NetWare Communications Processes

 Paul Turner
 Consultant
 Systems Engineering Division

Abstract: 

This AppNote provides a comprehensive explanation of the protocols and
algorithms that govern communications in the 286-based NetWare, NetWare
386, and Portable NetWare environments. Topics covered include routing
and connection control.

Disclaimer

Novell, Inc. makes no representations or warranties with respect to the
contents or use of these Application Notes (AppNotes) or any of the
third-party products discussed in the AppNotes. Novell reserves the right
to revise these AppNotes and to make changes in their contents at any
time, without obligation to notify any person or entity of such revisions
or changes. These AppNotes do not constitute an endorsement of the third-
party product or products that were tested. The configuration or
configurations tested or described may or may not be the only available
solution. Any test is not a determination of product quality or
correctness, nor does it ensure compliance with any federal, state or
local requirements. Novell does not warranty products except as stated in
applicable Novell product warranties or license agreements.

Copyright { 1990 by Novell, Inc., Provo, Utah. All rights reserved.

As a means of promoting NetWare AppNotes, Novell grants you without
charge the right to reproduce, distribute and use copies of the AppNotes
provided you do not receive any payment, commercial benefit or other
consideration for the reproduction or distribution, or change any
copyright notices appearing on or in the document.

Introduction

This AppNote is a preliminary excerpt from an upcoming Novell Systems
Engineering Division research report entitled "NetWare Internals and
Structure." It provides a technical description of the protocols that
make client-server communications possible on NetWare networks. The
information contained in this document will be most valuable to those
individuals designing, implementing or administrating large NetWare
internetworks. It will also be useful to individuals and organizations
developing applications specifically for NetWare.

The document begins with an explanation of the packet structures defined
by each protocol. It then describes the algorithms followed by
workstations, routers and file servers when transmitting or receiving
packets.

Protocols

Most computer networks require that information transferred between two
nodes be broken up into blocks, called packets. This packetizing makes
the information more manageable for the sending and receiving nodes, and
any intermediate nodes (bridges or routers). In addition to the
information, or data, that is being transferred, each packet contains
control information used for error checking, addressing, and other
purposes. The protocols being used on the network define the content of
this control information. In most cases multiple protocols exist within a
packet; each protocol defines a different portion of the control
information for the packet and the control information for each protocol
serves a different purpose. When multiple protocols are used, the control
information for the highest level protocol is first placed around the
data, then the control information for each subsequent protocol in the
protocol stack is added to the beginning and/or end of the packet. This
is called envoloping. (See Fig. 1.)

The enveloping pattern illustrated in Fig. 1 is common in the computer
communications industry but the tasks assigned to each protocol in the
packet differs for different vendor's implementations. In an effort to
standardize the definition of protocols-and therefore make the networking
implementations of different vendors interoperable-several standards
organizations have been formed by governments and corporations. One of
these, the International Standards Organization (ISO), has developed a
model, called the Open Systems Interconnection (OSI) model, that
specifies how protocols should be defined in the future. The OSI model
separates the functions required for effective computer communications
(such as error checking and addressing) into seven catagories, or layers.
These layers are the Application, Presentation, Session, Transport,
Network, Data-Link and Physical layers.

: Example of Multiple Protocols in a Packet

 Having been defined prior to the finalization of the OSI model, the
protocols used by NetWare do not all correspond exactly to the OSI
model's definitions. NetWare uses a variety of protocols. Some of these
protocols were developed specifically for NetWare; some are used
throughout the networking industry. The protocols required for
communications between NetWare workstations and file servers are the
following:

o    Medium-access Protocols

o    Internetwork Packet Exchange (IPX)

o    Routing Information Protocol (RIP)

o    Service Advertising Protocol (SAP)

o    NetWare Core Protocol (NCP)

Fig. 2 provides a relative mapping of the NetWare protocols-also called
the NetWare protocol stack-to the OSI model; in actuality, a direct
correlation to the layer boundaries of the two architectures does not
exist. The NetWare protocols follow the enveloping pattern shown in Fig.
1. More specifically, the upper level protocols (NCP, SAP, and RIP) are
enveloped by the IPX and IPX is subsequently enveloped by the medium-
access protocol header and trailer.

