|
|
This section describes the steps necessary for establishing routes in Eicon Routing Services. It describes the key protocol configuration parameters for Eiconcards, and tests a sample X.25, Frame Relay, PPP, and Multilink PPP link. This chapter also explains how to use the connection backup feature.
To operate Eicon Routing Services, you must perform the following tasks:
 | Configure the mpr.if file |
| Start your Eiconcard |
| Load the mpr.if file and start your circuits |
Note: You must have run the eiconcfg program and configured the Eiconcard Services driver, the Eiconcard Services protocols, and the Eicon Routing Services driver before configuring the mpr.if file.
The mpr.if file is an ASCII file, located in /usr/lib/eicon, in which the circuit entries for each Routing Services interface and the packet filtering rules are defined.
Note: The mpr.if file is the default file for Eicon Routing Services, but you can create and name your own *.if file, if required.
Sample files are provided with Eicon Routing Services which are configured for both simple and advanced connections as follows:
| Connection Type | Sample File |
|---|---|
X.25 Connection |
sys1x25.if and sys2x25.if |
Frame Relay Connection |
sys1fr.if and sys2fr.if |
PPP Connection |
sys1ppp.if and sys2ppp.if |
PPP Connection with PAP and CHAP |
sys1pap.if and sys2pap.if |
Multilink PPP Connection |
sys1mlp.if and sys2mlp.if |
A circuit entry is the definition of a virtual circuit that will be used to establish a subnetwork connection. To establish a circuit entry, you create the circuit entry, name it, and define the IP address of its first-hop destination.
A circuit entry defines the parameters necessary for the subnetwork connection, such as the destination address and the port to use. For example, you can specify a remote DTE, facilities, and user data for an X.25 circuit, whereas you specify a DLCI for a Frame Relay circuit.
The circuit entries you define for Routing Services are bound to the Routing Services call-directory entries, depending on availability. Only when the circuit entry is associated with a call-directory entry can you attempt to establish a connection. Routing Services then allocates an open subnetwork circuit to the call-directory entry as needed during the connection. It is recommended that you match both the maximum number of call-directory entries and the maximum number of subnetwork circuits to the number of connections that you plan to have. For more information on configuring call-directory entries and subnetwork circuits, refer to Configuring Eiconcard Connections for Linux.
For more information about creating circuit entries, refer to Testing Your Installation. For more information on the options used for creating circuits, consult /usr/lib/eicon/docs/mprif.html.
You can create primary and backup circuits, so that if the primary circuit fails, the backup circuit will ensure that the connection is not lost. The backup connection remains inactive until the primary connection fails.
You must meet the following criteria to use primary and backup circuits:
| You must define a primary connection before defining a backup connection. |
| Only one backup connection may be assigned per primary connection. |
| The primary and backup connection must both use the same subnetwork protocol-- X.25, for example. |
| A primary connection and its backup can use the same Eiconcard port, or two different ports. If they use two different ports, both ports must be part of the same Eiconcard. Only the logical connection is being backed up when the primary and backup circuits use the same port. |
| Backing up a PPP (point-to-point) connection or a permanent X.25 connection requires the use of separate ports for the primary and the backup circuit. It is the physical link that is backed up in these cases. |
The connection backup feature works when it is used on both sides of the connection. You cannot back up only half of a connection. If you back up system A's connection (the circuit it uses to connect to system B), system B's connection to system A (the circuit configured on system B) must also be backed up. To properly back up a connection between two systems, you must configure a total of four circuits: a primary, and a backup on both systems.
For more information about backing up circuit entries, refer to Testing Your Installation. For more information on the options used for creating circuits, consult /usr/lib/eicon/docs/mprif.html.
Routing Services provides up to five WAN interfaces. These interfaces enable the establishment of routes to multiple subnetworks simultaneously, offering a complete internetworking solution. The five interfaces are configured in the mpr.if file. Each interface requires an interface name, an IP address, and a network mask address. The interface names eic0 to eic4 identify the five Routing Services interfaces used by Eicon Networks.
A symbolic name can also be configured for each interface in the mpr.if file, which is stored in the /etc/hosts file and can be used when specifying entries for the IP-routing table, though this is optional. For more information on the IP-routing table, see IP Routing Tables
Note: You must define the number of interfaces you require when configuring the Eicon Routing Services driver in eiconcfg. For more information, refer to Configure Eicon Routing Services for Linux Driver.
When Routing Services receives an IP datagram over an interface, it checks the configured packet filtering rules, and transparently forwards or drops the datagram based on these rules.
It is important to note that adding packet filtering will affect the performance of Eicon Routing Services. As each IP datagram has to be tested against all of the defined packet filtering rules, the datagrams will be delayed. It is therefore recommended to keep the number of defined rules to a minimum and to make the rules as simple as possible.
Note: If no packet filtering rules are defined, all packets are forwarded by default.
