From: Jonathan V Hays (jhays@jtan.com)
Date: Tue Jul 15 2003 - 17:10:00 GMT-3
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> Behalf Of Jonathan V Hays
> Sent: Tuesday, July 15, 2003 7:42 AM
> To: 'Snow, Tim'
> Cc: ccielab@groupstudy.com
> Subject: RE: Ethernet-to-Ethernet DLSW ICANREACH
>
>
> Well, you are right that we are all just talking theory. And
> admittedly
> the Doc CD is full of errors so we can't believe that source either.
>
> We need to configure a real-world workstation-to-workstation scenario
> and post some actual results. Otherwise it's all talk.
>
> Anyone got a pair of NetBEUI workstations, one with TR and one with
> ethernet?
I was still puzzling about this so I decided to experiment a bit. I
generated a single NetBEUI ethernet workstation and connected it to a
router - not the full test bed.
I found out one thing for sure: the IOS bridge function ("sh bridge")
sees the ethernet mac address as canonical and the DLSW function ("sh
dlsw reachability") sees the same mac address as non-canonical (see
below for output). IOS is clearly converting the ethernet address to
non-canonical format for use in DLSW.
I personally am planning to stick with manual conversion of ethernet mac
addresses to non-canonical format before typing them into a DLSW filter,
until someone can prove otherwise.
I am still not clear on a test procedure to prove which format
(canonical vs. noncanonical) will cause correct operation of DLSW
filtering. I think I would need two workstations, though. Can anyone
suggest a good procedure?
See below for what I found (it's long and inconclusive).
-Jonathan
----------
=== The ASCII "schematic" follows:
r1-e0-e0-r2-e1-NetBEUI workstation
R1:
dlsw local-peer peer-id 10.1.1.1
dlsw remote-peer 0 tcp 10.1.1.2
dlsw bridge-group 1
!
interface Ethernet0
ip address 10.1.1.1 255.255.255.252
!
bridge 1 protocol ieee
R2:
dlsw local-peer peer-id 10.1.1.2
dlsw remote-peer 0 tcp 10.1.1.1
dlsw bridge-group 1
!
interface Ethernet0
ip address 10.1.1.2 255.255.255.252
!
interface Ethernet1
no ip address
bridge-group 1
!
bridge 1 protocol ieee
----------
=== This gives the mac address of the workstation:
C:\>net config workstation
Computer name \\NETBEUI-TEST
User name Administrator
Workstation active on Nbf_Fa3101 (00A0CCD6CD91)
Software version Windows NT 4.0
Workstation domain WORKGROUP
Logon domain NETBEUI-TEST
COM Open Timeout (sec) 3600
COM Send Count (byte) 16
COM Send Timeout (msec) 250
The command completed successfully.
C:\>
----------
=== Let's convert the workstation's address to non-canonical:
Ethernet canonical mac address is: 00A0CCD6CD91
or as Cisco shows it: 00A0.CCD6.CD91
Manual byte-by-byte conversion to non-canonical:
00 -> 00
A0 -> 05
CC -> 33
D6 -> 6B
CD -> B3
91 -> 89
as Cisco shows it: 0005.336B.B389
----------
=== The "show bridge" command on R2 verifies that the
router sees the NetBEUI workstation. Note that the
mac address is shown in canonical format.
r2#sh bridge 1
Total of 300 station blocks, 299 free
Codes: P - permanent, S - self
Bridge Group 1:
Address Action Interface Age RX count TX count
00a0.ccd6.cd91 forward Ethernet1 0 1 0
r2#
----------
=== Let's use the "sh dlsw reachability" command
to see how it looks to DLSW:
r2#sh dlsw reachability
DLSw Local MAC address reachability cache list
Mac Addr status Loc. port rif
0005.336b.b389 FOUND LOCAL TBridge-001 --no rif--
DLSw Remote MAC address reachability cache list
Mac Addr status Loc. peer
DLSw Local NetBIOS Name reachability cache list
NetBIOS Name status Loc. port rif
NETBEUI-TEST FOUND LOCAL TBridge-001 --no rif--
DLSw Remote NetBIOS Name reachability cache list
NetBIOS Name status Loc. peer
r2#
=== This is the workstation mac address but IOS has
converted it to non-canonical for use in DLSW.
