 Novell IPX Configuration Examples
When you enable IPX routing with the ipx routing global configuration command the RIP routing
protocol is automatically enabled The following example enables RIP on networks and
ipx routing
interface ethernet
ipx network
interface ethernet
ipx network
The following example enables RIP on networks and and Enhanced IGRP on network
ipx routing
interface ethernet
ipx network
interface ethernet
ipx network
ipx router eigrp 100 network
The following example enables RIP on network and Enhanced IGRP on network
ipx routing
interface ethernet
ipx network
interface ethernet
ipx network
ipx router eigrp 100
ipx network
ipx router rip no ipx network
The following example configures NLSP on two of routers Ethernet interfaces Note that RIP is
automatically enabled on both of these interfaces This example assumes that the encapsulation type
is Ethernet 802.2
ipx routing ipx internal-network
ipx router nlsp areal area-address
interface ethernet
ipx network eO encapsulation sap ipx nlsp areal enable
interface ethernet
ipx network el encapsulation sap ipx nlsp areal enable
P2C-154 Network Protocols Configuration Guide Part Enhanced IGRP Examples
Enhanced IGRP Examples
The sections show several for following examples configuring IPX Enhanced IGRP routing
IPX Enhanced IGRP Example
IPX SAP-Incremental IGRP Example
Enhanced IGRP SAP Update Examples
Advertisement and Processing of SAP Update Examples
IPX Enhanced IGRP Bandwidth Configuration Example
IPX Enhanced IGRP Example
The following example configures two interfaces for Enhanced IGRP routing in autonomous
system
ipx routing
interface ethernet
ipx network 10
interface serial
ipx network 20
ipx router eigrp network 10 network 20
IPX SAP-Incremental IGRP Example
The following example shows sample configuration for enabling the IPX SAP Enhanced IGRP
ipx routing
interface ethernet
ipx network ipx sap-incremental eigrp ipx sap-incremental split-horizon
ipx router eigrp 100 network
Configuring Novell IPX P2C-155 Novell IPX Configuration Examples
Enhanced IGRP SAP Update Examples
If an Ethernet interface has neighbors that are all configured for Enhanced IGRP you might want to
reduce the bandwidth used by SAP packets by sending SAP updates incrementally To do this you
would configure the interface as follows
ipx routing
interface ethernet
ipx network 10 ipx sap-incremental eigrp
interface serial
ipx network 20
ipx router eigrp network 10 network 20
line is for Enhanced If you want to send only incremental SAP updates on serial that configured
IGRP but periodic RIP updates use the following commands
ipx routing
interface ethernet
ipx network 10
interface serial
ipx network 20 ipx sap-incremental eigrp rsup-only
ipx router eigrp network 10 network 20
Advertisement and Processing of SAP Update Examples
The following example causes only services from network to be advertised by an Enhanced IGRP
routing process
accesslist 1010 permit accesslist 1010 deny -l
ipx router eigrp 100 network
distribute-sap--list 1010 out
In the following example the router redistributes Enhanced IGRP into NLSP area Only services
for networks and are accepted by the NLSP routing process
access-list 1000 permit access-list 1000 permit accesslist 1000 deny
ipx router nlsp areal redistribute eigrp distributesap-list 1000 in
P2C156 Network Protocols Configuration Guide Part NLSP Examples
IPX Enhanced IGRP Bandwidth Configuration Example
The following example shows how to configure the bandwidth used by IPX Enhanced IGRP In this
109 is maximum of 25 32 example Enhanced IGRP process configured to use percent or kbps
of 128 kbps circuit
interface serial bandwidth 128
ipx bandwidth-percent eigrp 109 25
In the following example the bandwidth of 56 kbps circuit has been configured to be 20 kbps for
is maximum routing policy reasons The Enhanced IGRP process 109 configured to use of
200 percent or 40 kbps of the circuit
interface serial bandwidth 20
ipx bandwidth-percent eigrp 109 200
NLSP Examples
The following sections show several examples for configuring NSLP
NLSP Multicast Addressing Examples
Enhanced IGRP and NLSP Route Redistribution Example
NLSP Route Aggregation for Multiple NLSP Version 1.1 Areas Example
NLSP Route Aggregation for NLSP Version 1.1 and Version 1.0 Areas Example
NLSP Route Aggregation for NLSP Version 1.1 Enhanced IGRP and RIP Example
NLSP Multicast Addressing Examples
By default NLSP multicast addressing is enabled You do not need to configure anything to turn on
NLSP multicasting
Typically you do not want to substitute broadcast addressing where NLSP multicast addressing is
available NLSP multicast addressing uses network bandwidth more efficiently than broadcast
addressing However there are circumstances where you might want to disable NLSP multicast
addressing
For example you might want to disable NLSP multicast addressing in favor of broadcast addressing
when one or more devices on segment do not support NLSP multicast addressing You might also
want to disable it for testing purposes
If you want to disable NLSP multicast addressing you can do so for the entire router or for
particular interface
The following sections provide sample configurations for disabling multicast addressing
Disable NLSP Multicasting on the Router Example
Disable NLSP Multicasting on an Interface Example
Disable NLSP Multicasting on the Router Example
The following example disables multicast addressing on the router
ipx router nlsp no multicast
Configuring Novell IPX P2C-157 Novell IPX Configuration Examples
Disable NLSP Multicasting on an Interface Example
The following example disables multicast addressing on Ethernet interface 1.2
interface etherneti .2
no ipx nlsp rnulticast
Enhanced IGRP and NLSP Route Redistribution Example
The following example configures router to redistribute NLSP into Enhanced IGRP autonomous
system 100 and Enhanced IGRP autonomous system 100 into NLSP
ipx router eigrp 100 redistribute nlsp
ipx router nlsp redistribute eigrp 100
NLSP Route Aggregation for Multiple NLSP Version 1.1 Areas Example
The following example shows the route aggregation configuration for router connecting multiple
NLSP version 1.1 areas In this example the two areas are area and area2 Because both areas are
NLSP version 1.1 areas redistribution of aggregated routes or explicit routes between the two areas
is automatic
ipx routing ipx internal-network 2000
interface ethernet
ipx network 1001 ipx nlsp areal enable
interface ethernet
ipx network 2001 ipx nlsp area2 enable
ipx router nlsp areal areaaddress 1000 fffff000 route-aggregation
ipx router nlsp area2 areaaddress 2000 fffff000 route-aggregation
NLSP Route Aggregation for NLSP Version 1.1 and Version 1.0 Areas Example
The following example configures the route aggregation feature with customized route
summarization In this example areal is an NLSP version 1.0 area and area2 is an NLSP version 1.1
in areal that fall in area Any explicit routes learned the range of aaaa0000ffff0000 are redistributed
into area2 as an aggregated route Explicit routes from area that do not fall in that range are
redistributed into area2 as an explicit route
P2C-158 Network Protocols Configuration Guide Part NLSP Examples
Because area is an NLSP version 1.0 area it cannot accept aggregated routes learned in area2
Thus when redistribution into area occurs the router sends explicit routes instead of aggregated routes
ipx routing ipx internal-network 2000
interface ethernet
ipx network 1001 ipx nlsp areal enable
interface ethernet ipx network 2001 ipx nlsp area2 enable
accesslist 1200 deny aaaa0000 ffff0000 access-list 1200 permit -l
ipx router nlsp areal area-address 1000 fffff000
ipx router nlsp area2 areaaddress 2000 fffff000 route-aggregation redistribute nlsp areal access-list 1200
NLSP Route Aggregation for NLSP Version 1.1 Enhanced IGRP and RIP Example
In the following example the router connects two NLSP version 1.1 areas one Enhanced IGRP area
and one RIP area
Any routes learned via NLSP that are represented by aaaa0000ffff0000 are not redistributed into
NLSP a2 as explicit routes Instead the router generates an aggregated route Any routes learned via
NLSP a2 that are represented by bbbb0000ffff0000 are not redistributed as explicit routes into NLSP
Again the router generates an aggregated route Any routes learned via RIP that are represented
by cccc0000ffff0000 are not redistributed as explicit routes into NLSP or NLSP a2 Instead the
router sends an aggregated route Likewise any routes learned via Enhanced IGRP 129 that are
represented by dddd0000fffJ0000 are not redistributed into NLSP or NLSP a2 Again the router
sends an aggregated route
ipx routing ipx internal-network 2000
interface ethernet
