Feedback
Table Of Contents
Assigning Network Numbers to Individual Interfaces
Enabling Concurrent Routing and Bridging
Configuring Integrated Routing and Bridging
IPX Enhanced IGRP Configuration Task List
Customizing Link Characteristics
Customizing the Exchange of Routing and Service Information
Redistributing Routing Information
Controlling the Advertising of Routes in Routing Updates
Controlling the Processing of Routing Updates
Controlling the Advertising of Services in SAP Updates
Controlling the Processing of SAP Updates
Understanding Level 1, 2, and 3 Routers
Configuring NLSP on an Interface
Customizing Link Characteristics
Understanding Area Addresses, Route Summaries, and Aggregated Routes
Understanding Route Redistribution
Understanding Route Summarization
Understanding Service and Path Selection
Route Aggregation Configuration Task List
Customizing the Exchange of Routing Information
Configuring RIP and SAP Compatibility
Redistributing Routing Information
Configuring Next Hop Resolution Protocol
Configuring a Station with Static IPX-to-NBMA Address Mapping
Statically Configuring a Next Hop Server
Configuring NHRP Authentication
Suppressing Forward and Reverse Record Options
Specifying the NHRP Responder Address
Changing the Time Period NBMA Addresses Are Advertised As Valid
Configuring IPX and SPX over WANs
Configuring SPX Spoofing over DDR
Configuring IPX Header Compression
Configuring the IPXWAN Protocol
Controlling Access to IPX Networks
Controlling Access to IPX Networks Task List
Creating Access Lists Using Numbers
Creating Access Lists Using Names
Creating Filters for Updating the Routing Table
Creating Broadcast Message Filters
Tuning IPX Network Performance
Controlling Novell IPX Compliance
Adjusting RIP and SAP Information
Specifying the Use of Broadcast Messages
Configuring IPX Multilayer Switching
Monitoring and Maintaining the IPX Network
General Monitoring and Maintaining Tasks
Monitoring and Maintaining Caches, Tables, Interfaces, and Statistics
Specifying the Type and Use of Ping Packets
Troubleshooting Network Connectivity
Monitoring and Maintaining IPX Enhanced IGRP
Logging Enhanced IGRP Neighbor Adjacency Changes
Monitoring and Maintaining NLSP
Logging Adjacency State Changes
Monitoring and Maintaining NHRP
Monitoring and Maintaining IPX Accounting
Configuring Novell IPX
This chapter describes how to configure Novell Internetwork Packet Exchange (IPX) and provides configuration examples. For a complete description of the IPX commands in this chapter, refer to the "Novell IPX Commands" chapter in the Cisco IOS AppleTalk and Novell IPX Command Reference publication. To locate documentation of other commands that appear in this chapter, use the command reference master index or search online.
To identify the hardware platform or software image information associated with a feature, use the Feature Navigator on Cisco.com to search for information about the feature or refer to the software release notes for a specific release. For more information, see the "Identifying Supported Platforms" section in the "Using Cisco IOS Software" chapter.
IPX Addresses
An IPX network address consists of a network number and a node number expressed in the format network.node.
Network Numbers
The network number identifies a physical network. It is a 4-byte (32-bit) quantity that must be unique throughout the entire IPX internetwork. The network number is expressed as hexadecimal digits. The maximum number of digits allowed is eight.
The Cisco IOS software does not require that you enter all eight digits; you can omit leading zeros.
Node Numbers
The node number identifies a node on the network. It is a 48-bit quantity, represented by dotted triplets of four-digit hexadecimal numbers.
If you do not specify a node number for a router to be used on WAN links, the Cisco IOS software uses the hardware MAC address currently assigned to it as its node address. This is the MAC address of the first Ethernet, Token Ring, or FDDI interface card. If there are no valid IEEE interfaces, the Cisco IOS software randomly assigns a node number using a number that is based on the system clock.
IPX Address Example
The following example shows how to configure an IPX network address:
4a.0000.0c00.23feIn this example, the network number is 4a (more specifically, it is 0000004a), and the node number is 0000.0c00.23fe. All digits in the address are hexadecimal.
IPX Configuration Task List
To configure IPX routing, perform the tasks in the following sections:
•
Configuring IPX Routing (Required)
•
•
•
•
•
•
•
•
•
•
•
•
See the "Novell IPX Configuration Examples" section in the Novell IPX Configuration Examples chapter.
Configuring IPX Routing
You configure IPX routing by first enabling it on the router and then configuring it on each interface.
Optionally, you can route IPX on some interfaces and transparently bridge it on other interfaces. You can also route IPX traffic between routed interfaces and bridge groups, or route IPX traffic between bridge groups.
To configure IPX routing, perform the tasks in the following sections. The first two tasks are required; the rest are optional.
•
•
•
•
IPX Default Routes
In IPX, a default route is the network where all packets for which the route to the destination address is unknown are forwarded.
Original Routing Information Protocol (RIP) implementations allowed the use of network -2 (0xFFFFFFFE) as a regular network number in a network. With the inception of NetWare Link Services Protocol (NLSP), network -2 is reserved as the default route for NLSP and RIP. Both NLSP and RIP routers should treat network -2 as a default route. Therefore, you should implement network -2 as the default route regardless of whether you configure NLSP in your IPX network.
By default, Cisco IOS software treats network -2 as the default route. You should ensure that your IPX network does not use network -2 as a regular network. If, for some reason, you must use network -2 as a regular network, you can disable the default behavior. To do so, see the "Adjusting Default Routes" section later in this chapter.
For more background information on how to handle IPX default routes, refer to the Novell NetWare Link Services Protocol (NLSP) Specification, Revision 1.1 publication.
Enabling IPX Routing
The first step in enabling IPX routing is to enable it on the router. If you do not specify the node number of the router to be used on WAN links, the Cisco IOS software uses the hardware MAC address currently assigned to it as its node address. This is the MAC address of the first Ethernet, Token Ring, or FDDI interface card. If there are no valid IEEE interfaces, the Cisco IOS software randomly assigns a node number using a number that is based on the system clock.
To enable IPX routing, use the following command in global configuration mode:
For an example of how to enable IPX routing, see the "IPX Routing Examples"section in the Novell IPX Configuration Examples chapter.
Caution
Assigning Network Numbers to Individual Interfaces
After you have enabled IPX routing, you enable IPX routing on the individual interfaces by assigning network numbers to those interfaces.
You enable IPX routing on interfaces that support a single network or multiple networks.
When you enable IPX routing on an interface, you can also specify an encapsulation (frame type) to use for packets being sent on that network. Table 8 lists the encapsulation types you can use on IEEE interfaces and shows the correspondence between Cisco naming conventions and Novell naming conventions for the encapsulation types.
Note
Assigning Network Numbers to Individual Interfaces Task List
The following sections describe how to enable IPX routing on interfaces that support a single network and on those that support multiple networks. To enable IPX routing on an interface, you must perform one of the tasks:
•
•
•
Assigning Network Numbers to Interfaces That Support a Single Network
A single interface can support a single network or multiple logical networks. For a single network, you can configure any encapsulation type. Of course, it should match the encapsulation type of the servers and clients using that network number.
To assign a network number to an interface that supports a single network, use the following command in interface configuration mode:
Router(config-if)# ipx network network [encapsulation encapsulation-type]
Enables IPX routing on an interface.
If you specify an encapsulation type, be sure to choose the one that matches the one used by the servers and clients on that network. Novell-ether or ARPA encapsulations cannot be used for FDDI-Ethernet bridged IPX traffic. Use SAP encapsulations on originating and destination IPX interfaces that are attached to the FDDI-Ethernet bridge. See Table 8 for a list of encapsulation types you can use on IEEE interfaces.
For an example of how to enable IPX routing, see the "IPX Routing Examples" section in the Novell IPX Configuration Examples chapter.
Assigning Network Numbers to Interfaces That Support Multiple Networks
When assigning network numbers to an interface that supports multiple networks, you must specify a different encapsulation type for each network. Because multiple networks share the physical medium, the Cisco IOS software is allowed to identify the packets that belong to each network. For example, you can configure up to four IPX networks on a single Ethernet cable, because four encapsulation types are supported for Ethernet. Remember, the encapsulation type should match the servers and clients using the same network number. See Table 8 for a list of encapsulation types you can use on IEEE interfaces.
There are two ways to assign network numbers to interfaces that support multiple networks. You can use subinterfaces or primary and secondary networks.
Setting the Encapsulation Type for Subinterfaces
You typically use subinterfaces to assign network numbers to interfaces that support multiple networks.
A subinterface is a mechanism that allows a single physical interface to support multiple logical interfaces or networks. That is, several logical interfaces or networks can be associated with a single hardware interface. Each subinterface must use a distinct encapsulation, and the encapsulation must match that of the clients and servers using the same network number.
Note
Any interface configuration parameters that you specify on an individual subinterface are applied to that subinterface only.
To configure multiple IPX networks on a physical interface using subinterfaces, use the following commands beginning in global configuration mode:
Note
To configure more than one subinterface, repeat these two steps. See Table 8 for a list of encapsulation types you can use on IEEE interfaces.
For examples of configuring multiple IPX networks on an interface, see the"IPX Routing on Multiple Networks Examples" section in the Novell IPX Configuration Examples chapter.
Primary and Secondary Networks
When assigning network numbers to interfaces that support multiple networks, you can also configure primary and secondary networks.
The first logical network you configure on an interface is considered the primary network. Any additional networks are considered secondary networks. Again, each network on an interface must use a distinct encapsulation and it should match that of the clients and servers using the same network number.
Any interface configuration parameters that you specify on this interface are applied to all the logical networks. For example, if you set the routing update timer to 120 seconds, this value is used on all four networks.
To use primary and secondary networks to configure multiple IPX networks on an interface, use the following commands in interface configuration mode:
To configure more than one secondary network, repeat these steps as appropriate. See Table 8 for a list of encapsulation types you can use on IEEE interfaces.
Note
Enabling Concurrent Routing and Bridging
You can route IPX on some interfaces and transparently bridge it on other interfaces simultaneously. To enable this type of routing, you must enable concurrent routing and bridging. To enable concurrent routing and bridging, use the following command in global configuration mode:
Router(config)# bridge crb
Enables the Cisco IOS software to both route and bridge a given protocol on separate interfaces within a single router.
Configuring Integrated Routing and Bridging
Integrated routing and bridging (IRB) enables a user to route IPX traffic between routed interfaces and bridge groups, or route IPX traffic between bridge groups. Specifically, local or unroutable traffic is bridged among the bridged interfaces in the same bridge group. Routable traffic is routed to other routed interfaces or bridge groups. Using IRB, you can do the following:
•
•
•
For more information about configuring integrated routing and bridging, refer to the "Configuring Transparent Bridging" chapter in the Cisco IOS Bridging and IBM Networking Configuration Guide.
Configuring IPX Enhanced IGRP
Enhanced IGRP is an enhanced version of the Interior Gateway Routing Protocol (IGRP) developed by Cisco. Enhanced IGRP uses the same distance vector algorithm and distance information as IGRP. However, the convergence properties and the operating efficiency of Enhanced IGRP have improved significantly over IGRP.
The convergence technology is based on research conducted at SRI International and employs an algorithm referred to as the Diffusing Update Algorithm (DUAL). This algorithm guarantees loop-free operation at every instant throughout a route computation, and allows all routers involved in a topology change to synchronize at the same time. Routers that are not affected by topology changes are not involved in recomputations. The convergence time with DUAL rivals that of any other existing routing protocol.
Enhanced IGRP Features
Enhanced IGRP offers the following features:
•
•
•
•
•
Enhanced IGRP Components
Enhanced IGRP has four basic components discussed in the following sections:
Neighbor Discovery/Recovery
Neighbor discovery/recovery is the process that routers use to dynamically learn of other routers on their directly attached networks. Routers must also discover when their neighbors become unreachable or inoperative. The router achieves neighbor discovery/recovery with low overhead by periodically sending small hello packets. As long as hello packets are received, a router can determine that a neighbor is alive and functioning. Once this status is determined, the neighboring devices can exchange routing information.