----------
=== We can verify on R1:
r1#sh dlsw reach
DLSw Local MAC address reachability cache list
Mac Addr status Loc. port rif
DLSw Remote MAC address reachability cache list
Mac Addr status Loc. peer
0005.336b.b389 FOUND REMOTE 10.1.1.2(2065)
DLSw Local NetBIOS Name reachability cache list
NetBIOS Name status Loc. port rif
DLSw Remote NetBIOS Name reachability cache list
NetBIOS Name status Loc. peer
NETBEUI-TEST FOUND REMOTE 10.1.1.2(2065)
r1#
----------
=== Now let's configure "dlsw icanreach" using
the canonical address of the workstation
(which is given by "show bridge"):
r2#
r2#sh bridge
Total of 300 station blocks, 299 free
Codes: P - permanent, S - self
Bridge Group 1:
Address Action Interface Age RX count TX count
00a0.ccd6.cd91 forward Ethernet1 2 8 0
r2#
r2#sh run | include dlsw icanreach
dlsw icanreach mac-exclusive
dlsw icanreach mac-address 00a0.ccd6.cd91 mask ffff.ffff.ffff
r2#
=== (I cleared the reachability caches on both routers.)
r2#sh dlsw reachability
DLSw Local MAC address reachability cache list
Mac Addr status Loc. port rif
DLSw Remote MAC address reachability cache list
Mac Addr status Loc. peer
DLSw Local NetBIOS Name reachability cache list
NetBIOS Name status Loc. port rif
NETBEUI-TEST FOUND LOCAL TBridge-001 --no rif--
DLSw Remote NetBIOS Name reachability cache list
NetBIOS Name status Loc. peer
r2#
----------
=== Let's go over to the remote router (R1) and take a look:
r1#sh dlsw reachability
DLSw Local MAC address reachability cache list
Mac Addr status Loc. port rif
DLSw Remote MAC address reachability cache list
Mac Addr status Loc. peer
0005.336b.b389 FOUND REMOTE 10.1.1.2(2065)
00a0.ccd6.cd91 UNCONFIRM REMOTE 10.1.1.2(2065)
DLSw Local NetBIOS Name reachability cache list
NetBIOS Name status Loc. port rif
DLSw Remote NetBIOS Name reachability cache list
NetBIOS Name status Loc. peer
NETBEUI-TEST FOUND REMOTE 10.1.1.2(2065)
=== The remote DLSW workstation shows both mac addresses.
----------
=== The capabilities exchange shows the "icanreach" address
that we are advertising on R2:
r1#sh dlsw capability
^
% Invalid input detected at '^' marker.
r1#sh dlsw capabilit
DLSw: Capabilities for peer 10.1.1.2(2065)
vendor id (OUI) : '00C' (cisco)
version number : 2
release number : 0
init pacing window : 20
unsupported saps : none
num of tcp sessions : 1
loop prevent support : no
icanreach mac-exclusive : yes
icanreach netbios-excl. : no
reachable mac addresses : 00a0.ccd6.cd91 <mask ffff.ffff.ffff>
reachable netbios names : none
V2 multicast capable : yes
DLSw multicast address : none
cisco version number : 1
peer group number : 0
peer cluster support : no
border peer capable : no
peer cost : 3
biu-segment configured : no
UDP Unicast support : yes
Fast-switched HPR supp. : no
NetBIOS Namecache length : 15
local-ack configured : yes
priority configured : no
cisco RSVP support : no
configured ip address : 10.1.1.2
peer type : conf
version string :
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-JOS56I-L), Version 12.1(19), RELEASE
SOFTWARE (fc1)
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Tue 04-Mar-03 14:46 by kellythw
r1#
----------
=== Back on R2, let's remove the canonical mac address and
change it to non-canonical format in our icanreach:
r2(config)#no dlsw icanreach mac-address 00a0.ccd6.cd91 mask
ffff.ffff.ffff
r2(config)#dlsw icanreach mac-address 0005.336b.b389
r2(config)#^Z
01:07:59: %SYS-5-CONFIG_I: Configured from console by console
r2#sh run | include dlsw icanreach
dlsw icanreach mac-exclusive
dlsw icanreach mac-address 0005.336b.b389 mask ffff.ffff.ffff
r2#
----------
=== Let's look at the remote reachability cache on R1:
r1#sh dlsw reachability
DLSw Local MAC address reachability cache list
Mac Addr status Loc. port rif
DLSw Remote MAC address reachability cache list
Mac Addr status Loc. peer
0005.336b.b389 UNCONFIRM REMOTE 10.1.1.2(2065)
DLSw Local NetBIOS Name reachability cache list
NetBIOS Name status Loc. port rif
DLSw Remote NetBIOS Name reachability cache list
NetBIOS Name status Loc. peer
r1#
=== Strangely, it still says UNCONFIRM for the incanreach
mac address.