ipx network aaaa0000 ipx nlsp al enable
interface ethernet
ipx network bbbb0000 ipx nlsp a2 enable
interface ethernet
ipx network cccc0000
interface ethernet
ipx network dddd0000
accesslist 1200 deny aaaa0000 ffff0000 accesslist 1200 permit
Configuring Novell IPX P2C-159 Novell IPX Configuration Examples
accesslist 1201 deny bbbb0000 ffff0000 accesslist 1201 permit
accesslist 1202 deny cccc0000 ffff0000 accesslist 1202 permit
accesslist 1203 deny dddd0000 fftf0000 accesslist 1203 permit
ipx router nlsp al areaaddress 10000 fffff000 route-aggregation redistribute nlsp a2 access-list 1201 redistribute rip access-list 1202 redistribute eigrp 129 accesslist 1203
ipx router nlsp a2 areaaddress 2000 fffff000 route-aggregation redistribute nlsp al access-list 1200 redistribute rip access-list 1202 redistribute eigrp 129 access-list 1203
ipx router eigrp 129 network dddd0000 redistribute nlsp al redistribute nlsp a2
NHRP Examples
The following sections show examples for configuring NHRP
NHRP Example
NHRP over ATM Example
NHRP Example
logical NBMA network is considered the group of interfaces and hosts participating in NHRP and
the identifier 16 illustrates networks having same network Figure two logical NBMA shown as
circles configured over single physical NBMA network Router communicates with Routers
and because they share the same network identifier Router also communicates with
Routers and because they share network identifier After address resolution is complete
Router sends IPX packets to Router in one hop and Router sends them to Router in one
hop as shown by the dotted lines
P2C-160 Network Protocols Configuration Guide Part NHRP Examples
Figure 16 Two Logical NBMA Networks over One Physical NBMA Network
network-id
ipx nhrp network-id ipx nhrp network-id
ipx nhrp network-id
ipx nhrp network-id
ipx nhrp network-id
Statically configured tunnel end points or permanent virtual circuits
Dynamically created virtual circuits
The physical configuration of the five routers in Figure 16 might actually be that shown in Figure 17
The source host is connected to Router and the destination host is connected to Router The same switch serves all five routers making one physical NBMA network
Configuring Novell IPX P2C-161 Novell IPX Configuration Examples
Figure 17 Physical Configuration of Sample NBMA Network
Thno
16 before resolves IPX from Refer again to Figure Initially NHRP any NBMA addresses packets
the source host to the destination host travel through all five routers connected to the switch before
reaching the destination When Router first forwards the IPX packet toward the destination host
Router also generates an NHRP request for the destination hosts IPX address The request is
forwarded to Router where reply is generated Router replies because it is the egress router
between the two logical NBMA networks
Similarly Router generates an NHRP request of its own to which Router replies In this
example subsequent IPX traffic between the source and the destination still requires two hops to
traverse the NBMA network because the IPX traffic must be forwarded between the two logical
if the divided NBMA networks Only one hop would be required NBMA network was not logically
NHRP over ATM Example
The following example shows configuration of three routers using NHRP over ATM Router is
configured with static route which it uses to reach the IPX network where Router resides Router
initially reaches Router through Router Router and Router directly communicate without
Router once NHRP resolves Router As and Router Cs respective NSAP addresses
P2C-162 Network Protocols Configuration Guide Part NHRP Examples
The significant portions of the configurations for Routers and follow
Router
interface ATMO/0 map-group atm nsapaddress 11.1111.11 111111.1111.1111.1111.1111.1111.1111 11 atm rate-queue 10 atm PVC qsaal ipx network ipx nhrp network-id
map-list ipx l.0000.0c15.3588 atmnsap 33.3333.33.333333.33333333333333333333333333
ipx route l.0000.0c15.3588
Router
interface ATMO/0 mapgroup atm nsapaddress 22.2222.22.222222.2222.2222.2222.222222222222.22 atm ratequeue 10 atm pvc qsaal ipx network ipx nhrp networkid
map-list ipx 2.0000.0c15.3628 atm-nsap 33.3333.33.333333.3333.3333333333333333333333
ipx route 2.0000.Ocl5.3628
Router
interface ATMO/0 atm rate-queue 10 atm pvc qsaal
interface ATMO/0.1 multipoint map-group atn nsapaddress 33.3333.33.333333.3333.3333.3333.3333.3333.3333.33 ipx network ipx nhrp network-id
interface ATMO/0.2 multipoint map-group atm nsapaddreas 33.3333.33.3333333333.3333.3333.3333.3333333333 ipx network ipx nhrp network-id
map-list ipx 1.0000 0c15 4f80 atm-nsap 11.1111.11.111111.1111.1111.1111.1111.1111.1111.11
map-list ipx 2.00000c155021 atnnsap 22.2222.22.222222.2222.2222.2222.2222.2222.2222.22
Configuring Novell IPX P2C-163 Novell IPX Configuration Examples
IPX over WAN Examples
The following sections show examples for configuring IPX over WAN and dial interfaces
IPX over WAN Interface Example
IPX over DDR Example
IPX over WAN Interface Example
serial interface that is When you configure the Cisco lOS software to transport IPX packets over
will be for running WAN protocol such as X.25 or PPP you specify how the packet encapsulated IPX interface transport This encapsulation is not the same as the encapsulation used on an LAN
Figure 18 illustrates IPX over WAN interface
Figure 18 IPX over WAN Interface
The following examples configure serial interface for X.25 encapsulation and for several IPX
subinterfaces used in nonmeshed topology
Configuration for Main Router hostname Main
no ip routing novell routing 0000.0c17.d726
interface ethernet
no ip address Novell network 100 nediatype l0BaseT
interface serial
no ip address shutdown
interface serial
no ip address encapsulation x25 x25 address 33333 x25 htc 28
P2C-164 Network Protocols Configuration Guide Part IPX over WAN Examples
interface serial 1.1 point-to-point no ip address novell network x25 map novell 2.0000.0c03.a4ad 11111 BROADCAST
interface serial 1.2 point-to-point no ip address novell network x25 map novell 3.0000.0c07.5e26 55555 BROADCAST
Configuration for Router
hostname Remotel
no ip routing novell routing 0000.0c03.a4ad
interface ethernet
no ip address novell network
interface serial
no ip address encapsulation x25 novell network x25 address 11111 x25 htc 28
x25 map novell 2.0000.Ocl7.d726 33333 BROADCAST
Configuration for Router
hostnarne Remota2
no ip routing novell routing 0000.0c07.5e26
interface ethernet
no ip address novell network media-type lOBaseT
interface serial
no ip address shutdown
interface serial
no ip address encapsulation x25 novell network x25 address 55555 x25 htc 28
x25 map novell 3.0000.0cl7.d726 33333 BROADCAST
Configuring Novell IPX P2C-165 Novell IPX Configuration Examples
IPX over DDR Example
In the configuration shown in Figure 19 an IPX client is separated from its server by DDR
telephone line
Figure 19 IPX over DDR Configuration
Internal Network DDI
filters defined in this Routing and service information is sent every minute The output RIP and SAP
and If example filter these updates preventing them from being sent between Routers you were
to forward these packets the two routers would each have to telephone the other once minute On
serial link that charges based on the number of packets transmitted this is generally not desirable
This might not be an issue on dedicated serial line
Once the server and client have established contact the server will send keepalive watchdog
packets regularly When SPX is used both the server and the client send keepalive packets The
purpose of these packets is to ensure that the connection between the server and the client is still
functional these packets contain no other information Servers send watchdog packets
approximately every minutes
If you were to allow Router to forward the servers keepalive packets to Router Router would
have to telephone Router every minutes just to send these packets Again on serial link that
charges based on the number of packets transmitted this is generally not desirable Instead of having
Router telephone Router only to send keepalive packets you can enable watchdog spoofing on
Router This way when the server connected to this router sends keepalive packets Router will
respond on behalf of the remote client the client connected to Router When SPX is used you
must enable spoofing of SPX keepalive packets on both Router and Routei to inhibit the sending
of them because both the server and the client send keepalive packets
P2C166 Network Protocols Configuration Guide Part IPX over WAN Examples
Configuration for Router
novell routing 0000.0c04.4878
interface EthernetO novell network 15200