Reliable Transport Protocol
The reliable transport protocol is responsible for guaranteed, ordered delivery of Enhanced IGRP packets to all neighbors. It supports intermixed transmission of multicast and unicast packets. Some Enhanced IGRP packets must be sent reliably, and others need not be. For efficiency, reliability is provided only when necessary. For example, on a multiaccess network that has multicast capabilities (such as Ethernet) it is not necessary to send hellos reliably to all neighbors individually. Therefore, Enhanced IGRP sends a single multicast hello with an indication in the packet informing the receivers that the packet need not be acknowledged. Other types of packets (such as updates) require acknowledgment, which is indicated in the packet. The reliable transport has a provision to send multicast packets quickly when there are unacknowledged packets pending. This provision helps ensure that convergence time remains low in the presence of varying speed links.
DUAL Finite-State Machine
The DUAL finite-state machine embodies the decision process for all route computations. It tracks all routes advertised by all neighbors. DUAL uses the distance information (known as a metric) to select efficient, loop-free paths. DUAL selects routes to be inserted into a routing table based on feasible successors. A successor is a neighboring router used for packet forwarding that has a least-cost path to a destination that is guaranteed not to be part of a routing loop. When there are no feasible successors but there are neighbors advertising the destination, a recomputation must occur. This is the process whereby a new successor is determined. The amount of time it takes to recompute the route affects the convergence time. Recomputation is processor-intensive. It is advantageous to avoid recomputation if it is not necessary. When a topology change occurs, DUAL will test for feasible successors. If there are feasible successors, it will use any it finds in order to avoid unnecessary recomputation.
Protocol-Dependent Modules
The protocol-dependent modules are responsible for network layer protocol-specific tasks. They are also responsible for parsing Enhanced IGRP packets and informing DUAL of the new information received. Enhanced IGRP asks DUAL to make routing decisions, but the results are stored in the IPX routing table. Also, Enhanced IGRP is responsible for redistributing routes learned by other IPX routing protocols.
IPX Enhanced IGRP Configuration Task List
To enable IPX Enhanced IGRP, perform the tasks in the following sections. Only the first task is required; the remaining tasks are optional.
•
•
•
•
Enabling IPX Enhanced IGRP
To create an IPX Enhanced IGRP routing process, use the following commands beginning in global configuration mode:
To associate multiple networks with an Enhanced IGRP routing process, you can repeat the preceding two steps.
For an example of how to enable Enhanced IGRP, see the IPX Enhanced "IGRP Example" section in the Novell IPX Configuration Examples chapter.
Customizing Link Characteristics
You might want to customize the Enhanced IGRP link characteristics. The following sections describe these customization tasks:
•
•
•
Configuring the Percentage of Link Bandwidth Used by Enhanced IGRP
By default, Enhanced IGRP packets consume a maximum of 50 percent of the link bandwidth, as configured with the bandwidth interface subcommand. If a different value is desired, use the ipx bandwidth-percent command. This command may be useful if a different level of link utilization is required, or if the configured bandwidth does not match the actual link bandwidth (it may have been configured to influence route metric calculations).
To configure the percentage of bandwidth that may be used by Enhanced IGRP on an interface, use the following command in interface configuration mode:
Router(config-if)# ipx bandwidth-percent eigrp as-number percent
Configures the percentage of bandwidth that may be used by Enhanced IGRP on an interface.
For an example of how to configure the percentage of Enhanced IGRP bandwidth, see the"IPX Enhanced IGRP Bandwidth Configuration Example"section in the Novell IPX Configuration Examples chapter.
Configuring Maximum Hop Count
Note
By default, IPX packets whose hop count exceeds 15 are discarded. In larger internetworks, this maximum hop count may be insufficient. You can increase the hop count to a maximum of 254 hops for Enhanced IGRP. To modify the maximum hop count, use the following command in global configuration mode:
Adjusting the Interval Between Hello Packets and the Hold Time
You can adjust the interval between hello packets and the hold time.
Routers periodically send hello packets to each other to dynamically learn of other devices on their directly attached networks. Routers use this information to discover their neighbors and to discover when their neighbors become unreachable or inoperative.
By default, hello packets are sent every 5 seconds. The exception is on low-speed, nonbroadcast multiaccess (NBMA) media, where the default hello interval is 60 seconds. Low speed is considered to be a rate of T1 or slower, as specified with the bandwidth interface configuration command. The default hello interval remains 5 seconds for high-speed NBMA networks.
Note
You can configure the hold time on a specified interface for a particular Enhanced IGRP routing process designated by the autonomous system number. The hold time is advertised in hello packets and indicates to neighbors the length of time they should consider the sender valid. The default hold time is three times the hello interval, or 15 seconds.
On very congested and large networks, 15 seconds may not be sufficient time for all routers to receive hello packets from their neighbors. In this case, you may want to increase the hold time. To increase the hold time, use the following command in interface configuration mode:
Router(config-if)# ipx hold-time eigrp autonomous-system-number seconds
Sets the hold time.
To change the interval between hello packets, use the following command in interface configuration mode:
Router(config-if)# ipx hello-interval eigrp autonomous-system-number seconds
Sets the interval between hello packets.
Note
Customizing the Exchange of Routing and Service Information
You might want to customize the exchange of routing and service information. The following sections describe these customization tasks:
•
•
•
•
•
•
•
Redistributing Routing Information
By default, the Cisco IOS software redistributes IPX RIP routes into Enhanced IGRP, and vice versa.
To disable route redistribution, use the following command in IPX-router configuration mode:
The Cisco IOS software does not automatically redistribute NLSP routes into Enhanced IGRP routes and vice versa. To configure this type of redistribution, use the following commands beginning in global configuration mode:
For an example of how to enable redistribution of Enhanced IGRP and NLSP, see the "Enhanced IGRP and NLSP Route Redistribution Example" section in the Novell IPX Configuration Examples chapter.
Disabling Split Horizon
Split horizon controls the sending of Enhanced IGRP update and query packets. If split horizon is enabled on an interface, these packets are not sent for destinations if this interface is the next hop to that destination.
By default, split horizon is enabled on all interfaces.
Split horizon blocks information about routes from being advertised by the Cisco IOS software out any interface from which that information originated. This behavior usually optimizes communication among multiple routers, particularly when links are broken. However, with nonbroadcast networks (such as Frame Relay and SMDS), situations can arise for which this behavior is less than ideal. For these situations, you can disable split horizon.
To disable split horizon, use the following command in interface configuration mode:
Router(config-if)# no ipx split-horizon eigrp autonomous-system-number
Disables split horizon.
Note
Controlling the Advertising of Routes in Routing Updates
To control which devices learn about routes, you can control the advertising of routes in routing updates. To control this advertising, use the following command in router configuration mode:
Router(config-router)# distribute-list access-list-number out [interface-name | routing-process]
Controls the advertising of routes in routing updates.
Controlling the Processing of Routing Updates
To control the processing of routes listed in incoming updates, use the following command in router configuration mode:
Router(config-router)# distribute-list access-list-number in [interface-name]
Controls which incoming route updates are processed.
Controlling SAP Updates
If IPX Enhanced IGRP peers are found on an interface, you can configure the Cisco IOS software to send SAP updates either periodically or when a change occurs in the SAP table. When no IPX Enhanced IGRP peer is present on the interface, periodic SAPs are always sent.
On serial lines, by default, if an Enhanced IGRP neighbor is present, the Cisco IOS software sends SAP updates only when the SAP table changes. On Ethernet, Token Ring, and FDDI interfaces, by default, the software sends SAP updates periodically. To reduce the amount of bandwidth required to send SAP updates, you might want to disable the periodic sending of SAP updates on LAN interfaces. This feature should only be disabled when all nodes out of this interface are Enhanced IGRP peers; otherwise, loss of SAP information on the other nodes will result.
To send SAP updates only when a change occurs in the SAP table, use the following command in interface configuration mode:
Router(config-if)# ipx sap-incremental eigrp autonomous-system-number
Sends SAP updates only when a change in the SAP table occurs.
To send SAP updates only when a change occurs in the SAP table and to send only the SAP changes, use the following command in interface configuration mode:
Router(config-if)# ipx sap-incremental eigrp autonomous-system-number rsup-only
Sends SAP updates only when a change in the SAP table occurs, and sends only the SAP changes.
When you enable incremental SAP using the ipx sap-incremental eigrp rsup-only command, Cisco IOS software disables the exchange of route information via Enhanced IGRP for that interface.
To send periodic SAP updates, use the following command in interface configuration mode:
Router(config-if)# no ipx sap-incremental eigrp autonomous-system-number
Sends SAP updates periodically.
For an example of how to configure SAP updates, see the"Enhanced IGRP SAP Update Examples" section in the Novell IPX Configuration Examples chapter.
To disable split horizon for incremental SAP, use the following command in interface configuration mode:
Router(config-if)# no ipx sap-incremental split-horizon
Disables split horizon for SAP.
Note
Controlling the Advertising of Services in SAP Updates
To control which devices learn about services, you can control the advertising of these services in SAP updates. To control this advertising, use the following command in router configuration mode:
For a configuration example of controlling the advertisement of SAP updates, see the "Advertisement and Processing of SAP Update Examples" section in the Novell IPX Configuration Examples chapter.
Controlling the Processing of SAP Updates
To control the processing of routes listed in incoming updates, use the following command in router configuration mode:
Router(config-router)# distribute-sap-list access-list-number in [interface-name]
Controls which incoming SAP updates are processed.
For a configuration example of controlling the processing of SAP updates, see the "Advertisement and Processing of SAP Update Examples" section in the Novell IPX Configuration Examples chapter.
Querying the Backup Server
The backup server table is a table kept for each Enhanced IGRP peer. It lists the IPX servers that have been advertised by that peer. If a server is removed from the main server table at any time and for any reason, the Cisco IOS software examines the backup server table to learn if this just-removed server is known by any of the Enhanced IGRP peers. If it is, the information from that peer is advertised back into the main server table just as if that peer had readvertised the server information to this router. Using this method to allow the router to keep the backup server table consistent with what is advertised by each peer means that only changes to the table must be advertised between Enhanced IGRP routers; full periodic updates need not be sent.
By default, the Cisco IOS software queries its own copy of the backup server table of each Enhanced IGRP neighbor every 60 seconds. To change this interval, use the following command in global configuration mode:
Router(config)# ipx backup-server-query-interval interval
Specifies the minimum period of time between successive queries of the backup server table of a neighbor.
Configuring NLSP
NLSP is a link-state routing protocol based on the Open System Interconnection (OSI) Intermediate System-to-Intermediate System (IS-IS) protocol.
NLSP is designed to be used in a hierarchical routing environment, in which networked systems are grouped into routing areas. Routing areas can then be grouped into routing domains, and domains can be grouped into an internetwork.
Understanding Level 1, 2, and 3 Routers
Level 1 routers connect networked systems within a given routing area. Areas are connected to each other by Level 2 routers, and domains are connected by Level 3 routers. A Level 2 router also acts as a Level 1 router within its own area; likewise, a Level 3 router also acts as a Level 2 router within its own domain.
The router at each level of the topology stores complete information for its level. For instance, Level 1 routers store complete link-state information about their entire area. This information includes a record of all the routers in the area, the links connecting them, the operational status of the devices and their links, and other related parameters. For each point-to-point link, the database records the end-point devices and the state of the link. For each LAN, the database records which routers are connected to the LAN. Similarly, Level 2 routers would store information about all the areas in the routing domain, and Level 3 routers would store information about all the domains in the internetwork.
Although NLSP is designed for hierarchical routing environments containing Level 1, 2, and 3 routers, only Level 1 routing with area route aggregation and route redistribution has been defined in a specification.
Understanding NLSP Databases
NLSP is a link-state protocol, which means that every router in a routing area maintains an identical copy of the link-state database. This database contains all information about the topology of the area. All routers synchronize their views of the databases among themselves to keep their copies of the link-state databases consistent. NLSP has the following three major databases:
•
•
•
Cisco Support of NLSP
The Cisco implementation of NLSP supports the Novell NLSP specification, version 1.1. Our implementation of NLSP also includes read-only NLSP MIB variables.
NLSP Configuration Task List
To configure NLSP, you must have configured IPX routing on your router, as described previously in this chapter. Then, you must perform the tasks described in the following sections:
•
•
•
You can optionally perform the tasks described in the following sections:
•
•
•
For an example of enabling NLSP, see the "IPX Routing Protocols Examples" section in the Novell IPX Configuration Examples chapter.
