IBM Books

8371 Interface Configuration


Using IPX

This chapter describes how to use the IPX protocol on your IBM 8371. It includes the following sections:


IPX Overview

IBM's implementation of IPX allows the router to function as a Novell NetWare internetwork router. It has these characteristics:

IPX Addressing

The following sections describe IPX addressing.

Network Numbers

An IPX network number specifies the location of a particular network in an internetwork. You can use multi-part addresses like the city-street-house address on a piece of mail. For example, IPX refers to network numbers (city), host numbers (street), and socket numbers (house). These addresses allow communication between two entities on different networks.

Host Numbers

Each IPX circuit needs a 6-byte host (node) number.

Because serial lines have no hardware MAC addresses, you must specify a unique host number.

ATM circuits use their End System Identifier (ESI) as their host number. Their burned-in ESI will be used if one has not been configured.

IPX Circuits

The IPX routing software models network interfaces as either a single IPX broadcast circuit, as one or more IPXWAN point-to-point circuits, or a combination of both types of circuits. The type of encapsulation, IPX addressing and routing protocols used on the circuit depend on the underlying DLC and whether the IPX circuit is configured as broadcast or IPXWAN point-to-point.

IPX broadcast circuits have the following characteristics:

The following sections describe the modeling of each type of supported network interfaces.

Native ATM

The IPX routing software models an ATM interface as a single IPX broadcast circuit. As such, the underlying ATM PVCs and SVCs defined by the user to interconnect routers on the ATM network are transparent to the IPX routing software.

The circuit must be assigned a unique IPX non-zero network number.

The ESI component of the ATM address is used as the circuit's IPX node number. The burned-in ESI will be used if an ESI has not been configured in the IPX ATM ARP-client associated with the ATM interface.

The LAN all-stations address (x'FFFFFFFFFFFF') serves as the IPX broadcast address. Packets addressed to the broadcast address are transmitted on all VCs on the interface by the underlying ATM DLC.

The IPX maximum packet size is derived from the MTU configured for the interface.

The underlying ATM DLC uses ATM InARP to map destination IPX node addresses to the appropriate ATM VC. Optionally, destination IPX node addresses can be statically configured for VCs connected to routers which do not support ATM InArp.

In order to support non-fully meshed ATM topologies, split-horizon can be disabled on the circuit. This allows RIP and SAP to propagate information to all VCs on the interface so that intermediate routing between VCs on the same interface can occur.

Fully-meshed ATM topologies need not disable split-horizon.

Any or all of the following routing types may be used on the circuit:


Configuring IPX

This section describes how to initially configure IPX. The following sections describe optional parameters you can set.

  1. Display the IPX configuration prompt as shown here:
    * talk 6
    Config> protocol ipx
    IPX protocol user configuration
    IPX config>
    
  2. Enable IPX globally.
    IPX config> enable ipx
    
  3. Add a broadcast-circuit on LAN.
    IPX Config>add broadcast-circuit
    Which interface [0]? 1
    IPX circuit number[3]? 5
    IPX network number in hex
    ('0' is only allowed on IPXWAN unnumbered circuits) [1]? 01
    
    Note:IPX network number 0 is valid only on IPXWAN unnumbered RIP or static routing circuits. IPX network number FFFFFFFF is not a valid IPX network number. IPX network number FFFFFFFE is reserved for the IPX Default Route and may not be used as an IPX network number.
  4. Optionally, change the frame type for Ethernet or ATM LAN Emulation Client. You do not have to set the frame type for circuits other than Ethernet or ATM LAN Emulation Client. See "Frame" for a description of available frame types.

    The default encapsulation formats are:

    Use the frame command as shown here:

    IPX config> frame ethernet_8023
    IPX circuit number [1]? 2
    

Optional Configuration Tasks

Optional settings that you can adjust are described in the following sections.

Specifying the Size of IPX RIP Network Table

The IPX RIP network table contains information about each IPX network. The default table size is 32. You can configure the table size from 1 to 2048; however, there may be memory limitations on the router that can prevent the maximum table size from being used.