interface Serial0 ppp encap or DDRrecommended encapsulation ppp novell network DD1DD2 kill all rip updates novell output-network-filter 801 kill all sap updates novell output-sap-filter 1001 fast-switching off for watchdog spoofing no novell route-cache
dont listen to rip novell router-filter 866 novell watchdog spoofing novell watchdog-spoof SPX watchdog spoofing ipx spx-spoof turn on DOR dialer in-band dialer idle-timeout 200 dialer map IP 198.92.96.132 name Rl3 7917 dialer map NOVELL DD1DD2.0000.0c03.e3c3 7917 dialer-group ppp authentication chap chap authentication required pulse-time
access-list 801 deny FFFFFFFF access-list 866 deny FFFFFFFF serialization packets access-list 900 deny FFFFFFFF FFFFFFFF 457 RIP packets access-list 900 deny FFFFFFFF 453 FFFFFFFF 453 SAP packets access-list 900 deny FFFFFFFF 452 FFFFFFFF 452 permit everything else access-list 900 permit -l FFFFFFFF FFFFFFFF
access-list 1001 deny FFFFFFFF
static novell route for remote network novell route 001 DD1002.0000.0c03.e3c3
IPX will trigger the line up 9.21 and later dialerlist list 900
Configuring Novell IPX P2C167 Novell IPX Configuration Examples
Configuration for Router
novell routing 0000.0c03.e3c3
interface Ethernetl/0 novell network 001
interface Serial2/0 encapsulation ppp novell network 0D10D2 novell outputnetwork-filter 801 novell outputsap-filter 1001 no novell route-cache novell router-filter 866 ipx spxspoof dialer in-band dialer idle-timeout 200 dialer map IP 198.92.96.129 name R5 7919 dialer map NOVELL DDlDO2.0000.0c04.4878 7919 dialer-group ppp authentication chap pulsetime
access-list 801 deny access-list 866 deny access-list 900 deny FFFFFFFF FFFFFFFF 457 access-list 900 deny FFFFFFFF 453 FFFFFFFF 453 access-list 900 deny FFFFFFFF 452 FFFFFFFF 452 access-list 900 permit -l FFFFFFFF FFFFFFFF access-list 1001 deny FFFFFFFF
static novell route for servers internal network novell route 1234 DD1002.0000.0c04.4878 novell route 15200 OD1002.0000.0c04.4878 static route
The following line is the static novell sap required to get to the remote server It informs the router of the next hop
novell sap CE1LAB 1234.0000.0000.0001 451
dialerlist list 900
IPX Network Access Examples
The following sections contain examples for controlling access to your IPX network The sections
show the configurations for various access lists and filters
IPX Network Access Example
Standard Named Access List Example
SAP Input Filter Example
SAP Output Filter Example
IPX NetBIOS Filter Examples
IPX Network Access Example
Using access lists to manage traffic routing is powerful tool in overall network control However
it requires certain amount of planning and the appropriate application of several related commands
Figure 20 illustrates network featuring two routers on two network segments
P2C168 Network Protocols Configuration Guide Part IPX Network Access Examples
Figure 20 Novell IPX Servers Requiring Access Control
Router E0 SO
aa bb
Novell Novell server client ____ aaOl .0000.0000.001 bbOl .0000.0000.001
clients and Network from the services Suppose you want to prevent servers on aa using on Network bb but you want to allow the clients and servers on Network bb to use the services on Network aa To do this you would need an access list on Ethernet interface on Router that blocks all packets coming from Network aa and destined for Network bb You would not need any access list on
Ethernet interface on Router
You would configure Ethernet interface on Router with the following commands
ipx routing access-list 800 deny aa bbOl access-list 800 permit -l -1 interface ethernet
ipx network bb ipx access-group 800
You can accomplish the same result as the previous example more efficiently For example you can place the same output filter on Router interface serial Or you could also place an input filter on interface Ethernet of Router as follows
ipx routing access-list 800 deny bbOl accesslist 800 permit interface ethernet
ipx network aa
ipx access-group 800 in
Note When using access control list logging on an interface with fast switching turned on packets that match the access list and thus need to be logged are slow switched not fast switched
Logging Access Control List Violations
You can keep log of all access control list violations by using the keyword log at the end of the access-list command as follows
accesslist 907 deny 100 log
The previous example denies and logs all packets that arrive at the router from any source in any protocol from any socket to any destination on network 100
The following is an example of log entry for the access-list command
%IPX6ACL 907 deny SPX B5A8 500000.0000.0001 B5A8 100.0000.0000.0001 10 pkts
In this example 10 SPX packets were denied because they matched access list number 907 The packets were coming from socket B5A8 on networks 50.0000.0000.0001 and were destined for socket B5A8 on network 100.0000.0000.0001
Configuring Novell IPX P2C-169 Novell IPX Configuration Examples
Standard Named Access List Example
The following example creates standard access list namedfred It denies communication with only IPX network number 5678
ipx accesslist standard fred deny 5678 any permit any
SAP Input Filter Example
SAP input filters allow router to determine whether to accept information about service
Router Cl illustrated in Figure 21 will not accept and consequently not advertise any information
about Novell server However Router Cl will accept information about all other servers on the
network 3c Router C2 receives information about servers and
Figure 21 SAP Input Filter Novell server NIC 0800.89A1.1527 3c01 .0000.0000.0001
Input SAP filter applied
to interface EO Novell client 1811 89A2 1543
cc 3c Novell server NIC 0800.89A0.6781 3c02.0000.0000.0001
aa 4d
Novell Novell Novell server server client NIC 0207.0104.0874 NIC 0800.1491.2207 0800.0123.1456 aaOl .0000.0000.0001 4d01 .0000.0000.0001
The following example configures Router Cl The first line denies server and the second line
accepts all other servers
accesslist 1000 deny 3c01.0000.0000.0001 access-list 1000 pernit interface ethernet ipx network 3c ipx input-sapfilter 1000 interface ethernet ipx network 4d
P2C-170 Network Protocols Configuration Guide Part IPX Network Access Examples
interface serial ipx network 2b
Note NetWare Versions 3.11 and later use an internal network and node number as their address for
access list commands the first configuration command in this example
SAP Output Filter Example
SAP output filters are applied prior to the Cisco lOS software sending information out specific
interface In the example that follows Router Cl illustrated in Figure 22 is prevented from
advertising information about Novell server out interface Ethernet but can advertise server on network 3c
Figure 22 SAP Output Filter
Novell server NIC 0800.89A1.1527 3c01 .0000.0000.0001
Novell client 1811.89A2.1543
cc 3c
Novell
-- server NIC 0800.89A0.6781 SAP Output 3c02.0000.0000.0001 filters applied
to interface El aa 4d
Novell Novell Novell server server client NIC 0207.0104.0874 NIC 0800.1491.2207 0800.0123.1456 aaOl .0000.0000.0001 4d01 .0000.0000.0001
The following example refers to Router Cl The first line denies server All other servers are
permitted
accesslist 1000 deny aaOl.0000.0000.000l accesslist 1000 permit interface ethernet
novell net 3c interface ethernet
ipx network 4d ipx outputsap-filter 1000 interface serial
ipx network 2b
Configuring Novell IPX P2C-171 Novell IPX Configuration Examples
IPX NetBIOS Filter Examples
The following is an example of using NetBIOS host name to filter IPX NetBIOS frames The
example denies all outgoing IPX NetBIOS frames with NetBIOS host name of Boston on Ethernet
interface
netbios access-list host token deny Boston netbios access-list host token permit
ipx routing 0000.0c17.d45d
interface ethernet
ipx network 155 encapsulation ARPA ipx outputrip-delay 60 ipx triggered-rip--delay 30 ipx outputsap--delay 60 ipx triggeredsap-delay 30 ipx type-20-propagation ipx netbios output-access-filter host token no mop enabled
interface ethernet
no ip address ipx network 105
interface fddi
no ip address no keepalive ipx network 305 encapsulation SAP
interface serial no ip address shutdown
interface serial
no ip address no keepalive ipx network 600 ipx output-rip-delay 100 ipx triggered-rip-delay 60 ipx output-sap-delay 100 ipx triggered-sap-delay 60 ipx type-2 0-propagation
P2C-172 Network Protocols Configuration Guide Part Helper Facilities to Control Broadcast Examples
filter IPX NetBIOS frames This The following is an example of using byte pattern to example numbers that end in 05 This that all IPX permits IPX NetBIOS frames from IPX network means
NetBIOS frames from Ethernet interface network 105 and FDDI interface network 305 will