Defining an Internal Network
An internal network number is an IPX network number assigned to the router. For NLSP to operate, you must configure an internal network number for each device.
To enable IPX routing and to define an internal network number, use the following commands in global configuration mode:
Step 1
Router(config)# ipx routing
Enables IPX routing.
Step 2
Router(config)# ipx internal-network network-number
Defines an internal network number.
Enabling NLSP Routing
To enable NLSP, use the following commands beginning in global configuration mode:
Step 1
Router(config)# ipx router nlsp [tag]
Enables NLSP.
Step 2
Router(config-if)# area-address address mask
Defines a set of network numbers to be part of the current NLSP area.
Configuring NLSP on an Interface
You configure NLSP differently on LAN and WAN interfaces, as described in the following sections:
•
•
Configuring NLSP on a LAN Interface
To configure NLSP on a LAN interface, use the following commands in interface configuration mode:
To configure multiple encapsulations on the same physical LAN interfaces, you must configure subinterfaces. Each subinterface must have a different encapsulation type. To configure subinterfaces, use the following commands beginning in global configuration mode:
Repeat these three steps for each subinterface.
Note
Configuring NLSP on a WAN Interface
To configure NLSP on a WAN interface, use the following commands beginning in global configuration mode:
Customizing Link Characteristics
You might want to customize the NLSP link characteristics. The following sections describe these customization tasks:
•
•
•
•
•
•
•
•
Enabling NLSP Multicast Addressing
Cisco IOS supports the use of NLSP multicast addressing for Ethernet, Token Ring, and FDDI router interfaces. This capability is only possible when the underlying Cisco hardware device or driver supports multicast addressing.
With this feature, the router defaults to using multicasts on Ethernet, Token Ring, and FDDI interfaces, instead of broadcasts, to address all NLSP routers on the network. If an adjacent neighbor does not support NLSP multicasting, the router will revert to using broadcasts on the affected interface.
This feature is only available on routers running Cisco IOS software Release 11.3 or later. When routers running prior versions of Cisco IOS software are present on the same network with routers running Cisco IOS Release 11.3 software, broadcasts will be used on any segment shared by the two routers.
The NLSP multicast addressing offers the following benefits:
•
•
•
NLSP Multicast Addressing
By default, NLSP multicast addressing is enabled. You need not configure anything to turn on NLSP multicasting.
Typically, you do not want to substitute broadcast addressing where NLSP multicast addressing is available. NLSP multicast addressing uses network bandwidth more efficiently than broadcast addressing. However, there are circumstances where you might want to disable NLSP multicast addressing.
For example, you might want to disable NLSP multicast addressing in favor of broadcast addressing when one or more devices on a segment do not support NLSP multicast addressing. You might also want to disable it for testing purposes.
If you want to disable NLSP multicast addressing, you can do so for the entire router or for a particular interface.
To disable multicast addressing for the entire router, use the following commands in IPX-router configuration mode:
To disable multicast addressing on a particular router interface, use the following command in interface configuration mode:
Router(config-if)# no ipx nlsp [tag] multicast
Disables multicast addressing on the interface.
For examples of how to disable NLSP multicast addressing, see the "NLSP Multicast Addressing Examples" section in the Novell IPX Configuration Examples chapter.
Configuring the Metric Value
NLSP assigns a default link cost (metric) based on the link throughput. If desired, you can set the link cost manually.
Typically, you need not set the link cost manually; however, there are some cases where you might want to. For example, in highly redundant networks, you might want to favor one route over another for certain kinds of traffic. As another example, you might want to ensure load sharing. Changing the metric value can help achieve these design goals.
To set the NLSP link cost for an interface, use the following command in interface configuration mode:
Router(config-if)# ipx nlsp [tag] metric metric-number
Sets the metric value for an interface.
Configuring the Link Delay and Throughput
The delay and throughput of each link are used by NLSP as part of its route calculations. By default, these parameters are set to appropriate values or, in the case of IPXWAN, are dynamically measured.
Typically, you need not change the link delay and throughput; however, there are some cases where you might want to change these parameters. For example, in highly redundant networks, you might want to favor one route over another for certain kinds of traffic. To favor one route over another, you would change the metric on the less-desirable path to be slightly worse by assigning it a higher metric value using the ipx-link-delay command. In this case, traffic is forced to route over the favorable path. As another example, you might want to ensure load sharing. To load share, you would ensure that the metrics on the equal paths are the same.
The link delay and throughput you specify replaces the default value or overrides the value measured by IPXWAN when it starts. The value is also supplied to NLSP for use in metric calculations.
To change the link delay, use the following command in interface configuration mode:
To change the throughput, use the following command in interface configuration mode:
Configuring the Maximum Hop Count
By default, IPX packets whose hop count exceeds 15 are discarded. In larger internetworks, this maximum hop count may be insufficient. You can increase the hop count to a maximum of 127 hops for NLSP.
For example, if you have a network with end nodes separated by more than 15 hops, you can set the maximum number of hops considered to be reachable by non-RIP routing protocols to a value from 16 to 127.
To modify the maximum hop count, use the following command in global configuration mode:
Specifying a Designated Router
Note
NLSP elects a designated router on each LAN interface. The designated router represents all routers that are connected to the same LAN segment. It creates a virtual router called a pseudonode, which generates routing information on behalf of the LAN and sends it to the remainder of the routing area. The routing information generated includes adjacencies and RIP routes. The use of a designated router substantially reduces the number of entries in the LSP database.
By default, electing a designated router is done automatically. However, you can manually affect the identity of the designated router by changing the priority of the system; the system with the highest priority is elected to be the designated router.
By default, the priority of the system is 44. To change this priority, use the following command in interface configuration mode:
Router(config-if)# ipx nlsp [tag] priority priority-number
Configures the designated router election priority.
Configuring Transmission and Retransmission Intervals
You can configure the hello transmission interval and holding time multiplier, the complete sequence number PDU (CSNP) transmission interval, the LSP transmission interval, and the LSP retransmission interval.
The hello transmission interval and holding time multiplier used together determine how long a neighboring system should wait after a link or system failure (the "holding time") before declaring this system to be unreachable. The holding time is equal to the hello transmission interval multiplied by the holding time multiplier.
To configure the hello transmission interval on an interface, use the following command in interface configuration mode:
Router(config-if)# ipx nlsp [tag] 3.325 seconds
Configures the hello transmission interval.
To specify the holding time multiplier used on an interface, use the following command in interface configuration mode:
Router(config-if)# ipx nlsp [tag] hello-multiplier multiplier
Configures the hello multiplier.
Although not typically necessary, you can configure the CSNP transmission interval. To configure the CSNP interval, use the following command in interface configuration mode:
Router(config-if)# ipx nlsp [tag] csnp-interval seconds
Configures the CSNP transmission interval.
You can specify how fast LSPs can be flooded out an interface by configuring the LSP transmission interval. To configure the LSP transmission interval, use the following command in interface configuration mode:
Router(config-if)# ipx nlsp [tag] lsp-interval interval
Configures the LSP transmission interval.
You can set the maximum amount of time that can pass before an LSP will be resent on a WAN link when no acknowledgment is received. To configure this LSP retransmission interval, use the following command in interface configuration mode:
Router(config-if)# ipx nlsp [tag] retransmit-interval seconds
Configures the LSP retransmission interval.
Modifying LSP Parameters
To modify LSP parameters, use one or more of the following commands in router configuration mode:
Limiting Partial Route Calculations
You can control how often the Cisco IOS software performs a partial route calculation (PRC). Because the partial route calculation is processor-intensive, it may be useful to limit how often this calculation is done, especially on slower router models. Increasing the PRC interval reduces the processor load of the router, but it also potentially slows down the rate of convergence.
To modify the PRC, use the following command in router configuration mode:
Router(config-router)# prc-interval seconds
Sets the hold-down period between partial route calculations.
Configuring Route Aggregation
Prior to Cisco IOS Release 11.1, you could segregate IPX internetworks into distinct NLSP areas only by interconnecting them with IPX RIP. With Release 11.1 or later software, you can easily perform the following tasks:
•
•
•
In this document, these independent capabilities are known collectively as the route aggregation feature. Cisco has designed the route aggregation feature to be compatible with the Novell NetWare Link Services Protocol (NLSP) Specification, Revision 1.1 publication.
Note
Understanding Area Addresses, Route Summaries, and Aggregated Routes
This section discusses area addresses, route summaries, and aggregated routes. It also describes how area addresses relate to route summaries.
Area Addresses
An area address uniquely identifies an NLSP area. The area addresses configured on each router determine the areas to which a router belongs.
An area address consists of a pair of 32-bit hexadecimal numbers that include an area number and a corresponding mask. The mask indicates how much of the area number identifies the area, and how much identifies individual networks in the area. For example, the area address pair 12345600 FFFFFF00 describes an area composed of 256 networks in the range 12345600 to 123456FF.
You can configure up to three area addresses per NLSP process on the router. Adjacencies are formed only between routers that share at least one common area address.
Route Summaries
A route summary defines a set of explicit routes that the router uses to generate an aggregated route. A route summary tells the router how to summarize the set of explicit routes into a single summarized route.
A route summary is similar in form to an area address. That is, the route summary described by 12345600 FFFFFF00 summarizes the 256 networks in the range 12345600 to 123456FF.
Aggregated Routes
An aggregated route is the single, compact data structure that describes many IPX network numbers simultaneously. The aggregated route represents all the explicit routes defined by the route summary. In an LSP, the router expresses an aggregated route as a 1-byte number that gives the length, in bits, of the portion of the 32-bit network number common to all summarized addresses. The aggregated route for 12345600 FFFFFF00 is 18 12345600.
Relationship Between Area Addresses and Route Summaries
When you enable route summarization in Cisco IOS Release 11.1 while running multiple instances of NLSP, the router performs default route summarization based on the area address configured in each NLSP area. That is, explicit routes that match the area address in a given area are not redistributed individually into neighboring NLSP areas. Instead, the router redistributes a single aggregated route that is equivalent to the area address into neighboring areas.
Understanding NLSP Areas
This section describes single versus multiple NLSP areas and discusses the behavior of the router when you mix NLSP versions within a single NLSP area.
Single Versus Multiple NLSP Areas
NLSP version 1.0 routers support only a single, Level 1 area. Two routers form an adjacency only if they share at least one configured area address in common. The union of routers with adjacencies in common form an area.
Each router within the NLSP area has its own adjacencies, link-state, and forwarding databases. Further, the link-state database of each router is identical. Within the router, these databases operate collectively as a single process or instance to discover, select, and maintain route information about the area. NLSP version 1.0 routers and NLSP version 1.1 routers that exist within a single area use a single NLSP instance.
With NLSP version 1.1 and Cisco IOS Release 11.1, multiple instances of NLSP may exist on a given router. Each instance discovers, selects, and maintains route information for a separate NLSP area. Each instance has its own copy of the NLSP adjacency and link-state database for its area. However, all instances (along with other routing protocols such as RIP and Enhanced IGRP) share a single copy of the forwarding table.
Mixing NLSP Versions in a Single Area
You can have NLSP version 1.1 routers and NLSP version 1.0 routers in the same area. However, NLSP version 1.0 routers do not recognize aggregated routes. For this reason, the default behavior of Cisco IOS Release 11.1 software is to not generate aggregated routes. To prevent routing loops in a mixed environment, packets routed via an aggregated route by an NLSP version 1.1 router are dropped if the next hop is an NLSP version 1.0 router.
Note
Understanding Route Redistribution
Because you can configure multiple NLSP areas, you must understand how the router passes route information from one area to another. Passing route information from one area to another, or from one protocol to another, is known as route redistribution. Additionally, you must understand the default route redistribution behavior of the router before configuring route summarization.
This section describes the default route redistribution behavior between multiple NLSP areas, between NLSP and Enhanced IGRP, and between NLSP and RIP.
Default Redistribution Between Multiple NLSP Areas
Regardless of the NLSP version, Cisco IOS Release 11.1 redistributes routes between multiple NLSP areas by default. That is, redistribution between multiple NLSP version 1.1 areas, between multiple NLSP version 1.0 areas, and between NLSP version 1.1 and NLSP version 1.0 areas is enabled by default. All routes are redistributed as individual, explicit routes.
