This chapter discusses the use of Serial Line Internet Protocol (SLIP) and Point-to-Point Protocol (PPP) with the 7318.
The Model S20 supports the capability of transparently connecting remote hosts to a local area network, using the Serial Line Internet Protocol (SLIP) or Point-to-Point Protocol (PPP). This capability gives remote host users access to network resources on local hosts and gives terminal users on the transparent 7318 network access to the remote host. The Remote Host to Local Host figure illustrates this kind of network configuration:
SLIP or PPP allows users logged into either host to have transparent network access to resources on the 7318 or to the other host. Similarly, a terminal user connected to the network through the 7318 would have access to either host.
The mechanisms associated with SLIP and PPP do not support general purpose routing in that no routing information is automatically passed over the serial link. All routes must be configured in the 7318 configuration file.
The 7318's gateway can be defined as the destination address of a SLIP or PPP link. This allows the 7318 to bridge to another network over a serial link.
The Model S20 has a limited ability to make a single remote host transparently accessible from hosts on the same network as the 7318's Ethernet connection. It uses a mechanism known as proxy Address Resolution Protocol (ARP), which ensures that the 7318 will respond to ARP requests from other devices on the network on behalf of the remote host.
The proxy ARP mechanism requires that the remote host be located on the same subnet as the 7318. To be on the same subnet, the subnet portion of the remote's IP address must match the subnet portion of the 7318's IP address. The subnet portion is determined by the bitwise AND of the IP address and the subnet mask.
For example, given the following addresses:
|Remote host IP address||126.96.36.199 (hex 0x80d4f50a)|
|Local host IP address||188.8.131.52 (hex 0x80d4fa14)|
|Subnet mask||255.255.240.0 (hex 0xfffff000)|
The subnet is 128.212.240.xx (hexadecimal 0x80d4f000)
Therefore, with the above subnet mask, both hosts will be on the same subnet (128.212.240.xx) and the 7318 can transparently forward packets between the two hosts (assuming all other conditions are met).
Because the TCP/IP implementation in the 7318 includes support for proxy ARP, ARP requests for the remote host from systems on the Ethernet are answered by the 7318. IP packets destined for the remote host from the systems on the Ethernet are then sent to the 7318, which forwards them over the PPP or SLIP serial line.
A route to the Ethernet through the 7318 SLIP or PPP serial line must be installed on the remote host. This is usually done with the route command, such as:
route add net 184.108.40.206 cns_slip1 1
To summarize S20 transparent access using proxy ARP:
To use this capability, you must configure SLIP or PPP on one or more 7318 ports using the following configuration information.
SLIP can be started either automatically or through the command shell. Startup through the command shell is useful when logging into the 7318 from a remote workstation. Remote workstations, such as a personal computer, often support a variety of applications through their serial port. For instance, a terminal emulator can allow the workstation to be used as a terminal when accessing the 7318. In this mode, either telnet or rlogin can be used to access hosts on the ethernet.
If an application can offload processing from the remote host to the workstation using SLIP, this can be started manually from the command line, and the terminal emulator is stopped.
A SLIP session can be started without using the autostart parameter in the configuration file or by programming an automatic application to SLIP.
Certain parameters must be placed in the configuration file to use SLIP.
Note: The 7318 does not allow BOOTP over the SLIP connection.
If you are configuring automatic SLIP sessions, you must have a [SLIPNN] for each session. If you are configuring command line SLIP sessions, you only need to include a [SLIPNN] if you want to specify certain parameters for that port. Parameters defined with low precedence act as default values if they are not redefined with higher precedence.
Configuration parameters can be defined by:
The following parameters can be defined in the [SLIP] section:
|nslips=NN||Specifies the number of [SLIPNN] subsections.|
|source= IPAddress||Set this parameter to 0.0.0.0 to enable SLIP on the command line on all ports. Set this parameter to 255.255.255.255 to disable SLIP on all ports. Specific IP addresses for SLIP links should be set using the source parameter in the [SLIPNN] section for each port with a SLIP link.|
|destination= IPAddress||Defines the destination IP address.|
|compression=0/1/2||Enables (1) or disables (0) header compression. If the N parameter is a value of 2, compression is only used if detected from the far end. The default value for this entry is 0 (disabled).|
|icmp=0/1||Controls transmission of Internet Control Message Protocol (ICMP) messages over the SLIP link. Valid values are nosuppress or 1, which enables ICMP message transmission, and suppress or 0, which disables transmission. The default value is suppress.|
|maxpkt=N||Specifies the maximum allowed message size, in bytes, for this link. Set this parameter to a smaller value for slower, error-prone links to reduce re-transmission times. Set this to its maximum value for high speed or error-corrected links. The default value is 296 bytes.|
The [SLIPNN] section lists associations between the SLIP process and the logical devices. Such associations should only be made to COM devices and not to LDT devices. Based on the nslips parameter in the [SLIP] section, the configuration is expecting sections [SLIP01] through [SLIPNN].