be forwarded by serial interface However this interface will filter out and not forward all frames from Ethernet interface network 155
netbios access-list bytes finigan permit Q5
ipx routing 0000.0c17.d45d
ipx defaultoutput-rip-delay 1000 ipx defaulttriggered-rip-delay 100 ipx default-output-sap-delay 1000 ipx default-triggered-sap-delay 100
interface ethernet
ipx network 155 encapsulation ARPA ipx output-rip-delay 55 ipx triggered-rip-delay 55 ipx output-sap-delay 55 ipx triggered-sap-delay 55 ipx type-20-propagation media-type lOBaseT
interface ethernet
no ip address ipx network 105 ipx output-rip-delay 55 ipx triggered-rip-delay 55 ipx output-sap-delay 55 ipx triggered-sap-delay 55 media-type lOBaseT
interface fddi
no ip address no keepalive ipx network 305 encapsulation SAP
ipx output-sap-delay 55 ipx triggered-sap-delay 55
interface serial no ip address shutdown
interface serial no ip address no keepalive ipx network 600 ipx type-2 0-propagation ipx netbios input-access-filter bytes finigan
Helper Facilities to Control Broadcast Examples networks The following sections illustrate how to control broadcast messages on IPX
Forwarding to an Address Example
Forwarding to All Networks Example
All-Nets Flooded Broadcast Example
the Note that in the following examples packet type is used This type has been chosen arbitrarily the actual type to use depends on specific application
Configuring Novell IPX P2C173 Novell IPX Configuration Examples
Forwarding to an Address Example
All broadcast packets are normally blocked by the Cisco lOS software However type 20
propagation packets may be forwarded subject to certain loop-prevention checks Other broadcasts be may directed to set of networks or specific host node on segment The following examples
illustrate these options
Figure 23 shows router Cl connected to several Ethernet interfaces In this environment all IPX
clients are attached to segment aa while all servers are attached to segments bb and dd In
controlling broadcasts the following conditions are to be applied
Only type and type 20 broadcasts are to be forwarded
The IPX clients on network allowed broadcast via aa are to type to any server on networks bb and dd
The IPX clients allowed to broadcast via 20 are type to any server on network dd
Figure 23 IPX Clients Requiring Server Access through Router
Novell Novell
client client
aa
Novell
00b4.23cd.llOa
bb
Novell
serverB
Novell 0090.aa23.efOl server 0090.aa23.dlcO cc
The the following example configures router shown in Figure 23 The first line permits broadcast
traffic of from network The type aa interface and network commands configure each specific interface The ipx helper-address commands permit broadcast forwarding from network aa to bb and from network dd The aa to helper list allows type broadcasts to be forwarded Note that broadcasts chosen type are as an example only The actual type to use depends on the application The ipx type-20-propagation command is also required to allow type 20 broadcasts usually IPX
P2C-174 Network Protocols Configuration Guide Part Helper Facilities to Control Broadcast Examples
NetBIOS to be forwarded to all networks where type-20 propagation is enabled The IPX helper-list
filter is applied to both the type packets forwarded by the helper-address mechanism and the type
20 packets forwarded by type-20 propagation
access-list 900 permit aa interface ethernet
ipx network aa ipx type-2 0-propagation ipx helper-address bb tiff ffff ffff ipx helper-address dd.ffff.ffff.ffff ipx helper-list 900 interface ethernet
ipx network bb interface ethernet
ipx network dd ipx type-2 0-propagation
This configuration means that any network that is downstream from network aa for example some
will be able to broadcast to Router Cl unless arbitrary network aal not type network bb through
with series the routers partitioning networks aa and aal are configured to forward these broadcasts
entries be of configuration entries analogous to the example provided for Figure 23 These must connected networks applied to the input interface and be set to forward broadcasts between directly similar In this way such traffic can be passed along in directed manner from network to network
situation exists for type 20 packets
line The following example rewrites the ipx helper-address interface configuration command to
direct broadcasts to server
ipx helper-address bb.00b4.23cd.llOa Permits node-specific broadcast forwarding to Server at address 00b4.23cd.llOa on network bb
Forwarding to All Networks Example
allow client nodes to broadcast to on In some networks it might be necessary to servers multiple
forward broadcasts to all attached are networks If you configure your router to networks you
illustrated in client nodes network 2b1 must flooding the interfaces In the environment Figure 24 on
obtain services from IPX servers on networks 3c2 4al and 5bb through Router Cl To support this
in interface requirement use the flooding address -1 .ffff.ffff.ffff your ipx helper-address
configuration command specifications
Configuring Novell IPX P2C-175 Novell IPX Configuration Examples
Figure 24 Type Broadcast Flooding
Novell
server
3c2
Allows broadcast
flooding from network 2b1 Th
Novell
server
In the following example the first line permits traffic of type from network 2b Then the first
interface is configured with network number The all-nets helper address is defined and the helper
list limits forwarding to type traffic.Type broadcasts from network 2b1 are forwarded to all
directly connected networks All other broadcasts including type 20 are blocked To permit
broadcasts delete the ipx helper-list entry To allow type 20 broadcast enable the
ipx type-20-propagation interface configuration command on all interfaces
access-list 901 permit 2b1 interface ethernet
ipx network 2b1 ipx helperaddress -l.ffffffff.ffff ipx helperlist 901 interface ethernet
ipx network 3c2 interface ethernet
ipx network 4al interface ethernet ipx network 5bb
All-Nets Flooded Broadcast Example The following example configures all-nets flooding on an interface As result of this configuration
Ethernet interface will forward all broadcast messages except type 20 to all the networks it knows how to reach This flooding of broadcast messages might overwhelm these networks with so much broadcast traffic that no other traffic may be able to pass on them
interface ethernet ipx network 23 ipx helper-address -l FFFF FFFF FFFF
P2C-176 Network Protocols Configuration Guide Part IPX Accounting Example
IPX Accounting Example
The following example configures two Ethernet network segments that are connected via serial
link see Figure 25 On Router IPX accounting is enabled on both the input and output interfaces
that is on Ethernet interface and serial interface This means that statistics are gathered for
traffic traveling in both directions that is out to the Ethernet network and out the serial link
On Router IPX accounting is enabled only on the serial interface and not on the Ethernet interface
This means that statistics are gathered only for traffic that passes out the router on the serial link
Also the accounting threshold is set to 1000 which means that IPX accounting will track all IPX
traffic passing through the router up to 1000 source and destination pairs
Figure 25 IPX Accounting Example
Network 200 Router SO Router SI E0 El
Network C003 Network COOl
Configuration for Router
ipx routing interface ethernet
no ip address ipx network C003 ipx accounting interface serial
no ip address ipx network 200 ipx accounting
Configuration for Router
ipx routing interface ethernet
no ip address no keepalive ipx network COOl no mop enabled interface serial
no ip address ipx network 200 ipx accounting ipx accounting-threshold 1000
Configuring Novell IPX P2C-177 Novell IPX Configuration Examples
P2C-178 Network Protocols Configuration Guide Part Index guidelines P2C-19
network numbers P2C- 18 BC Bridging and IBM Networking Configuration zones P2C-17 P2C-21 Guide IPX P2C-175 DC Dial Solutions Configuration Guide configuration examples P2C-168 to extended P2C-119
FC Configuration Fundamentals Configuration Guide extended creating P2C-122 P2C-l25 IC Cisco lOS Interface Configuration Guide implicit deny
implicit masks P2C-125 PlC Network Protocols Configuration Guide Part input P2C-120 named P2C-122 P2C Network Protocols Configuration Guide Part NetBIOS
Part P3C Network Protocols Configuration Guide creating P2C-128
description P2C-1 19 QC Quality of Service Solutions Configuration Guide NetBIOS creating P2C-124
NLSP route P2C-1 19 SC Security Configuration Guide aggregation
routing table filtering P2C-126 VC and Home Voice Video Applications SAP Configuration Guide creating P2C-122