Default Redistribution Between NLSP and Enhanced IGRP
Route redistribution between instances of NLSP (version 1.1 or version 1.0) and Enhanced IGRP is disabled by default. You must explicitly configure this type of redistribution. See the "Redistributing Routing Information" section later in this chapter for information about configuring redistribution between NLSP and Enhanced IGRP.
Default Redistribution Between NLSP and RIP
Route redistribution between instances of NLSP (version 1.1 or version 1.0) and RIP is enabled by default. All routes are redistributed as individual, explicit routes.
Understanding Route Summarization
Route summarization is disabled by default to avoid the generation of aggregated routes in an area running mixed versions of NLSP. You can explicitly enable route summarization on a router running Cisco IOS Release 11.1. This section describes default route summarization, customized route summarization, and the relationship between filtering and route summarization.
NLSP route summarization provides the following benefits to well-designed IPX networks:
•
•
•
•
As a result of these benefits, you can build larger IPX networks using route aggregation.
Default Route Summarization
When you explicitly enable route summarization, the default route summarization depends on the following circumstances:
•
•
•
•
In the case of the first two circumstances, the area address for each NLSP instance is used as the basis for generating aggregated routes. That is, all explicit routes that match a local area address generate a common aggregated route. The router redistributes only the aggregated route into other NLSP areas; explicit routes (and more specific aggregated routes) represented by a particular aggregated route are filtered.
Note
Customized Route Summarization
You can also customize the route summarization behavior of the router using the redistribute IPX-router subcommand with an access list. The access list specifies in detail which routes to summarize and which routes to redistribute explicitly. In this case, the router ignores area addresses and uses only the access list as a template to control summarization and redistribution. You can use numbered or named access lists to control summarization and redistribution.
In addition, you must use customized route summarization in environments that use either of the following combinations:
•
•
Route summarization between Enhanced IGRP and NLSP is controlled by the access list. Route summarization is possible only in the Enhanced IGRP-to-NLSP direction. Routes redistributed from NLSP to Enhanced IGRP are always explicit routes.
Route summarization between RIP and NLSP is also controlled by the access list. Route summarization is possible only in the RIP-to-NLSP direction. Routes redistributed from NLSP to RIP are always explicit routes. Use the default route instead to minimize routing update overhead, yet maximize reachability in a RIP-only area.
Note
In a well-designed network, within each NLSP area, most external networks are reachable by a few aggregated routes, while all other external networks are reachable either by individual explicit routes or by the default route.
Relationship Between Filtering and Route Summarization
Redistribution of routes and services into and out of an NLSP area may be modified using filters. Filters are available for both input and output directions. Refer to the distribute-list in, distribute-list out, distribute-sap-list in, and distribute-sap-list out commands in the "Novell IPX Commands" chapter in the Cisco IOS AppleTalk and Novell IPX Command Reference publication.
Filtering is independent of route summarization, but may affect it indirectly, because filters are always applied before the aggregation algorithm is applied. It is possible to filter all explicit routes that could generate aggregated routes, making the router unable to generate aggregated routes even though route aggregation is turned on.
Understanding Service and Path Selection
The router always accepts service information as long as the network of the service is reachable by an explicit route, an aggregated route, or the default route. When a server for a Get Nearest Server (GNS) response is chosen, the tick value of the route to each eligible server is used as the metric. No distinction is made between explicit and summary routes in this determination. If the tick values are equal, then the hop count is used as a tiebreaker. However, because there is no hop value associated with an aggregated route, services reachable via an explicit route are always preferred over those reachable via only an aggregated route.
An NLSP version 1.1 router always uses the most explicit match to route packets. That is, the router always uses an explicit route if possible. If not, then a matching aggregated route is used. If multiple aggregated routes match, then the most explicit (longest match) is used. If no aggregated route is present, then the default route is used as a last resort.
Route Aggregation Configuration Task List
To configure the route aggregation feature, perform one or more of the task in the following sections:
•
•
•
•
Configuring Route Aggregation for Multiple NLSP Version 1.1 Areas
Redistribution between multiple NLSP 1.1 areas is enabled by default. Because multiple NLSP processes are present on the router, a tag or label identifies each. For each instance, configure an appropriate area address and, optionally, enable route summarization. Enable NLSP on appropriate interfaces. Be sure to use the correct tag (process) identifier to associate that interface with the appropriate NLSP area.
Note
The following sections describe how to configure route aggregation for multiple NLSP version 1.1 areas:
•
•
•
Configuring Route Aggregation with Default Route Summarization
To configure the route aggregation feature with the default route summarization behavior, use the following commands beginning in global configuration mode for each NLSP process:
For an example of how to configure this type of route aggregation, see "NLSP Route Aggregation for NLSP Version 1.1 and Version 1.0 Areas Example"section in the Novell IPX Configuration Examples chapter.
Configuring Route Aggregation with Customized Route Summarization Using Numbered Access Lists
To configure the route aggregation feature with customized route summarization behavior (using numbered access lists), use the following commands beginning in global configuration mode for each NLSP process:
Configuring Route Aggregation with Customized Route Summarization Using Named Access Lists
To configure the route aggregation feature with customized route summarization behavior (using named access lists), use the following commands beginning in global configuration mode for each NLSP process:
Configuring Route Aggregation for NLSP Version 1.1 and NLSP Version 1.0 Areas
By default, redistribution is enabled between multiple instances of NLSP. Route summarization, when enabled, is possible in one direction only—from NLSP version 1.0 to NLSP version 1.1.
The following sections describe how to configure route aggregation for NLSP version 1.1 and NLSP version 1.0 areas:
•
•
•
Configuring Route Aggregation with Default Route Summarization
To configure the route aggregation feature with default route summarization behavior, use the following commands beginning in global configuration mode for each NLSP process:
Configuring Route Aggregation with Customized Route Summarization Using Numbered Access Lists
To configure the route aggregation feature with customized route summarization behavior (using numbered access lists), use the commands in the following two tables.
For the NLSP version 1.1 process, use the following commands beginning in global configuration mode:
For the NLSP version 1.0 process, use the following commands beginning in global configuration mode:
For an example of how to configure the route aggregation feature with this type of customized route summarization, see the "NLSP Route Aggregation for NLSP Version 1.1 and Version 1.0 Areas Example"section in the Novell IPX Configuration Examples chapter.
Configuring Route Aggregation with Customized Route Summarization Using Named Access Lists
To configure the route aggregation feature with customized route summarization behavior (using named access lists), use the commands in the following two tables.
For the NLSP version 1.1 process, use the following commands beginning in global configuration mode:
For the NLSP version 1.0 process, use the following commands beginning in global configuration mode:
Configuring Route Aggregation for Enhanced IGRP and NLSP Version 1.1 Environments
Redistribution is not enabled by default. Additionally, summarization is possible in the Enhanced IGRP to NLSP direction only.
The following sections describe how to configure route aggregation for Enhanced IGRP and NLSP version 1.1 environments:
•
•
Configuring Route Aggregation Using Numbered Access Lists
For each NLSP version 1.1 process, use the following commands beginning in global configuration mode:
For each Enhanced IGRP autonomous system, use the following commands beginning in global configuration mode:
For an example of how to configure this type of route aggregation, see the "NLSP Route Aggregation for NLSP Version 1.1, Enhanced IGRP, and RIP Example"section in the Novell IPX Configuration Examples chapter.
Configuring Route Aggregation Using Named Access Lists
For each NLSP version 1.1 process, use the following commands beginning in global configuration mode:
For each Enhanced IGRP autonomous system, use the following commands beginning in global configuration mode:
Configuring Route Aggregation for RIP and NLSP Version 1.1 Environments
Because redistribution between RIP and NLSP is enabled by default, you only need to enable the route summarization, if desired, to configure all the capabilities of the route aggregation feature.
The following sections describe how to configure route aggregation for RIP and NLSP version 1.1 environments:
•
•
For an example of how to configure this type of route aggregation, see the "NLSP Route Aggregation for NLSP Version 1.1, Enhanced IGRP, and RIP Example"section in the Novell IPX Configuration Examples chapter.
Configuring Route Aggregation Using Numbered Access Lists
For each NLSP version 1.1 process, use the following commands beginning in global configuration mode:
For an example of how to configure this type of route aggregation, see the "NLSP Route Aggregation for NLSP Version 1.1, Enhanced IGRP, and RIP Example" section in the Novell IPX Configuration Examples chapter.
Configuring Route Aggregation Using Named Access Lists
For each NLSP version 1.1 process, use the following commands beginning in global configuration mode:
Customizing the Exchange of Routing Information
You might want to customize the exchange of routing information. The following sections describe customization tasks:
•
•
Configuring RIP and SAP Compatibility
RIP and SAP are enabled by default on all interfaces configured for IPX, and these interfaces always respond to RIP and SAP requests. When you also enable NLSP on an interface, the interface, by default, generates and sends RIP and SAP periodic traffic only if another RIP router or SAP service is sending RIP or SAP traffic.
To modify the generation of periodic RIP updates on a network enabled for NLSP, use one of the following commands in interface configuration mode:
To modify the generation of periodic SAP updates on a network enabled for NLSP, use one of the following commands in interface configuration mode:
Redistributing Routing Information
Automatic redistribution of one routing protocol into another provides a simple and effective means for building IPX networks in a heterogeneous routing protocol environment. Redistribution is usually effective as soon as you enable an IPX routing protocol. One exception is NLSP and Enhanced IGRP. You must configure the redistribution of Enhanced IGRP into NLSP, and vice versa.
Once you enable Enhanced IGRP and NLSP redistribution, the router makes path decisions based on a predefined, nonconfigurable administrative distance, and prevents redistribution feedback loops without filtering via a stored, external hop count.
To enable redistribution of Enhanced IGRP into NLSP, and vice versa, use the following commands beginning in global configuration mode:
For an example of how to enable redistribution of Enhanced IGRP and NLSP, see the "Enhanced IGRP and NLSP Route Redistribution Example"section in the Novell IPX Configuration Examples chapter.
Configuring Next Hop Resolution Protocol
Routers, access servers, and hosts can use Next Hop Resolution Protocol (NHRP) to discover the addresses of other routers and hosts connected to an NBMA network. NHRP provides an Address Resolution Protocol (ARP)-like solution that alleviates some NBMA network problems. With NHRP, systems attached to an NBMA network can dynamically learn the NBMA address of the other systems that are part of that network. These systems can then directly communicate without requiring traffic to use an intermediate hop.
For more information on NHRP and the Cisco implementation, refer to the "Configuring IP Addressing" chapter in the Cisco IOS IP Routing Configuration Guide.
NHRP Configuration Task List
To configure NHRP, perform the tasks described in the following sections. The first task is required; the remaining tasks are optional.
•
•
•
•
•
•
•
•
•
For NHRP configuration examples, see the "NHRP Examples"section in the Novell IPX Configuration Examples chapter.
Enabling NHRP on an Interface
To enable NHRP for an interface on a router, use the following command in interface configuration mode. In general, all NHRP stations within a logical NBMA network must be configured with the same network identifier.
.
For an example of enabling NHRP, see the "NHRP Examples"section in the Novell IPX Configuration Examples chapter.
Configuring a Station with Static IPX-to-NBMA Address Mapping
To participate in NHRP, a station connected to an NBMA network must be configured with the IPX and NBMA addresses of its Next Hop Servers. The format of the NBMA address depends on the medium you are using. For example, ATM uses a network service access point (NSAP) address, Ethernet uses a MAC address, and SMDS uses an E.164 address.
These Next Hop Servers are most likely the default or peer routers of the station, so their IPX addresses are obtained from the network layer forwarding table of the station.
If the station is attached to several link-layer networks (including logical NBMA networks), the station should also be configured to receive routing information from its Next Hop Servers and peer routers so that it can determine which IPX networks are reachable through which link-layer networks.
To configure static IPX-to-NBMA address mapping on a station (host or router), use the following command in interface configuration mode:
Router(config-if)# ipx nhrp map ipx-address nbma-address
Configures static IPX-to-NBMA address mapping.