IPX config>set maximum networks
New Network table size [32]? 32

Specifying RIP Update Interval

IPX uses RIP to maintain routes in its routing tables. A route indicates the path a packet follows. The RIP update interval determines how often the router broadcasts its routing information tables to its circuits. It also determines how long a RIP entry remains before being aged-out.

Valid entries remain in the routing tables for a period of three multiples of the RIP update interval, and the router broadcasts its RIP tables once every update interval.

For example, the default interval is 1 minute, which allows a valid entry to remain in the table for 3 minutes. After this time, if an entry is not refreshed by a RIP update, the route is marked with a hop count of infinity (16) and then it is deleted. Every 60 seconds the router broadcasts its RIP tables to corresponding circuits.

You can configure the RIP interval from 1 to 1440 minutes (24 hours). Increasing the RIP interval reduces traffic on WAN lines and dial circuits. It also prevents dial-on-demand circuits from dialing out as often.
Note:While complete RIP advertisements are controlled by the interval, the router still propagates network topology changes as quickly as it learns them.

The RIP interval is not configurable on the Novell file server.

IPX config>set rip-update-interval
IPX circuit number [1]? 2
RIP timer value(minutes) [1]? 2

Specifying the Size of IPX SAP Services Table

The IPX Service Advertising Protocol (SAP) services table is a distributed database used to find NetWare Services, such as file servers. Services are uniquely identified by a 2-byte numeric type and a 47-character name. Each service provider advertises its services, specifying service type, name, and address. The router accumulates this information in a table and sends it to other routers. The default table size is 32.

You can configure the table size from 1 to 2048; router memory constraints may prevent the maximum table size from being used.

IPX config>set maximum services 
New Service table size [32]? 32

Specifying SAP Update Interval

The IPX Service Advertising Protocol (SAP) interval lets you configure the time between IPX SAP updates on a per-circuit basis. All router circuits on the same network must use the same SAP interval. This interval determines both the age-out time for table information, and the interval between broadcasts to router circuits.

Valid entries remain in the SAP services table for a period of three multiples of the SAP update interval, and the router broadcasts its SAP services table information once every update interval.

You can configure the SAP interval from 1 to 1440 minutes (24 hours). Increasing the SAP interval reduces traffic on WAN lines and dial circuits. It also prevents dial-on-demand circuits from dialing out as often.
Note:While complete SAP advertisements are controlled by this interval, the router still propagates network topology changes as quickly as it learns them.

The SAP interval is not configurable on the Novell file server.

IPX config>set sap-update
IPX circuit number [1]? 2 
SAP timer value(minutes) [1]? 4

IPX Keepalive and Serialization Packet Filtering

You can configure IPX to prevent Keepalive and serialization packets from continually activating a dial-on-demand link or to minimize traffic over a dial-on-demand link.

In Figure 26, for example, if the Novell Client logs into the Novell Server and then remains idle, the server sends periodic Keepalive requests to the client and the client replies with Keepalive replies. Keepalive filtering causes the routers to enter the first Keepalive reply into their Keepalive tables and then forward the reply. After that, the routers do not forward Keepalive traffic for that client-server connection over the WAN link. Instead, Router A replies to Keepalive requests it receives from the server and Router B sends Keepalive requests to the Novell Client.

Keepalive filtering also prevents the routers from forwarding NetWare serialization packets over the WAN link.

Figure 26. Keepalive Filtering

View figure.

To set up Keepalive filtering, enable it on the dial circuits.

 
IPX Config> enable keepalive-filtering
IPX circuit number [1]? 5

Configuring Multiple Routes

You can configure IPX so that it keeps more than one routing table entry for the same destination network. The benefit of this feature is that if a route goes down, the alternate route is used immediately. The router does not have to wait for a RIP broadcast, which could take from a few seconds to a minute, to learn a new route. The router stores only equal-cost paths in the routing table.