Creating Packet Filtering Rules
Packet filtering allows you to determine what type of IP traffic can pass through your WAN connections. You can control access to and from specific services, hosts, or networks. The syntax for configuring packet filtering rules is given below with a detailed explanation of the available options:
Syntax |
filter [-saddr source_addr addr_mask] |
| Parameters | Description |
|---|---|
-saddr source_addr addr_mask |
Specifies the source address and address mask for which you are specifying a packet filtering rule. All packets with a source address that match an address specified in the packet filtering rules will be either forwarded or dropped. |
-daddr dest_addr addr_mask |
Specifies the destination address and address mask for which you are specifying a packet filtering rule. All packets with a destination address that match an address specified in the packet filtering rules will be either forwarded or dropped. |
-prot IP_protocol |
Identifies the Transport Layer Protocol for which a packet filtering rule is being specified. The protocol field of the IP datagram specifies the Transport Layer Protocol encapsulated in the IP datagram. All packets with a Transport Layer Protocol that match a protocol specified in the packet filtering rules will be either forwarded or dropped. TCP and UDP are currently the only Transport Layer Protocols that support source and destination port checks (see /etc/protocols). |
-sport [source_port] |
Specifies the source port for which you are specifying a packet filtering rule. All TCP/IP protocols use addresses, known as ports, that are used to uniquely define services (access points to the Transport layer) at the Transport layer (see /etc/services). For example, all ftp connections to a host are directed to port number 21; this way the receiving host knows to send the request to the ftp service and not to the telnet service. All packets with a source port that match a port specified in the packet filtering rules are either forwarded or dropped. A source port is specified to prevent access to certain services or applications on a local system by remote hosts. This option must be enclosed within the brackets and port ranges must be specified numerically. |
-dport [dest_port] |
Specifies the destination port for which you are specifying a packet filtering rule. All packets with a destination port that matches a port specified in the packet filtering rules are either forwarded or dropped. A destination port is specified to prevent access to certain services or applications on a remote system by local hosts. This option must be enclosed within the brackets. |
in|out|both |
Specifies whether a rule should be executed on receipt of a packet from an Eiconcard, prior to being sent out over the Eiconcard, or both. All rules should be executed on receipt of a packet, guaranteeing that a packet is validated prior to being received by IP. However, as packets cannot be validated on being received over non-Eicon interfaces (i.e. LAN card), the facility will be available to validate these packets prior to being sent out over Eicon controlled interfaces. |
drop|forward |
Specifies whether a packet should be dropped or forwarded based on the configured packet filtering rules. |
For more information on the options available for configuring packet filtering rules, consult /usr/lib/eicon/docs/mprif.html.
Once the mpr.if file is configured, it must be loaded down to the Eicon Routing Services driver. Before doing this, you must ensure your Eiconcards are started using the eccard start command.
Once your Eiconcards are started, run mprload at the command line to load the mpr.if file, and mprstart to start your configured circuits.
The following commands are available with Eicon Routing Services:
| mprload: Loads the default mpr.if file down to the Eicon Routing Services driver. |
| mprstart: Starts the circuits created with Eicon Routing Services |
| mprstop: Stops the circuits created with Eicon Routing Services |
| mprstat: Displays the status of the configured circuits or packet filtering rules |
| mprauto: A script file that can be used to load and start your circuits automatically when the system is started. |
For more information on these commands, refer to the appropriate HTML page located in the usr/lib/eicon/docs directory.
You can add IP-routing entries by using the Linux route command or the TCP/IP routing daemon, routed. Entries you add with route are static. The routed daemon uses TCP/IP's Routing Information Protocol (RIP) to exchange information and update the routing table entries.
When you use the route command, entries are added directly to a host's IP-routing table, but will be lost when the system shuts down. If you are setting up a complex network, it is recommended that you use the TCP/IP routing daemon, which is initialized with the entries stored in the host's /etc/gateways file. The routed daemon manages both static and dynamic routes, updating all hosts and gateways in the network automatically.
Note: Although using TCP/IP routing is necessary in the case of LAN-to-LAN connections, it is not required when data is being transmitted only between Eicon Routing Services workstations.
Each Linux host on a broadcast network sends out its accessible routes (using a routing protocol, such as RIP) and keeps track of what other hosts it can access. Each host has an IP-routing table, and the routed daemon handles all exchanges of routing information.
Adding Routing Table Entries to the /etc/gateways File
The routed daemon references the /etc/gateways file to identify a system's routes. Route entries listed in this file are installed in the system's IP-routing table in the kernel at startup. The syntax for Eicon entries in /etc/gateways is as follows:
Syntax |
[net|host] addr1 gateway addr2 metric n [passive|active] |
| Parameters | Description |
|---|---|
[net|host]addr1 |
If the IP route destination is a network, use net as the first parameter, followed by the network's address, addr1. If the IP route is for a connection to a stand-alone host, use host addr1. The network address must always be specified in full; /etc/gateways does not accept abbreviated addresses. For example, the 192.1.100 network address must be specified as 192.1.100.0. |
gateway addr2 |
Specifies the address of the first hop leading to the destination network. |
metric n |
Identifies the total number of gateways through which data must pass to reach the final destination. |
[passive|active] |
If you want routed to include the destination network or host in its information broadcasts for the routing tables, specify active. TCP/IP's Routing Information Protocol (RIP) dictates that hosts exchange information every 30 seconds and have a 3-minute cache. This means that if a host has not heard from another host for 3 minutes, it marks that host's routing table entry for deletion. After another 60 seconds, the table entry is deleted. With X.25-switched subnetworks, this information exchange can be costly in terms of tariffs and the amount of bandwidth used. If you want to include a circuit's route in the Linux systems but do not want its entry being constantly updated or marked for deletion, specify passive. A connection can then be made using the route, even though hosts in the system are not notified of any changes in connection hosts' status (for example, if either the local host or the connection's destination host goes down). |
For example, if Sys-2 (IP address 192.1.100.2) is connected to a network (IP address 192.218.20.0), the /etc/gateways file for Sys-1 could include the following entry to identify a connection to that LAN:
net 192.218.20.0 gateway 192.1.100.2 metric 1 active
In this case, Sys-2 functions as a gateway to the 192.218.20 network.