: Mapping of NetWare Protocols to OSI Model

Medium-Access Protocol Implementations

A number of medium-access protocols have been defined, many of which are
used with NetWare. The focus within this document is on the
implementations of medium-access protocols, the most common of which are
802.5 Token-Ring, 802.3 Ethernet, Ethernet v2.0, and Arcnet. The 802.x
protocols have been defined by the Institute of Electrical and Electronic
Engineers (IEEE). Ethernet v2.0 was co-developed by Xerox and Digital
Equipment Corporation, and Arcnet was developed by Datapoint, Inc. These
medium-access protocol implementations are primarily concerned with the
transport of packets from one node to another on a single network
segment.

Medium-access protocols provide bit-level error checking in the form of a
cyclic redundancy check (CRC). This CRC, which is appended to every
packet that is transmitted, assures that 99.9999 percent of the packets
successfully received will be free of corruption. In view of this level
of integrity, NetWare does not provide any additional bit-level error
checking within any of its upper-level protocols. (Note that bit-level
error checking checks to make sure that bits within a packet have not
been corrupted. The packet-level error checking discussed later checks
that complete packets are not lost.)

Medium-access protocol implementations define the addressing that
distinguishes each node on a NetWare network. This addressing is
implemented within the hardware of each network interface card (NIC). To
move a packet to the proper node on a network, a medium-access control
(MAC) header is placed at the beginning of every packet. This header
contains source and destination node address fields to indicate where the
packet originated and where it is going. Each NIC checks the destination
address in the MAC header of each packet sent on the network segment is
is attached to. If the destination address matches the NIC's own address,
or if the packet is a broadcast packet intended for all nodes, the NIC
will copy the packet.

Bit-level error checking and node addressing are provided by the majority
of medium-access protocol implementations. IBM's Token-Ring (802.5)
implementation defines a method of routing called source routing. Source
routing allows ring segments to be interconnected by bridges, allowing
administrators to segment network traffic. This requires that each
workstation maintain a table of routes to the nodes it is communicating
with. Furthermore, routing information must be included in the MAC header
of each packet it sends. This information instructs bridges how to
properly forward each packet to its destination. Source routing can be
used instead of or in conjunction with NetWare routing.

Internetwork Packet Exchange (IPX)

The IPX protocol was adopted by Novell from Xerox Network System's (XNS)
Internet Datagram Protocol. IPX is a datagram, connectionless protocol
that does not require an acknowledgment for each packet sent. This packet
acknowledgment, or connection control, must be provided by protocols
above IPX. IPX defines internetwork and intranode addressing schemes,
while relying on the network hardware for the definition of node
addressing.

The network number assigned in NETGEN (NetWare 2.1x) is the basis of
IPX's internetwork addressing. Each network segment on a NetWare
internetwork must be assigned a unique network number. This network
number is used by routers to forward packets to their final destination
segment.

The IPX intranode address comes in the form of socket numbers. Since
several processes are normally operating within a node, socket numbers
provide a sort of mail slot so that each process can distinguish itself
to IPX. As a process needs to communicate on the network, it requests
that a socket number be assigned to it. Any packets that IPX receives
that are addressed to that socket are passed on to the process. Hence,
socket numbers provide a quick method of routing packets within a node.

Novell has reserved several socket numbers for specific purposes. These
are shown in Fig. 3. Since socket numbers are internal to each node,
several workstations can use the same socket number at one time without
any fear of confusion. All NCP requests from workstations must be
addressed to socket 451h.

: Socket Numbers Used in The NetWare Environment

The network, node, and socket addresses for the both the destination and
the source are held within the packet's IPX header. The IPX header is
placed after the MAC header and before the packet data. (Packet data is
usually the header of a higher-level protocol.)  Fig. 4 illustrates the
structure of an IPX packet on an 802.3 network.

: Structure of an IPX Packet

Routing Information Protocol

The Routing Information Protocol (RIP) facilitates the exchange of
routing information on a NetWare internetwork. Like IPX, the RIP was
derived from XNS. However, an extra field was added to the packet
structure to improve the decision criteria for selecting the fastest
route to a destination. This change prohibits the straight integration of
NetWare's RIP with other undeviating XNS implementations.

The single packet structure defined by the RIP allows the following
exchanges of information:

o    Workstations locate the fastest route to a network number by
     broadcasting a route request (represented by "Route Request" entry
     on the TRACK ON screen).

o    Routers request routing information from other routers to update
     their own internal tables by broadcasting a route request
     (represented by "Route Request" entry on the TRACK ON screen).

o    Routers respond to route requests from workstations and other
     routers.

o    Routers perform periodic broadcasts to make sure that all other
     routers are aware of the internetwork configuration.

o    Routers perform broadcasts whenever they detect a change in the
     internetwork configuration.

