|
|
This chapter describes how to configure Banyan VINES and provides configuration examples. For a complete description of the VINES commands in this chapter, refer to the "Banyan VINES Commands" chapter in the Cisco IOS Apollo Domain, Banyan VINES, DECnet, ISO CLNS, and XNS Command Reference publication. To locate documentation of other commands that appear in this chapter, use the command reference master index or search online.
 |
Note Not all Cisco access servers support Banyan VINES. For more information, refer to the release notes for the current Cisco IOS release. |
VINES network-layer addresses are 48-bit addresses that consist of a network number (better described as a server number) and a subnetwork number (better described as a host number). In this document, VINES addresses are expressed in the format network:host.
The network number identifies a VINES logical network, which consists of a single server and a group of client nodes. The network number is 32 bits (4 bytes) long, and is the serial number of the service node. Figure 3 shows two logical networks: network 1 and network 2.
The subnetwork number is 16 bits (2 bytes) long. For service nodes, the subnetwork number is always 1. For client nodes, it can have a value from 0x8001 through 0xFFFE.
The following is an example of a VINES network address:
3000577A:0001
In this address, the server number (or more specifically, the serial number of the service node) is 3000577A and the host number is 0001, indicating that this is a service node. Both portions of the address are expressed in hexadecimal format.
To configure VINES routing, perform the tasks in the following sections.
See the "VINES Configuration Examples" section at the end of this chapter for configuration examples.
To configure VINES routing, perform the tasks in the following sections. Response to Address Resolution Protocol (ARP) requests and serverless support are enabled by default for VINES serverless networks.
To enable VINES routing on the router, use the following command in global configuration mode:
| Command | Purpose |
|---|---|
vines routing [address] | Enable VINES Routing Table Protocol (RTP) routing on the router. |
Enabling VINES routing on the router or access server starts the VINES RTP by default.
To enable Sequenced Routing Update Protocol (SRTP), use the following commands in global configuration mode:
| Command | Purpose | |
|---|---|---|
Step1 | vines routing [address] | Enable VINES RTP routing on the router. |
Step2 | vines srtp-enabled | Enable VINES SRTP routing on the router. |
For an example of how to enable VINES routing, see the "Typical VINES Network Configuration Example" section at the end of this chapter.
After you have enabled VINES on the router, enable it on each interface that will handle VINES traffic. When you enable VINES processing on a specified interface, you can optionally set the metric for that interface. The metric sets the distance to another router or client accessible through that interface. The routing table uses metrics to determine which interface provides the best routing path. If you do not specify a metric, the system automatically chooses a reasonable value that is based on the interface type. The metrics are chosen to match as closely as possible the numbers that a Banyan server would choose for the same type and speed of interface.
To enable VINES routing on an interface other than a serial interface, use the following command in EXEC configuration mode:
| Command | Purpose |
|---|---|
vines metric [whole [fractional]] | Enable VINES routing on an interface. |
To enable VINES routing on a serial interface, use the following commands in interface configuration mode:
| Command | Purpose | |
|---|---|---|
Step1 | show interface | Determine the bandwidth of the interface. |
Step2 | vines metric [whole [fractional]] | Enable VINES routing, explicitly setting the metric. |
For a list of metric values, refer to the "Banyan VINES Commands" chapter in the Cisco IOS ApolloDomain, Banyan VINES, DECnet, ISO CLNS, and XNS Command Reference publication.
You can route VINES on some interfaces and transparently bridge it on other interfaces simultaneously. To enable this type of routing, you must enable concurrent routing and bridging. To enable concurrent routing and bridging for the router, use the following command in global configuration mode:
| Command | Purpose |
|---|---|
bridge crb |
No special configuration is necessary for serverless Banyan VINES networks such as separate networks of clients and servers connected by routers. On serverless networks, the Cisco IOS software provides special processing for certain broadcast packets and certain packets directed at the router. This type of processing allows clients on the serverless network to find the services that are provided by a server on another network. This special processing is especially important when two networks, one with a server and one without a server, are connected to the same router.
Client systems on VINES networks are assigned network addresses dynamically. When a VINES client boots, it has no knowledge of its address or preferred server. Immediately after it initializes its hardware interface, the client sends a broadcast request asking a server to provide it with a network-layer address. One of our routers will respond to this broadcast request if there are no VINES servers on the physical network segment. The Cisco IOS software then assigns an address to the network client. (In previous releases, the software would not respond by default.) The software generates a unique network number for the client based on its own VINES address. If the software assigns an address to a client, the router or access server then acts as a network communication service provider for that client. A VINES file server must still be present somewhere on the network in order for the client to connect to all other network services.
For an example of how to configure VINES routing for various network topologies that include serverless networks, see the "Serverless Network Configuration Examples" section at the end of this chapter.
