IPX uses the Service Advertising Protocol (SAP) to exchange information about available services on a NetWare network. Service-providing nodes, such as file servers and print servers, use SAP to advertise their services and addresses.
Routers use SAP to create and maintain a database of services available on the internetwork.
Set SAP Update Interval specifies how often the router broadcasts server information table updates to other IPX servers.
This value is the SAP update interval time.
Valid Values: The range is from 1 to 1440 minutes.
Default Value: 1 minute.
Note that you must submit the interface and then the SAP timer value in two separate steps.
Select the Submit button.
Split-horizon is a method of routing that avoids broadcasting RIP and SAP updates to the router from which they were learned.
In general, you should not disable split-horizon. It prevents the interface from rebroadcasting information that the receiving router already knows and it avoids unnecessary RIP and SAP advertisements. However, in the following cases you may need to disable split-horizon:
Select an interface number.
Select the Submit button.
Specifies heuristic as the type of split-horizon on the specified interface. Heuristic enables split-horizon on all types of interfaces except frame-relay. For frame-relay, split-horizon is enabled only if the specified interface has exactly one PVC defined; otherwise split-horizon is disabled.
Split-horizon is a method of routing that avoids broadcasting RIP and SAP updates to the router from which they were learned.
Generally, split-horizon should be enabled on every interface to avoid unnecessary RIP and SAP advertisements. However, there are some cases where you may want to disable split-horizon:.
Select an interface number.
Select the Submit button.
Enables split-horizon on the interface you specify.
Split-horizon is a method of routing that avoids broadcasting RIP and SAP updates to the router from which they were learned.
Generally, split-horizon should be enabled on every interface to prevent packets from counting to infinity and to avoid unnecessary RIP and SAP advertisements. However, there are some cases, such as partially-meshed frame-relay and X.25 configurations, where it may be necessary to disable split-horizon.
A partially-meshed RFC 1483-supported IPX routing configuration is another case where it may be necessary to disable split-horizon.
In a partially-meshed frame-relay network, the routers at the branches cannot communicate with each other unless the router at headquarters broadcasts all routing information to all other routers. In this case, split-horizon should be disabled on the frame-relay interface at headquarters, and enabled at each of the branches to keep them from generating unnecessary traffic.
Select an interface number.
Select the Submit button.
This parameter adds global IPX filters (access controls) to your IPX configuration to determine whether the router drops or forwards IPX packets, and adds global SAP filters to determine which SAP service advertisements are ignored or accepted by the router.
Adding a filter prevents NetWare boundary overflows for users on large networks by enabling you to determine the number of hops reasonable for a given service.
The SAP filters are a global ordered list of filter entries. For each entry, enter:
Valid Values: an integer in the range of [0 - 16].
Default Value: 16
This service type defines the type of the IPX server whose routing information is filtered.
Valid Values: a hexadecimal value in the range of [0000 - FFFF].
Use a value of X'0000' to filter all service types.
Default Value: none
Valid Values:
A string of 1 to 48 ASCII characters (X'20' through X'7E'), with the exception of the following special characters: plus (+), minus (-), comma (,), semicolon (;), colon (:), slash (/), and back slash (\).
The question mark (?) and asterisk (*) characters serve as wildcard characters. The question mark may be used multiple times to represent any single character within the server name. The asterisk may be used multiple times to represent any portion of the server name. The question mark and asterisk may also be used together.
Default Value: none
In general, you do not enter this field.
Select the Submit button.
Access controls are used to drop or forward packets based on their source and destination network addresses, node addresses, and socket numbers.
Global IPX filters are applied to all IPX interfaces. They can be used to prevent the router from forwarding packets based on IPX addresses (network/host/socket). You can use global IPX filters to provide security or to stop the forwarding of packets from "noisy" applications beyond the area of interest.
Global IPX filters are based on the originating IPX source address and the ultimate destination IPX address. Intermediate hop addresses are not important.
An IPX address (source or destination) for a global filter consists of an IPX network number, an IPX host number, and a range of IPX socket numbers that are specified in hexadecimal. The network number and host number can be specified as 0, which is a wildcard that matches all network and host numbers, respectively. A range of 0 to FFFF is a wildcard for sockets.
The global filter list is an ordered list of entries. Each global filter entry can be configured as inclusive or exclusive. The router compares packets it receives against the global filter list.
When creating global filter lists, consider the following things about IPX:
Note: All services on a Novell file server (version 3.0 or higher) are on the server's internal network, usually at host 000000000001. Because that internal network number is unique over an entire IPX network, ou can protect it by blocking all packets to the internal network socket range 0-FFFF. To block only the file server, use a socket range of 0451-0451.