Use the following command to configure the maximum number of routes that will be stored in the routing table for each destination. The range is 1 to 64. The default is 1.

IPX config>set maximum routes-per-destination
New maximum number of routes per destination net [1]? 4

Use the following command to set the total number of entries kept in the routing table. The range is 1 to 4096. The default is 32. Set the number of entries to at least the same size as the RIP network table. (Configure the size of the RIP network table using the set maximum networks command explained in this chapter.)

IPX config> set maximum total-route-entries
New route table size [32]? 40

Configuring Static Routes

Static routes can be configured per destination network number. Each static route is associated with a circuit and is installed in the routing table when IPX is activated on the circuit. The static route is removed from the routing table when IPX is deactivated on the circuit, the circuit itself is taken down, or any dynamically-learned route to the destination network is learned. Dynamically-learned routes (via RIP) always override static routes. The static route will be reinstalled in the routing table when IPX is reactivated on the circuit, the circuit itself comes back up, or when all RIP routes to the destination network are lost.

Static routes are particularly useful over dial-on-demand circuits where RIP is disabled and routes to destination networks are statically configured on the dial-on-demand circuit.

Static routing may be used on a circuit by itself or in combination with RIP. The only exception to this is when static routing is enabled on an IPXWAN circuit. In this case, static routing is the only routing type negotiated by IPXWAN.

Static routes will be advertised by RIP, subject to split-horizon and applicable filters.

When multiple static routes per destination network are configured, the same rules used to choose RIP routes are used to determine which static routes are installed in the routing table. Multiple static routes to the same destination network will be installed in the routing table if they are of equal cost. Up to the configured routes per destination can be concurrently stored in the routing table.

The following example shows how to configure an IPX static route.

IPX Config> disable rip
IPX circuit number [1]? 2
 
IPX Config> enable route-static
 
IPX Config> add route-static
IPX net address: (1-fffffffe) [1]? 30
IPX circuit number [1]? 2
Next-hop address, in hex [] ? 400000003000
Ticks: (0-30000) [0]? 4
Hops: (0-14) [0]? 4

Configuring Static Services

Static services can be configured per service type or name pair. Each static service is associated with a circuit and is installed in the SAP services table when IPX is activated on the circuit, and a route to the service's network is known (either by static route or RIP advertisement). The static service is removed from the SAP table when IPX is deactivated on the circuit, the circuit itself is taken down, the route to the server's network is lost, or the same service is learned dynamically. As long as a route to the server's network is known, the static service will be reinstalled in the service table when IPX is reactivated on the circuit, the circuit itself comes back up, or when the SAP-learned service is lost. Dynamically-learned services (using SAP) always override static services.

Static services are particularly useful over dial-on-demand circuits where SAP is disabled and services are statically configured on the dial-on-demand circuit.

Static services may be used on a circuit by itself or in combination with RIP/SAP. The only exception to this is when static routing is enabled on a IPXWAN circuit. In this case, static routing is the only routing type negotiated by IPXWAN.

Static services will be advertised by SAP, subject to split-horizon and applicable filters.

When multiple static services per name or type are configured, the same rules used to choose SAP services are used to determine which static service is installed in the routing table. Note that if there are equal-cost static services configured, the one defined on the same circuit as the current route to the server's network will be installed in the service table.

The following example shows how to configure an IPX static service.

IPX Config> disable sap
IPX circuit number [1]? 2
 
IPX Config> enable sap-static
 
IPX Config> add sap-static
Sap type: (0-ffff) [4]?
Sap name: []? FILE_SERVER01
IPX circuit number [1]? 2
IPX net address: (1-fffffffe) [1]? 30
IPX node address, in hex: []? 400000202000
IPX socket: (0-ffff) [451]?
Hops: (0-14) [0]? 4

Configuring the RIP Default Route

The default route is a special case of a static route. It is used as a last resort as a next hop for unknown destination networks.