|device=COM||This parameter should be set to COM.|
|port=NN||Defines a 7318 port to which the SLIP process attaches when a connection is made. Valid values for NN are 0 to 15. There is no default value for this parameter.|
|session=0||If present, this parameter should be 0.|
|source=IPAddress||This parameter selects the IP address for the 7318 port of the SLIP link. If set to 255.255.255.255, the slip command is disabled for this port. If set to 0.0.0.0, the SLIP link will not autostart, and the IP address must be specified on the command line.|
|destination=IPAddress||This parameter selects the IP address for the remote side of a SLIP link. If set to 0.0.0.0, the port can not be autostarted, and the IP address must be specified on the command line.|
If SLIP starts automatically on the port, the corresponding session sections for this should have their application parameter set to reserved.
If SLIP is started from the command line on a port, the configuration for the port must have one application set to command and at least one other session set to dynamic.
The format for the slip command is:
slip [-s source] [-d destination] [-a] [-c] [-i] [-m MruSize]
|-s source||Sets the source IP address (7318 end).|
|-d destination||Sets the destination IP address (remote end).|
|-a||Enables compression detection (compression=2).|
|-c||Forces compression (compression=1).|
|-i||Disables ICMP messages (icmp=suppress).|
|-m MruSize||Sets the maximum message size to MruSize (maxpkt).|
Once SLIP is started on a port, it will not return to a command session until the port is reinitialized.
The following is an example of SLIP being disabled for all command lines except for port 13 . By default, ICMP is enabled for the two SLIP sessions that are defined. The first SLIP session autostarts in port 14 , has compression turned on, and a maximum packet size of 1006. Port 13 has command line SLIP enabled, with compression autosensing. The command line requires that both source and destination addresses be specified.
[SLIP] nslips = 2 source = 255.255.255.255 destination = 255.255.255.255 icmp = nosuppress [SLIP01] device = COM port = 14 compression = 1 source = 220.127.116.11 destination = 18.104.22.168 maxpkt = 1006 autostart = 0 [SLIP02] device = COM port = 13 compression = 2 source = 0.0.0.0 destination = 0.0.0.0 maxpkt = 1500 autostart = 0
The command line to start SLIP on port 13 is:
slip -s 22.214.171.124 -d 126.96.36.199
The [PPP] section specifies how many additional PPP sections of the form [PPPNN] are found in the configuration. Each numbered PPP section shows the configuration for a single port.
If you are configuring automatic PPP sessions, you must have a [PPPNN] section for each session. If you configure command line PPP sessions, you need to include a [PPPNN] section if you want to specify certain parameters for that port. Parameters defined with low precedence act as default values if they are not redefined in a section with higher precedence.
Configuration parameters can be defined using:
When you configure PPP, set the application identifiers to reserved for the Session sections on the desired Port.
The following parameters can be defined in the [PPP] section:
|nppps=NN||Specifies the number of [PPPNN] subsections.|
|source=IPAddress||Set this parameter to 0.0.0.0 to enable PPP on the command line on all ports. Set this parameter to 255.255.255.255 to disable PPP on all ports. Specific IP addresses for PPP links should be set using the source parameter in the [PPPNN] section for each port with a PPP link.|
|destination=IPAddress||Specifies the destination IP address.|
|inactv tmout=NN||Allows you to configure the port so if no messages are exchanged for the timeout period in minutes, the 7318 hangs up the port and restarts PPP on the port. This allows you to reuse a modem, for example, if a caller locks up. This entry defaults to keeping the PPP link open even if no messages are being exchanged.|
|restart_tm=NN||Defines the period in seconds that PPP waits before restarting on the port if it decides to drop the link due to error or one of the timeouts. This period should be configured long enough to be sure a modem detects that the 7318 is hung up. It defaults to 3 seconds.|
|max_cnf=NN||When PPP begins a connection with another device, both sides should begin proposing configuration values with configuration messages. When one side or the other is incorrectly set up, it is possible to get into an infinite loop of configuration proposals. This counter keeps such a situation from locking up the port. The default is 10 and you should not normally need to change it.|
|max_failure=NN||Defines the number of negative acknowledgements allowed before the line restarts. The default value is 10.|
|mru=NN||Defines the maximum number of bytes in a message that the port will accept. This parameter is normally negotiated. Each side proposes its own MRU. They agree to use the smaller of the two proposed values. Making the MRU size large improves the efficiency of the link, but some devices may overflow input buffers if the size is too large. The 7318 has no such limitation. The default value of 296 is relatively small so most devices can be accommodated. When two 7318s are communicating, this value should be increased to 1500.|
|accm=NN|| Specifies the asynchronous control map. PPP has the ability to map data bytes whose values are the same as ASCII control characters to escape sequences that do not contain ASCII control characters. You may need to do this when certain characters such as CONTROL-S and CONTROL-Q are interpreted by the link and not passed to PPP.