Make sure each routing table entry you add to a host's /etc/gateways file is correct before adding another entry. You may want to test the route connection, as routed will not inform you of any errors in /etc/gateways, such as an incorrectly specified IP address.
Note: If changes are made to the /etc/gateways file, the routed daemon must be restarted with the -s option.
You can use the netstat command to display information related to the IP routing tables. The -i option displays information concerning the interfaces for entries in your system's IP-routing table, and the -r option presents the static and currently active routing entries.
You can also use the -n option to specify the use of dot notation. Addresses displayed by netstat are then numeric values, rather than the symbolic names assigned by the /etc/hosts file. (If an address does not have an assigned name in /etc/hosts, the netstat command displays the numeric value.)
For example, the following commands show the entries you would see after adding the sample entry to Sys-1's /etc/gateways file, assuming the routed daemon had been reinitialized and the route connection had been used to send and transmit data:
netstat -r -n
| Routing tables | ||||||
|---|---|---|---|---|---|---|
| Destination | Gateway | Flags | Refcnt | Use | Interface | |
127.0.0.1 |
127.0.0.1 |
UH |
1 |
0 |
lo0 |
|
192.1.100 |
192.1.100.2 |
U |
2 |
392 |
eic0 |
|
192.218.20 |
192.1.100.2 |
UG |
2 |
392 |
eic0 |
|
netstat -i
| Name | Mtu | Network | Address | Ipkts | Ierrs | Opkts | Oerrs | Collis | |
|---|---|---|---|---|---|---|---|---|---|
lo0 |
2048 |
loopback |
localhost |
24 |
0 |
24 |
0 |
0 |
|
eic0 |
1500 |
192.1.100 |
192.1.100.2 |
4 |
0 |
410 |
0 |
0 |
The interface name eic0 identifies the Eicon Routing Services interface used by Eicon Networks. The interface name lo0 is the default IP interface that enables the host to send or transmit data to itself.
Note: Refer to the Linux system administrator documentation for more information on IP routing if necessary.
If you have at least two Linux systems that have an Eiconcard and Eicon Routing Services installed, consider setting up a simple test system as suggested here. This will help you over some of the initial hurdles inherent in dealing with internetworks and routers. Only two Linux systems are used in this test system. You may add additional systems to test more complex configurations.
You may assign your own IP addresses for this test, but it is recommended that you use the IP addresses suggested in Resources for the Test System below.
If you followed the installation instructions in the Eiconcard Connections for Linux Release Notes (Readmefirst.txt) and in Eicon Routing Services Driver Configuration, you will have already completed some of the procedures described in the setup of the test system. The entire procedure is described here so that an overall perspective may be maintained.
The test system described here links two Linux systems together back to back through their Eiconcards. This procedure also tests the connection backup feature. Although this setup cannot be considered an internetwork, it tests the Eiconcards' transmission and reception of IP datagrams over an X.25, Frame Relay, PPP, or Multilink PPP link.
To simplify the discussion below, the names Sys-1 and Sys-2 are used to identify the two test systems.
If you performed the installation as described in the Eiconcard Connections for Linux Release Notes (Readmefirst.txt), you now have a Linux system (Sys-1) made up of the following:
| Hardware |
| |
i386-based or higher Linux system | |
| |
An Eiconcard |
| Software |
| |
Linux | |
| |
Eiconcard Services package | |
| |
Eicon Routing Services package |
A null-modem RS-232 cable or V.35 cable is also required.
To perform the tests, you will need to set up a second system (Sys-2) that is equivalent to the first. Each system must be uniquely addressed.
Before continuing, make sure that the complete installation procedure has been performed for Sys-1 and Sys-2.
When both the installations are complete and the systems rebooted, messages referring to the Eiconcard, the Eiconcard Streams Device Driver (Eiconcard Services package), TCP/IP, and Eicon Routing Services appear in the Linux boot messages.
Before continuing with the test, you should take a look at the proposed addressing scheme. Both IP addresses and X.25 DTE addresses (for the X.25 connection) must be considered when coming up with an addressing scheme for an IP internetwork that uses Eicon Routing Services.
In this simple test the scheme uses an arbitrary assignment of four addresses--two X.25 DTE addresses (for the X.25 connection), and the two IP addresses. The addresses used in this test are:
| Address | Sys-1 | Sys-2 |
|---|---|---|
X.25 DTE address |
3020001 |
3020123 |
IP address |
192.1.100.1 |
192.1.100.2 |
To test the back-to-back connection, including the connection backup feature, you need to configure the two Eiconcards, define an Eicon Routing Services circuit on each system, define the destination IP addresses for the circuits on each system, and define the backup circuits on each system before you can transmit data using the connection.