Note: The global filters and interface filters are mutually-exclusive. If global SAP filtering is enabled, interface SAP filters cannot be enabled (and vice-versa). If global IPX filtering is enabled (access-controls), interface IPX filters cannot be enabled (and vice-versa).
The router examines each IPX frame to see if it matches an entry in the global filter list. It applies the first match. Therefore the order of global filters is critical.
Note: It is not necessary to use access controls and SAP filters for IPX to work in a NetWare environment.
The access control list is an ordered set of entries that the router uses to filter packets.
Enter the following information:
Select Include to cause the router to receive a packet and to forward it if it matches criteria in the remaining arguments.
Select Exclude to cause the router to discard the packets.
Valid Values: X'0000 0000' to X'FFFF FFFF'
Zero (0) specifies all networks.
Default Value: 0
Valid Values: X'0000 0000 0000' to X'FFFF FFFF FFFF'
Zero (0) specifies all hosts on the network.
Default Value: None
These parameters define the socket address range of the packet's destination process. The destination socket value is used for filtering IPX packets.
Valid Values: X'0000' to X'FFFF'
Default Value: 0
The valid values and default are the same for starting destination socket number and ending destination socket number.
This parameter defines the network number of the source IPX network whose packets are filtered by this router.
If you choose to filter on only the source network value, the filter applies to all source sockets, source networks, packet types, and number of hops.
Valid Values: X'0000 0000' to X'FFFF FFFF'
Zero (0) specifies all networks.
Default Value: 0
Valid Values: X'0000 0000 0000' to X'FFFF FFFF FFFF'
Zero (0) specifies all hosts on the network.
Default Value: None
These parameters define the socket address range of the packet's source process.
Valid Values: X'0000' to X'FFFF'
Default Value: 0
After you create an access-control list, enable the entries with Set Access Control. Use Move to change the order of entries.
Select the Submit button.
Deletes the global SAP filter you specify. You must specify it exactly as it appears in the filter list.
Enter the following:
Valid Values: 0 to 16
Default Value: 16
Valid Values: X'0' to X' FFFF'
Default Value: none
Valid Values: A string of 1 to 48 ASCII characters (X'20' through X'7E'), with the exception of the following special characters: plus (+), minus (-), comma (,), semicolon (;), colon (:), slash (/), and back slash (\).
The question mark (?) and asterisk (*) characters serve as wildcard characters. The question mark may be used multiple times to represent any single character within the server name. The asterisk may be used multiple times to represent any portion of the server name. The question mark and asterisk may also be used together.
Default Value: none
Select the Submit button.
Deletes the global IPX filter (access control) that matches the index number you enter.
Enter the index number of the entry you want to delete.
To see the current index numbers, display the list of entries.
Select the Submit button.
Access controls are an ordered list of packet filters and are applied to incoming packets in the order they appear in the access control filter list.
You can move the filter you specify in your list of global IPX filters (access controls). The lines are then renumbered to reflect the new order. Use the displayed list to determine these index numbers:
Select the Submit button.
You can attach an already-defined filter-list to a specified filter.
Valid Values: Any alphanumeric string up to 16 characters
Default Value: None
To see a numbered list of the configured filters, use IPX LIST.
Select the Submit button.
In general, you should follow these steps to configure IPX interface filters:
You can now create a filter for packets received on the interface you specify.
Select the interface number to which the input filter is to be attached.
A number is automatically assigned to a filter when it is created and from that point on is used to identify the filter, so you do not have continue to specify the interface and direction (that the filter applies to incoming packets).
Select the Submit button.
In general, follow these steps to configure IPX interface filters:
You can now create a filter to filter packets to be sent (outgoing) the interface you specify.
Select the interface number to which the output filter is to be attached.
A number is automatically assigned to a filter when it is created and from that point on is used to identify the filter, so you do not have continue to specify the interface and direction (input or output).
Select the Submit button.
Creates a filter-list with the name you specify.
Enter a List-name.
Valid Values: any alphanumeric string up to 16 characters
Default Value: none
Select the Submit button.
Specifies the default action to be Include.
When no match is found for any of the filter items, the packet is processed.
Select a Filter number, which is the number of the filter for which you are setting a default include action.
To display a numbered list of configured filters, use IPX List.
Select the Submit button.
Specifies the default action to be Exclude.
When no match is found for any of the filter items, the packet is dropped.
Select a Filter number, which is the number of the filter for which you are setting a default exclude action.
To display a numbered list of configured filters, use IPX List.
Select the Submit button.
Select the filter number you want to delete.
To display a numbered list of configured filters, use IPX List.
Select the Submit button.
Select the filter list number you want to delete.
To display the names of configured filter lists, use IPX LIST.
Select the Submit button.
This parameter detaches a filter-list from a filter.
Valid Values: Any alphanumeric string up to 16 characters
Default Value: None