To control access to VINES networks, you create access lists and then apply them to filters on individual interfaces. An access list is a list of VINES network numbers that is maintained by the router. The list controls access to or from a particular interface. Access lists are useful for providing network security.
You can use the following two types of VINES access lists to filter routed traffic:
VINES has a third type of access list, called a simple access list, that restricts traffic based on source address and source address mask. This type of access list is used to decide from which stations to accept time and routing updates, not to filter traffic. Simple access lists have numbers from 201to300.
You can define the following three types of filters on VINES networks:
Remember these points when you configure VINES network access control:
To control access to the VINES network, first create an access list and then apply an access list to an interface.
To create a VINES access list, use one or more of the following commands in global configuration mode:
To apply a standard or extended access list to an interface, use the following command in interface configuration mode. Remember that you can apply only one access list to each interface.
| Command | Purpose |
|---|---|
vines access-group access-list-number |
For an example of how to create a VINES access list, see the "Access List Example" section at the end of this chapter.
To configure VINES network parameters, perform one or more of the tasks in the following sections:
You can choose a MAC-level encapsulation type for each Ethernet, Token Ring, and IEEE 802.2 interface. This controls the type of encapsulation used by the Cisco IOS software when sending broadcast packets.
To select an encapsulation type, use the following command in interface configuration mode:
| Command | Purpose |
|---|---|
vines encapsulation [arpa | snap | vines-tr] |
|
NoteYou should not use the vines encapsulation command with the current versions of VINES software. This command is provided for future interoperability when Banyan begins using encapsulation types other than the current default ones. |
By default, you enter VINES addresses as numerical values. Also, addresses are displayed numerically in the output of the show, ping, and trace commands. You can assign a host name to each VINES address. Names are easier to remember and type. Assigning a host name allows you to enter the name instead of the address, and it means that the name instead of the numeric address is displayed in output.
To assign a host name to a VINES network address, use the following command in global configuration mode:
| Command | Purpose |
|---|---|
vines host name address |
By default, VINES addresses are represented as hexadecimal numbers. This applies to both the input of addresses and the representation of addresses in output from the router. You can configure the Cisco IOS software to display addresses in decimal for consistency with Banyan network management displays.
Names are always preferred when printing addresses. If a name is not available, the address will be printed as a number in the base specified.
To display VINES addresses as decimal numbers, use the following command in global configuration mode:
| Command | Purpose |
|---|---|
vines decimal |
You can control the routing updates sent by the Cisco IOS software in the following ways:
|
NoteThe vines update interval command does not apply to the SRTP routing protocol. |
To control routing update frequency and propagation, use one or both of the following commands in interface configuration mode:
| Command | Purpose |
|---|---|
vines update interval seconds | |
vines update deltas |
|
NoteThe vines update deltas command does not apply to the SRTP routing protocol. |
To control the content of sent or received routing updates, or to control the source address of received routing updates, use one or more of the following commands in interface configuration mode:
To disable split horizon when generating regular periodic routing updates and to disable flash updates to indicate topology change for a changed route, use the following command in global configuration mode:
| Command | Purpose |
|---|---|
no vines enhancements |
To disable split horizon on networks that are not fully connected mesh interfaces like X.25 and Frame Relay, use the following command in interface configuration mode:
| Command | Purpose |
|---|---|
no vines split-horizon |
|
NoteFor routing updates only, when vines enhancements is enabled in global configuration mode by default, vines split-horizon is also enabled on the interface by default. In this case, if required, you can disable vines split-horizon on an interface like Frame Relay and X.25. When vines enhancements is disabled in global configuration mode, vines split-horizon for RTP routing updates is disabled on all interfaces; however, one may still see vines split-horizon as enabled on the VINES interface when show vines interface interface command is used. Split horizon remains enabled because vines split-horizon on individual VINES interfaces, in addition to controlling RTP updates, also controls whether retransmission of broadcasts is permitted on the receiving interface. |
|
NoteSRTP updates do not use split horizon. |
The VINES RTP sends several types of messages, including redirect messages. If the Cisco IOS software detects that a suboptimal path between two nodes is being used, it sends redirect messages to the nodes to indicate the better path.
To control the frequency of redirect messages on a specified interface, use the following command in interface configuration mode:
| Command | Purpose |
|---|---|
vines redirect [seconds] | Set the frequency of RTP and SRTP redirect messages. |
Fast switching allows higher throughput by switching packets using a cache created by previous packets. Fast switching also provides load sharing on a per-packet basis. Fast switching is enabled by default on all interfaces on which it is supported.
Packet transfer performance is generally better when fast switching is enabled. However, you might want to disable fast switching in order to save memory space on interface cards and to help avoid congestion when high-bandwidth interfaces are writing large amounts of information to low-bandwidth interfaces.