######## "debug all" on R2 during "net view"
Log Buffer (4096 bytes):
01:24:28: CLSI event: major 4, minor 0 UDATA_STN.Ind to uSAP:
0x58D598 sel: LLC hlen: 32, dlen: 79
01:24:28: DLSW Received-ctlQ : CLSI Msg : UDATA_STN.Ind dlen: 79
01:24:28: CSM: Received CLSI Msg : UDATA_STN.Ind dlen: 79 from DLSw
Port0
01:24:28: CSM: smac 0005.336b.b389, dmac c000.0000.0080, ssap F0, dsap
F0
01:24:28: CSM: Received frame type NETBIOS NAME_QUERY from
0005.336b.b389, DL0
01:24:28: DLSw: peer_put_bcast() to non-grouped peer 10.1.1.1(2065)
01:24:28: UDP: sent src=10.1.1.2(0), dst=10.1.1.1(2067), length=179
01:24:28: IP: s=10.1.1.2 (local), d=10.1.1.1 (Ethernet0), len 179,
sending
01:24:28: CLSI event: major 4, minor 0 UDATA_STN.Ind to uSAP:
0x58D598 sel: LLC hlen: 32, dlen: 79
01:24:28: DLSW Received-ctlQ : CLSI Msg : UDATA_STN.Ind dlen: 79
01:24:28: CSM: Received CLSI Msg : UDATA_STN.Ind dlen: 79 from DLSw
Port0
01:24:28: CSM: smac 0005.336b.b389, dmac c000.0000.0080, ssap F0, dsap
F0
01:24:28: CSM: Received frame type NETBIOS NAME_QUERY from
0005.336b.b389, DL0
01:24:29: CLSI event: major 4, minor 0 UDATA_STN.Ind to uSAP:
0x58D598 sel: LLC hlen: 32, dlen: 79
01:24:29: DLSW Received-ctlQ : CLSI Msg : UDATA_STN.Ind dlen: 79
01:24:29: CSM: Received CLSI Msg : UDATA_STN.Ind dlen: 79 from DLSw
Port0
01:24:29: CSM: smac 0005.336b.b389, dmac c000.0000.0080, ssap F0, dsap
F0
01:24:29: CSM: Received frame type NETBIOS NAME_QUERY from
0005.336b.b389, DL0
01:24:30: DLSw: peer_put_bcast() to non-grouped peer 10.1.1.1(2065)
01:24:30: UDP: sent src=10.1.1.2(0), dst=10.1.1.1(2067), length=179
01:24:30: IP: s=10.1.1.2 (local), d=10.1.1.1 (Ethernet0), len 179,
sending
r2#t
########
remove dlsw icanreach
######## "debug all" on R2 during "net view"Log Buffer (4096 bytes):
01:27:49: IP: s=10.1.1.1 (Ethernet0), d=10.1.1.2 (Ethernet0), len 52,
rcvd 3
01:27:49: tcp0: I ESTAB 10.1.1.1:2065 10.1.1.2:11006 seq 355275926
DATA 12 ACK 4247282490 PSH WIN 19971
01:27:49: TCPDRV590A78: readf 12 bytes (Thresh 4)
01:27:49: DLSw: START-TPFSM (peer 10.1.1.1(2065)): event:DLX-KEEPALIVE
REQ state:CONNECT
01:27:49: DLSw: dtp_action_q() keepalive request from peer
10.1.1.1(2065)
01:27:49: TCPDRV590A78: send 167670 (len 12) queued, max 200 size 1