Statically Configuring a Next Hop Server
A Next Hop Server normally uses the network-layer forwarding table to determine where to forward NHRP packets and to find the egress point from an NBMA network. A Next Hop Server may alternately be statically configured with a set of IPX address prefixes that correspond to the IPX addresses of the stations it serves, and their logical NBMA network identifiers.
To statically configure a Next Hop Server, use the following command in interface configuration mode:
Router(config-if)# ipx nhrp nhs nhs-address [net-address]
Statically configures a Next Hop Server.
To configure multiple networks that the Next Hop Server serves, repeat the ipx nhrp nhs command with the same Next Hop Server address, but different IPX network addresses. To configure additional Next Hop Servers, repeat the ipx nhrp nhs command.
Configuring NHRP Authentication
Configuring an authentication string ensures that only routers configured with the same string can communicate using NHRP. Therefore, if the authentication scheme is to be used, the same string must be configured in all devices configured for NHRP on a fabric. To specify the authentication string for NHRP on an interface, use the following command in interface configuration mode:
Router(config-if)# ipx nhrp authentication string
Specifies an authentication string.
Controlling NHRP Initiation
To control when NHRP is initiated, perform one of the tasks in the following sections:
•
•
Triggering NHRP by IPX Packet
You can specify an IPX access list that is used to decide which IPX packets trigger the sending of NHRP requests. By default, all non-NHRP packets can trigger NHRP requests. To limit which IPX packets trigger NHRP requests, you must define an access list and then apply it to the interface.
To define an access list, use one of the following commands in global configuration mode:
To apply the IPX access list to the interface, use the following command in interface configuration mode:
Router(config-if)# ipx nhrp interest access-list-number
Specifies an IPX access list that controls NHRP requests.
Triggering NHRP on a per-Destination Basis
By default, when the software attempts to send a data packet to a destination for which it has determined that NHRP can be used, it sends an NHRP request for that destination. You can configure the system to wait until a specified number of data packets have been sent to a particular destination before NHRP is attempted. To configure the system in this way, use the following command in interface configuration mode:
Router(config-if)# ipx nhrp use usage-count
Specifies how many data packets are sent to a destination before NHRP is attempted.
Controlling NHRP Packet Rate
By default, the maximum rate at which the software sends NHRP packets is 5 packets per 10 seconds. The software maintains a per-interface quota of NHRP packets (whether generated locally or forwarded) that can be sent. To change this maximum rate, use the following command in interface configuration mode:
Router(config-if)# ipx nhrp max-send pkt-count every interval
Changes the NHRP packet rate per interface.
Suppressing Forward and Reverse Record Options
To dynamically detect link-layer filtering in NBMA networks (for example, SMDS address screens) and to provide loop detection and diagnostic capabilities, NHRP incorporates a route record in requests and replies. The route record options contain the network (and link layer) addresses of all intermediate Next Hop Servers between source and destination (in the forward direction) and between destination and source (in the reverse direction).
By default, forward record options and reverse record options are included in NHRP request and reply packets. To suppress the use of these options, use the following command in interface configuration mode:
Router(config-if)# no ipx nhrp record
Suppresses forward and reverse record options.
Specifying the NHRP Responder Address
If an NHRP requester wants to know which Next Hop Server generates an NHRP reply packet, it can request that information by including the responder address option in its NHRP request packet. The Next Hop Server that generates the NHRP reply packet then complies by inserting its own IPX address in the NHRP reply. The Next Hop Server uses the primary IPX address of the specified interface.
To specify which interface the Next Hop Server uses for the NHRP responder IPX address, use the following command in interface configuration mode:
Router(config-if)# ipx nhrp responder type number
Specifies which interface the Next Hop Server uses to determine the NHRP responder address.
If an NHRP reply packet being forwarded by a Next Hop Server contains the IPX address of that Next Hop Server, the Next Hop Server generates an "NHRP Loop Detected" error indication and discards the reply.
Changing the Time Period NBMA Addresses Are Advertised As Valid
You can change the length of time for which NBMA addresses are advertised as valid in positive and negative NHRP responses. In this context, advertised means how long the Cisco IOS software tells other routers to keep the addresses it is providing in NHRP responses. The default length of time for each response is 7200 seconds (2 hours). To change the length of time, use the following command in interface configuration mode:
Configuring IPX and SPX over WANs
You can configure IPX over dial-on-demand routing (DDR), Frame Relay, PPP, SMDS, and X.25 networks. For more information about dial-on-demand routing (DDR) refer to the Cisco IOS Dial Technologies Configuration Guide. For more information about Frame Relay, SMDS, and X.25 refer to the Cisco IOS Wide-Area Networking Configuration Guide.
When you configure IPX over PPP, address maps are not necessary for this protocol. Also, you can enable IPX header compression over point-to-point links to increase available useful bandwidth of the link and reduce response time for interactive uses of the link.
You can use fast-switching IPX serial interfaces configured for Frame Relay and SMDS, and you can use fast-switching Subnetwork Access Protocol (SNAP)-encapsulated packets over interfaces configured for ATM.
Additionally, you can configure the IPXWAN protocol.
For an example of how to configure IPX over a WAN interface, see the "IPX over a WAN Interface Example"section in the Novell IPX Configuration Examples chapter.
Configuring IPX over DDR
IPX sends periodic watchdog keepalive packets from servers to clients after a client session has been idle for approximately 5 minutes. On a DDR link, a call would be made every 5 minutes, regardless of whether there were data packets to send. You can prevent these calls from being made by configuring the Cisco IOS software to respond to the watchdog keepalive packets of a server on behalf of a remote client—sometimes referred to as spoofing the server. Spoofing makes a server view a client as always connected, even when it is not, thus reducing the number of available licenses. Users can set the duration of IPX watchdog spoofing and periodically disable it so that Novelle NetWare servers can clean up inactive connections.
When configuring IPX over DDR, you might want to disable the generation of these packets so that a call is not made every 5 minutes. A call made every 5 minutes is not an issue for the other WAN protocols, because they establish dedicated connections rather than establishing connections only as needed.
Use the ipx watchdog-spoof command to enable and set the duration of watchdog spoofing. You can specify the number of consecutive hours spoofing is to stay enabled and the number of minutes spoofing is to stay disabled. The server can clean up inactive connections when spoofing is disabled. Be sure that fast switching and autonomous switching are disabled on the serial interface before using this command.
To enable watchdog spoofing, use the following command in interface configuration mode:
Router(config-if)# ipx watchdog-spoof [enable-time-hours disable-time-minutes]
Enables and sets the duration of watchdog spoofing.
To keep the serial interface idle when only watchdog packets are being sent, refer to the tasks described in the "Deciding and Preparing to Configure DDR" chapter of the Cisco IOS Dial Technologies Configuration Guide. For an example of configuring IPX over DDR, see the "IPX over DDR Example"section in the Novell IPX Configuration Examples chapter.
Configuring SPX Spoofing over DDR
Sequenced Packet Exchange (SPX) sends periodic keepalive packets between clients and servers. Similar to IPX watchdog packets, these are keepalive packets that are sent between servers and clients after the data has stopped being transferred. On pay-per-packet or byte networks, these packets can incur large customer telephone connection charges for idle time. You can prevent these calls from being made by configuring the Cisco IOS software to respond to the keepalive packets on behalf of a remote system.
When configuring SPX over DDR, you might want to disable the generation of these packets so that a call has the opportunity to go idle. Disabling the generation of packets may not be an issue for the other WAN protocols, because they establish dedicated connections rather than establishing connections only as needed.
To keep the serial interface idle when only keepalive packets are being sent, refer to the tasks described in the "Deciding and Preparing to Configure DDR" chapter of the Cisco IOS Dial Technologies Configuration Guide.
For an example of how to configure SPX spoofing over DDR, see the "IPX over DDR Example" section in the Novell IPX Configuration Examples chapter.
Configuring IPX Header Compression
You can configure IPX header compression over point-to-point links. With IPX header compression, a point-to-point link can compress IPX headers only, or the combined IPX and NetWare Core Protocol headers. Currently, point-to-point links must first negotiate IPX header compression via IPXCP or IXPWAN. The Cisco IOS software supports IPX header compression as defined by RFC 1553.
For details on configuring IPX header compression, refer to the "Configuring Medial-Independent PPP and Multilink PPP" chapter in the Cisco IOS Dial Technologies Configuration Guide.
Configuring the IPXWAN Protocol
The Cisco IOS software supports the IPXWAN protocol, as defined in RFC 1634. IPXWAN allows a router that is running IPX routing to connect via a serial link to another router, possibly from another manufacturer, that is also routing IPX and using IPXWAN.
IPXWAN is a connection startup protocol. Once a link has been established, IPXWAN incurs little or no overhead.
You can use the IPXWAN protocol over PPP. You can also use it over HDLC; however, the devices at both ends of the serial link must be Cisco routers.
To configure IPXWAN on a serial interface, use the following commands in interface configuration mode:
Controlling Access to IPX Networks
To control access to IPX networks, first create access lists and then apply them to individual interfaces using filters.
Types of Access Lists
You can create the following IPX access lists to filter various kinds of traffic:
•
•
•
•
•
Types of Filters
There are more than 14 different IPX filters that you can define for IPX interfaces. They fall into the following six groups:
•
•
•
•
•
•
Table 9 summarizes the filters, the access lists they use, and the commands used to define the filters in the first five groups. Use the show ipx interfaces command to display the filters defined on an interface. For additional information about route aggregation, see the "Configuring Route Aggregation" section in the Novell IPX Configuration Examples chapter.
Implementation Considerations
Remember the following information when configuring IPX network access control:
•
•
•
For named access lists, all new entries to an existing list are placed at the end of the list. You cannot add entries to the middle of a list. However, you can remove specific entries using the no deny and no permit commands, rather than deleting the entire access list.
•
•
Controlling Access to IPX Networks Task List
To control access to IPX networks, perform the required tasks in the following sections:
•
•
Creating Access Lists
You can create access lists using numbers or names. You can choose which method you prefer. If you use numbers to identify your access lists, you are limited to 100 access lists per filter type. If you use names to identify your access lists, you can have an unlimited number of access lists per filter type.
The following sections describe how to perform these tasks:
•
•
Creating Access Lists Using Numbers
To create access lists using numbers, use one or more of the following commands in global configuration mode:
Once you have created an access list using numbers, apply it to the appropriate interfaces using filters as described in the "Creating Filters" section later in this chapter. Applying a filter will activate the access list.
Creating Access Lists Using Names
IPX named access lists allow you to identify IPX access lists with an alphanumeric string (a name) rather than a number. Using IPX named access lists allows you to maintain security by using a separate and easily identifiable access list for each user or interface. IPX named access lists also remove the limit of 100 lists per filter type.You can configure an unlimited number of the following types of IPX named access lists:
•
•
•
•
•
If you identify your access list with a name rather than a number, the mode and command syntax are slightly different.
Implementation Considerations
Consider the following information before configuring IPX named access lists:
•
•
•
IPX Named Access List Configuration Task List
To configure IPX named access lists for standard, extended, SAP, NLSP route aggregation (summarization), or NetBIOS access lists, perform one or more of the tasks in the following sections:
•
•
•
•
•
•
Creating a Named Standard Access List
To create a named standard access list, use the following commands beginning in global configuration mode:
For an example of creating a named standard access list, see the "Standard Named Access List Example" section in the Novell IPX Configuration Examples chapter.
Creating a Named Extended Access List
To create a named extended access list, use the following commands beginning in global configuration mode:
Creating a Named SAP Filtering Access List
To create a named access list for filtering SAP requests, use the following commands beginning in global configuration mode:
Creating a Named NLSP Route Aggregation Access List
NLSP route aggregation access lists perform one of the following functions:
•
•
To create a named access list for NLSP route aggregation, use the following commands beginning in global configuration mode:
For information on how to use named access list when configuring route aggregation, see the tasks listed in the "Route Aggregation Configuration Task List" section in the Novell IPX Configuration Examples chapter.
Creating a NetBIOS Access List
To create a NetBIOS access list, use one or more of the following commands in global configuration mode:
Modifying IPX Named Access Lists
After you initially create an access list, you place any subsequent additions (possibly entered from the terminal) at the end of the list. In other words, you cannot selectively add access list command lines to the middle of a specific access list. However, you can use no permit and no deny commands to remove entries from a named access list.