To disable fast switching on an interface, use the following command in interface configuration mode:
| Command | Purpose |
|---|---|
no vines route-cache |
Banyan VINES servers synchronize time across the entire network by sending zero-hop and two-hop broadcast messages. The Cisco IOS software can process and generate time-synchronization messages. It can also retrieve the local time and place it into the VINES time system (which is most useful when running Network Time Protocol (NTP) locally) and can use the VINES time system to set a local clock. It is also possible to provide the software with a list of up to 20 destinations for time messages.
To set the VINES network time, use one or more of the following commands in global configuration mode:
For an example of how to set VINES time, see the "Time-of-Day Service Example" section at the end of this chapter.
VINES single route maintains a single route to the server. VINES single route can be enabled at any time after VINES routing has been enabled. If a VINES connection experiences slow performances due to low window size or cannot handle out-of-sequence packets, enable VINES single route. To set VINES single route on the router, use the following command in global configuration mode:
| Command | Purpose |
|---|---|
vines single-route | Enable VINES single route to maintain a single route to the server. |
VINES uses the RTP to determine the best path when several paths to a destination exist. RTP then dynamically updates the routing table. However, you might want to add static routes to the routing table to explicitly specify paths to certain destinations.
The decision to use a static route or a dynamic route is always determined by the relative metric numbers. Be careful when assigning static routes. If a static route is assigned with a better metric than the dynamic routes, and the links associated with the static routes are lost, traffic may stop being forwarded, even though an alternative route might be available.
To add a static route to the routing table, use the following command in global configuration mode:
| Command | Purpose |
|---|---|
vines route number address [whole [fractional]] |
You can configure static routes that can be overridden by dynamically learned routes. These types of static routes are referred to as floating static routes. You can use a floating static route to create a path of last resort that is used only when no dynamic routing information is available.
To avoid the possibility of a routing loop occurring, by default, floating static routes are not redistributed into other dynamic protocols. Floating static routes must not be advertised on interfaces that are paths to the destination. To configure a floating static route, assign a metric to the static route that is worse (higher) than all dynamic routes.
To add a floating static route to the routing table, use the following command in global configuration mode:
| Command | Purpose |
|---|---|
vines route number address [whole [fractional]] |
You can specify static paths to neighbor stations on the network. Specifying static paths in this way is useful for testing VINES networks with test equipment that does not generate hello packets.
To add a static path to a neighbor station, use the following command in interface configuration mode:
| Command | Purpose |
|---|---|
vines neighbor address mac-address encapsulation [whole [fractional]] | Add a static path to the neighbor station. |
Normally, the Cisco IOS software decides whether to forward a broadcast packet on an interface based on the presence of local servers and on the settings of both the "hop count" and "class" fields of the VINES IP header. If there are any local servers present, the software follows the normal rules of VINES IP and forwards the broadcast after examining both the "hop count" and "class" fields. If no local servers are present, then the "class" field is ignored when making the forwarding decision. You can override this default behavior in either of two ways. The first override is to have the software always ignore the "class" field and make the broadcast forwarding decision solely based on hop count. The second override is to have the software never ignore the "class" field and always make the broadcast forwarding decision based upon both the "class" and "hop count" fields.
To have the software modify how it forwards broadcast packets, use one of the following commands in interface configuration mode:
You can configure VINES over X.25, Frame Relay, and SMDS networks by configuring the address mappings as described in the appropriate chapter of the Cisco IOS Wide-Area Networking Configuration Guide. You can also configure VINES over HDLC and PPP; address maps are not necessary for these two protocols. You can fast switch VINES over serial interfaces configured for HDLC, FrameRelay, PPP, Switched Multimegabit Data Service (SMDS), and ATM.
Banyan VINES can be routed over virtual LAN (VLAN) subinterfaces using the Inter-Switch Link (ISL) encapsulation protocol. Full-feature Cisco IOS software is supported on a per-VLAN basis, allowing standard Banyan VINES capabilities to be configured on VLANs. Refer to the Cisco IOS SwitchingServices Configuration Guide for detailed information about configuring Banyan VINES over ISL between virtual LANs.
To monitor and maintain a VINES network, use one or more of the following commands in EXEC mode:
| Command | Purpose |
|---|---|
clear vines cache [interface interface | neighbor address |server network | counters] | |
clear vines ipc number | Delete VINES IPC connection blocks from the router. |
clear vines neighbor {address | *}
| |
clear vines route {network | *}
| |
clear vines traffic | Zero the VINES-related traffic statistics displayed by the showvines traffic command. |
ping vines [address] | |
show vines access [access-list-number] | |
show vines cache [address | interface type number | neighboraddress | server network] | Display the contents of the VINES fast-switching cache table. |
show vines host [name] | |
show vines interface [type number] | |
show vines ipc | Display information about any currently active IPC connections. |
show vines neighbor [address | interface type number | servernumber] | |
show vines route [number | neighbor address | metric] | |
show vines service [fs | nsm | ss | vs] | Display information about the application layer support of the router. |
show vines traffic [type number] | |
trace [vines | oldvines] [address] | Determine the path a packet takes when traversing a VINES network. |
If you find that two routers have the same VINES network address, you can have the routers dynamically recompute their addresses. To recompute the addresses on each of the two routers, use the following command in global configuration mode:
| Command | Purpose |
|---|---|
vines routing recompute address |
Use the configuration examples in the following sections to help in configuring VINES routing on your network:
Figure 4 illustrates how to configure a simple VINES network.