The RIP packet structure is shown in Fig. 5. This structure is enveloped
within the data area of IPX. The Operation field indicates whether the
packet is a request or a response. A 1 in this field indicates a request
and a 2 indicates a response. The Operation field can be followed by one
or more (n) sets of information, each consisting of a network number and
the number of Hops and Ticks to that network number. A RIP packet can
contain a maximum of 50 sets of network number information.

The term "Hops" refers to the number of routers that must be passed
through to reach a network number. A "tick" is roughly 1/18 of a second
(there are 18.21 Ticks in a second, to be precise). The number of Ticks
measures how much time the packet takes to reach a network number. The
number in this field is always at least one. The original XNS definition
of the RIP did not include the Number of Ticks field. The Ticks field was
added by the developers of NetWare so that the NetWare shell could
estimate how long it should wait for a response from a file server. (This
will be explained in the discussion of the shell's receive time-out.)
Also, if multiple routes exist to a network number, a router uses the
route with the shortest number of Ticks when forwarding packets to that
network number.

If a RIP packet is a request for information, only the Network Number
field applies; the Hops and Ticks fields are essentially nulled out. A
response packet can be either a reply to a request from a router or
workstation or a periodic broadcast by a router.

: RIP Packet Structure

Service Advertising Protocol (SAP)

The Service Advertising Protocol (SAP) allows service-providing nodes-
such as file servers, print servers, and gateway servers-to advertise
their services and addresses. The SAP makes the process of adding and
removing services on an internetwork dynamic. As servers are booted up,
they advertise their services using the SAP; when they are brought down,
they use the SAP to indicate that their services will no longer be
available.

Through the SAP, clients on the network can determine what services are
available on the network and obtain the internetwork address of the nodes
(servers) where they can access those services. This is an important
function, since a workstation cannot initiate a session with a file
server without first having that server's address.

A gateway server, for instance, will broadcast a SAP packet every 60
seconds (the period defined for all servers advertising with the SAP)
onto the network segment it is connected to. The SAP agent in each router
on that segment copies the information contained in the SAP packet into
an internal table called the Server Information table. Because the SAP
agent in each router keeps up-to-date information on available servers, a
client wanting to locate the gateway server can access a nearby router
for the correct internetwork address.

Like the RIP, the SAP uses IPX and the medium-access protocol for its
transport.  Fig. 6 illustrates the SAP packet structure. The first field
defines the operation that the packet is performing. The packet can
perform five different operations:

o    A workstation request for the name and address of the nearest server
     of a certain type (this is represented by a "Get Nearest Server"
     entry on a TRACK ON screen.)

o    A general request, by a router, for the names and addresses of
     either all the servers or all the servers of a certain type on the
     internetwork ("Send All Server Info." on TRACK ON.)

o    A response to either a "Get Nearest Server" request ("Give Nearest
     Server" entry on TRACK ON) or a general request

o    Periodic broadcasts by servers and routers

o    Changed server information broadcasts

Following the Operation field are one or more sets of fields. Each set
includes a service type server name, network address, node address,
socket number and a number of Hop fields. If the packet contains
information about more than one server, it will contain more than one set
of fields (n sets of fields). Each SAP packet can contain information
about up to seven servers.

: SAP Packet Structure

NetWare Core Protocol

The NetWare Core Protocol (NCP) makes interaction between clients and
file servers possible by defining two aspects of their interaction,
connection control and service request encoding. Because the creation and
handling of NCP packets is done by the NetWare shell or NetWare Requester
for OS/2, you do not need an in-depth understanding of the NCP,but you
should  have some idea of what the protocol does.

The NCP provides its own session control and packet-level error checking
instead of relying on other protocols for these functions. Consequently,
the modularity of the protocol stack is reduced but, in the long run, a
more efficient mechanism is attained.  Fig. 7 shows the general structure
of an NCP packet. When a client establishes a session with a file server,
it is assigned a connection number. This connection number must be
included in all subsequent service requests that the client submits. The
connection number allows the file server to keep track of which clients
are making requests, for response and security purposes.

:  Structure of an NCP Packet

Each NCP request packet submitted on a given connection must be assigned
a sequence number by the client. The first request following the
establishment of the connection is assigned the number 1; that number is
incremented by one for each subsequent request. When a file server
finishes processing a request, it places the sequence number for that
request in the response packet. Hence, the client can make sure that it
is receiving the correct responses for the requests that it submits.