Note
For an example of creating a generic filter, see the "IPX Network Access Examples" section in the Novell IPX Configuration Examples chapter.
Applying Named Access Lists to Interfaces
After creating an access list, you must apply it to the appropriate interface using filters as described in the "Creating Filters" section later in this chapter. Applying a filter will activate the access list.
Applying Time Ranges to Access Lists
It is now possible to implement access lists based on the time of day and week using the time-range command. To do so, first define the name of the time range and times of the day and week, then reference the time range by name in an access list to apply the restrictions of the time range to the access list.
Currently, IP and IPX named or numbered extended access lists are the only functions that can use time ranges. The time range allows the network administrator to define when the permit or deny statements in the access list are in effect. Prior to this time range feature, access list statements were always in effect once they were applied. The time-range keyword and argument are referenced in the named and numbered extended access list task tables in the previous sections, "Creating Access Lists Using Numbers" and "Creating Access Lists Using Names." The time-range command is configured in the "Performing Basic System Management" chapter of the Cisco IOS Configuration Fundamentals Configuration Guide. See the "IPX Network Access Examples" section in the Novell IPX Configuration Examples chapter, for a configuration example of IPX time ranges.
There are many possible benefits of time ranges, such as the following:
•
•
–
–
•
•
•
•
Creating Filters
Filters allow you to control which traffic is forwarded or blocked at the interfaces of the router. Filters apply specific numbered or named access lists to interfaces.
To create filters, perform the tasks in the following sections:
•
•
•
•
•
•
•
Creating Generic Filters
Generic filters determine which data packets to receive from or send to an interface, based on the source and destination addresses, IPX protocol type, and source and destination socket numbers of the packet.
To create generic filters, first create a standard or an extended access list as described in the "Creating Access Lists" section earlier in this chapter and then apply a filter to an interface.
To apply a generic filter to an interface, use the following command in interface configuration mode:
Router(config-if)# ipx access-group {access-list-number | name}[in | out]
Applies a generic filter to an interface.
You can apply only one input filter and one output filter per interface or subinterface. You cannot configure an output filter on an interface where autonomous switching is already configured. Similarly, you cannot configure autonomous switching on an interface where an output filter is already present. You cannot configure an input filter on an interface if autonomous switching is already configured on any interface. Likewise, you cannot configure input filters if autonomous switching is already enabled on any interface.
For an example of creating a generic filter, see the "IPX Network Access Examples" section in the Novell IPX Configuration Examples chapter.
Creating Filters for Updating the Routing Table
Routing table update filters control the entries that the Cisco IOS software accepts for its routing table, and the networks that it advertises in its routing updates.
To create filters to control updating of the routing table, first create a standard or an extended access list as described in the "Creating Access Lists" section earlier in this chapter and then apply one or more routing filters to an interface.
To apply routing table update filters to an interface, use one or more of the following commands in interface configuration or router configuration mode:
Note
Creating SAP Filters
A common source of traffic on Novell networks is SAP messages, which are generated by NetWare servers and the Cisco IOS software when they broadcast their available services.
To control how SAP messages from network segments or specific servers are routed among IPX networks, first create a SAP filtering access list as described in the "Creating Access Lists" section earlier in this chapter and then apply one or more filters to an interface.
To apply SAP filters to an interface, use one or more of the following commands in interface configuration mode:
You can apply one of each SAP filter to each interface.
For examples of creating and applying SAP filters, see the "SAP Input Filter Example" and "SAP Output Filter Example" sections in the Novell IPX Configuration Examples chapter.
Creating GNS Response Filters
To create filters for controlling which servers are included in the GNS responses sent by the Cisco IOS software, first create a SAP filtering access list as described in the "Creating Access Lists" section earlier in this chapter and then apply a GNS filter to an interface.
To apply a GNS filter to an interface, use the following command in interface configuration mode:
Router(config-if)# ipx output-gns-filter {access-list-number | name}
Filters the list of servers in GNS response messages.
Creating GGS Response Filters
To create filters for controlling which servers are included in the Get General Service (GGS) responses sent by the Cisco IOS software, first create a SAP filtering access list as described in the "Creating Access Lists" section earlier in this chapter and then apply a GGS filter to an interface.
Note
To apply a GGS filter to an interface, use the following command in interface configuration mode:
Router(config-if)# ipx output-ggs-filter
Filters the list of servers in GGS response messages.
For an example of creating a GGS SAP response filter, see the "IPX Network Access Examples"section in the Novell IPX Configuration Examples chapter.
Creating IPX NetBIOS Filters
The Novell IPX NetBIOS allows messages to be exchanged between nodes using alphanumeric names and node addresses. Therefore, the Cisco IOS software lets you filter incoming and outgoing NetBIOS FindName packets by the node name or by an arbitrary byte pattern (such as the node address) in the packet.
Note
Implementation Considerations
Remember the following when configuring IPX NetBIOS access control:
•
•
•
•
•
Configuring IPX NetBIOS Filters
To create filters for controlling IPX NetBIOS access, first create a NetBIOS access list as described in the "Creating Access Lists" section in the Novell IPX Configuration Examples chapter, and then apply the access list to an interface.
To apply a NetBIOS access list to an interface, use one or more of the following commands in interface configuration mode:
You can apply one of each of these four filters to each interface.
For an example of how to create filters for controlling IPX NetBIOS, see the "IPX NetBIOS Filter Examples"section in the Novell IPX Configuration Examples chapter.
Creating Broadcast Message Filters
Routers normally block all broadcast requests and do not forward them to other network segments, therefore preventing the degradation of performance inherent in broadcast traffic over the entire network. You can define which broadcast messages get forwarded to other networks by applying a broadcast message filter to an interface.
To create filters for controlling broadcast messages, first create a standard or an extended access list as described in the "Creating Access Lists" section earlier in this chapter and then apply a broadcast message filter to an interface.
To apply a broadcast message filter to an interface, use the following commands in interface configuration mode:
Note
For examples of creating and applying broadcast message filters, see the "Helper Facilities to Control Broadcast Examples" section in the Novell IPX Configuration Examples chapter.
Tuning IPX Network Performance
To tune IPX network performance, perform the tasks in one or more of the following sections:
•
•
•
•
•
•
•
•
Controlling Novell IPX Compliance
The Cisco implementation of the Novell IPX protocol is certified to provide full IPX router functionality, as defined by the Novell IPX Router Specification, version 1.10 publication published November 17, 1992.
To control compliance to Novell specifications, perform the tasks in the following sections:
•
•
•
•
Controlling the Forwarding of Type 20 Packets
NetBIOS over IPX uses Type 20 propagation broadcast packets flooded to all networks to get information about the named nodes on the network. NetBIOS uses a broadcast mechanism to get this information, because it does not implement a network layer.
Routers normally block all broadcast requests. By enabling Type 20 packet propagation, IPX interfaces on the router may accept and forward Type 20 packets.
How Type 20 Packet Propagation Works
When an interface configured for Type 20 propagation receives a Type 20 packet, Cisco IOS software processes the packet according to Novell specifications. Cisco IOS software propagates the packet to the next interface. The Type 20 packet can be propagated for up to eight hop counts.
Loop Detection and Other Checks
Before forwarding (flooding) the packets, the router performs loop detection as described by the IPX router specification.
You can configure the Cisco IOS software to apply extra checks to Type 20 propagation packets above and beyond the loop detection described in the IPX specification. These checks are the same ones that are applied to helpered all-nets broadcast packets. They can limit unnecessary duplication of Type 20 broadcast packets. The extra helper checks are as follows:
•
•
Although this extra checking increases the robustness of Type 20 propagation packet handling by decreasing the amount of unnecessary packet replication, it has the following two side effects:
•
•
Relationship Between Type 20 Propagation and Helper Addresses
You use helper addresses to forward non-Type 20 broadcast packets to other network segments. For information on forwarding other broadcast packets, see the "Using Helper Addresses to Forward Broadcast Packets" section later in this chapter.
You can use helper addresses and Type 20 propagation together in your network. Use helper addresses to forward non-Type 20 broadcast packets and use Type 20 propagation to forward Type 20 broadcast packets.
Type 20 Packets Configuration Task List
You can enable the forwarding of Type 20 packets on individual interfaces. Additionally, you can restrict the acceptance and forwarding of Type 20 packets. You can also choose to not comply with Novell specifications and forward Type 20 packets using helper addresses rather than using Type 20 propagation. The following sections describe these tasks:
•
•
•
•
Enabling the Forwarding of Type 20 Packets
By default, Type 20 propagation packets are dropped by the Cisco IOS software. You can configure the software to receive Type 20 propagation broadcast packets and forward (flood) them to other network segments, subject to loop detection.
To enable the receipt and forwarding of Type 20 packets, use the following command in interface configuration mode:
Router(config-if)# ipx type-20-propagation
Forwards IPX Type 20 propagation packet broadcasts to other network segments.
When you enable Type 20 propagation, Cisco IOS propagates the broadcast to the next interface up to eight hops.
Restricting the Acceptance of Incoming Type 20 Packets
For incoming Type 20 propagation packets, the Cisco IOS software is configured by default to accept packets on all interfaces enabled to receive Type 20 propagation packets. You can configure the software to accept packets only from the single network that is the primary route back to the source network, which means that similar packets from the same source that are received via other networks will be dropped.
Checking of incoming Type 20 propagation broadcast packets is done only if the interface is configured to receive and forward Type 20 packets.
To impose restrictions on the receipt of incoming Type 20 propagation packets in addition to the checks defined in the IPX specification, use the following command in global configuration mode:
Router(config)# ipx type-20-input-checks
Restricts the acceptance of IPX Type 20 propagation packets.
Restricting the Forwarding of Outgoing Type 20 Packets
For outgoing Type 20 propagation packets, the Cisco IOS software is configured by default to send packets on all interfaces enabled to send Type 20 propagation packets, subject to loop detection. You can configure the software to send these packets only to networks that are not routes back to the source network. (The software uses the current routing table to determine routes.)
Checking of outgoing Type 20 propagation broadcast packets is done only if the interface is configured to receive and forward Type 20 packets.
To impose restrictions on the transmission of Type 20 propagation packets, and to forward these packets to all networks using only the checks defined in the IPX specification, use the following command in global configuration mode:
Router(config)# ipx type-20-output-checks
Restricts the forwarding of IPX Type 20 propagation packets.
Forwarding Type 20 Packets Using Helper Addresses
You can also forward Type 20 packets to specific network segments using helper addresses rather than using the Type 20 packet propagation.
You may want to forward Type 20 packets using helper addresses when some routers in your network are running versions of Cisco IOS that do not support Type 20 propagation. When some routers in your network support Type 20 propagation and others do not, you can avoid flooding packets everywhere in the network by using helper addresses to direct packets to certain segments only.
Cisco IOS Release 9.1 and earlier versions do not support Type 20 propagation.
Note
To forward Type 20 packets addresses using helper addresses, use the following commands beginning in global configuration mode:
The Cisco IOS software forwards Type 20 packets to only those nodes specified by the ipx helper-address command.
Note
Controlling Interpacket Delay
To control interpacket delay, you can use a combination of global configuration and interface configuration commands.
Use one or more of the following commands in global configuration mode:
Use one or more of the following commands in interface configuration mode:
Note
Shutting Down an IPX Network
To shut down an IPX network using a Novell-compliant method, use the following command in interface configuration mode:
Router(config-if)# ipx down network
Administratively shuts down an IPX network on an interface. This removes the network from the interface.
Convergence is faster when you shut down an IPX network using the ipx down command than when using the shutdown command.
Achieving Full Novell Compliance
To achieve full compliance on each interface configured for IPX, use the following commands in interface configuration mode:
You can also globally set interpacket delays for multiple-packet RIP and SAP updates to achieve full compliance, eliminating the need to set delays on each interface. To set these interpacket delays, use the following commands in global configuration mode:
Note
Adjusting RIP and SAP Information
To adjust RIP and SAP information, perform one or more of the optional tasks in the following sections:
•
•
•
•
•
•
•
•
•
•
•
•
Configuring Static Routes
IPX uses RIP, Enhanced IGRP, or NLSP to determine the best path when several paths to a destination exist. The routing protocol then dynamically updates the routing table. However, you might want to add static routes to the routing table to explicitly specify paths to certain destinations. Static routes always override any dynamically learned paths.
