This chapter discusses the use of Serial Line Internet Protocol (SLIP) and Point-to-Point Protocol (PPP) with the 7318.
The Model S20 supports the capability of transparently connecting remote hosts to a local area network, using the Serial Line Internet Protocol (SLIP) or Point-to-Point Protocol (PPP). This capability gives remote host users access to network resources on local hosts and gives terminal users on the transparent 7318 network access to the remote host. The Remote Host to Local Host figure illustrates this kind of network configuration:
SLIP or PPP allows users logged into either host to have transparent network access to resources on the 7318 or to the other host. Similarly, a terminal user connected to the network through the 7318 would have access to either host.
The mechanisms associated with SLIP and PPP do not support general purpose routing in that no routing information is automatically passed over the serial link. All routes must be configured in the 7318 configuration file.
The 7318's gateway can be defined as the destination address of a SLIP or PPP link. This allows the 7318 to bridge to another network over a serial link.
The Model S20 has a limited ability to make a single remote host transparently accessible from hosts on the same network as the 7318's Ethernet connection. It uses a mechanism known as proxy Address Resolution Protocol (ARP), which ensures that the 7318 will respond to ARP requests from other devices on the network on behalf of the remote host.
The proxy ARP mechanism requires that the remote host be located on the same subnet as the 7318. To be on the same subnet, the subnet portion of the remote's IP address must match the subnet portion of the 7318's IP address. The subnet portion is determined by the bitwise AND of the IP address and the subnet mask.
For example, given the following addresses:
Remote host IP address | 128.212.245.10 (hex 0x80d4f50a) |
Local host IP address | 128.212.250.20 (hex 0x80d4fa14) |
Subnet mask | 255.255.240.0 (hex 0xfffff000) |
The subnet is 128.212.240.xx (hexadecimal 0x80d4f000)
Therefore, with the above subnet mask, both hosts will be on the same subnet (128.212.240.xx) and the 7318 can transparently forward packets between the two hosts (assuming all other conditions are met).
Because the TCP/IP implementation in the 7318 includes support for proxy ARP, ARP requests for the remote host from systems on the Ethernet are answered by the 7318. IP packets destined for the remote host from the systems on the Ethernet are then sent to the 7318, which forwards them over the PPP or SLIP serial line.
A route to the Ethernet through the 7318 SLIP or PPP serial line must be installed on the remote host. This is usually done with the route command, such as:
route add net 128.212.240.0 cns_slip1 1
To summarize S20 transparent access using proxy ARP:
To use this capability, you must configure SLIP or PPP on one or more 7318 ports using the following configuration information.
SLIP can be started either automatically or through the command shell. Startup through the command shell is useful when logging into the 7318 from a remote workstation. Remote workstations, such as a personal computer, often support a variety of applications through their serial port. For instance, a terminal emulator can allow the workstation to be used as a terminal when accessing the 7318. In this mode, either telnet or rlogin can be used to access hosts on the ethernet.
If an application can offload processing from the remote host to the workstation using SLIP, this can be started manually from the command line, and the terminal emulator is stopped.
A SLIP session can be started without using the autostart parameter in the configuration file or by programming an automatic application to SLIP.
Certain parameters must be placed in the configuration file to use SLIP.
Note: The 7318 does not allow BOOTP over the SLIP connection.
If you are configuring automatic SLIP sessions, you must have a [SLIPNN] for each session. If you are configuring command line SLIP sessions, you only need to include a [SLIPNN] if you want to specify certain parameters for that port. Parameters defined with low precedence act as default values if they are not redefined with higher precedence.
Configuration parameters can be defined by:
The following parameters can be defined in the [SLIP] section:
The [SLIPNN] section lists associations between the SLIP process and the logical devices. Such associations should only be made to COM devices and not to LDT devices. Based on the nslips parameter in the [SLIP] section, the configuration is expecting sections [SLIP01] through [SLIPNN].
If SLIP starts automatically on the port, the corresponding session sections for this should have their application parameter set to reserved.
If SLIP is started from the command line on a port, the configuration for the port must have one application set to command and at least one other session set to dynamic.
The format for the slip command is:
slip [-s source] [-d destination] [-a] [-c] [-i] [-m MruSize]
Once SLIP is started on a port, it will not return to a command session until the port is reinitialized.
The following is an example of SLIP being disabled for all command lines except for port 13 . By default, ICMP is enabled for the two SLIP sessions that are defined. The first SLIP session autostarts in port 14 , has compression turned on, and a maximum packet size of 1006. Port 13 has command line SLIP enabled, with compression autosensing. The command line requires that both source and destination addresses be specified.
[SLIP] nslips = 2 source = 255.255.255.255 destination = 255.255.255.255 icmp = nosuppress [SLIP01] device = COM port = 14 compression = 1 source = 128.212.66.164 destination = 128.212.66.180 maxpkt = 1006 autostart = 0 [SLIP02] device = COM port = 13 compression = 2 source = 0.0.0.0 destination = 0.0.0.0 maxpkt = 1500 autostart = 0
The command line to start SLIP on port 13 is:
slip -s 128.212.66.164 -d 128.212.66.181
The [PPP] section specifies how many additional PPP sections of the form [PPPNN] are found in the configuration. Each numbered PPP section shows the configuration for a single port.
