Network Utility User's Guide

Chapter 16. Data Link Switching

Overview

This section introduces Data Link Switching (DLSw) and summarizes the DLSw function implemented in Network Utility.

What is DLSw?

DLSw is an IBM-invented standard technology for transporting connection-oriented protocols, mainly SNA and NetBIOS, across IP backbone networks. DLSw routers on the edges of an IP network field link establishment requests from native SNA and NetBIOS end stations, search among peer DLSw routers for one serving the target end station, and then set up a path and relay application data between the end stations through the peer router.

The protocol that flows between DLSw routers is documented in RFC 1795, "Data Link Switching: Switch to Switch Protocol." Clarifications about this protocol and multicast IP-based scalability enhancements are documented in RFC 2166, "DLSw v2.0 Enhancements".

Many DLSw implementations provide a local DLSw function that connects two links within a single router, as opposed to connecting them across an IP network to another DLSw router. Depending on the DLC types involved, this function may be equivalent to that of a FRAD or X.25 PAD.

Network Utility DLSw Function

The Network Utility DLSw implementation is nearly identical in function to that of the IBM 2210 and 2216 routers. It can handle the following end-station protocols:

• SNA
  • PU 4/5 to PU 2.0 (and IBM 5394 on SDLC)
  • T2.1 to T2.1
  • PU 4/5 to PU 4/5

• NetBIOS
  • Point-to-point sessions
  • Broadcast datagram traffic

• LAN Network Manager
  • LNM to bridge servers (e.g., LBS, CRS, REM)
  • LNM to 8235 intelligent hub
  • LNM to LAN Station Manager

Network Utility DLSw can communicate with end stations across the following data link control (DLC) types:

• 802.2 LLC

  LLC can be carried over any of these interface types:

  • Token-Ring
  • Ethernet (10 Mbps or 10/100 Mbps adapters)
  • FDDI
  • PPP links enabled for remote bridging
  • Frame Relay PVCs and SVCs enabled for remote bridging (RFC 1490/2427 bridged frame formats)
  • ATM LAN emulation
  • ATM native bridging (RFC 1483 bridged frame formats)

• SDLC

  DLSw can represent the primary station on a multipoint line, multiple secondary stations, or a single fully negotiable station on a point-to-point line.

• QLLC

  DLSw supports any combination of QLLC PVCs and SVCs on a single X.25 interface. It can handle parallel virtual circuits to the same remote DTE address, as well as incoming calls from non-configured SVCs.

• APPN

  You can configure APPN to attach to the DLSw function residing in the same Network Utility. This allows APPN to have links with any PU 2.0 or T2.1 SNA end station in the DLSw network, without requiring APPN to be present in remote (especially branch office) routers.

• Channel-LSA

  DLSw supports an internal interface to the ESCON and parallel channel LSA function residing in the same Network Utility. This allow the host to have links with any SNA end station in the DLSw network, without requiring separate channel gateway and central-site DLSw router products.

With remote DLSw (across IP to another router), Network Utility DLSw supports conversion from TCP DLSw frames to any of the supported DLC types. Local DLSw is supported only for specific combinations of DLC types, as shown here:

            LLC     SDLC    QLLC    APPN    Channel-LSA
    LLC     (1)      x       x                x
    SDLC     x       x       x       x        x
    QLLC     x       x       x       x        x
    APPN             x       x                x 
    CHANNEL  x       x       x       x
 
    Note:
    1 - You should use bridging for local LLC-to-LLC connectivity.  The
        only exception supported by local DLSW is LLC to a Frame Relay
        bridge port that is configured as a Boundary Access Node (BAN) port.
 

The following list summarizes some of the other capabilities and features of IBM Network Utility DLSw.

• Dynamic compatibility to all DLSw protocol standards

  IBM DLSw supports RFC 1434+, RFC 1795 (DLSw Version 1), and RFC 2166 (DLSw Version 2). It dynamically detects the protocol level of each partner router with no pre-configuration, and can simultaneously handle partners at different protocol levels.

• Dynamic and on-demand partners

  IBM DLSw supports bringing up TCP connections to configured partners only when required, as well as discovering end stations served by non-configured partners, and bringing up those TCP connections on demand.

• Multicast IP discovery

  With the simple configuration of multicast IP addresses or groups, IBM DLSw can perform multicast searches for both end stations and partners. IBM DLSw provides a number of dynamic extensions to the DLSw Version 2 standard, including resource registration and simplified group configuration.

• Traffic prioritization

  There are configuration options allowing you to control not only SNA versus NetBIOS prioritization, but also individual circuit priorities. This is in addition to the Bandwidth Reservation System's (BRS) extensive support for interface-level traffic prioritization.

• Advanced filtering and static cache entries

  IBM DLSw includes extensive support for MAC address and NetBIOS name lists and static caching, allowing you to control what links are used for searching for resources as well as which remote partners are preferred.

• Load balancing and fault tolerance

  IBM DLSw can cache multiple remote partners and select among them on the basis of neighbor priority, largest frame size support, or first to reply. You can also use the neighbor priority feature to ensure that one central-site router serves only as a backup for another.

  For configurations involving duplicate MAC addresses, you can disable the neighbor priority feature, or set cache parameters to control the paths used to reach those MAC addresses.

Example Configurations

This section describes three sample configurations that use the Data Link Switching feature of the Network Utility. These configurations are:

• DLSw LAN Catcher
• DLSw LAN Channel Gateway
• DLSw X.25 Channel Gateway

DLSw LAN Catcher

This scenario is shown in Figure 16-1. In this scenario, the SNA traffic in the remote sites uses DLSw to get back to the data center.

The Network Utility is in the data center on the backbone LAN segment. It is a DLSw partner with each remote router and as such requires a TCP session with each. The advantage to this approach is that all of the CPU cycles needed to manage these TCP sessions and to terminate the DLSw connections are concentrated in the Network Utility. Without the Network Utility, the local routers or the host gateway (if DLSw-capable) could be consumed by this workload.

From the host perspective, the SNA LLC2 traffic is bridged into the Network Utility from the host gateway. The host gateway is either an IBM 3745/46, an IBM 3746 with the Multiaccess Enclosure (MAE), or an IBM 2216.

You can take advantage of the 2-Port Token-Ring Adapter in the Network Utility by bringing in the IP-encapsulated SNA traffic on one port and delivering LLC2 SNA traffic onto the other Token-Ring port. Thus, you have twice the bandwidth available with an additional benefit of separating the IP and SNA traffic onto separate rings. Because the Network Utility provides LLC local acknowledgments (spoofing) to the host for each LLC connection, this removes a considerable amount of traffic from the campus backbone in large network environments.

Figure 16-1. DLSw LAN Catcher

View figure.

Keys to Configuration

For the most part, this is a standard DLSw configuration. However, you should be aware of the following points when configuring the Network Utility as a DLSw LAN Catcher:

• For this scenario, you should configure the Network Utility to allow TCP sessions from any of the remote routers. This is called DLSw dynamic neighbors. This keeps you from having to define the IP address of each DLSw partner on the Network Utility. The default value for dynamic neighbors is "Enabled."

• The Network Utility introduces a new parameter for IBM DLSw implementations that allows you to specify how explorer frames are forwarded. This is especially important in the outbound direction from the central site. The parameter is called enable/disable forwarding explorers and it gives you the flexibility to specify any of the following options:

  • Disable forwarding of explorer frames

    This option completely disables forwarding of explorer frames.

  • Forward explorer frames to the local TCP connection only

    If you want to block explorer frames from going out on WAN links, then you can specify this option. This is the default value for the Network Utility.

  • Forward explorer frames to all DLSw partners

    With this option, explorer frames are sent out to all DLSw partners.

For a complete look at the configuration parameters needed for the DLSw LAN Catcher scenario, see Table 17-2.

DLSw LAN Channel Gateway

This scenario is shown in Figure 16-2. As in the DLSw LAN catcher scenario, the Network Utility terminates the DLSw sessions from the remote routers. However, in this case, there is an ESCON Channel Adapter in the Network Utility. Instead of bridging the traffic from the DLSw function onto the LAN segment, this configuration passes it directly to the channel via an LSA loopback interface configured in the Network Utility.

This configuration also demonstrates the use of the Network Utility to support SNA traffic from the local campus to the host. This traffic is bridged off the campus backbone through the LSA loopback interface. All SNA devices in the network are configured with the same host destination MAC address which is the MAC address of the LSA loopback interface. This includes the devices at the main site as well as the devices in the remote sites.

Figure 16-2. DLSw LAN Channel Gateway

View figure.

Keys to Configuration

Note the following points when configuring the Network Utility as a DLSw LAN Channel Gateway:

• An LSA interface must be configured and loopback must be enabled on this interface. Enabling loopback creates a virtual LAN inside the Network Utility. The only two devices on this LAN are the host and the DLSw termination point. A MAC address is defined on the LSA interface that represents the host on the channel. This is the destination MAC address that is configured in the downstream devices.

  Note:

  You can also define an LSA direct connection for the traffic to be bridged in from the local LAN segments. If you do this, then the devices on these segments will have a different destination MAC address from the remote devices because the LSA direct interface will have a different MAC address from the LSA loopback interface.

• When configuring DLSw, you need to open SNA SAPs for the LSA interface as well as the Token-Ring interface.

• The subchannel configuration for the LSA interface must match parameters configured in the host. See Table 14-1 for a description of the subchannel parameters and Chapter 18, Sample Host Definitions for example host definitions. This information will help you see how these parameters correlate.

• You need to configure a local TCP connection. This is done by defining a DLSw partner whose IP address is the internal address of the Network Utility. This is used for the traffic that is bridged from the local LAN segments into the host. This traffic gets bridged into the Network Utility into DLSw where the local TCP connection passes the traffic to the LSA loopback interface.

• The Network Utility currently supports a maximum of 2048 link stations per MAC address/SAP pair (for example, a destination MAC address of 400022AA0099 with SAP 04). If you need more then 2048 workstations, you have to define another LSA interface with a different SAP or a different MAC address. Remember that each LSA interface requires one subchannel of the 64 available on one ESCON channel adapter. You must also define the corresponding XCA major node to support each LSA interface.

X.25 Channel Gateway

This scenario is shown in Figure 16-3. It uses Local DLSw in the Network Utility to map between X.25 addresses and MAC address/SAP pairs. The transport across the WAN is native Qualified Logical Link Control (QLLC), a protocol that allows SNA devices to communicate over X.25 networks. In the Network Utility, local DLSw performs protocol conversion between QLLC and LLC2 frames.

From the remote device perspective, there are two cases to consider:

1. A device on a LAN segment attached to the branch router

   On the workstation, the SNA application generates an LLC frame that it wants to send to the host. If the branch router is an IBM 2210, this LLC frame gets bridged into the 2210 DLSw function, which does three things:

   1. Protocol conversion from the LLC frame to a QLLC frame

   2. Maps the destination MAC address/SAP pair into the appropriate X.25 LCN (PVC) or DTE address (SVC)

   3. Passes the QLLC frame to X.25

   The X.25 PAD function in the branch router creates the LAPB link layer packets and sends them over the PVC (or SVC).

   If some product other than the IBM 2210 plays the role of branch router, it needs to perform these same functions but may do so without using local DLSw.

2. A device directly on the X.25 network (for example, an IBM 3174 Control Unit or an eNetwork Communications Server gateway machine attached via a Wide Area Connector Adapter)

   On these devices, SNA uses QLLC as a native DLC type. It generates a QLLC frame and sends it out over the configured PVC (or SVC).

In each of these cases, at the Network Utility, the LAPB packets are received over the X.25 circuit and passed to QLLC and then on to DLSw. DLSw does two things:

1. Protocol conversion from QLLC into an LLC2 frame
2. Mapping of the X.25 LCN (PVC) or DTE address (SVC) into the MAC address/SAP for the LSA local loopback interface

The traffic is then passed to the LSA loopback interface for transport across the ESCON channel.

Figure 16-3. DLSw X.25 Channel Gateway

View figure.

Keys to Configuration

The following list summarizes general configuration tasks you need to perform for this scenario. Please refer to other DLSw and LSA loopback configurations for details. The LSA loopback interface is configured the same as in DLSw LAN Channel Gateway.

• Add and configure the ESCON and LSA interfaces.
• Add and configure the X.25 interface. From the command line, use the net command in talk 6 to enter the X.25 Config subprocess, then use the following commands:
  • set address (to set the local DTE address)
  • add protocol dlsw (to add DLSw as an X.25 protocol)
  • add pvc or add svc (to add the individual PVCs or range of SVCs)
• Configure the IP internal address as in other examples.
• Configure DLSw
  • Configure general DLSw (enable, SRB segment, forward explorers locally).
  • Configure the DLSw local TCP connection.
  • Configure DLSw for LSA loopback (open SAPs on the LSA interface).

In addition to these general tasks, you need to configure Network Utility DLSw to map X.25 addresses to the LSA loopback MAC address. There are three ways to do this:

• Configure the X.25 stations individually at DLSw, each with its own destination MAC address. This option applies to both PVCs and SVCs.

• Configure a list of connection IDs, each of which has its own destination MAC address. Some X.25 stations can send a connection ID when they place a call, and Network Utility matches this value to the configured list. This option applies to SVCs only.

• Configure a default destination MAC address for incoming calls that do not contain a connection ID. This option applies to SVCs only.

The remainder of this section describes how to configure each of these three address mapping methods.

If the number of remote X.25 stations is relatively small, then you can configure each remote X.25 device in DLSw to be mapped to the LSA loopback MAC address. To do this using the command line, enter talk 6 at the * prompt and type the following:

• protocol dls
  • add qllc station (once for each remote X.25 station). The system prompts you for:
    • Interface number (X.25 interface)
    • PVC or SVC
    • Logical channel number (for PVCs) or DTE address (for SVCs)
    • Source MAC and SAP (can be generated by DLSw)
    • Destination MAC and SAP (enter the LSA loopback MAC address)
    • PU type
    • XID block/num (if the PU type is 2)

To do this using the Configuration Program, do the following:

• Protocols/DLSw/Interfaces/Serial-X25/QLLC Stations
  • add a QLLC station (enter the same information as above)

If your remote X.25 stations can be configured to send a connection ID when they place a call²¹, you can configure DLSw to map connection ID values to destination MAC addresses. To do this using the command line, enter talk 6 at the * prompt and type the following:

• protocol dls
  • add qllc destination (once for each valid connection ID). The system prompts you for:
    • Connection ID
    • Destination MAC and SAP (enter the LSA loopback MAC address)

To do this using the Configuration Program, do the following:

• Protocols/DLSw/QLLC Destinations
  • add a QLLC destination (enter the same information as above)

Finally, if it is not feasible to configure each remote X.25 station or to use a connection ID, you can use the DLSw ANYCALL feature to accept any incoming X.25 call and map it to the LSA loopback MAC address. To do this using the command line, enter talk 6 at the * prompt and type the following:

• protocol dls
  • add qllc destination (once, plus you can add specific connection IDs if you wish). The system prompts you for:
    • Connection ID (use the word 'ANYCALL')
    • Destination MAC and SAP (enter the LSA loopback MAC address)

To do this using the configuration tool, do the following:

• Protocols/DLSw/QLLC Destinations
  • add a QLLC destination (enter the same information as above)

Managing DLSw

This section introduces some of the ways in which you can monitor and manage the DLSw function.

Command-Line Monitoring

DLSw supports an extensive set of commands to display status, dynamically modify configuration parameters, and actively control the state of connections. These commands are described in detail in MAS Protocol Configuration and Monitoring Reference Volume 1, in the chapter "Configuring and Monitoring DLSw." To access them, enter talk 5 at the * prompt and protocol dls at the + prompt.

Some particularly useful commands for monitoring status are:

list tcp sess

Shows the status of all known TCP connections to partner routers. You can see the state of the TCP connections as they come up and go down, as well as the level of the DLSw protocol in use, and summary statistics on the number of DLSw circuits using each connection. If you configure DLSw to accept TCP connections only from dynamic (not configured) partners, this command displays the status of connections as initiated by remote routers. There will be no status if the remote routers are not actively bringing up TCP connections.

If you configure a "local TCP connection" to enable local DLSw function, this connection is flagged as such on the command output so that it can be distinguished from remote partner connections.

list dls sess all

Shows the status of all active DLSw sessions. A session, also called a circuit, is defined by a MAC and SAP address 4-tuple and corresponds to an SNA link, not an SNA LU-LU session. Sessions are normally driven up and down by SNA end stations, so the output of this command is dynamic. For every session, you see its identifying MAC and SAP addresses, state, which partner the session is connected through, and an identifier that you can use with the list dls sess detail command to get more information. Local DLSw sessions (those that involve only this router) show as two lines of output from this command.

Because a Network Utility may easily have hundreds or thousands of active sessions, you can use different variations of the list dls session command to display only a subset of them. Instead of the keyword "all," you use different keywords to show only those circuits through a given partner, or only those in a given state, and so on. There are roughly 10 keywords defined to select sessions. The output of all these commands pauses when the screen fills, waiting for a keystroke from you to continue or quit. Press the space bar to view the next screen of output.

list dls mem

Shows the status of various pools of DLSw memory, as well as the memory congestion status for all active sessions.

list llc sess all

Shows 802.2 LLC-specific status information for all DLSw sessions that use LLC as the protocol between the router and the end station. These include sessions running over LAN, channel, ATM, and remotely bridged WAN interfaces. The command output includes more state information as well as the source route to the end station, if applicable.

list sdlc sess all

Shows SDLC-specific status information for all DLSw sessions that use SDLC as the protocol between the router and the end station. The command output includes SDLC addressing information as well as state information. If you are working with SDLC devices, this command is more useful than the generic list dls sess.

list qllc sess

Shows QLLC-specific status information for all DLSw sessions that use QLLC over X.25 as the protocol between the router and the end station. The command output includes QLLC addressing information as well as detailed state information. Because the router supports incoming dynamic SVCs, this command is essential to see the status of both configured and dynamic QLLC PVCs and SVCs.

DLSw supports dynamic modification under talk 5 of the vast majority of parameters you can configure under talk 6. DLSw follows the standard model where changes made under talk 5 have an immediate effect but do not survive a box reboot, while changes made under talk 6 take effect only after a box reboot. The talk 5 list commands show the values that are currently active in the running product.

The talk 5 commands delete and disable give you the power to tear down an existing DLSw connection. For example, you can use delete dls session number to clean up a hung session and allow the end stations to redrive it. Delete/add and disable/enable sequences are powerful methods to recycle configured TCP, SDLC, and QLLC connections.