01:27:49: DLSw: Keepalive Response sent to peer 10.1.1.1(2065))
01:27:49: DLSw: END-TPFSM (peer 10.1.1.1(2065)): state:CONNECT->CONNECT
01:27:49: tcp0: O ESTAB 10.1.1.1:2065 10.1.1.2:11006 seq 4247282490
ACK 355275938 WIN 20432
01:27:49: TCPDRV590A78: output pak 167670 (len 12) inpipe: y (12)
01:27:49: tcp0: O ESTAB 10.1.1.1:2065 10.1.1.2:11006 seq 4247282490
DATA 12 ACK 355275938 PSH WIN 20432
01:27:49: IP: s=10.1.1.1 (Ethernet0), d=10.1.1.2 (Ethernet0), len 40,
rcvd 3
01:27:49: tcp0: I ESTAB 10.1.1.1:2065 10.1.1.2:11006 seq 355275938
ACK 4247282502 WIN 19959
01:27:51: CLSI event: major 4, minor 0 UDATA_STN.Ind to uSAP:
0x58D598 sel: LLC hlen: 32, dlen: 79
01:27:51: DLSW Received-ctlQ : CLSI Msg : UDATA_STN.Ind dlen: 79
01:27:51: CSM: Received CLSI Msg : UDATA_STN.Ind dlen: 79 from DLSw
Port0
01:27:51: CSM: smac 0005.336b.b389, dmac c000.0000.0080, ssap F0, dsap
F0
01:27:51: CSM: Received frame type NETBIOS NAME_QUERY from
0005.336b.b389, DL0
01:27:51: DLSw: peer_put_bcast() to non-grouped peer 10.1.1.1(2065)
01:27:51: UDP: sent src=10.1.1.2(0), dst=10.1.1.1(2067), length=179
01:27:51: IP: s=10.1.1.2 (local), d=10.1.1.1 (Ethernet0), len 179,
sending
01:27:51: CLSI event: major 4, minor 0 UDATA_STN.Ind to uSAP:
0x58D598 sel: LLC hlen: 32, dlen: 79
01:27:51: DLSW Received-ctlQ : CLSI Msg : UDATA_STN.Ind dlen: 79
01:27:51: CSM: Received CLSI Msg : UDATA_STN.Ind dlen: 79 from DLSw
Port0
01:27:51: CSM: smac 0005.336b.b389, dmac c000.0000.0080, ssap F0, dsap
F0
01:27:51: CSM: Received frame type NETBIOS NAME_QUERY from
0005.336b.b389, DL0
01:27:52: CLSI event: major 4, minor 0 UDATA_STN.Ind to uSAP:
0x58D598 sel: LLC hlen: 32, dlen: 79
01:27:52: DLSW Received-ctlQ : CLSI Msg : UDATA_STN.Ind dlen: 79
01:27:52: CSM: Received CLSI Msg : UDATA_STN.Ind dlen: 79 from DLSw
Port0
01:27:52: CSM: smac 0005.336b.b389, dmac c000.0000.0080, ssap F0, dsap
F0
01:27:52: CSM: Received frame type NETBIOS NAME_QUERY from
0005.336b.b389, DL0
01:27:53: DLSw: peer_put_bcast() to non-grouped peer 10.1.1.1(2065)
01:27:53: UDP: sent src=10.1.1.2(0), dst=10.1.1.1(2067), length=179
01:27:53: IP: s=10.1.1.2 (local), d=10.1.1.1 (Ethernet0), len 179,
sending
r2#
#####
This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:40 GMT-3