The default route is especially useful on dial-on-demand circuits when RIP is disabled. Configuring the default route on the dial-on-demand circuit allows clients to request routes and send packets to destination networks on the other side of the circuit without having to configure a static route for each destination.

RIP Handling

For routers using RIP, the default route is designated by network number FFFFFFFE.

When advertising RIP routes, the default route (like any other static route) will be advertised, after being subjected to the RIP filters and split-horizon.

When responding to a RIP request for an unknown destination network, the router responds to the request only if it has a default route in the routing table.

When forwarding packets, if the route to the destination network is unknown, the forwarder will forward the packet to the next-hop router that is advertising the default route (or the next-hop router indicated by the local static default route definition in the case of static routing).

The following example shows how to configure a RIP default route.

IPX Config> enable route-static
 
IPX Config> add route-static
IPX net address: (1-fffffffe) [1]? fffffffe
IPX circuit number [1]? 2
Next-hop address, in hex: []? 400000003030
Ticks: (0-30000) [0§? 4
Hops: (0-14) [0]? 4

Interaction with SAP

Generally, SAP advertisements are accepted only if a route to the server's network is known. If the route to the server's network is not known, but a default route is known, the advertisement is also accepted (after being subjected to the SAP filters).

SAP advertisements that are accepted by virtue of the existence of the default route will be advertised on all IPX circuits other than the one from which the SAP advertisement was accepted (split-horizon). Of course, the advertisement will be subjected to the SAP filters before being advertised. The same rules apply to responses to SAP requests.

Configuring Global IPX Filters (IPX Access Controls)

Global IPX filters are applied to all IPX circuits. They can be used to prevent the router from forwarding packets based on IPX addresses (network/host/socket). You can use global IPX filters to provide security or to stop the forwarding of packets from "noisy" applications beyond the area of interest.

Global IPX filters are based on the originating IPX source address and the ultimate destination IPX address. Intermediate hop addresses are not important.

An IPX address (source or destination) for a global filter consists of an IPX network number, an IPX host number, and a range of IPX socket numbers that are specified in hexadecimal. The network number and host number can be specified as 0, which is a wildcard that matches all network and host numbers, respectively. A range of 0 to FFFF is a wildcard for sockets.

The global filter list is an ordered list of entries. Each global filter entry can be configured as inclusive or exclusive. The router compares packets it receives against the global filter list.

When creating global filter lists, consider the following things about IPX:

Note:The global filters and circuit filters are mutually-exclusive. If global SAP filtering is enabled, circuit SAP filters cannot be enabled (and vice versa). If global IPX filtering is enabled (access-controls), circuit IPX filters cannot be enabled (and vice versa).

The router examines each IPX frame to see if it matches an entry in the global filter list. It applies the first match, therefore the order of global filters is critical. The router examines IPX packets for the following criteria:

  1. Type of global filter (two types):
    1. Inclusive, indicating that if the packet matches the following criteria, forward it
    2. Exclusive, indicating that if the packet matches the following criteria, discard it
  2. Destination network - taken directly from the packet's IPX destination network field.
  3. Destination host - taken directly from the packet's IPX destination host field.
  4. Starting/Ending destination socket - taken directly from the packet's IPX destination socket field (not host field). (The socket number is the location within the protocol that binds the packet to an application service.)
  5. Source network - taken directly from the packet's IPX source network field.
  6. Source host - taken directly from the packet's IPX source host field.
  7. Starting/Ending source socket - taken directly from the packet's IPX source socket field.

The result of the following example would be to forward only those IPX packets from any client on IPX net 1871, destined for the NCP application, on the Novell File Server 0000 C93A 0912, on network 18730. All other traffic would be dropped.