Be careful when assigning static routes. When links associated with static routes are lost, traffic may stop being forwarded or traffic may be forwarded to a nonexistent destination, even though an alternative path might be available.
To add a static route to the routing table, use the following command in global configuration mode:
Router(config)# ipx route {network [network-mask] | default} {network.node | interface}[ticks] [hops]
Adds a static route to the routing table.
You can configure static routes that can be overridden by dynamically learned routes. These routes are referred to as floating static routes. You can use a floating static route to create a path of last resort that is used only when no dynamic routing information is available.
Note
To add a floating static route to the routing table, use the following command in global configuration mode:
Router(config)# ipx route {network [network-mask] | default} {network.node | interface}[ticks] [hops] [floating-static]
Adds a floating static route to the routing table.
Adjusting the RIP Delay Field
By default, all LAN interfaces have a RIP delay of 1 and all WAN interfaces have a RIP delay of 6. Leaving the delay at its default value is sufficient for most interfaces. However, you can adjust the RIP delay field by setting the tick count. To set the tick count, use the following command in interface configuration mode:
Router(config-if)# ipx delay ticks
Sets the tick count, which is used in the IPX RIP delay field.
Controlling Responses to RIP Requests
To control responses to RIP requests, use the following command in interface configuration mode:
Router(config-if)# ipx rip-response-delay ms
Sets the delay when responding to RIP requests.
Adjusting RIP Update Timers
You can set the interval between IPX RIP updates on a per-interface basis. You can also specify the delay between the packets of a multiple-packet RIP update on a per-interface or global basis. Additionally, you can specify the delay between packets of a multiple-packet triggered RIP update on a per-interface or global basis.
You can set RIP update timers only in a configuration in which all routers are Cisco routers, or in which the IPX routers allow configurable timers. The timers should be the same for all devices connected to the same cable segment. The update value you choose affects internal IPX timers as follows:
•
•
•
You might want to set a delay between the packets in a multiple-packet update if there are some slower PCs on the network or on slower-speed interfaces.
To adjust RIP update timers on a per-interface basis, use one or all of the following commands in interface configuration mode:
To adjust RIP update timers on a global basis, use one or both of the following commands in global configuration mode:
By default, the RIP entry for a network or server ages out at an interval equal to three times the RIP timer. To configure the multiplier that controls the interval, use the following command in interface configuration mode:
Router(config-if)# ipx rip-multiplier multiplier
Configures the interval at which a network RIP entry ages out.
Configuring RIP Update Packet Size
By default, the maximum size of RIP updates sent out an interface is 432 bytes. This size allows for 50 routes at 8 bytes each, plus a 32-byte IPX RIP header. To modify the maximum packet size, use the following command in interface configuration mode:
Router(config-if)# ipx rip-max-packetsize bytes
Configures the maximum packet size of RIP updates sent out an interface.
Configuring Static SAP Table Entries
Servers use SAP to advertise their services via broadcast packets. The Cisco IOS software stores this information in the SAP table, also known as the Server Information Table. This table is updated dynamically. You might want to explicitly add an entry to the Server Information Table so that clients always use the services of a particular server. Static SAP assignments always override any identical entries in the SAP table that are learned dynamically, regardless of hop count. If a dynamic route that is associated with a static SAP entry is lost or deleted, the software will not announce the static SAP entry until it relearns the route.
To add a static entry to the SAP table, use the following command in global configuration mode:
Router(config)# ipx sap service-type name network.node socket hop-count
Specifies a static SAP table entry.
Configuring the Queue Length for SAP Requests
The Cisco IOS software maintains a list of SAP requests to process, including all pending Get Nearest Server (GNS) queries from clients attempting to reach servers. When the network is restarted following a power failure or other unexpected event, the router can be inundated with hundreds of requests for servers. Typically, many of these are repeated requests from the same clients. You can configure the maximum length allowed for the pending SAP requests queue. SAP requests received when the queue is full are dropped, and the client must resend them.
To set the queue length for SAP requests, use the following command in global configuration mode:
Router(config)# ipx sap-queue-maximum number
Configures the maximum SAP queue length.
Adjusting SAP Update Timers
You can adjust the interval at which SAP updates are sent. You can also set the delay between packets of a multiple-packet SAP update on a per-interface or global basis. Additionally, you can specify the delay between packets of a multiple-packet triggered SAP update on a per-interface or global basis.
Changing the interval at which SAP updates are sent is most useful on limited-bandwidth, point-to-point links such as slower-speed interfaces. You should ensure that all IPX servers and routers on a given network have the same SAP interval. Otherwise, they might decide that a server is down when it is really up.
It is not possible to change the interval at which SAP updates are sent on most PC-based servers. Therefore, you should never change the interval for an Ethernet or Token Ring network that has servers on it.
You can set the router to send an update only when changes have occurred. Using the changes-only keyword specifies the sending of a SAP update only when the link comes up, when the link is downed administratively, or when the databases change. The changes-only keyword causes the router to do the following:
•
•
•
To modify the SAP update timers on a per-interface basis, use one or all of the following commands in interface configuration mode:
To adjust SAP update timers on a global basis (eliminating the need to configure delays on a per-interface basis), use one or both of the following commands in global configuration mode:
By default, the SAP entry of a network or server ages out at an interval equal to three times the SAP update interval. To configure the multiplier that controls the interval, use the following command in interface configuration mode:
Router(config-if)# ipx sap-multiplier multiplier
Configures the interval at which the SAP entry of a network or server ages out.
Configuring SAP Update Packet Size
By default, the maximum size of SAP updates sent out on an interface is 480 bytes. This size allows for seven servers (64 bytes each), plus a 32-byte IPX SAP header. To modify the maximum packet size, use the following command in interface configuration mode:
Router(config-if)# ipx sap-max-packetsize bytes
Configures the maximum packet size of SAP updates sent out an interface.
Enabling SAP-after-RIP
The IPX SAP-after-RIP feature links SAP updates to RIP updates so that SAP broadcast and unicast updates automatically occur immediately after the completion of the corresponding RIP update. This feature ensures that a remote router does not reject service information because it lacks a valid route to the service. As a result of this feature, periodic SAP updates are sent at the same interval as RIP updates.
The default behavior of the router is to send RIP and SAP periodic updates with each using its own update interval, depending on the configuration. In addition, RIP and SAP periodic updates are jittered slightly, such that they tend to diverge from each other over time. This feature synchronizes SAP and RIP updates.
Sending all SAP and RIP information in a single update reduces bandwidth demands and eliminates erroneous rejections of SAP broadcasts.
Linking SAP and RIP updates populates the service table of the remote router more quickly, because services will not be rejected due to the lack of a route to the service. Populating the service table more quickly can be especially useful on WAN circuits where the update intervals have been greatly increased to reduce the overall level of periodic update traffic on the link.
To configure the router to send a SAP update following a RIP broadcast, use the following command in interface configuration mode:
Router(config-if)# ipx update sap-after-rip
Configures the router to send a SAP broadcast immediately following a RIP broadcast.
Disabling Sending of General RIP or SAP Queries
You can disable the sending of general RIP or SAP queries on a link when it first comes up to reduce traffic and save bandwidth.
RIP and SAP general queries are normally sent by remote routers when a circuit first comes up. On WAN circuits, two full updates of each kind are often sent across the link. The first update is a full broadcast update, triggered locally by the link-up event. The second update is a specific (unicast) reply triggered by the general query received from the remote router. If you disable the sending of general queries when the link first comes up, it is possible to reduce traffic to a single update, and save bandwidth.
To disable the sending of a general RIP or SAP query when an interface comes up, use the following command in interface configuration mode:
Router(config-if)# no ipx linkup-request {rip | sap}
Disables the sending of a general RIP or SAP Query when an interface comes up.
To reenable the sending of a general RIP or SAP query, use the positive form of the command.
Controlling Responses to GNS Requests
You can set the method in which the router responds to SAP GNS requests, you can set the delay time in responding to these requests, or you can disable the sending of responses to these requests altogether.
By default, the router responds to GNS requests if appropriate. For example, if a local server with a better metric exists, then the router does not respond to the GNS request on that segment.
The default method of responding to GNS requests is to respond with the server whose availability was learned most recently.
To control responses to GNS requests, use one or both of the following commands in global configuration mode:
Note
To disable GNS queries on a per-interface basis, use the following command in interface configuration mode:
Router(config-if)# ipx gns-reply-disable
Disables the sending of replies to Get Nearest Server (GNS) queries.
Configuring Load Sharing
To configure IPX to perform round-robin or per-host load sharing, perform the tasks described in the following sections:
•
•
Enabling Round-Robin Load Sharing
You can set the maximum number of equal-cost, parallel paths to a destination. (Note that when paths have differing costs, the Cisco IOS software chooses lower-cost routes in preference to higher-cost routes.) The software then distributes output on a packet-by-packet basis in round-robin fashion. That is, the first packet is sent along the first path, the second packet along the second path, and so on. When the final path is reached, the next packet is sent to the first path, the next to the second path, and so on. This round-robin scheme is used regardless of whether fast switching is enabled.
Limiting the number of equal-cost paths can save memory on routers with limited memory or very large configurations. Additionally, in networks with a large number of multiple paths and systems with limited ability to cache out-of-sequence packets, performance might suffer when traffic is split between many paths.
To set the maximum number of paths, use the following command in global configuration mode:
Router(config)# ipx maximum-paths paths
Sets the maximum number of equal-cost paths to a destination.
Enabling per-Host Load Sharing
Round-robin load sharing is the default behavior when you configure ipx maximum-paths to a value greater than 1. Round-robin load sharing works by sending data packets over successive equal cost paths without regard to individual end hosts or user sessions. Path utilization increases transmission speed, but, because packets destined for a given end host may take different paths, they might arrive out of order.
You can address the possibility of packets arriving out of order by enabling per-host load sharing. With per-host load sharing, the router still uses multiple, equal-cost paths to achieve load sharing; however, packets for a given end host are guaranteed to take the same path, even if multiple, equal-cost paths are available. Traffic for different end hosts tend to take different paths, but true load balancing is not guaranteed. The exact degree of load balancing achieved depends on the exact nature of the workload.
To enable per-host load sharing, use the following commands in global configuration mode:
Specifying the Use of Broadcast Messages
To specify the use of broadcast messages, perform the tasks described in the following sections:
•
•
Using Helper Addresses to Forward Broadcast Packets
Routers normally block all broadcast requests and do not forward them to other network segments, therefore preventing the degradation of performance over the entire network. However, you can enable the router to forward broadcast packets to helper addresses on other network segments.
How Helper Addresses Work
Helper addresses specify the network and node on another segment that can receive unrecognized broadcast packets. Unrecognized broadcast packets are non-RIP and non-SAP packets that are not addressed to the local network.
When the interface configured with helper addresses receives an unrecognized broadcast packet, Cisco IOS software changes the broadcast packet to a unicast and sends the packet to the specified network and node on the other network segment. Unrecognized broadcast packets are not flooded everywhere in your network.
With helper addresses, there is no limit on the number of hops that the broadcast packet can make.
Fast Switching Support
Cisco IOS supports fast switching of helpered broadcast packets.
When to Use Helper Addresses
You use helper addresses when you want to forward broadcast packets (except Type 20 packets) to other network segments.
Forwarding broadcast packets to helper addresses is sometimes useful when a network segment does not have an end-host capable of servicing a particular type of broadcast request. You can specify the address of a server, network, or networks that can process the broadcast packet.
Relationship Between Helper Addresses and Type 20 Propagation
You use Type 20 packet propagation to forward Type 20 packets to other network segments. For information on forwarding Type 20 packets, see the "Controlling the Forwarding of Type 20 Packets" section earlier in this chapter.
You can use helper addresses and Type 20 propagation together in your network. Use helper addresses to forward non-Type 20 broadcast packets and use Type 20 propagation to forward Type 20 broadcast packets.