P2C-1 19 WC Wide-Area Networking Configuration Guide standard
standard creating P2C-122 XC Cisco lOS Switching Services Configuration types P2C-119 Guide violations logging P2C-123
access-list within command P2C-22
Symbos access-list zone command P2C-21 accounting IPX command xxiii
configuring P2C-146
database threshold P2C-146
enabling P2C-146
filters P2C-146
maximum transit entries P2C- 146 AARP P2C-2 addresses abbreviating commands AppleTalk P2C-9 xxiii context-sensitive help example P2C-lO access control network numbers P2C-9 P2C-26 AppleTalk P2C-17 to IPX P2C-79 IPX P2C-119 toP2C-121 P2C-128 example P2C-79 command P2C-l9 to P2C-21 access-list additional-zones network numbers P2C-79 P2C-22 access-list cable-range command node numbers P2C-79 access-list command AEP P2C-2 IPX AppleTalk extended P2C-l P2C-122 16 access control P2C-17 to P2C-26 SAP P2C-122 access lists standard P2C-l 15 P2C-122 cable ranges P2C-22 NLSP route aggregation P2C-68 configuration examples P2C-59 to filtering P2C-105 to P2C-1l1 displaying P2C-54 access-list includes command P2C-22 guidelines P2C-19 access-list network command P2C-21 network numbers P2C-18 access-list other-access command P2C-22 zones P2C-17 P2C-21 access-list command P2C-20 other-nbps addresses
lists access example P2C-1O
AppleTalk definition P2C-9
cable ranges P2C-22 network numbers P2C-9
configuration examples P2C-59 to P2C-68 remapping P2C-5
displaying P2C-54
Index P2C-181 AppleTalk continued log neighbor adjacencies P2C-48
adjacent networks P2C-54 neighbors displaying P2C-54
adjacent routers P2C-54 route redistribution P2C-46 AEP P2C-2 routing protocol enabling P2C-46 ARP P2C-2 split horizon P2C-48
ARP table topology table P2C-54
See ARP table AppleTalk enhancements P2C-3
ATCP P2C-38 Ethernet card ATP P2C-2 using P2C- 11
AURP P2C-l5 P2C-27 EtherTalk P2C- P2C- 11
configuring P2C-27 extended interfaces P2C-27 enabling cable range
last-heard-from timer P2C-28 assigning P2C- 13 P2C-54 private path database displaying configuring example P2C-57 interval P2C-28 routing update proxy network numbers P2C-41
tunneling P2C-27 routing P2C-13 P2C-15 P2C-16 P2C-54 update-events queue displaying routing example P2C-57
cable ranges zones
definition P2C-9 names P2C-13
interfaces assigning P2C-13 extended network
remapping P2C-5 definition P2C-7 CAP P2C-33 fast switching
checksums cache entries P2C-54
generation and verification disabling P2C-42 interfaces P2C-43
Ciscos implementation P2C-3 FDDITa1k P2C-
concurrent routing and bridging CRB P2C-16 pre-FDDITa1k packets P2C-53
configuration P2C-l filters
configuration examples P2C-56 to P2C-74 data packet P2C-2 P2C-22 P2C-23 CRB P2C-16 example P2C-59 DDP P2C-2 zones P2C-23
DDR P2C-52 GZL P2C-25
definition P2C-l partial zones P2C-26 mode discovery example P2C-63
example P2C-57 routing P2C-23 interfaces routing table P2C-24
dynamic P2C-l3 routing table example P2C-60
extended P2C- 15 routing update filters P2C-24
nonextended P2C-15 free-trade zone
nonextended interface P2C-57 example P2C-65 domains P2C-49 establishing P2C-28 domain router configuration P2C-49 gleaning P2C-4 P2C-43
domain router configuration figure P2C-50 GZL
encapsulation P2C-3 P2C-8 P2C-30 P2C-35 filters P2C-25 Enhanced IGRP P2C-15 replies P2C-25
active state time limit adjusting P2C-48 integrated routing and bridging
bandwidth P2C-48 See AppleTalk IRB
example P2C-75 InterPoll P2C-55 Ciscos implementation P2C-3 P2C-45 interenterprise routing P2C-49
configuration examples P2C-58 addresses
disabling P2C-46 remapping P2C-5
enabling P2C-15 P2C-27 P2C-46 AURP features P2C-44 example P2C-70 hello P2C-47 packets cable ranges hold time P2C-47 remapping P2C-5
interfaces displaying P2C-54 configuring example P2C-75
P2C-182 Network Protocols Configuration Guide Part P2C-54 AppleTalk continued network connectivity testing P2C-53
domain information P2C-54 network events logging P2C-43
domain names P2C-5 nondiscovery-mode interface P2C- 14
domain numbers P2C-5 nonextended interface
P2C- 13 domains P2C-49 P2C-51 assigning an address P2C-14 hop count P2C-51 enabling routing P2C-12 P2C-13
interfaces P2C-5 routing example P2C-57
remapping P2C-54 zone name assigning P2C-13
nonextended interfaces split horizon P2C-49
interfaces P2C-13 proxy network numbers P2C-41
interface status P2C-54 routing P2C-16
Internet Router software P2C-1 nonextended network
definition P2C-7 internetwork parameters P2C-54
IPTalk packets P2C-35
/etc/services file P2C-36 performance tuning P2C-38 Phase AppleTalk-to-IP address mapping P2C-35 with Phase P2C-8 configuration example P2C-71 to P2C-74 comparison
definition P2C-33 compatibility with Phase P2C-1
definition P2C-7 IP encapsulation P2C-37
node identifier P2C-73 Phase
SLIP drivers P2C-33 comparison with Phase P2C-8
with Phase P2C- 11 tunneling P2C-35 compatibility definition P2C-7 UDP port numbers P2C-36
IRB P2C-16 pre-FDDITa1k packets
K-Star enabling P2C-53
Shiva FastPath routers P2C- 11 proxy network numbers
LANE P2C-3 example P2C-74 P2C-4l load sharing interoperability
round-robin P2C-4 responder support P2C-3 P2C-55
LocalTalk P2C-l round-robin load sharing enabling P2C-41
logical cable P2C-9 routing MacIP example P2C-57
examples P2C-70 extended interfaces enabling
addresses P2C-33 dynamically P2C- 15 extended P2C-13 address ranges P2C-3 interfaces enabling manually
advantages P2C-3l routing enabling
clients P2C-54 on nonextended interface dynamically P2C-14
configuration requirements P2C-31 on nonextended interface manually P2C-12
definition P2C-30 P2C-13
disadvantages P2C-3 routing process P2C-l5
implementation P2C-30 routing protocols
servers P2C-32 P2C-54 specifying P2C-27
traffic P2C-54 routing table P2C-54
maximum paths entries P2C-53
setting P2C-42 update timers P2C-40
MIB P2C-2 routing tables
filters P2C-23 monitoring tasks P2C-53 update
name binding routing uopdates interval timer P2C-41 See AppleTalk NBP
NBP P2C-2 P2C-26 routing updates P2C-40 with zones P2C-40 name registration advertising routes no
task table P2C-54 strict checking P2C-39
services P2C-54 stub mode P2C-39
timers P2C-40 neighbor table deleting entries P2C-53 network definition P2C-9
Index P2C183 AppleTalk continued filters P2C-22
RTMP P2C-2 P2C-15 overview P2C-20
advertising routes with no zones P2C-40 types P2C-21
enabling P2C-27 appletalk address command P2C-13 P2C-14 P2C-l5
routing updates P2C-40 P2C-l6
strict checking P2C-39 AppleTalk Address Resolution Protocol
stub mode P2C-39 See AppleTalk ARP
seed router P2C-14 See ARP table AppleTalk
Shiva FastPath routers P2C- 11 appletalk arp interval command P2C-42 SMRP appletalk arp retransmit-count command P2C-42 fast P2C-37 switching appletalk aip timeout command P2C-42
fast switching cache table P2C-53 appletalk aurp-tickle-time command P2C-28
table P2C-54 forwarding appletalk aurp update-interval command P2C-28
global information P2C-54 appletalk cable-range command P2C- 13 P2C- 15
group table P2C-16 P2C-29
P2C-54 appletalk checksum command P2C-42
neighbor table P2C-55 appletalk client-mode command P2C-38
port table P2C-55 AppleTalk Control Protocol
routing table P2C-55 See AppleTalk ATCP P2C-38 SNMP AppleTalk Datagram Delivery Protocol P2C-29 configuring See DDP
configuring example P2C-70 appletalk discovery command P2C- 15
sockets displaying P2C-54 appletalk distribute-list in command P2C-24
static routes appletalk distribute-list out command P2C-24 P2C-53 defining P2C-52 appletalk domain hop-reduction command P2C-52
displaying P2C-54 appletalk domain name command P2C-5
test mode entering P2C-55 appletalk domain remap-range command P2C-5 TokenTalk P2C- AppleTalk Echo Protocol P2C-2
traffic P2C-54 appletalk eigrp active-time command P2C-48
traffic statistics appletalk eigrp-bandwidth-percentage command P2C-48 P2C-53 resetting appletalk eigrp log-neighbor-changes command P2C-48 transition mode P2C-16 appletalk eigrp split-horizon command P2C-48 P2C-58 example appletalk eigrp timers command P2C-47
tunneling appletalk event-logging command P2C-29 P2C-43 AURP P2C-27 appletalk free-trade-zone command P2C-28 P2C-30 cayman appletalk getzonelist-filter command P2C-25 GRE P2C-30 appletalk glean-packets command P2C-43 methods P2C-29 appletalk iptalk-baseport command P2C-36
Update Routing Protocol appletalk lookup-type command P2C-26 See AURP AppleTalk appletalk macip dynamic command P2C-33 VLANs P2C-3 appletalk macip server command P2C-32 WAN protocols supported P2C-3 appletalk macip static command P2C-33 ZIP appletalk maximum-paths command P2C-42 ZIP query interval P2C-43 appletalk name-lookup-interval command P2C-26
ZIP filters reply appletalk permit-partial-zones command P2C-26
configuration example P2C-69 appletalk pre-fdditalk command P2C-53 overview P2C-25 appletalk protocol command P2C-15 P2C-27 P2C-46 zones P2C-lO P2C-13 appletalk proxy-nbp command P2C-4 information table P2C-54 appletalk require-route-zones command P2C-40
name format P2C-1O appletalk route-cache command P2C-43
special characters P2C-1O appletalk route-redistribution command P2C-27 P2C-47
appletalk access-group command P2C-21 P2C-22 appletalk routing command P2C- 12 P2C-29 P2C-46 P2C-23 appletalk rtmp jitter command P2C-41 Access AppleTalk List Enhancements appletalk rtmp-stub command P2C-39 fast switching P2C-20 appletalk send-rtmp command P2C-40
P2C-184 Network Protocols Configuration Guide Part appletalk static cable command P2C-52 P2C-53 checksums
appletalk static net command P2C-52 P2C-53 AppleTalk P2C-42
appletalk strict-rtmp-checking command P2C-39 Cisco Connection Online
appletalk timers command P2C-40 See CCO
AppleTalk Transaction Protocol P2C-2 Cisco 105
AppleTalk Update Routing Protocol saving configuration changes xxviii
See AppleTalk AURP clear appletalk arp command P2C-53
appletalk virtual-net command P2C-38 clear appletalk neighbor command P2C-53
appletalk zip-query-interval command P2C-43 clear appletalk route command P2C-53
appletalk zip-reply-filter command P2C-25 clear appletalk traffic command P2C-53
clear command P2C-150 appletalk zone command P2C-13 P2C-16 P2C-29 ip nhrp
area-address command P2C-93 P2C-104 P2C-l 11 clear ipx accounting command P2C-15
ARP clear ipx cache command P2C-l47
AppleTalk P2C-2 P2C-42 clear ipx nlsp neighbors command P2C-150
ARP cache clear ipx route command P2C-l47
See ARP table clear smrp mcache command P2C-53
ARP table clock ticks IPX P2C-135 AppleTalk entries P2C-53 Columbia AppleTalk Package See CAP gleaning P2C-43 modes update interval P2C-42 command ATCP summary table xxvii number PDU async interfaces P2C-38 complete sequence ATM See CSNP and fast switching IPX P2C-l 17 concurrent routing bridging ATP P2C-2 See CRB
AURP concurrent routing and bridging CRB P2C- 16
See AppleTalk AURP P2C-27 configuration saving xxviii CRB P2C-16
IPX enabling P2C-84 CSNP
See also NLSP CSNP
backup server table IPX
Enhanced IGRP P2C-9
bandwidth
AppleTalk Enhanced IGRP P2C-48 Datagram Delivery Protocol DDP bridge crb command P2C-16 P2C-84 See AppleTalk
broadcasts See DDP IPX DDP P2C-2
forwarding P2C-128 P2C-132 P2C-142 DDR
type 20 packets P2C-130 P2C-131 AppleTalk P2C-52 example P2C-75 IPX P2C-118
spoofing P2C-118
watchdog packets P2C-1 18 SPX cable ranges spoofing P2C-ll8 See AppleTalk cable ranges watchdog packets P2C-1 18 CAP P2C-33 default form of command cautions using xxviii in text xix usage default routes CCO specifying P2C- 144 accessing xx understanding P2C-80 definition xx
Index P2C-185 discovery mode filters
interfaces AppleTalk
dynamic P2C-13 data packet P2C-2l P2C-22 P2C-23 extended P2C-15 example P2C-59 nonextended P2C-15 zones P2C-23 distribute-list in command P2C-90 P2C-9 GZL P2C-25
distribute-list out command P2C-90 ptial zones P2C-26
distribute-sap-list out command P2C-9 example P2C-63 domains routing P2C-23 See AppleTalk interenterprise routing routing table P2C-24
routing table example P2C-60
routing update filters P2C-24 IPX
broadcast P2C-128
generic P2C-125 eigrp log-neighbor-adjacency-changes GNS P2C-127 command P2C-149 NetBIOS P2C-127 P2C-l28 encapsulation overview P2C-120 AppleTalk P2C-3 P2C-8 P2C-30 P2C-35 routing table P2C-126 IPX P2C-4 P2C-81 to P2C-94 SAP P2C-126 encapsulation ppp command P2C-38 IPX Enhanced IGRP Enhanced IGRP routes P2C-90 AppleTalk configuring P2C-43 route updates P2C-90 IPX configuring P2C-84 SAP updates P2C-91 NLSP route redistribution P2C-89 P2C-113 SAP P2C-113 example P2C-158 floating static routes /etc/services file P2C-36 IPX P2C-134 EtherTalk P2C-l P2C-ll flooded broadcasts extended access lists IPX P2C-142
Frame Relay See access lists fast switching extended networks IPX P2C-117 AppleTalk P2C-7 free-trade zone
AppleTalk
example P2C-65
free-trade zone AppleTalk
establishing P2C-28
FastPath router
AppleTalk P2C-35 K-Star P2C-ll
fast switching P2C-43
AppleTalk P2C-43 Get Nearest Server cache entries P2C-54 See GNS description P2C-l42 ff GetZoneList See GZL cache entries deleting P2C-l47 global configuration mode cache entries displaying P2C- 147 summaiy xxvii directed broadcast P2C-142 packets GNS disabling P2C-142 filters P2C-127 over ATM P2C-l 17 request response delay P2C-139 over Frame Relay P2C- 117 requests P2C-139 over SMDS P2C-l 17 GZL FDDI replies P2C-25 IPX encapsulation P2C-82 FDDITaIk P2C-1 P2C-53
P2C-186 Network Protocols Configuration Guide Part extended creating P2C-122
filtering SAP P2C-l24
implicit deny P2C-125 header compression implicit masks P2C-125 IPX P2C-118 named P2C-122 hello packets named extended P2C-123 AppleTalk named NLSP route aggregation P2C-124 Enhanced IGRP P2C-47 named SAP P2C-l24 IPX Enhanced IGRP intervals P2C-88 named standard P2C-123 IPX Enhanced IGRP timers P2C88 NetBIOS P2C-119 help command xxiii description P2C-1 19 helper addresses NetBIOS creating P2C-124 IPX P2C-128 NLSP route aggregation P2C-l 19 example P2C-173 routing table filtering P2C-126 hold time SAP AppleTalk creating P2C-l22 Enhanced IGRP P2C-47 standard P2C-119 IPX
standard creating P2C-l22 Enhanced IGRP P2C-88 types P2C-l19
violations logging P2C-123
accounting example P2C-177
configuring P2C- 146
IDP database entries deleting P2C-15
characteristics P2C-4 database entries displaying P2C-15
IGRP database threshold P2C-146
Ciscos implementation P2C-45 enabling P2C-146
Integrated Routing and Bridging filters P2C-146
See IRB maximum transit entries P2C-l46
interface command P2C-27 P2C-35 addresses P2C-79
interface configuration mode broadcasts P2C-95
summary xxvii blocking P2C- 141
interface tunnel command P2C-27 P2C-30 forwarding P2C-128 P2C-132 P2C- 142
IP of P2C-35 encapsulation AppleTalk type 20 packets P2C-130 P2C-131
Internet Datagram Protocol clock ticks P2C-135
See IDP compliance with Novells IPX P2C-129
Internet Router software configuration examples P2C- 151 to P2C- 156
requirments P2C- 11 configuration task list P2C-80
colTupted network numbers P2C-148
AppleTalk-to-IP address mapping P2C-35 DDR P2C-118
address command P2C-35 ip DDR configuring over
IPTalk example P2C- 166
/etc/services file P2C-36 default routes
AppleTalk-to-IP address mapping P2C-35 See NLSP default routes
configuration example P2C-71 to P2C-74 default routes specifying P2C-l44
description P2C-33 default routes understanding P2C-80
IP encapsulation P2C-37 disabling P2C-133 P2C-l45
SLIP drivers P2C-33 encapsulation P2C-4 P2C-81 to P2C-94
UDP port numbers P2C-36 IEEE interfaces table P2C-81 IPX Enhanced IGRP P2C-86
access control configuring P2C- 128 backup server table P2C-9
access control violation logging examples P2C-169 Ciscos implementation P2C-5
access lists enabling example P2C-155
configuration examples P2C-168 to P2C-175 features P2C-85
extended P2C-l19 filters P2C-90
Index P2C-187 IPX continued IRB
route updates P2C-90 keepalives P2C- 118
SAP updates P2C-91 LANE support P2C-5
hello packets intervals P2C-88 load sharing
hello packets timers P2C-88 per-host P2C-140 hold time P2C-88 round-robin P2C- 140
queries P2C-92 maximum paths
redistribution P2C-89 description P2C- 140
routes P2C-90 setting P2C-140
SAP messages
updatesexample P2C-156 filtering NetBIOS P2C-128
SAP updates P2C-90 MIB P2C-4 horizon split P2C-89 monitoring tasks P2C-147
task list P2C-86 multicasts P2C-95
timers adjusting P2C-88 Named Access Lists
Enhanced IGRP enabling P2C-86 task list P2C-122
fast switching NetBIOS
cache entries deleting P2C-l47 access control P2C-127
directed broadcast packets P2C- 142 filters P2C- 127
disabling P2C-142 filters example P2C-172
over ATM P2C-117 messages
over Frame Relay P2C- 117 filtering P2C- 128
FDDI P2C-82 NetWare internal network numbers P2C-148
filtering P2C- 103 network access P2C-1 19 to P2C-12l
filters network connectivity testing P2C- 148
broadcast P2C-128 network numbers
generic P2C-125 corrupted P2C- 148
GNS P2C- 127 definition P2C-79
GNS description P2C-127 interfaces P2C-8
NetBIOS P2C-128 internal to NetWare P2C-148
description P2C-127 NLSP See NLSP overview P2C-120 node numbers P2C-79
routing table P2C-126 Novell IPX compliance P2C-129
SAP P2C-126 OS/2 Requestors P2C-148
flooded brOadcasts P2C-l42 padding packets P2C-145
GNS performance tuning P2C-128
control requests P2C-139 per-host load sharing enabling P2C-140
filters P2C-127 ping type selecting P2C-148
queue length PPP P2C-1l9
SAP requests P2C-137 restarting P2C-133 P2C-l45
request response delay P2C-139 RIP
header compression P2C- 118 description P2C-134
helper addresses P2C-l28 updates delay between P2C-133
example P2C-173 updates delays P2C-135
helper addresses specifying P2C- 128 updates timers P2C-135
integrated routing and bridging round-robin load sharing enabling P2C-l40