IPX config>add access control
Enter type [E]? I
Destination network number (in hex) [ ]? 18730
Destination host number (in hex) [ ]? 0000C93A0912
Starting destination socket number (in hex) [ ]? 0451
Ending destination socket number (in hex) [ ]? 0451
Source network number (in hex) [ ]? 1871
Source host number (in hex) [ ]? 0
Starting source socket number (in hex) [ ]? 4000
Ending source socket number (in hex) [ ]? 7FFF
 

Global SAP Filters

Global SAP filters apply to all circuits. They can be used to prevent service advertising information from being propagated through the router. There are four primary reasons to use global SAP filters:

Note:None of these reasons explicitly mentions security. Global SAP filters cannot protect a service. All that SAP does is provide a name-to-address translation for services. If a potential intruder knows the address of the service, blocking its advertisement via global SAP filters will not protect the service. Only access controls can provide security.

The global SAP filter is based on setting a maximum hop count for a particular service, or group of services. Any matching service advertisement received with the specified hop count (or less) is accepted into the SAP table. Others are ignored. Only those services in the SAP database are re-advertised or used to answer queries.
Note:The router allows you to enter service names in 7-bit ASCII only. Some service names use binary data, in violation of Novell SAP specifications. You will not be able to filter those services by name.

A global SAP filter can apply to all services of a type. Novell assigns 4-digit hexadecimal type numbers for each type of service. Alternately, a global SAP filter can apply to one particular service of a type. This is done by specifying the name of the service.

There can be several servers of the same service type, each with a unique service name. In this case, you can configure multiple global SAP filters with the same service type to filter unique service names, or you can configure a single SAP filter which filters the service type for all service names (wildcard filter).

Creating Global SAP Filters

To configure global SAP filters:

  1. Enter add filter at the IPX Config> prompt. You must specify several key entries that are normally found in the SAP broadcasts:
    1. Number of hops. This entry indicates the hop count allowed for a SAP entry (if higher, discard).
    2. Service type
    3. Service name
  2. Enter set filter on at the IPX Config> prompt to enable the filter.

The following example shows the creation of a global SAP filter against a specific print server.

IPX config> add filter
Maximum number of hops allowed [1]? 2
Service type [4]? 0047
Optional service name [ ]? rem-ptr1
IPX config> set filter on

This global SAP filter causes the router to ignore SAP advertisements from any print server (service type 0047) named rem-ptr1 that is more than two hops away. The filter prevents the router from propagating advertisements that match these criteria.

Determining the Service Type for a Global SAP Filter

To determine the SAP type for a filter you want to establish, follow these steps:

  1. At the * prompt, enter talk 5. Then, at the + prompt, enter protocol ipx.

    At the IPX> prompt enter slist. Note the entry for the services you want to filter.

  2. At the * prompt, enter talk 6. Then, at the Config> prompt, enter protocol ipx. Add the appropriate global SAP filter and the appropriate hop count for the service you want to filter.
  3. After creating the filter, restart the router.
  4. If you have successfully filtered a service, it should no longer be listed. Check that the service is no longer listed by entering slist at the IPX> prompt.

IPX Circuit Filters - Overview

The IPX routing feature supports four types of circuit-based filters: ROUTER, RIP, SAP, and IPX. One input and one output filter can be defined per circuit. Filter criteria, referred to as items, are assembled into filter-lists and are then attached to the input and/or output filters. A filter-list can be attached to more than one filter. This prevents you from having to configure the same filter criteria on multiple circuits.
Note:The global filters and circuit filters are mutually-exclusive. If global SAP filtering is enabled, circuit SAP filters cannot be enabled (and vice versa). If global IPX filtering is enabled (access-controls), circuit IPX filters cannot be enabled (and vice versa).

Configuring IPX circuit Filters

To configure IPX circuit Filters:

  1. Create a filter-list and give it a name, using the create list command.
  2. Modify the filter-list using the update command and its subcommands to specify the filter criteria and whether this filter-list is inclusive or exclusive.
  3. Create a filter on the desired circuit using the create filter command, specifying whether it is an input or output filter.
  4. Enable IPX circuit filtering using the enable all command.
  5. Attach filter-lists to the filter using the attach command.
  6. Set the default action for the filter using the default command. The default action will be taken if no match is made on any of the attached filter-lists.