Implementation Considerations
Using helper addresses is not Novell-compliant. However, it does allow routers to forward broadcast packets to network segments that can process them without flooding the network. It also allows routers running versions of Cisco IOS that do not support Type 20 propagation to forward Type 20 packets.
The Cisco IOS software supports all-networks flooded broadcasts (sometimes referred to as all-nets flooding). These are broadcast messages that are forwarded to all networks. Use all-nets flooding carefully and only when necessary, because the receiving networks may be overwhelmed to the point that no other traffic can traverse them.
Use the ipx helper-list command, described earlier in this chapter, to define access lists that control which broadcast packets get forwarded.
Using Helper Addresses
To specify a helper address for forwarding broadcast packets, use the following command in interface configuration mode:
Router(config-if)# ipx helper-address network.node
Specifies a helper address for forwarding broadcast messages.
You can specify multiple helper addresses on an interface.
For an example of using helper addresses to forward broadcast messages, see the "Helper Facilities to Control Broadcast Examples" section in the Novell IPX Configuration Examples chapter.
Enabling Fast Switching of IPX Directed Broadcast Packets
By default, Cisco IOS software switches packets that have been helpered to the broadcast address. To enable fast switching of these IPX-directed broadcast packets, use the following command in global configuration mode:
Router(config)# ipx broadcast-fastswitching
Enables fast switching of IPX-directed broadcast packets.
Disabling IPX Fast Switching
By default, fast switching is enabled on all interfaces that support fast switching.
Fast switching allows higher throughput by switching a packet using a cache created by previous packets. Fast switching is enabled by default on all interfaces that support fast switching.
Packet transfer performance is generally better when fast switching is enabled. However, you might want to disable fast switching in order to save memory space on interface cards and to help avoid congestion when high-bandwidth interfaces are writing large amounts of information to low-bandwidth interfaces.
Caution
To disable IPX fast switching, use the following command in interface configuration mode:
Adjusting the Route Cache
Adjusting the route cache allows you to control the size of the route cache, reduce memory consumption, and improve router performance. You accomplish these tasks by controlling the route cache size and invalidation. The following sections describe these optional tasks:
•
•
Controlling Route Cache Size
You can limit the number of entries stored in the IPX route cache to free up router memory and aid router processing.
Storing too many entries in the route cache can use a significant amount of router memory, causing router processing to slow. This situation is most common on large networks that run network management applications for NetWare.
For example, if a network management station is responsible for managing all clients and servers in a very large (greater than 50,000 nodes) Novell network, the routers on the local segment can become inundated with route cache entries. You can set a maximum number of route cache entries on these routers to free up router memory and aid router processing.
To set a maximum limit on the number of entries in the IPX route cache, use the following command in global configuration mode:
Router(config)# ipx route-cache max-size size
Sets a maximum limit on the number of entries in the IPX route cache.
If the route cache has more entries than the specified limit, the extra entries are not deleted. However, they may be removed if route cache invalidation is in use. See the "Controlling Route Cache Invalidation" section later in this chapter for more information on invalidating route cache entries.
Controlling Route Cache Invalidation
You can configure the router to invalidate fast-switch cache entries that are inactive. If these entries remain invalidated for 1 minute, the router purges the entries from the route cache.
Purging invalidated entries reduces the size of the route cache, reduces memory consumption, and improves router performance. Also, purging entries helps ensure accurate route cache information.
You specify the period of time that valid fast-switch cache entries must be inactive before the router invalidates them. You can also specify the number of cache entries that the router can invalidate per minute.
To configure the router to invalidate fast-switch cache entries that are inactive, use the following command in global configuration mode:
Router(config)# ipx route-cache inactivity-timeout period [rate]
Invalidates fast-switch cache entries that are inactive.
When you use the ipx route-cache inactivity-timeout command with the ipx route-cache max-size command, you can ensure a small route cache with fresh entries.
Adjusting Default Routes
You can adjust the use of default routes in your IPX network. You can turn off the use of network number -2 as the default route. You can also specify that the router advertise only default RIP routes out an interface. The following sections describe these optional tasks:
•
•
Disabling Network Number -2 as the Default Route
The default route is used when a route to any destination network is unknown. All packets for which a route to the destination address is unknown are forwarded to the default route. By default, IPX treats network number -2 (0xFFFFFFFE) as the default route.
For an introduction to default routes, see the "IPX Default Routes" section earlier in this chapter. For more background information on how to handle IPX default routes, refer to the Novell NetWare Link Services Protocol (NLSP) Specification, Revision 1.1 publication.
By default, Cisco IOS software treats network -2 as the default route. You can disable this default behavior and use network -2 as a regular network number in your network.
To disable the use of network number -2 as the default route, use the following command in global configuration mode:
Advertising Only Default RIP Routes
Unless configured otherwise, all known RIP routes are advertised out each interface. However, you can choose to advertise only the default RIP route if it is known, therefore greatly reducing the CPU overhead when routing tables are large.
To advertise only the default route via an interface, use the following command in interface configuration mode:
Router(config-if)# ipx advertise-default-route-only network
Advertises only the default RIP route.
Padding Odd-Length Packets
Some IPX end hosts accept only even-length Ethernet packets. If the length of a packet is odd, the packet must be padded with an extra byte so that end host can receive it. By default, Cisco IOS pads odd-length Ethernet packets.
However, there are cases in certain topologies where nonpadded Ethernet packets are forwarded onto a remote Ethernet network. Under specific conditions, you can enable padding on intermediate media as a temporary workaround for this problem. Note that you should perform this task only under the guidance of a customer engineer or other service representative.
To enable the padding of odd-length packets, use the following commands in interface configuration mode:
Step 1
Router(config-if)# no ipx route-cache
Disables fast switching.
Step 2
Router(config-if)# ipx pad-process-switched-packets
Enables the padding of odd-length packets.
Shutting Down an IPX Network
You can administratively shut down an IPX network in two ways. In the first way, the network still exists in the configuration, but is not active. When shutting down, the network sends out update packets informing its neighbors that it is shutting down, therefore allowing the neighboring systems to update their routing, SAP, and other tables without needing to wait for routes and services learned via this network to time out.
To shut down an IPX network such that the network still exists in the configuration, use the following command in interface configuration mode:
Router(config-if)# ipx down network
Shuts down an IPX network, but allows the network to still exist in the configuration.
To shut down an IPX network and remove it from the configuration, use one of the following commands in interface configuration mode:
When multiple networks are configured on an interface and you want to shut down one of the secondary networks and remove it from the interface, use the second command in the previous table specifying the network number of one of the secondary networks.
For an example of shutting down an IPX network, see the "IPX Routing Examples"section in the Novell IPX Configuration Examples chapter.
Configuring IPX Accounting
IPX accounting enables you to collect information about IPX packets and the number of bytes that are switched through the Cisco IOS software. You collect information based on the source and destination IPX address. IPX accounting tracks only IPX traffic that is routed out an interface on which IPX accounting is configured; it does not track traffic generated by or terminated at the router itself.
The Cisco IOS software maintains two accounting databases: an active database and a checkpoint database. The active database contains accounting data tracked until the database is cleared. When the active database is cleared, its contents are copied to the checkpoint database. Using these two databases together enables you to monitor both current traffic and traffic that has previously traversed the router.
Switching Support
Process and fast switching support IPX accounting statistics. Autonomous and silicon switching engine (SSE) switching do not support IPX accounting statistics.
Note
Access List Support
IPX access lists support IPX accounting statistics.
IPX Accounting Task List
To configure IPX accounting, perform the tasks in the following sections. The first task is required; the remaining task is optional.
•
•
Enabling IPX Accounting
To enable IPX accounting, use the following command in global configuration mode:
Customizing IPX Accounting
To customize IPX accounting, use one or more of the following commands in global configuration mode:
Transit entries are entries in the database that do not match any of the networks specified by the ipx accounting-list commands.
If you enable IPX accounting on an interface but do not specify an accounting list, IPX accounting tracks all traffic through the interface (all transit entries) up to the accounting threshold limit.
For an example of how to configure IPX accounting, see the "IPX Accounting Example"section in the Novell IPX Configuration Examples chapter.
Configuring IPX Between LANs
Cisco IOS software supports routing IPX between Ethernet-emulated LANs and Token Ring-emulated LANs. For more information on emulated LANs and routing IPX between them, refer to the "Configuring LAN Emulation" chapter of the Cisco IOS Switching Services Configuration Guide.
Configuring IPX Between VLANs
Cisco IOS software supports routing IPX between VLANs. Users with Novell NetWare environments can configure any one of the four IPX Ethernet encapsulations to be routed using the Inter-Switch Link (ISL) encapsulation across VLAN boundaries. For more information on VLANs and routing IPX between them over ISL, refer to the "Configuring Routing Between VLANs with ISL Encapsulation" chapter of the Cisco IOS Switching Services Configuration Guide.
Configuring IPX Multilayer Switching
Cisco IOS software supports IPX Multilayer Switching (MLS). For more information on IPX MLS, refer to the "Multilayer Switching" chapter of the Cisco IOS Switching Services Configuration Guide.
Monitoring and Maintaining the IPX Network
To monitor and maintain your IPX network, perform the optional tasks described in the following sections:
•
•
•
•
•
General Monitoring and Maintaining Tasks
You can perform one or more of these general monitoring and maintaining tasks as described in the following sections:
•
•
•
Monitoring and Maintaining Caches, Tables, Interfaces, and Statistics
To monitor and maintain caches, tables, interfaces, or statistics in a Novell IPX network, use one or more of the following commands in EXEC mode:
Specifying the Type and Use of Ping Packets
The Cisco IOS software can send Cisco pings and standard Novell pings as defined in the NLSP specification or diagnostic request packets. By default, the software generates Cisco pings. To choose the ping type, use the following command in global configuration mode:
Router(config)# ipx ping-default {cisco | novell | diagnostic}
Selects the ping type.
The IPX diagnostic ping feature addresses diagnostic related issues by accepting and processing unicast or broadcast diagnostic packets. It makes enhancements to the current IPX ping command to ping other stations using the diagnostic packets and display the configuration information in the response packet.
Note
The ipx ping command using the diagnostic keyword can be used to conduct a reachability test and should not be used to measure accurate round-trip delay.To initiate a ping, use one of the following commands in EXEC mode:
Troubleshooting Network Connectivity
To trace the IPX destination and measure roundtrip delays, use the following command in either user or privileged EXEC mode:
Router> trace [protocol] [destination]
Traces packet routes through the network (user or privileged).
Note
Monitoring and Maintaining IPX Enhanced IGRP
To monitor and maintain Enhanced IGRP on an IPX network, use one or more of the following commands in EXEC mode:
Logging Enhanced IGRP Neighbor Adjacency Changes
You can enable the logging of neighbor adjacency changes to monitor the stability of the routing system and to help you detect problems. By default, adjacency changes are not logged.
To enable logging of Enhanced IGRP neighbor adjacency changes, use the following command in IPX-router configuration mode:
Router(config-ipx-router)# log-neighbor-changes
Enables logging of Enhanced IGRP neighbor adjacency changes.
Monitoring and Maintaining NLSP
To monitor and maintain NLSP on an IPX network, use one or more of the following commands in EXEC mode:
Logging Adjacency State Changes
You can allow NLSP to generate a log message when an NLSP adjacency changes state (up or down). Generating a log message may be very useful when monitoring large networks. Messages are logged using the system error message facility. Messages are in the following form:
%CLNS-5-ADJCHANGE: NLSP: Adjacency to 0000.0000.0034 (Serial0) Up, new adjacency%CLNS-5-ADJCHANGE: NLSP: Adjacency to 0000.0000.0034 (Serial0) Down, hold time expiredTo generate log messages when an NLSP adjacency changes state, use the following command in IPX-router configuration mode:
Monitoring and Maintaining NHRP
To monitor the NHRP cache or traffic, use either of the following commands in EXEC mode:
The NHRP cache can contain static entries caused by statically configured addresses and dynamic entries caused by the Cisco IOS software learning addresses from NHRP packets. To clear static entries, use the no ipx nhrp map command. To clear the NHRP cache of dynamic entries, use the following command in EXEC mode:
Monitoring and Maintaining IPX Accounting
To monitor and maintain IPX accounting in your IPX network, use the following commands in EXEC mode:
