EaStMAN MOC: Addressing and Routing ....

MOC: Addressing and Routing Plan for EaStMAN Phase I and II

Edinburgh University Computing Service

Author:   Sam Wilson/George Howat
Version:  1.9, 28/8/97    GH: - tweaked description of initial router
                                config for non-FDDI ring routers

Version History

Abstract

This document contains a description of the protocol requirements and addressing issues for the Phase I and II EaStMAN network: IP (for SuperJANET access as well as on the MAN), IPX and AppleTalk. The necessary configuration items are shown and descriptive command sequences are given to aid in understanding the configuration files.

The possible consequences of attaching an institution at multiple points on the Phase II network are also indicated.

1. IP routing

1.1 Router IP addresses

The MAN FDDI interfaces on the routers have the following IP addresses, DNS names and autonomous numbers:

Ed Old College	   194.81.56.65		oc2.ed.eastman.net.uk		60001
Ed Pollock	   194.81.56.66		ph2.ed.eastman.net.uk		60002
Ed New College	   194.81.56.67		nc2.ed.eastman.net.uk		60003
MHIE Cramond	   194.81.56.77		gw2.mhie.eastman.net.uk 	60011
MHIE Holyrood	   194.81.56.78		gw1.mhie.eastman.net.uk 	60010
ECA Grassmarket	   194.81.56.81		gw1.eca.eastman.net.uk		60020
ECA Lauriston	   194.81.56.82		gw2.eca.eastman.net.uk		60021
QMC Leith Links    194.81.56.10		gw2.qmced.eastman.net.uk	60031
QMC Corstorphine   194.81.56.94		gw1.qmced.eastman.net.uk	60030
Napier Merchiston  194.81.56.97		me1.napier.eastman.net.uk	60040
Napier Sighthill   194.81.56.98		si1.napier.eastman.net.uk	60041
Heriot-Watt	   194.81.56.110	gw1.hw.eastman.net.uk		3198
SuperJANET	   194.81.56.126	gw1.sj.eastman.net.uk		786

Note changes from previous issue for gw2.mhie and gw2.qmced.

The IP addresses are not selected in an arbitrary fashion, the partitioning allows various options for future expansion.

The netmask is 255.255.255.0 but the choice of addresses above allows scope to change this later if necessary, e.g. to 255.255.255.192 or into even smaller subnets. The exact basis for the allocation is given as an Appendix.

An example of the cisco 4500/4700 configuration commands for the FDDI interface on the Old College router is:

        description --- MAN FDDI interface at Old College
        interface fddi0
        ip address 194.81.56.65 255.255.255.0

The IP addresses of the interfaces connecting to site LANs are of course assigned according to local policy using similar commands for the various ethernet etc interfaces (eth0, eth1, ... fddi1)

Note also the MAN autonomous numbers. Two of these, Heriot-Watt and SuperJANET are the particular values previously in use on those networks.

1.2 Site IP addresses

In the IP routing model adopted, each institution has it's own IP network address or set of addresses. In particular this implied that Moray House and the College of Art needed to discontinue their use of part of the Heriot-Watt Class B address and use their own sets of Class C addresses.

In Phase I of the MAN, Edinburgh and Napier each have a Class B address split across the MAN. Edinburgh's setup is covered under `Site Routing' below, and Napier needed to re-address one half of their bridged central network to change to using the MAN. (Note: done at 23rd August.) In Phase II, it seems likely that QMC will become attached to the MAN at two sites. This implies that they will have to re-address part of their network, since the internal structure of their network becomes relevant to the IP subnetting at that time.

NOTE: the QMC situation is generally true when an institution becomes multiply attached to the MAN.

1.3 MAN Routing

The MAN routing protocol employed is EBGP4.

Version 4 of BGP includes explicit netmasks for classless routing which allows the Ed and Napier Class B networks to be split across the MAN. The `E....' means external and refers to a particular way of configuring the protocol. Each site is assigned a fake Autonomous System (AS) number shown in the Table, and peers with one or more other routers acting as route servers. The Edinburgh, SuperJANET and Heriot-Watt routers have been co-opted as the route servers.

NOTE: The SuperJANET SMDS service uses BGP in the same way as this, and it also has the advantages that it gives us a high degree of control over the way routing is handled. It is also vendor independent.

1.4 Site Routing

Single-site Institutions are simple to configure in routing terms - the MAN router need only inject a default route into the site's routing protocol (if any).
At Napier, where the site routers were relatively unsophisticated (Unix and Novell servers) the same approach was initially taken. With the introduction of more sophisiticated kit the decision was taken to announce default and all subnets of the Class B between sites.
At Edinburgh the basic connectivity between New College, Pollock and the main campus network can be handled in the same way. Provision of the backup of the SuperJANET service on the MAN (using Edinburgh fibre between Kings Buildings and Old College) and the Edinburgh backup via the SuperJANET router is the subject of ongoing study.

2. Novell IPX

Both Edinburgh and Napier require Novell IPX services across the MAN.

The IPX network number will be C25138. This is the first three bytes of the MAN IP network address expressed in hexadecimal and is therefore compatible with Novell's worldwide network number registry.

The currently preferred method is to use a native FDDI encapsulation for IPX (default for Cisco FDDI is SNAP encoding - Fddi_Snap in Novell-speak) but to use Cisco's EIGRP rather than IPX RIP and SAP to carry routing and service information. Edinburgh and Napier will run EIGRP with different Autonomous System numbers which will effectively partition the MAN IPX network into two separate and disconnected domains.

This scheme has worked well but there are several levels of fallback from this position should problems have arisen during testing and implementation:

using different IPX encapsulations on the MAN; or
using encapsulation of IPX in IP rather than native;
using either the routers or Novell servers to do the encapsulation.

3. AppleTalk

Edinburgh and Napier both carry AppleTalk across the MAN, and it was intended to use the same approach as for Novell IPX, Section 2, namely to use Cisco's EIGRP. Unfortunately EIGRP works differently for AppleTalk from IPX (and IP) with the AS numbers simply identifying different routers which all talk to each other rather than different and partitioned groups of routers. AppleTalk is therefore encapsulated in IP at the MAN routers and tunnelled. Since there is relatively little AppleTalk traffic the extra load on the routers caused by tunnelling is not significant.

4. Other protocols

No requirements for other protocols have been identified in Phase I except for Edinburgh: to provide backup of DECnet and possibly bridging between Old College and the SuperJANET router. This is the subject of negiotiations between Edinburgh and the JIPS NOSC. It is intended to engineer any solution so as not to prejudice other sites' MAN traffic.

In Phase II where it seems that QMC may become multiply connected to the MAN, there is a possible need to carry DECnet Phase IV and some bridged traffic across the MAN. Whilst this requires a little further study, it seems likely that a solution will involve encapsulation of bridged traffic using Cisco's GRE protocol, but it may be possible to carry separate DECnet domains on the MAN simply by making sure that different area numbers are used and that none of the MAN routers is configured as a level-2 (inter-area) router.

Both Edinburgh College of Art and Moray House have plans in Phase II to attach their other campuses, Lauriston and Cramond, respectively. This will not cause any major upheaval as at QMC and Napier, since they will ensure that in the implementation of their Phase I addressing changes, they will be able to assign different subnet groups to each campus.

6. Further Configuration Items

Some further items which are specified:

hostname Each router is given a convenient name for identification and documentation. These are shown as the little-end of the fully qualified EaStMAN name in the Table. For example, for Old College:

        hostname oc2.ed

snmp-server community This must be set to a known to a specific value for use by the network management system(s) on the MAN. To aid in auto discovery, the read-only value ""public" is used. The configuration of the IP addresses of hosts which will receive snmp traps is also required:

                snmp-server community public RO
                snmp-server host 129.215.166.18 snmp

The address 129.215.166.18 is the address of the NMS system employed by the MOC to monitor the network. Note also that on the cisco routers we can easily restrict access to a list of IP addresses on the MAN. This may be a desireable condition.

boot host At 26rd August 1995, the files and systems required to boot the router currently reside in the Edinburgh EdLAN network. For example, at gw1.qmced we have:

    boot host /edlan/eastman/gw1.qmced 129.215.38.17
    boot host /edlan/eastman/gw1.qmced 129.215.166.17

Note the change from previous issues of the document - routers are in the process of being updated as reconfiguration is required.

This command is issued twice (can be more) to supply a list of possible sources for the boot file. An example might be: the MOC NMS, a backup system, a system local on the site. Each site wishing to take the responsibility for the host file needs to nominate a potential host for this service, the requirements are to support the tftp file transfer protocol employed by the router while booting from the network. If wishing to do this locally, then please inform the MOC for discussion - there are security issues involved in this procedure.

7. Starting Configuration

In order to begin using the 4500/4700 on the MAN, it is necessary to configure the router with some minimal information. Edinburgh have created a configuration file in which the main features for each router have been preset, but starting up from scratch needs personal attention - in particular, the site will opt for an interface over which to perform the basic download.

An outline of this process follows:

WHILE THE POWER TO THE 4500/4700 IS OFF, attach the fibre path cables or ethernet cables to the appropriate ports and interface. NOTE: take the usual safety precautions when dealing with laser equipment for both the terminating unit and the router.
Attach a terminal to the console port on the router, and power up. If there is no problem with the RS232 cable/terminal/router, then the router will make reports and begin initial configuration.
The minimum information required to start the configuration process is to configure the FDDI or ethernet interface (fddi0 or fddi1 depending on how the single- and multi-mode interfaces have been installed, eth0 etc for ethernet) with an IP address and a mask, a route to where the initial configuration is held for startup (at least), and the name of that file.
On powering up the router for the first time, it will make requests for important global information (Note: if you see a - -More- - prompt, pressing the spacebar continues, to abort the configuration process type Ctrl+C):
A captured typical session to configure the global parameters follows as an example, some discussion follows. After global configuration there are some specifics.
```
Configuring global parameters:

  Enter host name []: nc2.ed
  Enter enable password []: whatever-selected
  Enter virtual terminal password []: whatever-selected
  Configure SNMP Network Management? []: yes
    Community string []: public-as-selected
  Configure DECnet? []: no
  Configure AppleTalk? []: no
  Configure IPX? []: no
  Configure bridging? []: no
  Configure IP? []: yes
    Configure IGRP routing? []: no
    Configure RIP routing? []: no

Configuring interface parameters:

Configuring interface Ethernet0:
  Is this interface in use? []: no

Configuring interface Ethernet1:
  Is this interface in use? []: no

Configuring interface Fddi0:
  Is this interface in use? []: yes
  Configure IP on this interface? []: yes
    IP address for this interface []: 194.81.56.67
    Number of bits in subnet field []: 0
    Class C network is 194.81.56.0, 0 subnet bits; mask is 255.255.255.0

The following configuration command script was created:

---- script displayed .. omitted here.

Use this configuration? [yes/no]: yes
```
Discussion:
- Hostname: Enter the hostname for your router e.g. gw1.qmced from the Table.
- Passwords: The router will ask for a `secret', a privileged and a virtual terminal password. The enable password allows privileged access to the router, the other a more restricted user mode. We suggest that for initial testing, a common set are used - contact George H. If we employ these values initially then the MOC etc can examine the router.
- Protocol etc support: The router will enquire about support for various protocols, DECnet, XNS, etc. Initially, respond NO to all but the IP protocol. (The other protocol support will be specified through the downloaded configuration file.)
- IP Support: For the IP support respond Yes but No for all of the routing protocol queries.
- IP Address Configuration: For the query on IP addressing on the ethernet or FDDI interface only (no need to configure the other interfaces as yet):
```
               Number of subnet bits
```
  enter the value 0 (zero). The IP address for the MAN interface, fddi0, is to be taken from the Table, and the subnet mask is 255.255.255.0, i.e. the default for a class C network).
After the global configuration is complete, we need to set up some access to the more complete configuration held in a file on holyrood.ed.ac.uk. This will be employed for access to the router to configure via download etc.
- Route to config: Add a route to the network loadable configuration file which the MOC have created for your router, type:
```
      conf t
      ip route 129.215.0.0 194.81.56.65
      ^Z
```
  (^Z means Ctrl+Z). This adds a route to the Edinburgh network via the Old College router on the MAN; for cases where the router is not on the main FDDI MAN network, this would be the address of the appropriate gateway which would allow access to/from Edinburgh's network. Note that after the reboot described below, this static route is turned off again.
  Next type:
```
      conf net
```
  This command results in the series of prompts as:
```
Host or network configuration file [host]?               
Address of remote host [255.255.255.255]? 129.215.166.17
Name of configuration file []? /edlan/eastman/< filename >
Configure using
   /edlan/eastman/< filename > from 129.215.166.17? [confirm] y
^Z
```
  < filename > is the name of your router (see the Table for the part preceding the eastman.net.uk). The responses shown are < CR=default >, holyrood.ed.ac.uk is the boot host. For Sighthill, the router configuration filename would be /edlan/eastman/si1.napier.
- Consolidate: In order to retain this configuration, type
```
      write mem
```
- Reload: To load the configuration do either:
```
      Type the command: reload
or
      Power cycle the router
```
- Checking Typing the commands
```
      sh ip route
      sh ip bgp
```
  should display routes being built up from the information in the new configuration. You should also be able to telnet to any of the other routers (or to any host through the Old College router).
- Route fixup: The static route which was configured should now be removed (the system will learn of the Edinburgh network from oc2.ed):
```
      conf t
      no ip route 129.215.0.0 194.81.56.65
      ^Z
```

After this sequence, the router can be used to at least check out the FDDI ring connectivity.

Appendix: Numbering Scheme Details

The numbering scheme is extremely conservative. In essence the network is first divided into 4 subnets with host number ranges 0-63, 64-127, 128-191 and 192-255. We then assume the classical IP restriction that the first and last subnets are unusable and thus we number in the range 64-127. Again if this were really a subnet the first and last host numbers would be reserved so we may use from 65 to 126.

-----------------------------------------
  0
  :   reserved (possible subnet zero)
 63
-----------------------------------------
 64   reserved (possible zero host)
  :
  :   host range 65-126 usable
  :
127   reserved (possible all-ones host)
-----------------------------------------
128
  :   reserved for future expansion
191
-----------------------------------------
192
  :   reserved (possible all-ones subnet)
255
-----------------------------------------

In allocating numbers this way we reserve 3 other 64-address subnets for use on other parts of the MAN should we need them.

We then further divide range 64-127 into 8 equal blocks of 8 numbers and assign them to the MAN insitutions and SuperJANET, seven allocations and one spare. We make the further extremely conservative assumption that the first and last address in each block should be reserved and finally we use the numbers in alternate blocks from opposite ends - the first numbering up from the low end, the second down from the high end - giving maximum flexibility for adjusting the size of allocation to each Institute. (An alternative view of the numbering is of 4 blocks with the first and last numbers reserved and two institutions allocated to each block, numbered from opposite ends.)

Thus the allocation looks like this:


-----------------------------------------
 64   reserved
 65   first Univ of Ed host
  :
 70   last Univ of Ed host
 71   reserved
.........................................
 72   reserved
 73   last MHIE host
  :
 78   first MHIE host
 79   reserved
-----------------------------------------
 80   reserved
 81   first ECA host
  :
 86   last ECA host
 87   reserved
.........................................
 88   reserved
 89   last QMC host
  :
 94   first QMC host
 95   reserved
-----------------------------------------
 96   reserved
 97   first Napier host
  :
102   last Napier host
103   reserved
.........................................
104   reserved
105   last H-W host
  :
110   first H-W host
111   reserved
-----------------------------------------
112   reserved
113   first spare institution host
  :
118   last spare institution host
119   reserved
.........................................
120   reserved
121   last SJ host
  :
126   first SJ host
127   reserved
-----------------------------------------

Version History

Versions before 1.7 are lost in the mists of time

Version:  1.7, 27/5/96    GH: add Phase II FDDI IP addresses for ECA/MHIE/QMC
Version:  1.8, 26/8/96    SW: - change Phase II FDDI IP addresses
                              - describe how AppleTalk is actually done
                              - update bootfile locations and initial
                                boot procedure
                              - add Appendix describing how IP addresses
                                are allocated
                              - tidy up this and that