There are also commands to delete a filter on an IPX circuit, disable a filter on an IPX circuit (or all IPX circuits), detach a filter-list from a filter, move the filter-lists within the filter (because the filter-lists are ordered), list a filter, and set the size of the filter cache (for IPX Filtering only).

ROUTER Filtering

The ROUTER Filter operates on the IPX header of all received RIP response packets. Output ROUTER filtering is not supported. ROUTER filtering can be used to group individual IPX networks into several distinct IPX internets by controlling which routers are allowed to exchange routing information.

RIP ROUTER Filters are kept in ordered lists of items by circuit. The items are applied in order to each received RIP response packet. If a match is found, the action specified in the matching filter-list is performed (Exclude = discard packet, Include = receive packet for processing). Because Excluded packets are discarded, the information contained in their network entries is not entered into the RIP routing tables. If no match is found, the specified default filter action is performed.

RIP Filtering

The RIP filter operates on the network entries of RIP response packets. It can be used to control the extent to which routing information about selected networks is disseminated. As an input filter, this filter can prevent the storing of routing information about selected networks. This prevents all other networks from learning about the selected networks (at least through this router).

RIP filters (input) are kept in ordered lists of items by circuit. The items are applied in order to each network entry in each received RIP response packet. If a match is found, the action specified in the matching filter-list is performed (Exclude = ignore network entry, Include = process network entry). Because Excluded network entries are ignored, they are not entered into the RIP routing tables. If no match is found, the specified default filter action is performed.

As an output filter, this filter can prevent the advertising (as opposed to the storing) of routing information about selected networks. It prevents some (as opposed to all) networks from learning about the selected networks (at least through this router).

RIP filters (output) are kept in ordered lists of items by circuit. The items are applied in order to each network entry to be transmitted in a RIP response packet. If a match is found, the action specified in the matching filter-list is performed (Exclude = exclude network entry from packet, Include = include network entry in packet). This filter has no effect on the contents of the RIP routing tables. If no match is found, the specified default filter action is performed.

SAP Filtering

The SAP filter operates on the server entries of all SAP response packets. It can be used to control the extent to which information about services is disseminated, and can reduce the amount of SAP traffic on lower speed WANs.

As an input filter, this filter can prevent the storing of service information about selected servers. This prevents all other networks from learning about the selected servers (at least through this router).

SAP filters (input) are kept in ordered lists of items by circuit. The items are applied in order to each server entry in each received SAP response packet. If a match is found, the action specified in the matching filter-list is performed (Exclude = ignore server entry, Include = process server entry). Because Excluded server entries are ignored, they are not entered into the SAP services table. If no match is found, the specified default filter action is performed.

As an output filter, this filter can prevent the advertising (as opposed to the storing) of service information about selected servers. This prevents some (as opposed to all) networks from learning about the selected servers (at least through this router).

SAP filters (output) are kept in ordered lists of items by circuit. The items are applied in order to each server entry in each SAP response packet to be transmitted. If a match is found, the action specified in the matching filter-list is performed (Exclude = exclude server entry, Include = include server entry in packet). This filter has no effect on the contents of the SAP services table. If no match is found, the specified default filter action is performed.

IPX Filtering

The IPX Filter operates on the IPX header of IPX packets. It can be used to control the extent to which selected servers and workstations are allowed to communicate with other selected servers and workstations, based on source and destination network, node, and socket fields, as well as protocol type and hop count.

As an input filter, a match that indicates that the packet should be discarded prevents the packet from being transmitted on all circuits.

IPX Filters (input) are kept in ordered lists of items by circuit. The items are applied in order to each received IPX packet. If a match is found, the action specified in the matching filter-list is performed (Exclude = discard packet, Include = receive packet for processing or forwarding). If no match is found, the specified default filter action is performed.

As an output filter, the decision whether to forward the packet is made based on the output circuit, and therefore might allow a received packet to be forwarded out on one circuit but not out on some other circuit.