See IPX IRB route aggregation See NLSP
interfaces displaying status P2C-147 route cache
internal network numbers P2C-148 size P2C-143
IPXWAN P2C- 119 route cache invalidation P2C- 143
disabling P2C-119 routing failed link P2C-119 between emulated LANs P2C-5
network numbers P2C- 119 enabling P2C-8l
PPP P2C-119 enabling example P2C- 151
static routing P2C-l19 enabling on multiple networks P2C-83
P2C-188 Network Protocols Configuration Guide Part P2C-125 iPX continued ipx access-group command P2C-120 P2C-124 enabling on multiple networks ipx access-list command P2C-106 P2C-123
example P2C-152 ipx accounting command P2C-146 P2C-146 enabling over WAN interface ipx accounting-list command P2C-l46 example P2C-164 ipx accounting-threshold command
metrics P2C-4 ipx accounting-transits command P2C- 146
routing table entries ipx advertise-default-route-only command P2C- 144
deleting P2C-l47 ipx backup-server-query-interval command P2C-92
displaying P2C- 147 ipx bandwidth-percent eigrp command P2C-87
routing table entries adding P2C-126 ipx broadcast-fastswitching command P2C- 142 P2C- 136 SAP P2C-4 ipx default-output-rip-delay command P2C- 132
access lists ipx default-output-sap-delay command P2C- 132
creating P2C-l22 P2C-137
delay ipx default-ping command P2C-148
setting P2C-137 ipx default-route command P2C-l44 command P2C- delay between packets ipx default-triggered-rip-delay 132
setting P2C-l32 P2C-133 P2C- 136
filtering P2C-122 ipx default-triggered-sap-delay command P2C- 132
filters P2C-126 P2C-137
filters example P2C- 170 P2C- 171 ipx delay command P2C-l35 down command P2C-145 messages ipx P2C-l33 IPX Enhanced IGRP filtering P2C-126 bandwidth queue length P2C-157 setting P2C-137 examples P2C-149 responses to GNS requests interfaces displaying
controlling P2C-1 39 log neighbor adjacencies P2C-l49 horizon P2C-91 P2C- 149 split monitoring
static entries neighbors displaying P2C- 149
entries P2C-149 configuring P2C-136 routing table displaying
table topology table P2C-149
static entries P2C-136 traffic displaying statistics P2C- 149 P2C- 139 updates P2C-90 ipx gns-reply-disable command P2C-139 setting P2C-137 ipx gns-response-delay command P2C-139 secondary networks ipx gns-round-robin command P2C-88 configuring example P2C-153 ipx hello-interval command
shutting down example P2C-153 ipx helper-address command P2C-128 P2C-132
servers displaying P2C-147 P2C- 142
spoofing P2C-118 ipx helper-list command P2C-l28
static routes ipx hold-time eigrp command P2C-88 P2C-126 adding to routing table P2C-134 ipx input-network-filter command
description P2C-134 ipx input-sap-filter command P2C-126
floating P2C-134 ipx internal-network command P2C-93
static routes overriding P2C-134 ipx ipxwan command P2C-119
subinterfaces P2C-94 ipx ipxwan error command P2C- 119
configuring P2C-83 ipx ipxwan static command P2C- 119
configuring example P2C- 152 ipx link-delay command P2C-97
NLSP P2C-94 ipx linkup-request command P2C-139 140 shutting down example P2C-152 ipx maximum-paths command P2C-
tick count P2C-135 ipx netbios input-access-filter command P2C-128
traffic displaying statistics P2C-147 ipx netbios output-access-filter command P2C-128
type 20 packets ipx network command P2C-82 P2C-84 P2C-94
accepting P2C-131 P2C-119 P2C- 145 15 forwarding P2C-130 P2C-13l ipx nhrp authentication command P2C-1
holdtime command P2C-1 17 VLANs support P2C-5 ipx nhrp
watchdog packets P2C-118 ipx nhrp interest command P2C-1 16
Index P2C-189 ipx nhrp map command P2C-114 P2C-150 ipx type-20-output-checks command P2C-131
ipx nhrp max-send command P2C-1 16 ipx type-20-propagation command P2C-130 P2C-l 33
ipx nhrp network-id command P2C-1 14 ipx update interval command P2C-135 P2C-137 nhs ipx nhrp command P2C-1 15 ipx update sap-after-rip command P2C-l38
ipx nhrp record command P2C-117 IPX WAN
ipx nhrp responder command P2C- 117 See IPX IPXWAN
ipx nhrp use command P2C- 116 IRB
ipx nlsp csnp-interval command P2C-98 interfaces
ipx nlsp enable command P2C-94 P2C-105 to P2C-1 12 IPX
ipx nlsp hello-interval command P2C-98
ipx nlsp lsp-interval command P2C-98
ipx nlsp metric command P2C-96
ipx nlsp multicast command P2C-96
ipx nlsp priority command P2C-97 keepalives ipx nlsp-retransmit-interval command P2C-98 IPX P2C-118 ipx nlsp rip command P2C- 112 SPX P2C-118 ipx nlsp sap command P2C-l 13 Kinetics FastPath router ipx output-gns-filter command P2C-127 KIP software P2C-35 ipx output-network-filter command P2C-126 K-Star ipx output-rip-delay command P2C- 132 P2C-133 Shiva FastPath routers P2C- 11 P2C-135
ipx output-sap-delay command P2C-132 P2C-133 P2C-137
ipx output-sap-filter command P2C- 126
ipx pad-process-switched-packets command P2C- 145
ipx per-host-load-share command P2C- 140 LANE command P2C-138 ipx rip-max-packetsize P2C-136 routing between emulated LANs .P2C-3 P2C-5 command P2C-136 ipx rip-multiplier link-state packet LSP ipx route-cache command P2C-142 P2C-145 See NLSP LSP
ipx route-cache inactivity-timeout command P2C-143 LocalTalk P2C-
route-cache max-size command P2C-143 ipx log-adjacency-changes command P2C-99 P2C- 150 route command ipx P2C-134 log neighbor adjacencies router command P2C-1 ipx P2C-86 P2C-89 P2C-93 13 AppleTalk enhanced IGRP P2C-48
ipx router eigrp command P2C-109 P2C-110 IPX Enhanced IGRP P2C-149
router-filter command P2C-126 ipx lsp-gen-interval command P2C-98 router command P2C-l04 P2C-l11 ipx nlsp P2C-96 to lsp-mtu command P2C-99 command P2C- 126 ipx router-sap-filter lsp-refresh-interval command P2C-98
ipx routing command P2C-8 IPX SAP-after-RIP
queries disabling P2C-139
task table P2C-138
updates P2C-138 MacIP ipx sap command P2C-136 addresses P2C-33 ipx sap-incremental command P2C-90 address ranges P2C-31 ipx sap-incremental split-horizon command P2C-91 advantages P2C-3 ipx sap-max-packetsize command P2C-136 AppleTalk traffic P2C-54 ipx sap-multiplier command P2C-138 clients P2C-54 ipx sap-queue-maximum command P2C- 137 description P2C-30 ipx source-network update command P2C-148 disadvantages P2C-3 ipx split-horizon command P2C-89 implementation P2C-30 ipx throughput command P2C-97 requirements P2C-3 ipx triggered-rip-delay command P2C- 132 P2C-135 servers P2C-32 P2C-54 ipx triggered-sap-delay command P2C- 132 P2C-137 ipx type-20-helpered command P2C- 132 ipx type-20-input-checks command P2C- 131
P2C-190 Network Protocols Configuration Guide Part maximum paths IPX
AppleTalk hoidtime P2C-l 17
setting P2C-42 initiation controlling P2C-1 16
IPX loop detection P2C-1l6
description P2C- 140 next hop server P2C-1 17
setting P2C-140 packet rate P2C- 116
max-isp-lifetime command P2C-98 record options suppressing P2C-l 17
messages requests triggering P2C- 116
access list violation P2C-123 time addresses P2C-1 17
logging P2C-123 NHRP for IPX
metrics access lists P2C-115
routing authentication P2C- 115 IPX P2C-4 cache
XNS P2C-4 clearing dynamic entries P2C-150
MIB clearing static entries P2C- 150
AppleTalk P2C-2 monitoring P2C-150
IPX P2C-4 initiation controlling P2C-1 15
NLSP P2C-93 next hop server P2C-1l5 modes static IPX-to-NBMA address mapping P2C-1 14
See command modes tasklist P2C-l14 muiticast command P2C-96 traffic monitoring P2C-150 NLSP
adjacencies P2C-150
adjacency state P2C-150
area network numbers P2C-93
CSNP interval specifying P2C-87 P2C-97 P2C-98 Name Binding Protocol database P2C- 150 SeeNBP default routes named IPX access lists P2C-122 advertising P2C-144 name display facility designated router AppleTalk P2C-26 definition P2C-97 NBMA network election priority specifying P2C-97 addresses advertised P2C-1 17 pseudonode P2C-97 logical versus physical figure P2C-161 enabling on an interface NBP P2C-2 LAN P2C-94 definition P2C-2 P2C-26 WAN P2C-94 description P2C-26 Enhanced IGRP route redistribution P2C-89 name registration P2C-1 13 task table P2C-54 example P2C-158 services P2C-54 GNS queries replying to P2C-139 NetBIOS hello interval specifying P2C-98 IPX hop count maximum from RIP updates P2C-87 filtering messages P2C-l28 P2C-97 NetBIOS IPX P2C-127 internal network number setting P2C-93 access control P2C-127 link delay specifying P2C-97 filters example P2C-172 LSP P2C-98 P2C-99 netbios access-list command P2C- 124 LSP link-state packet P2C-98 NetWare Link Services Protocol metric specifying P2C-96 See NILSP MIB P2C-93 network command P2C-86 P2C-109 P2C-i10 multicast addressing network numbers disabling P2C-96 IPX P2C-79 disabling examples P2C-157 Next Hop Resolution Protocol multiple encapsulations P2C-83 P2C-94 See NHRP P2C- 150 NHRP neighbors partial route calculation setting interval P2C-99 enabling P2C- 114
Index P2C-191 NLSP continued node numbers
pseudonode P2C-97 IPX P2C-79
RIP entries aging out P2C-136 no form of command
RIP packets using xxviii