The map is a 32-bit map where each bit corresponds to one character in the range 0-31 corresponding to the ASCII control characters CONTROL-@ through CONTROL-_. In the configuration file, the map is represented as an eight-digit hex number. The low-order bit of the number corresponds to ASCII control character 0, and the high-order bit corresponds to ASCII 31. For example, a commonly used value for the ACCM is 0xA0000 which maps CONTROL-S and CONTROL-Q only.
The default value of 0xFFFFFFFF maps all the ASCII control characters. This is the safest choice if you are unsure. The only reason not to map all characters is that each mapped character requires two bytes to be transmitted instead of one. For example, if your data consisted of all zeros and you use the default map of 0xFFFFFFFF, then you send twice as many bytes over the link as you would if you used a map of 0xFFFFFFFE.
|nomgc=0/1||PPP normally sends a random number to the remote side during its initialization to detect if the remote side is in loopback mode, reflecting all data sent to the sender and not actually passing data. This would not happen in normal operation, only in a test configuration. The algorithm is called magic number negotiation. Using this parameter, you turn off this algorithm if the remote side does support magic number negotiation. Normally, you should leave this algorithm in operation by leaving this entry to its default value of 0.|
|accomp=0/1||Requests PPP to perform address compression to make the link more efficient. It defaults to 0, which is off, because not all PPP implementations know how to perform compression.|
|ipaddress=0/1||Requests PPP to perform IP address negotiation. The 7318 PPP does not fully support IP address negotiation. If this parameter is turned on, the 7318 negotiates, but it refuses any proposals that do not match its configured IP address. It proposes the values you have configured so the remote side can use them if it is willing. The default value is 0, which is no negotiation.|
|newaddress=1/0||Requests PPP to perform IP address negotiation as described by RFC 1172. The 7318 PPP does not fully support IP address negotiation, but it refuses any proposals that do not match its configured IP address. It proposes the values you have configured so the remote side can use them if it is willing. The default value is 1, which is no negotiation.|
|vjcomp=0/1||Requests PPP to perform Van Jacobson-style header compression. If the remote PPP implementation understands this type of compression, it should be used, as it makes the link more efficient. The default is 0, meaning do not perform this type of compression.|
|autostart=0/1||Determines if the default for each section is to start automatically (1) or not (0). The proper value for command line ports is 0. It is illegal to configure a port to have a command session and an autostart PPP port.|
The [PPPNN] subsection lists an association between the PPP process and a 7318 port. The number of [PPPNN] subsections must match the value specified by nppps entry in the [PPP] section.
|device=COM||The value of this field should be COM.|
|port=NN||Specifies which 7318 port is being configured in this [PPPNN] section.|
|session=0||The value of this field should be 0.|
|source=IPAddress||Assigns the IP address for the 7318 side of the PPP link. If set to 255.255.255.255, command line PPP is disabled. If set to 0.0.0.0, the port will not autostart, and the source IP address must be specified on the PPP command line.|
|destination=IPAddress||Assigns the IP address for the remote side of the PPP link. If set to 0.0.0.0, the port will not autostart, and the destination IP address must be specified on the PPP command line. When using dial-in PPP, all remote devices that want to use the port must be configured for this address or must be willing to accept this address in negotiation with the 7318.|
|pap=0/1||Requests PPP to perform the password authentication protocol. This means that the remote side PPP must supply a user name and password before the link is established. The password will probably be supplied automatically by the implementation.|
|pwd=password||Specifies the password required by this link if PAP is enabled.|
The Point-to-Point Protocol (PPP) allows for address negotiation. When a PPP link is brought up, it is possible for the two ends to inform each other of the presence or lack of an IP address.