The Eiconcards installed in Sys-1 and Sys-2 must have several configuration parameters changed so that back-to-back X.25 communications may be established.
To configure the Sys-1 and Sys-2 Eiconcards, select the Eiconcard Services Protocol Configuration option in eiconcfg. For a description of eiconcfg, refer to Configuring Eiconcard Connections for Linux.
When you select the Eiconcard Services Protocol Configuration option in eiconcfg for the first time, or if the Eiconcard configuration file ec.cfg has been removed, you are notified that a new ec.cfg file is being created. The default parameters for all screens related to the protocols selected on the Protocol Configuration screen are saved in the newly created ec.cfg file.
Start with a default configuration. (You can keep a backup copy of your current configuration by moving or renaming /usr/lib/eicon/ec.cfg.) Select the Eiconcard Services Protocol Configuration option in eiconcfg on both Sys-1 and Sys-2 and set the parameters as indicated in the following steps:
| 1. | Move to the Protocol Configuration screen. Select Routing Services. The default values for the Line protocol module and Dialer selection, X.25 and Direct, are the values required for both systems. |
| 2. | Move to the Routing Services Configuration screen and set the Maximum number of connection manager sessions to 2, one for the primary circuit and one for the backup circuit (one per Eiconcard port). |
| 3. | Verify that the Maximum number of call-directory entries and Maximum number of open subnetwork circuits parameters are both set to at least 2, one for the primary circuit and one for the backup circuit (the default is 4 in both cases). |
| 4. | Move to the X.25 Configuration screen. For Sys-2 select DCE as the Node type and specify 3020123 as the Node address. Leave Sys-1 configured as DTE and specify 3020001 as the Node address. |
| The HDLC Configuration screen for Sys-2 is automatically updated to reflect the change from DTE to DCE. | |
| 5. | Access the Sync Driver Configuration screen (via Dialer selection) and set Clocking to Internal for Sys-2. Sys-1 keeps the Clocking default, External. |
| Note: If you choose to name your ports on the Sync Driver Configuration screen, the names, rather than the port numbers, will be displayed when you use the mprstat command. | |
| 6. | On the same screen, you can set Line speed (bps) up to 64000 for Sys-2, provided you are using a maximum length of 8 feet for the RS-232 cable that will connect the two Eiconcards back to back. |
| 7. | Once the parameters are set, press F2 Save and F10 to exit. The two ec.cfg files are now configured for Sys-1 and Sys-2's back-to-back connection. |
| 8. | If the Eiconcard is already loaded and running (using eccard start), run eccard stop to stop it. |
| 9. | Connect the Eiconcard in Sys-1 to the Eiconcard in Sys-2 with an RS-232 null-modem cable. |
| 10. | Run eccard start on both systems. The Eiconcards on each system are loaded and configured according to the parameters found in their ec.cfg file. |
Once eccard start has run successfully (no errors reported), you can use ecstatus to check the integrity of the connection between Sys-1 and Sys-2.
Note: If you start the DTE first, it will report an error even though the connection will be properly set up once you start the DCE. To avoid this temporary error condition, start the system configured as DCE (Sys-2) first.
After Sys-1 and Sys-2 are properly connected, an X.25 circuit must be created on each system. Two sample files, sys1x25.if and sys2x25.if, are provided with Routing Services which are configured for the purpose of running this test.
Note: Circuit names need only be unique within one Linux system; you can specify the same name for the test circuits used on Sys-1 and Sys-2.
Once the circuits are created on both systems, ensure the Eiconcards are already started, and run mprload -f sys1x25.if on Sys-1 and mprload -f sys2x25.if on Sys-2. This loads the specified interface file down to the Eicon Routing Services driver. If the -f option is not specified, the default file mpr.if is loaded down to the driver.
Run mprstart to start the circuits. If you stop an Eiconcard after creating a circuit entry, use mprstart to restart the circuit once you have restarted the card.
To check the status of your X.25 circuit, follow these steps:
| 1. | Run ecstatus hdlc on both systems to confirm that the link between Sys-1 and Sys-2 is operational. The Line State and Protocol State items appearing in the ecstatus display should be listed as "Opened" on both systems. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 2. | Run ecstatus x25 on both systems to confirm that the link between Sys-1 and Sys-2 is operational. The Link activated at item in the ecstatus display should list the time at which the Eiconcards were started on each system. | ||||||||||||||||||||||||||||||||||||||||||||||||
Check that the circuit is correctly defined on both systems and that they are bound by using the mprstat -c command. The systems display the following:
| |||||||||||||||||||||||||||||||||||||||||||||||||
| If there is an "E" in the Flags column, the binding or mapping of the circuit may be incorrect. Determine what the error is and correct it. You can use the mprstart command to restart the circuit or the mprstat -cv command to display detailed status information for the circuits if necessary. | |||||||||||||||||||||||||||||||||||||||||||||||||
| For more information on the ecstatus command, see ecstatus.html in the usr/lib/eicon/docs directory. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 3. | If all the circuit states are set properly, go ahead to Testing Sys-1/Sys-2 Communications. | ||||||||||||||||||||||||||||||||||||||||||||||||
If any of the values displayed using the ecstatus command vary from their expected values, check the following:
| Confirm that a null-modem cable has been used to connect the two systems, and that both ends are firmly connected to their respective Eiconcards. |
| Ensure the procedure described in the "Configuring the Eiconcards" section has been followed exactly. Only one of the two systems can be the DCE and have internal clocking. Any changes to the configuration requires that you restart the Eiconcard(s) and restart the circuit(s). |
| Confirm that you defined the circuit's parameters correctly on both systems. If you have another circuit on one of the systems that uses the same IP address as the system's test circuit, delete it to avoid any conflict of duplicate mappings. |
If problems persist, contact your Eicon Networks representative.