IPX filters (output) are kept in ordered lists of items by circuit. The items are applied in order to each IPX packet to be transmitted. If a match is found, the action specified in the matching filter-list is performed (Exclude = discard packet, Include = transmit packet). If no match is found, the specified default filter action is performed.

Because IPX filters are invoked for each received packet, it is recommended that they be used only where a high degree of specificity is required (that is, where the ROUTER, RIP and SAP filters cannot be used). Generally, the RIP filters deal with internetworking between all stations on a particular set of networks; the SAP filters control which servers are reachable by workstations throughout the internetwork; the IPX filters deal with internetworking between individual workstations (or individual applications on individual workstations).

"IPX circuit Circuit-Filter Configuration Commands" describes in more detail the commands used to configure IPX circuit Filters.

IPX Performance Tuning

The IPX router implements a dual path for packet forwarding, a fast path and a slow path, to route traffic more efficiently.

The fast path forwards only data packets, while a slower path handles administration packets, such as RIP and SAP packets. Fast path uses an address cache that enables the router to forward a packet quickly.

The slower routing table lookups are performed only during the creation of a cache entry. The cache has an aging mechanism that allows overflows to be dealt with intelligently. You can configure the cache size through the IPX configuration menu.

The IPX fast path cache includes two entries: local and remote. Each entry can handle the requirements of that type of addressing.

The cache commands are used to set a limit on the maximum number of entry types allowed in the cache.

Local Cache

The size of the local cache should equal the total number of clients on each router's local or client network plus a 10% buffer to prevent excessive purge requests. Using the example in Figure 27, router 5 (RTR R5) has 9 clients (C) plus the server (S) for a total of 10. Based on this total:

  1. Multiply by 10% (10 in our example).
  2. Add that total (1) to the client total (for a safety margin).
  3. Use the new total (11) for the number of local cache entries.

For example:

IPX config>set local-cache size
New IPX local node cache size [32]? 11

When all cache entries are in use, the least frequently used entries are purged.

Remote Cache

The size of the remote cache should equal the total number of remote networks used by the router plus a 10% buffer to prevent excessive purge requests. In Figure 27, there are 10 IPX networks that RTR R5 can read via IPX network 5. Therefore, RTR/R5 has a total of 10 clients. Based on this total:

  1. Multiply by 10% (10 in our example).
  2. Add that total (1) to the remote network total (10) for a safety margin.
  3. Use the new total (11) for the number of remote cache entries.

For example:

IPX config>set remote-cache size
New IPX remote network cache size [32]? 11

You can view the cache entries using the IPX monitoring sizes command.

IPX>sizes
Current IPX cache size:
Remote network cache size (max entries): 45
0 entries now in use
Local node cache size (max entries): 86
0 entries now in use

Figure 27. Sample IPX Network

View figure.

Split-Horizon Routing

Split-horizon is a method of routing that avoids broadcasting RIP and SAP updates to the router from which they were learned.

Generally, split-horizon should be enabled on every circuit to prevent packets from counting to infinity and to avoid unnecessary RIP and SAP advertisements. However, there are some cases, such as partially-meshed frame-relay, ATM, and X.25 configurations, where it may be necessary to disable split-horizon.

A Partially-meshed RFC 1483-Supported IPX Routing configuration is another case where it may be necessary to disable split-horizon.

In a partially-meshed frame-relay network, as shown in Figure 28, the routers at the branches cannot communicate with each other unless the router at headquarters broadcasts all routing information to all other routers. In this case, split-horizon should be disabled on the frame-relay circuit at headquarters, and enabled at each of the branches to keep them from generating unnecessary traffic.

Figure 28. Partially Meshed Frame-Relay Network

View figure.

If you do need to change the split-horizon setting, use the set split-horizon command as follows:

IPX Config>set split-horizon enabled
Which circuit [1]? 2
 
IPX Config>set split-horizon disabled
Which circuit [1]? 2
 
IPX Config>set split-horizon heuristic
Which circuit [1]? 2


[ Top of Page | Previous Page | Next Page | Table of Contents | Index ]