Forwarding Gateway
A NetWare/IP server is a NetWare 4 server with the following additional NetWare Loadable Modules (NLMs) loaded:
The following sections describe the configuration options available with the NetWare/IP server.
A NetWare/IP server provides NetWare services to nodes on a TCP/IP network. Unlike an IPX-based NetWare server, the NetWare/IP server accepts TCP and UDP packets. A NetWare/IP server stores the name of its NetWare/IP domain as part of its local configuration. The NetWare/IP server may also store configuration information locally that customizes how it communicates with the DSS servers and with nodes on remote network segments. For more information on NetWare/IP server configuration parameters, see NetWare/IP Server Configuration Form
In addition to its own local configuration information, the NetWare/IP server also obtains global configuration information from a DSS server, such as the virtual IPX network number, UDP port numbers, and DSS-NetWare/IP synchronization interval.
To start the first time, a NetWare/IP server must obtain the network configuration from a DSS server. The NetWare/IP server then saves the parameters to a local file. The next time the NetWare/IP server comes up, it again looks for a DSS server to obtain the current configuration. However, if it cannot find the DSS server, it defaults to the configuration it used the last time it was up.
By default, the NetWare/IP server provides services to TCP/IP nodes only. However, if you have a mixed IP-IPX internetwork, you might want to configure one or more NetWare/IP servers to act as gateways to provide connectivity between IP and IPX networks. A NetWare/IP gateway has both an IP interface and an IPX interface (meaning that TCP/IP and IPX are bound to a network board in the server), which allows it to accept IPX packets in addition to UDP and TCP packets.
There are two types of NetWare/IP gateways: forwarding gateways and non-forwarding gateways.
A forwarding gateway connects separate IP and IPX networks, providing both IP and IPX clients with seamless access to services on either network. This type of gateway forwards packets between the two networks, performing protocol conversion as required.
For example, suppose company1 wants to interconnect a TCP/IP network in its marketing division with an IPX network in its sales division. Company1 sets up a forwarding NetWare/IP gateway, GW1, between the two networks, as shown in Figure 4-1 . Once the gateway is configured, client C1 on the TCP/IP network can access a service provided by server S1 on the IPX network. NetWare/IP automatically routes the service request packet from C1 to the forwarding gateway. The gateway converts the packet from UDP to IPX and then forwards the packet to S1.
Figure 4-1.
Forwarding Gateway
In addition to translating packets and passing them from one network segment to another, the forwarding NetWare/IP gateway is also responsible for communicating service and routing information between the IP and IPX subnetworks.
On an IPX network, services and routes are advertised using SAP and RIP broadcasting. The forwarding gateway accepts the IPX SAP and RIP broadcasts through its IPX interface and uploads them directly to the DSS server. This enables NetWare/IP servers and clients to learn about services and routes on the IPX network.
Similarly, the forwarding NetWare/IP gateway downloads SAP/RIP information for the IP network segment from the DSS server. Then, to advertise the IP services and routes, the gateway broadcasts the SAP and RIP information it downloaded from the DSS server to the IPX network. This enables NetWare servers and clients on the IPX network to learn about services and routes on the IP network. SAP/RIP forwarding is illustrated in Figure 4-2 .
Figure 4-2.
SAP/
RIP Forwarding
Because forwarding gateways may become heavily loaded with traffic between the two network segments, you should consider dedicating the gateway machine. Additionally, to prevent routing loops, it is recommended that you do not configure more than two forwarding gateways per network pair.
A non-forwarding gateway is simply a NetWare/IP server with both an IP and an IPX interface. The purpose of the non-forwarding gateway is to provide both IP and IPX clients with direct access to its services. If you have a mixed IP-IPX subnetwork, you may want to configure one or more NetWare/IP servers as non-forwarding gateways.
For example, the Engineering subnetwork at company1 has both an IP client, C1, and an IPX client, C2. Therefore, company1 configures server S1 as a non-forwarding gateway, as shown in Figure 4-3 . This allows S1 to accept UDP packets from C1 through its IP interface and IPX packets from C2 through its IPX interface.
Figure 4-3.
Non-forwarding Gateway
With previous versions of NetWare/IP, the default configuration for a non-forwarding gateway enabled IPX clients to see and access IP services, but it did not enable IP hosts to see or access IPX services. Prior to NetWare/IP 2.2, a non-forwarding gateway actually functioned as a one-way forwarding gateway, providing IPX clients with access to IP services. This occurred because NetWare received information about the IP network from the NetWare/IP service and internally routed it to all existing IPX networks that it knew about.
With NetWare/IP 2.2, the server software is configured with the internal routing feature disabled. This means that by default, a non-forwarding gateway does not function as a one-way forwarding gateway. IP network information is not forwarded to the IPX network.
To enable a non-forwarding gateway to function as a one-way forwarding gateway, you need to enable the internal routing feature. You might choose to do this in a few situations to provide one-way load balancing for a heavily used forwarding gateway (balancing the load for IPX to IP communications).
For example, company1 wants to reduce the load on the forwarding gateway between its TCP/IP and IPX subnetworks by configuring a one-way forwarding gateway, GW2, as shown in Figure 4-4 . Client C1 on the IPX segment learns about services provided by S1 on the IP segment through SAP and RIP broadcasts from both GW1 and GW2. Thus, C1 can access services on S1 either through GW1 or GW2. However, C2 can access services only on server S2 through the forwarding gateway, GW1. This is because the forwarding gateway is the only known route from the IP segment to S2 because it is the only server that reported the S2 SAP and RIP information to DSS.
Figure 4-4.
Forwarding and One-way Forwarding Gateway Configuration