If you want to test a Frame Relay connection using Sys-1 and Sys-2, follow a procedure similar to that presented in the previous sections for X.25.
| 1. | Select the Eiconcard Services Protocol Configuration option in eiconcfg on each system to modify its Eiconcard configuration. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 2. | Move to the Protocol Configuration screen. Select Routing Services. Configure the Line protocol module as FRELAY and leave the default value for Dialer selection, Direct, for both systems. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 3. | Move to the Routing Services Configuration screen and set the Maximum number of connection manager sessions to two, one for the primary circuit and one for the backup circuit (one per Eiconcard port). | ||||||||||||||||||||||||||||||||||||||||||||||||
| 4. | Verify that the Maximum number of call-directory entries and Maximum number of open subnetwork circuits parameters are both set to at least 2, one for the primary circuit and one for the backup circuit (the default is 4 in both cases). | ||||||||||||||||||||||||||||||||||||||||||||||||
| The default values on the Frame Relay Configuration and the Data Link Connection Configuration screens do not need to be modified for a back-to-back connection. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 5. | Access the Sync Driver Configuration screen (via Dialer selection) and set Clocking to Internal for Sys-2. Sys-1 keeps the Clocking default, External. | ||||||||||||||||||||||||||||||||||||||||||||||||
| If you choose to name your ports on the Sync Driver Configuration screen, the names, rather than the port numbers, will be displayed when you use the mprstat command. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 6. | On the same screen, you can set Line speed (bps) up to 64000 for Sys-2, provided you are using a maximum length of 8 feet for the RS-232 cable that will connect the two Eiconcards back to back. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 7. | Once the parameters are set, press F2 Save and F10 to exit. The two ec.cfg files are now configured for Sys-1 and Sys-2's back-to-back connection. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 8. | If the Eiconcard is already loaded and running (using eccard start), run eccard stop to stop it. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 9. | Connect the Eiconcard in Sys-1 to the Eiconcard in Sys-2 with an RS-232 null-modem cable. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 10. | Run eccard start on both systems. The Eiconcards on each system are loaded and configured according to the parameters found in the system's ec.cfg file. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 11. | Once eccard start has run successfully (no errors reported), you can use ecstatus on both systems to check the integrity of the connection between Sys-1 and Sys-2. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 12. | Create a test circuit on both systems. Two sample files, sys1fr.if and sys2fr.if, are provided with Routing Services which are configured for the purpose of running this test. | ||||||||||||||||||||||||||||||||||||||||||||||||
| Circuit names need only be unique within one Linux system; you can specify the same name for the test circuits used on Sys-1 and Sys-2. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 13. | Ensure the Eiconcards are already started, and run mprload -f sys1fr.if on Sys-1 and mprload -f sys2fr.if on Sys-2. This loads the specified interface file down to the Eicon Routing Services driver. If the -f option is not specified, the default file mpr.if is loaded down to the driver. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 14. | Run mprstart on both systems to start the circuits. If you stop an Eiconcard after creating a circuit entry, use mprstart to restart the circuit once you have restarted the card. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 15. | Run ecstatus frelay to confirm that the link between Sys-1 and Sys-2 is operational. The Line State item appearing in the left column of the ecstatus display should be listed as "Opened" on both systems, and the Number of active DLCI should be listed as "1." | ||||||||||||||||||||||||||||||||||||||||||||||||
Check that the circuit is correctly defined on both systems and that the two circuits are bound by using the mprstat -c command. The systems display the following:
| |||||||||||||||||||||||||||||||||||||||||||||||||
| If there is an "E" in the Flags column, the binding or mapping of the circuit may be incorrect. Determine what the error is and correct it. You can use the mprstart command to restart the circuit or the mprstat -cv command to display detailed status information for the circuits if necessary. | |||||||||||||||||||||||||||||||||||||||||||||||||
| For more information on the ecstatus command, see ecstatus.html in the usr/lib/eicon/docs directory. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 16. | If the circuit states are set properly, continue with Testing Sys-1/Sys-2 Communications. | ||||||||||||||||||||||||||||||||||||||||||||||||
You can set up a Point-to-Point connection using Sys-1 and Sys-2 by following this procedure.