Addressing is controlled by four parameters: source, destination, ipaddress, and newaddress.
The ipaddress parameter determines whether or not the 7318 actively starts address negotiation. Leave this parameter off and try to bring up the link. If the link does not come up, try turning this on. If the ipaddress parameter is on, the newaddress parameter determines the type of negotiation to use. If off, RFC-1172 negotiation is used. This is an obsolete form of negotiation, so only use it if the remote side requires it. If possible, set this parameter and use RFC-1332 negotiation. When the 7318 responds to address negotiation requests, it automatically determines the correct form to use.
The 7318 allows for the following addressing cases:
In the first and second cases, the 7318 specifies both the source and destination addresses. In the third case, the destination address in the 7318 should be set to 0.0.0.0.
If both the 7318 and the remote sides have the destination address set to 0.0.0.0 or if the same addresses are specified on both sides of the link and they do not match, address negotiation fails and the link does not come up.
If PPP is to start automatically on the port, the corresponding session sections for this port should have their application parameter set to reserved.
If PPP is started from the command line on a port, the configuration for the port must have one application set to command and at least one other session set to dynamic.
The format for the ppp command is:
ppp [ -s source ] [ -d destination ] [ -a accm ] [ -m MruSize ] [ -n ] [ -p ] [ -v ] [ -x ]
|-s source||Sets the source IP address (7318 end).|
|-d destination||Sets the destination IP address (remote end).|
|-a accm||Sets the accm mask (accm).|
|-m MruSize||Sets the maximum message size to MruSize (maxpkt).|
|-n||Disables magic number negotiation (nomgc).|
|-p||Enables protocol compression (protocomp).|
|-v||Enables VJ compression (vjcomp).|
|-x||Enables address compression (acccomp).|
Once PPP is started on a port, it will not return to a command session until the port is reinitialized.
A PPP session can be made secure in a variety of ways. If a link is made to autostart, then the PAP security mechanism should be enabled. PAP is a protocol that runs while the PPP link is being brought up and required verification of the password or a userid/password combination before PPP will run. The verification for the PPP link is controlled by the pap parameter in the [PPP] section as shown in the following examples:
The first example sets up a password of q3tgap for the PPP link defined in this section:
[PPP01] ... pap-1 pwd=q3tgap
This second example uses the incoming userid and password for this PPP session:
[PPP02] ... pap=1
Depending on the state of the 7318 passwords, the userid/password will be verified locally (passwords=1) or with kerberos. When setting up the PPP application, which is connecting to the 7318, make sure that encrypted passwords are not supplied by the application. Some operating systems allow the password used by the user for logging in to be sent across the PPP link. This type of password is not supported by the 7318.
CHAP is another authentication protocol used by PPP and can be selected on some systems. The 7318 does not support the CHAP protocol.
Another way to secure a PPP link is to use the command line mode of PPP and for the user to login first. This ISA mode is commonly used by UNIX hosts. Passwords are enabled on the 7318, PPP is set up with autostart off, and the command line mode enabled. You are forced to log into the 7318 using a userid and password before the PPP link can be brought up.
If you have problems with SLIP, it is important to remember that SLIP is just a transport mechanism for the TCP/IP protocols. Testing if SLIP is working is verifying if you have TCP/IP connectivity.
Unlike Point-to-Point Protocol, SLIP does not have the concept of a link being UP or DOWN. SLIP does not have a link control protocol, so when you bring the SLIP link up, nothing really happens until you try to move data over the link.
If you are unable to connect across the SLIP link, you might have a serial or routing problem.
Start debugging using ping to check connectivity. Start at the remote side.
If step 1 fails, you have a configuration problem on your remote host. If step 2 fails, the link has a serial configuration problem. If step 2 works, step 3 should always work. If step 4 fails, you have a routing problem. If the remote host is NOT on the same subnet as the ethernet, you must put a routing table entry in that host.
If step 5 fails, you have an ethernet connectivity problem. If step 6 fails, but step 2 works, you have a routine problem in the remote host.
To set a default gateway to tell the remote host the subnet represented by the ethernet is on a link, enter:
route add 0.0.0.0 188.8.131.52 1
If the link works, but performance is not good, check for errors on the serial interface. You may have a flow control problem. Your link can only pass data as fast as the link is configured. If your serial link is running at 9600 bps, the file transfers are quite slow, less than 1 KB/second.