maximum size P2C-138 nonbroadcast multiaccess network
processing P2C- 112 See NBMA network
route aggregation P2C-99 nonextended network
aggregated routes P2C-100 AppleTalk P2C-7
area addresses P2C-100 notes
area addresses and route summaries P2C-100 usage in text xix
areas P2C-101 Novell IPX
benefits P2C-99 See IPX
configuration task list P2C-104
customized route summarization P2C- 103
default route
redistribution P2C-101 to P2C-102
default route summarization P2C-102 online documentation Enhanced IGRP and NLSP 11 P2C- 109 See CCO filtering and route summarization
relationship P2C- 103
multiple NLSP 1.1 areas example P2C-158
multiple NLSP 1.1 areas configuring P2C-104
in multiple NLSP versions single area padding packets IPX P2C-145 mixing P2C-10l Phase NLSP and RIP 11 Enhanced IGRP See AppleTalk Phase example P2C-l59 Phase
NILSP 1.1 and NLSP 1.0 areas See AppleTalk Phase P2C-l58 example ping command
NLSP 1.1 and NLSP 1.0 areas AppleTalk P2C-53 P2C-54
configuring P2C-106 IPX P2C-148
path selection P2C-103 Plain English IPX Access List RIP and P2C-lll NLSP 1.1 configuring types P2C-122 route summaries P2C-100 Ppp
route summarization P2C-102 to P2C-103 IPX P2C-119
service selection P2C-l03 priority-list protocol command P2C-21
single versus multiple areas P2C-lOl privileged EXEC mode SAP summary xxvii entries prompts out P2C-138 aging system xxvii
packets proxy network numbers maximum size P2C-136 example P2C-74
shortest path first algorithm SPF interoperability P2C-4l
calculation interval P2C-99 pseudonode NLSP P2C-97 subinterfaces P2C-83 P2C-94
configuring example P2C-152
shutting down example P2C-152
throughput specifying P2C-97
NLSP Multicast Addressing question command xxiii examples P2C-l57
task list P2C-95
NLSP Multicast Support overview P2C-95
see also NLSP Multicast Addressing
P2C-192 Network Protocols Configuration Guide Part routing table
update timers P2C-40
routing updates P2C-40 redistiibute command P2C-89 P2C-l 13 strict checking P2C-39 route aggregation P2C-105 P2C-106 P2C-108 stub mode P2C-39 P2C-l11 P2C-112 redistribution
AppleTalk Enhanced IGRP P2C-46 IPX Enhanced IGRP P2C-89 responder support AppleTalk P2C-55 SAP RFC 1243 P2C-2 delay between packets P2C-l37 RFC IPX header WAN 1553 compression over setting P2C-132 P2C-133 media P2C-118 description P2C-4 1634 P2C-119 RFC filters RIP creating P2C-126 IPX filters example P2C-170 P2C-134 description filters examples P2C- 171 disable of P2C-139 sending general query general query timers P2C-135 disabling P2C-139 updates P2C-135 delays queue length updates to SAP P2C-138 linking setting P2C-137
updates to SAP P2C-138 linking updates responses to GNS requests ROM monitor mode controlling P2C-139 xxvii summary static entries route NLSP aggregation configuring configuring P2C-136 P2C-137 See NLSP table route-aggregation command P2C-104 to P2C-1 12 static entries P2C-136 route cache updates size P2C-143 Enhanced IGRP P2C-90 route cache invalidation linking to RIP P2C-138 P2C- 143 controlling setting P2C-137 route redistribution update timers P2C-137 Enhanced IGRP saving configuration changes xxviii NLSP P2C-89 secondary networks IPX Enhanced IGRP and NLSP See IPX secondary networks
example P2C-l58 seed router Enhanced IGRP P2C-113 NLSP configuring AppleTalk P2C-l4 See also redistribution Sequenced Packet Exchange routes See SPX
static Service Advertisement Protocol
IPX P2C-134 See SAP routing table Shiva FastPath router
AppleTalk P2C-54 K-Star P2C-11 P2C-39 controlling show appletalk access-lists command P2C-54 timers P2C-40 update show appletalk adjacent-routes command P2C-54 IPX P2C-126 P2C-l47 show appletalk arp command P2C-54 Routing Table Maintenance Protocol show appletalk aurp events command P2C-54 See RTMP show appletalk aurp topology command P2C-54 tables routing show appletalk cache command P2C-54
AppleTalk show appletalk domain command P2C-54
update filters P2C-23 show appletalk eigrp interfaces command P2C-54 RTMP P2C-2 show appletalk eigrp neighbors command P2C-54 routes with no zones P2C-40 advertising show appletalk eigrp topology command P2C-54 definition P2C-2 show appletalk globals command P2C-54 interfaces P2C-15 show appletalk interface command P2C-54
Index P2C193 show appletalk macip-clients command P2C-54 spoofing
show appletalk macip-servers command P2C-54 IPX P2C-118
show appletalk macip-traffic P2C-54 SPX keepalive packets over DDR P2C- 118
show appletalk name-cache command P2C-54 SPX spoofing of keepalive packets P2C-1 18
show appletalk nbp conmand P2C-54 SSP
show appletalk neighbors command P2C-54 statistics summary
show appletalk remap command P2C-54 standard access lists show appletalk route command P2C-54 See access lists IPX
show appletalk socket command P2C-54 static routes
show appletalk static command P2C-54 AppleTalk P2C-52 P2C-53 P2C-54 show appletalk traffic command P2C-54 IPX P2C-134 show appletalk zone command P2C-54 subinterface configuration mode
show ip nhrp command P2C- 150 summary xxvii
show ip nhrp traffic command P2C-150 subinterfaces
show ipx accounting command P2C-151 defined P2C-83
show ipx cache command P2C-147 IPX P2C-94
show ipx eigrp interfaces command P2C-149 configuring example P2C-152
show ipx eigrp neighbors command P2C-149 shutting down example P2C-l52
show ipx eigrp topology command P2C-149 NLSP P2C-94
show ipx interface command P2C-l47 configuring example P2C-152
show ipx nlsp database command P2C-150 shutting down example P2C-152
show ipx nlsp neighbors command P2C-150 synchronizing SAP and RIP updates P2C-138
show ipx nlsp spf-log command P2C-150
show ipx route command P2C-147 P2C-149
show ipx servers command P2C-147
show ipx traffic command P2C-147 P2C-149
show smrp forward command P2C-54 Tab key show smrp globals command P2C-54 command completion xxiii show smrp group command P2C-54 test appletalk command P2C-55 show smrp mcache command P2C-54 tick count show smrp neighbor command P2C-55 IPX P2C-135 show smrp port command P2C-55 timers show smrp route command P2C-55 IPX Enhanced IGRP adjusting P2C-88 show smrp traffic command P2C-55 TokenTalk P2C-1 show sse summary command P2C-147 topology table Silicon Switch Processor AppleTalk Enhanced IGRP P2C-54 See SSP IPX Enhanced IGRP P2C-l49 SLIP transition mode drivers AppleTalk P2C-l6 IPTalk P2C-33 SMDS example P2C-58 tunnel destination command P2C-27 P2C-28 P2C-30 fast switching tunneling IPX P2C-117 AURP P2C-27 SMRP cayman P2C-30 fast switching cache table P2C-54 GRE P2C-30 traffic table P2C-55 methods P2C-29 smrp mroute-cache protocol appletalk command P2C-37 tunnel mode command P2C-35 SNMP P2C-27 P2C-30 tunnel source command P2C-27 P2C-28 P2C-30 AppleTalk configuring P2C-29 P2C-35 snmp-server community command P2C-29 type 20 packets P2C-130 P2C-131 spf-interval command P2C-99 horizon split
AppleTalk Enhanced IGRP P2C-48 IPX Enhanced IGRP P2C-89
P2C-194 Network Protocols Configuration Guide Part UDP port numbers
IPTalk P2C-36 user EXEC mode
summary xxvii
VLANs
AppleTalk support P2C-3
IPX support P2C-5
watchdog packets P2C-1 18 DDR P2C418
Xerox Network Systems See XNS XNS
IDP P2C-4
routing metrics P2C-4
ZIP
definition P2C-2
query interval P2C-43
reply filters P2C-25
Zone Information Protocol
See ZIP zones
See AppleTalk zones
Index P2C-195 P2C-196 Network Protocols Configuration Guide Part Corporate Headquarters European Headquarters Americas Asia Headquarters Cisco Systems Inc Cisco Systems Europe sari Headquarters Nihon Cisco Systems KI
170 West Tasman Drive Parc Evolic Batiment L1/L2 Cisco Systems Inc Fuji Building 9th Floor San Jose CA 95134-1706 16 Avenue do Quebec 170 West Tasman Drive 3-2-3 Marunouchi USA Villebon BP 706 San Jose CA 95 134-1706 Chiyoda-ku Tokyo 100 http//www.cisco.com 91961 Courtaboeuf Cedex USA Japan Tel 408 526-4000 France http//www.cisco.com http//www.cisco.com 800 553-NETS 6387 http//www-europecisco.com Tel 408 526-7660 Tel 81 5219 6250 Fax 408 526-4100 Tel 33 69 18 61 00 Fax 408 527-0883 Fax 81 5219 6001 Fax 33 69 28 83 26
Cisco Systems has more than 200 offices in the following countries Addresses phone numbers and fax numbers are listed on the
Cisco Connection Online Web site at http//www.cisco.com/offices
Argentina Australia Austria Belgium Brazil Canada Chile China Colombia Costa Rica Croatia Czech Republic Denmark Dubai UAE
Finland France Germany Greece Hong Kong Hungary India Indonesia Ireland Israel Italy Japan Korea Luxembourg Malaysia
Mexico The Netherlands New Zealand Norway Peru Philippines Poland Portugal Puerto Rico Romania Russia Saudi Arabia Singapore
Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey Ukraine United Kingdom United States Venezuela
in the USA Printed on recycled paper containing 10% postconsumer waste
Pe Nmb 56-2343-05 78-5832-01