| 1. | Select the Eiconcard Services Protocol Configuration option in eiconcfg on each system to modify its Eiconcard configuration. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 2. | At the Hardware Configuration screen, set auto activate ports to No for the PPP ports. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 3. | Move to the Protocol Configuration screen. Select Routing Services. Configure the Line protocol module as PPP and leave the default value for Dialer selection, Direct, for both systems. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 4. | Move to the Routing Services Configuration screen and set the Maximum number of connection manager sessions to 2, one for the primary circuit and one for the backup circuit (one per Eiconcard port). | ||||||||||||||||||||||||||||||||||||||||||||||||
| 5. | Verify that the Maximum number of call-directory entries and Maximum number of open subnetwork circuits parameters are both set to at least 2, one for the primary circuit and one for the backup circuit (the default is 4 in both cases). | ||||||||||||||||||||||||||||||||||||||||||||||||
| The default values on the Point-to-Point Configuration screen do not need to be modified for a back-to-back connection. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 6. | Access the Sync Driver Configuration screen (via Dialer selection) and set Clocking to Internal for Sys-2. Sys-1 keeps the Clocking default, External. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 7. | On the same screen, you can set Line speed (bps) up to 64000 for Sys-2, provided you are using a maximum length of 8 feet for the RS-232 cable that will connect the two Eiconcards back to back. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 8. | Once the parameters are set, press F2 Save and F10 to exit. The two ec.cfg files are now configured for Sys-1 and Sys-2's back-to-back connection. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 9. | If the Eiconcard is already loaded and running (using eccard start), run eccard stop to stop it. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 10. | Connect the Eiconcard in Sys-1 to the Eiconcard in Sys-2 with an RS-232 null-modem cable. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 11. | Run eccard start on both systems to start the Eiconcards. The Eiconcards on each system are loaded and configured according to the parameters found in the system's ec.cfg file. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 12. | Once eccard start has run successfully (no errors reported), you can use ecstatus on both systems to check the integrity of the connection between Sys-1 and Sys-2. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 13. | Create a test circuit on both systems. Two sample files, sys1ppp.if and sys2ppp.if, are provided with Routing Services and are configured for the purpose of running this test. | ||||||||||||||||||||||||||||||||||||||||||||||||
| Circuit names need only be unique within one Linux system; you can specify the same name for the test circuits used on Sys-1 and Sys-2. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 14. | Ensure the Eiconcards are already started, and run mprload -f sys1ppp.if on Sys-1 and mprload -f sys2ppp.if on Sys-2. This loads the specified interface file down to the Eicon Routing Services driver. If the -f option is not specified, the default file mpr.if is loaded down to the driver. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 15. | Run mprstart on both systems to start the circuits. If you stop an Eiconcard after creating a circuit entry, use mprstart to restart the circuit once you have restarted the card. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 16. | Run ecstatus ppp to confirm that the link between Sys-1 and Sys-2 is operational. The Protocol State item appearing in the left column of the ecstatus display should be listed as "Opening" on both systems. | ||||||||||||||||||||||||||||||||||||||||||||||||
Check that the circuit is correctly defined on both systems and that the two circuits are bound by using the mprstat -c command. The systems display the following:
| |||||||||||||||||||||||||||||||||||||||||||||||||
| If there is an "E" in the Flags column, the binding of the circuit may be incorrect. Determine what the error is and correct it. You can use the mprstart command to restart the circuit or the mprstat -cv command to display detailed status information for the circuits if necessary. | |||||||||||||||||||||||||||||||||||||||||||||||||
| For more information on the ecstatus command, see ecstatus.html in the usr/lib/eicon/docs directory. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 17. | If the circuit states are set properly, go to the Testing Sys-1/Sys-2 Communications. | ||||||||||||||||||||||||||||||||||||||||||||||||
You can set up a Point-to-Point connection using PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol) on Sys-1 and Sys-2 by following this procedure.