Event Logging Support

DLSw has several hundred ELS messages defined, ranging from informational messages about normal events, to warnings of serious error conditions. Here are some of the types of DLSw events that can generate ELS messages:

• Initialization and configuration errors
• Partner TCP connection and capabilities frames sent or received
• Explorer frames sent or received for a particular MAC address or NetBIOS name
• Circuit setup/takedown frames sent or received
• DLC link setup/takedown frames sent or received
• Data frames sent or received on active circuits
• Pacing window changes on active circuits
• Memory allocation errors
• Unexpected protocol flows, frames discarded
• Frame flows do not match configuration

Although these messages are used primarily by software engineers to resolve problems, a user with a basic knowledge of the DLSw protocol and DLC link activation flows should be able to make sense of them and debug simple configuration mistakes. By activating these ELS messages and watching the output via talk 2, you should be able to at least answer the question "Is anything happening?"

"DLS" is one of the named subsystems within ELS. To activate the standard set of error messages, type disp sub dls from the event menu under either talk 6 or talk 5. To activate all DLSw messages, enter disp sub dls all. The corresponding commands to deactivate messages begin with nodisp. For general information on controlling and viewing ELS messages, see Monitoring Event Messages.

If you are trying to trace a link activation attempt, DLSw messages alone may not show the complete picture. You can activate the ELS messages for the underlying DLC type as follows:

LLC

disp sub llc all

SDLC

disp sub sdlc all

QLLC

disp sub qllc all
disp sub x253 all (X.25 layer 3, the packet layer)

Channel-LSA

disp sub lsa all

Refer to the Event Logging System Messages Guide (on CD-ROM and the 2216 Web Page) for a full list of individual messages and their meaning.

SNA Management Support

From a VTAM or NetView/390 operator console, you can control the links, PU, and LUs involved with DLSw as described in NetView/390.

Unlike APPN, Network Utility DLSw does not send SNA alerts. It does send traps (described in the following section) and trigger ELS messages that can generate traps. You can use the products mentioned in IBM Nways Manager for AIX to convert those traps to alerts.

SNMP MIB and Trap Support

Network Utility DLSw provides full read-only and partial read-write support for the IETF standard DLSw MIB documented in RFC 2024. This large MIB gives visibility to most of the important configuration, status, and accounting information that products implementing RFC 1795 and 2166 should have. This information includes:

• Configuration
  • Node characteristics, for example, dynamic partners are enabled
  • Configured partner information
  • Configured directory/cache entries

• Status
  • Node up or down, for how long
  • Active TCP connections, for how long, dynamic partner information
  • Dynamic directory/cache information
  • Active circuits, for how long, DLC information

• Statistics and Accounting
  • Counts of TCP connections up and down (normal and error)
  • Data and control frames counts per partner
  • Counts of circuits up and down
  • Indices to underlying DLC MIBs for per-circuit frame counts
  • Pacing counts for active circuits

Network Utility DLSw supports all the traps defined in RFC 2024, reporting the following events:

• A TCP connection is terminated due to capabilities exchange failure or a DLSw protocol violation
• A TCP connection comes up or goes down
• A circuit comes up or goes down

DLSw all supports trap control data items so a management station can set the conditions under which a trap is generated.

In addition to RFC 2024, Network Utility DLSw supports` IBM-specific DLSw MIB extensions for multicast IP-based groups and for QLLC stations.

Network Management Application Support

The Network Utility Java-based application implemented in the Nways Manager products discussed in IBM Nways Manager Products provides integrated support for the standard DLSw MIB and the IBM-specific DLSw MIB extensions.

To view DLSw resources and their status using these products, you bring up specific panels that present key information from the DLSw MIB and from its underlying DLC-layer MIBs (LLC, SDLC, or X.25). You can also use integrated browser support to view the information in any of these MIBs.

You can control the emission of DLSw traps from the Nways Manager products, so that a given trap is generated always, never, or only under certain conditions.

Nways Manager for AIX can show you a DLSw topology view of your network, including DLSw connectivity, resources, and color-coded status. The topology is refreshed as new nodes are discovered. This application does not present the topology of DLSw IP multicast groups.

²¹

QLLC products frequently present this parameter as a connection password.