If you are configuring automatic PPP sessions, you must have a [PPPNN] section for each session. If you configure command line PPP sessions, you need to include a [PPPNN] section if you want to specify certain parameters for that port. Parameters defined with low precedence act as default values if they are not redefined in a section with higher precedence.
Configuration parameters can be defined using:
When you configure PPP, set the application identifiers to reserved for the Session sections on the desired Port.
The following parameters can be defined in the [PPP] section:
The [PPPNN] subsection lists an association between the PPP process and a 7318 port. The number of [PPPNN] subsections must match the value specified by nppps entry in the [PPP] section.
The Point-to-Point Protocol (PPP) allows for address negotiation. When a PPP link is brought up, it is possible for the two ends to inform each other of the presence or lack of an IP address.
Addressing is controlled by four parameters: source, destination, ipaddress, and newaddress.
The ipaddress parameter determines whether or not the 7318 actively starts address negotiation. Leave this parameter off and try to bring up the link. If the link does not come up, try turning this on. If the ipaddress parameter is on, the newaddress parameter determines the type of negotiation to use. If off, RFC-1172 negotiation is used. This is an obsolete form of negotiation, so only use it if the remote side requires it. If possible, set this parameter and use RFC-1332 negotiation. When the 7318 responds to address negotiation requests, it automatically determines the correct form to use.
The 7318 allows for the following addressing cases:
In the first and second cases, the 7318 specifies both the source and destination addresses. In the third case, the destination address in the 7318 should be set to 0.0.0.0.
If both the 7318 and the remote sides have the destination address set to 0.0.0.0 or if the same addresses are specified on both sides of the link and they do not match, address negotiation fails and the link does not come up.
If PPP is to start automatically on the port, the corresponding session sections for this port should have their application parameter set to reserved.
If PPP is started from the command line on a port, the configuration for the port must have one application set to command and at least one other session set to dynamic.
The format for the ppp command is:
ppp [ -s source ] [ -d destination ] [ -a accm ] [ -m MruSize ] [ -n ] [ -p ] [ -v ] [ -x ]
Once PPP is started on a port, it will not return to a command session until the port is reinitialized.
A PPP session can be made secure in a variety of ways. If a link is made to autostart, then the PAP security mechanism should be enabled. PAP is a protocol that runs while the PPP link is being brought up and required verification of the password or a userid/password combination before PPP will run. The verification for the PPP link is controlled by the pap parameter in the [PPP] section as shown in the following examples:
The first example sets up a password of q3tgap for the PPP link defined in this section:
[PPP01] ... pap-1 pwd=q3tgap
This second example uses the incoming userid and password for this PPP session:
[PPP02] ... pap=1
Depending on the state of the 7318 passwords, the userid/password will be verified locally (passwords=1) or with kerberos. When setting up the PPP application, which is connecting to the 7318, make sure that encrypted passwords are not supplied by the application. Some operating systems allow the password used by the user for logging in to be sent across the PPP link. This type of password is not supported by the 7318.
CHAP is another authentication protocol used by PPP and can be selected on some systems. The 7318 does not support the CHAP protocol.
Another way to secure a PPP link is to use the command line mode of PPP and for the user to login first. This ISA mode is commonly used by UNIX hosts. Passwords are enabled on the 7318, PPP is set up with autostart off, and the command line mode enabled. You are forced to log into the 7318 using a userid and password before the PPP link can be brought up.
If you have problems with SLIP, it is important to remember that SLIP is just a transport mechanism for the TCP/IP protocols. Testing if SLIP is working is verifying if you have TCP/IP connectivity.
Unlike Point-to-Point Protocol, SLIP does not have the concept of a link being UP or DOWN. SLIP does not have a link control protocol, so when you bring the SLIP link up, nothing really happens until you try to move data over the link.
If you are unable to connect across the SLIP link, you might have a serial or routing problem.
Start debugging using ping to check connectivity. Start at the remote side.
If step 1 fails, you have a configuration problem on your remote host. If step 2 fails, the link has a serial configuration problem. If step 2 works, step 3 should always work. If step 4 fails, you have a routing problem. If the remote host is NOT on the same subnet as the ethernet, you must put a routing table entry in that host.
If step 5 fails, you have an ethernet connectivity problem. If step 6 fails, but step 2 works, you have a routine problem in the remote host.
To set a default gateway to tell the remote host the subnet represented by the ethernet is on a link, enter:
route add 0.0.0.0 192.132.5.4 1
If the link works, but performance is not good, check for errors on the serial interface. You may have a flow control problem. Your link can only pass data as fast as the link is configured. If your serial link is running at 9600 bps, the file transfers are quite slow, less than 1 KB/second.