| 1. | Select the Eiconcard Services Protocol Configuration option in eiconcfg on each system to modify its Eiconcard configuration. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 2. | At the Hardware Configuration screen, set auto activate ports to No for the PPP ports. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 3. | Move to the Protocol Configuration screen. Select Routing Services. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 4. | Configure the Line protocol module as PPP on both systems. | ||||||||||||||||||||||||||||||||||||||||||||||||
| The default values on the Point-to-Point Configuration screen do not need to be modified for a back-to-back connection. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 5. | Press F4 twice to access the Password Authentication Configuration screen. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 6. | On Sys-1, set the password authentication parameters as follows: | ||||||||||||||||||||||||||||||||||||||||||||||||
| Local PAP User Name System1 | |||||||||||||||||||||||||||||||||||||||||||||||||
| Local PAP Password Pass1 | |||||||||||||||||||||||||||||||||||||||||||||||||
| Remote PAP User Name System2 | |||||||||||||||||||||||||||||||||||||||||||||||||
| Remote PAP Password Pass2 | |||||||||||||||||||||||||||||||||||||||||||||||||
| Local CHAP User Name Sys1 | |||||||||||||||||||||||||||||||||||||||||||||||||
| Local CHAP Secret Password | |||||||||||||||||||||||||||||||||||||||||||||||||
| Remote CHAP User Name Sys2 | |||||||||||||||||||||||||||||||||||||||||||||||||
| 7. | On Sys-2, set the password authentication parameters as follows: | ||||||||||||||||||||||||||||||||||||||||||||||||
| Local PAP User Name System2 | |||||||||||||||||||||||||||||||||||||||||||||||||
| Local PAP Password Pass2 | |||||||||||||||||||||||||||||||||||||||||||||||||
| Remote PAP User Name System1 | |||||||||||||||||||||||||||||||||||||||||||||||||
| Remote PAP Password Pass1 | |||||||||||||||||||||||||||||||||||||||||||||||||
| Local CHAP User Name Sys2 | |||||||||||||||||||||||||||||||||||||||||||||||||
| Local CHAP Secret Password | |||||||||||||||||||||||||||||||||||||||||||||||||
Remote CHAP User Name Sys1
| |||||||||||||||||||||||||||||||||||||||||||||||||
| 8. | Press F3 twice to return to the Protocol Configuration screen. Leave the default value for Dialer selection, Direct, for both systems. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 9. | Access the Sync Driver Configuration screen (via Dialer selection) and set Clocking to Internal for Sys-2. Sys-1 keeps the Clocking default, External. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 10. | On the same screen, you can set Line speed (bps) up to 64000 for Sys-2, provided you are using a maximum length of 8 feet for the RS-232 cable that will connect the two Eiconcards back to back. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 11. | Once the parameters are set, press F2 Save and F10 to exit. The two ec.cfg files are now configured for Sys-1 and Sys-2's back-to-back connection. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 12. | If the Eiconcard is already loaded and running (using eccard start), run eccard stop to stop it. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 13. | Connect the Eiconcard in Sys-1 to the Eiconcard in Sys-2 with an RS-232 null-modem cable. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 14. | Run eccard start on both systems to start the Eiconcards. The Eiconcards on each system are loaded and configured according to the parameters found in the system's ec.cfg file. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 15. | Once eccard start has run successfully (no errors reported), you can use ecstatus on both systems to check the integrity of the connection between Sys-1 and Sys-2. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 16. | Create a test circuit on both systems. Two sample files, sys1pap.if and sys2pap.if, are provided with Routing Services which are configured for the purpose of running this test. Sys-1 is configured as the authenticator and Sys-2 as the system to be authenticated, as shown in the sample circuit definitions. | ||||||||||||||||||||||||||||||||||||||||||||||||
| Note: When using PAP and CHAP to configure Eicon Routing Services, one side of the connection must be configured as the authenticator for incoming connections, and the other as the system to be authenticated, that is, the system making the call. | |||||||||||||||||||||||||||||||||||||||||||||||||
| Note: Circuit names need only be unique within one Linux system; you can specify the same name for the test circuits used on Sys-1 and Sys-2. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 17. | Ensure the Eiconcards are already started, and run mprload -f sys1pap.if on Sys-1 and mprload -f sys2pap.if on Sys-2. This loads the specified interface file down to the Eicon Routing Services driver. If the -f option is not specified, the default file mpr.if is loaded down to the driver. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 18. | Run mprstart on both systems to start the circuits. If you stop an Eiconcard after creating a circuit entry, use mprstart to restart the circuit once you have restarted the card. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 19. | Run ecstatus ppp to confirm that the link between Sys-1 and Sys-2 is operational. The Protocol State item appearing in the left column of the ecstatus display should be listed as "Opening" on both systems. | ||||||||||||||||||||||||||||||||||||||||||||||||
Check that the circuit is correctly defined on both systems and that the two circuits are bound by using the mprstat -c command. The systems display the following:
| |||||||||||||||||||||||||||||||||||||||||||||||||
| If there is an "E" in the Flags column, the binding of the circuit may be incorrect. Determine what the error is and correct it. You can use the mprstart command to restart the circuit or the mprstat -cv command to display detailed status information for the circuits if necessary. | |||||||||||||||||||||||||||||||||||||||||||||||||
| For more information on the ecstatus command, see ecstatus.html in the usr/lib/eicon/docs directory. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 20. | If the circuit states are set properly, go to the Testing Sys-1/Sys-2 Communications. | ||||||||||||||||||||||||||||||||||||||||||||||||
Multilink PPP allows you to run a Point-to-Point connection over two 64K ISDN B-Channels, providing you with a single 128K data pipe. You can set up a Multilink PPP connection using Sys-1 and Sys-2 by following this procedure. The two systems must be connected over ISDN lines. For this test, the EuroISDN switch type is configured.