The following example shows how to configure Routers A and B:
vines routing ! interface ethernet 0 vines metric 2 ! interface ethernet 1 vines metric 2
The following examples show how to configure VINES routing for various network topologies that include serverless networks. The first example illustrates how to configure a simple serverless network (see Figure 5). Note that this configuration is no longer any different from the configuration of a network that has servers.
Configuration for Router A
vines routing ! interface ethernet 0 vines metric 2 ! interface serial 0 vines metric 45
Configuration for Router B
vines routing ! interface ethernet 0 vines metric 2 ! interface serial 0 vines metric 45
The configuration in Figure 6 has an X.25 interface instead of an HDLC serial line, and it also has multiple versions of VINES software running simultaneously. Again, note that there is no longer any difference from the configuration of a network that has servers.
Configuration for Router A
vines routing ! interface ethernet 0 vines metric 2 ! interface serial 0 vines metric 55
Configuration for Router B
vines routing ! interface ethernet 0 vines metric 2 ! interface serial 0 vines metric 55
The configuration in Figure 7 has a FDDI interface instead of a serial line. It also has the servers for the different VINES versions on different physical networks and has a requirement that the clients be able to run any VINES version.
The best way to configure this topology is shown in the following configuration:
Configuration for Router A
vines routing ! interface ethernet 0 vines metric 2 vines serverless broadcast ! interface fddi 0 vines metric 1
Configuration for Routers B and C
vines routing ! interface ethernet 0 vines metric 2 ! interface fddi 0 vines metric 1
The broadcast keyword on the vines serverless command on server A causes it to forward packets onto the FDDI ring as broadcasts, instead of sending them to either Router B or Router C. Forwarding packets onto the FDDI ring as broadcasts allows the default serverless processing on both routers to forward the frame from the FDDI ring to the Ethernet network.
Figure 8 illustrates how to configure an access list that filters all packets between two VINES servers. For this example, the servers in the upper-left and lower-right corners are configured.
The following example shows how to configure Router B:
vines routing vines access-list 1 deny IP 274113:1 0:0 274111:1 0:0 vines access-list 1 permit IP 0:0 FFFFFFFF:FFFF 0:0 FFFFFFFF:FFFF ! interface ethernet 0 vines metric 2 vines access-group 1 ! interface fddi 0 vines metric 1
The first line in the access list prohibits any communication between the two servers, and the second line allows all other communication to pass through the router.
The following example shows how to only allow mail traffic between these two servers. Port 4 is the VINES Mail port.
vines routing vines access-list 101 permit IPC 274113:1 0:0 0 FFFF 274111:1 0:0 4 0 vines access-list 101 permit IPC 274111:1 0:0 4 0 274113:1 0:0 0 FFFF vines access-list 101 deny IP 274111:1 0:0 274113:1 0:0 vines access-list 101 permit IP 0:0 FFFFFFFF:FFFF 0:0 FFFFFFFF:FFFF ! interface ethernet 0 vines metric 2 vines access-group 101 ! interface fddi 0 vines metric 1
The first line in the access list allows mail messages being sent from the server in the lower-right to the server in the upper-left. The second line allows mail messages in the other direction. The third line prohibits all other communication between these two servers. The last line allows all other communication to pass through the router.
The following example, using the configuration shown in Figure 8, shows how to configure the "time of day" support in a VINES network. Router C also is configured as an NTP server and will provide time to the VINES network.
Configuration for Routers A and B
vines routing ! interface ethernet 0 vines metric 2 ! interface fddi 0 vines metric 1 ! vines access-list 201 permit 30001234:1 0:0 vines access-list 201 deny 0:0 FFFFFFFF:FFFF vines time access-group 201 vines time participate vines time set-system
Configuration for Router C
vines routing ! interface ethernet 0 vines metric 2 ! interface fddi 0 vines metric 1 ! ntp peer 128.9.2.129 vines time participate vines time use-system
The access list on Routers A and B is not necessary. This access list prevents the routers from learning the time from anyone other than Router C. Learning the time from only router C is not very important because each time message from Router C will override any time that has been previously learned (due to the vinestime use-system command).
Posted: Mon Jul 17 13:16:20 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.