| 1. | Select the Eiconcard Services Protocol Configuration option in eiconcfg on each system to modify its Eiconcard configuration. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 2. | At the Hardware Configuration screen, set the ISDN option to Yes and select EuroISDN as your switch type. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 3. | Set auto activate ports to No for the PPP ports and set the number of ports to 2. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 4. | Move to the Protocol Configuration screen. Select Routing Services. Configure the Line protocol module as PPP. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 5. | Press F4 to access the Point-to-Point Configuration screen and set the Multilink PPP option to Yes on both systems. Ensure the Link Speed is the same on both systems. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 6. | Press F3 to return to the Protocol Configuration screen. Set the Dialer selection option to B-Channel for the two ports on each system. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 7. | Press F4 to access the B-Channel Configuration screen on both systems. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 8. | On Sys-1, set the local directory number to 384000 and the remote directory number to 384020 on both port 1 and port 2. | ||||||||||||||||||||||||||||||||||||||||||||||||
| Note: These numbers are used only for the purpose of this example, and should be replaced by your ISDN number. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 9. | On Sys-2, set the local directory number to 384020 and the remote directory number to 384000 on both port 1 and port 2. | ||||||||||||||||||||||||||||||||||||||||||||||||
| Note: These numbers are used only for the purpose of this example, and should be replaced by your ISDN number. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 10. | Once the parameters are set, press F2 Save and F10 to exit. The two ec.cfg files are now configured for Sys-1 and Sys-2's connection. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 11. | If the Eiconcard is already loaded and running (using eccard start), run eccard stop to stop it. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 12. | Connect the Eiconcard in Sys-1 to the Eiconcard in Sys-2 over an ISDN line. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 13. | Run eccard start on both systems to start the Eiconcards. The Eiconcards on each system are loaded and configured according to the parameters found in the system's ec.cfg file. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 14. | Once eccard start has run successfully (no errors reported), you can use ecstatus on both systems to check the integrity of the connection between Sys-1 and Sys-2. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 15. | Create a test circuit on both systems. Two sample files, sys1mlp.if and sys2mlp.if, are provided with Routing Services and are configured for the purpose of running this test. | ||||||||||||||||||||||||||||||||||||||||||||||||
| Circuit names need only be unique within one Linux system; you can specify the same name for the test circuits used on Sys-1 and Sys-2. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 16. | Ensure the Eiconcards are already started, and run mprload -f sys1mlp.if on Sys-1 and mprload -f sys2mlp.if on Sys-2. This loads the specified interface file down to the Eicon Routing Services driver. If the -f option is not specified, the default file mpr.if is loaded down to the driver. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 17. | Run mprstart on both systems to start the circuits. If you stop an Eiconcard after creating a circuit entry, use mprstart to restart the circuit once you have restarted the card. | ||||||||||||||||||||||||||||||||||||||||||||||||
| 18. | Run ecstatus ppp to confirm that the link between Sys-1 and Sys-2 is operational. The Protocol State item appearing in the left column of the ecstatus display should be listed as "Opening" on both systems. | ||||||||||||||||||||||||||||||||||||||||||||||||
Check that the circuit is correctly defined on both systems and that the two circuits are bound by using the mprstat -c command. The systems display the following:
| |||||||||||||||||||||||||||||||||||||||||||||||||
| If there is an "E" in the Flags column, the binding of the circuit may be incorrect. Determine what the error is and correct it. You can use the mprstart command to restart the circuit or the mprstat -cv command to display detailed status information for the circuits if necessary. | |||||||||||||||||||||||||||||||||||||||||||||||||
| For more information on the ecstatus command, see ecstatus.html in the usr/lib/eicon/docs directory. | |||||||||||||||||||||||||||||||||||||||||||||||||
| 19. | If the circuit states are set properly, go to Testing Sys-1/Sys-2 Communications below. | ||||||||||||||||||||||||||||||||||||||||||||||||
The two systems are now ready to exchange IP datagrams over the X.25, Frame Relay, or PPP link that connects them together. The TCP/IP ping utility provides a convenient way of doing this.
The ping utility provides real network traffic by means of ICMP Echo Requests. It transmits datagrams from one system to another system identified by the specified IP address. Reply datagrams contain items such as a sequence number, the number of datagrams sent so far, and the round-trip time for each datagram. The sequence number indicates the datagram to which a reply corresponds.
The reply from the other system fits on a single line, and a new reply line is displayed once every few seconds. You can use the interrupt key (Ctrl-Break or Delete) to terminate ping at any time, or you can specify the number of datagrams to be sent on the ping command line. When ping terminates, several summary statistic lines are displayed.
Run ping on Sys-1 as shown below. A sample of the statistical information displayed by ping is also included. The IP address of Sys-2 is included on the ping command line, indicating the system with which the communications are to occur.
| [Sys-1]# ping 192.1.100.2 | |
| PING 192.1.100.2: 56 data bytes | |
| 64 bytes from 192.1.100.2: icmp_seq=0. time=125. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=1. time=105. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=2. time=110. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=3. time=105. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=4. time=105. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=5. time=115. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=6. time=110. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=7. time=110. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=8. time=105. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=9. time=110. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=10. time=115. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=11. time=115. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=12. time=110. ms | |
| 64 bytes from 192.1.100.2: icmp_seq=13. time=110. ms | |
| ----192.1.100.2 PING Statistics---- | |
| 14 packets transmitted, 14 packets received, 0% packet loss | |
| round-trip (ms) min/avg/max = 103/114/125 |
In this example, the interrupt key (e.g., Ctrl-Break or Delete) was pressed after 14 datagrams were sent. The ping utility then displayed the summary statistics and halted. The term "packet" used on the summary lines at the end of the sample ping display is equivalent to the term "datagram" as in "IP datagram."
You can also run ping on Sys-2 to show a more realistic traffic pattern, with the two systems simultaneously communicating with each other. You can continue adding Eicon Routing Services systems and running ping as desired.
|
|
Copyright (c) 2001 Eicon Networks