Each of the services available at a NetWare file server has been assigned
a number. When it needs to submit a request to a server, the shell or
requester places the number-as well as any additional information that
might be needed-in the service code field of the NCP packet. Depending on
the service being requested, the NCP might provide additional fields for
the shell to give specific instructions to the file server-such as which
part of a file to read. The file server might report any problems or
errors that might have occurred while processing the request in these
additional fields.

Packet Delivery

On a NetWare network, the successful delivery of a packet depends on the
proper addressing of the packet and the internetwork configuration
(whether it is a single segment network or series of segments
interconnected by repeaters, bridges and/or routers). The addressing of
the packet is handled in its medium-access protocol and IPX address
fields. To send a packet to another node, the sending node must know the
full internetwork address (network, node, and socket) of the node it
desires to send to (the destination node). (The process of obtaining
another node's address is explained in the section entitled "Establishing
a Connection.") Once the sending node has the destination node's address
it can proceed with addressing the packet. The way the MAC header of that
packet is addressed, however, depends on whether the sending and
destination nodes are separated by a router.

In the event that the sending and destination node are on the same
network segment-that is, they both have the same IPX network address-the
sending node addresses the packet in the following way: The node address
of the destination node is placed in the MAC header destination address
field. The node address of the sending node is placed in the MAC header
source address field. The full internetwork address of the destination
node is placed in the IPX header destination address fields. The full
internetwork address of the sending node is placed in the IPX header
source address fields.

Fig. 8 shows an example of two nodes that are connected to network number
AA. The sending node (node 01) sending a packet to node 02. The sending
node places node address 02 in the destination field and node address 01
in the source field of the MAC. In the destination address fields of the
IPX header, the sending node places AA, 02 and 451 (the full internetwork
address of the receiving node). The sending node places its own
internetwork address of AA, 01 and 4003 in the source address fields of
the IPX header.

: Transmission to Same Network Segment (No Routing Required)

Network Interconnection Devices

The addressing method depicted in Fig. 8 is used when the two nodes
reside on the same physical segment (or ring) or if they reside on
separate segments interconnected by repeaters or bridges. A repeater is a
Physical Layer (OSI model) device that amplifies the signal of one
segment onto one or more other segments. Repeaters are used to extend the
maximum possible distance between end nodes on a segment. They are
completely transparent to the sending and receiving nodes.

A bridge is a Data-Link Layer device used to interconnect cable segments
locally or over wide area network links. Instead of simply amplifying a
signal as repeaters do, bridges retransmit packets received on one
segment onto another segment. Bridges are considered Data-Link Layer
devices because they examine the data-link (or MAC header) portion of
packets before retransmitting them onto other segments. There are two
predominant types of bridges, transparent bridges and source routing
bridges.

Transparent bridges interconnect two or more segments. They examine the
MAC header source and destination fields of every packet transmitted on
their connected segments. From the source address fields of packets,
these bridges develop a table of the nodes that reside on (or are
accessible through) each of their connected segments. With this table of
information, a bridge can determine whether packets should be passed on
to other segments.

Fig. 9 shows a transparent bridge connected to two separate segments.
After examining the packets transmitted on both segments it creates a
table that tracks which nodes exist on each segment. With this table, the
bridge can filter unnecessary traffic. For instance, if node 1 sends a
packet to node 5, the bridge will not retransmit that packet on its port
B. It will, however, retransmit packets sent from node 1 to node 7. Like
repeaters, transparent bridges-as their name implies-are transparent to
the sending and receiving nodes.

: Example Transparent Bridge

Routers

Routers, like bridges, interconnect different network segments; however,
the operation of routers and bridges is quite different. Routers by
definition are network layer devices. (See Fig. 10.) In other words,
routers receive their instructions for forwarding a packet from one
segment to another from a network layer protocol. The network layer
protocol that routers use in the NetWare environment is IPX. NetWare-
compatible routers are available with NetWare or from third-party
manufacturers. The routers that come packaged with NetWare have actually
been misnamed bridges in the past. The NetWare routers include what has
been called the internal bridge within NetWare file servers and external
bridge installed at workstations. Novell has officially renamed these two
devices internal router and external router.

NetWare-compatible routers may be configured to interconnect two or more
segments. Each of these segments, however, must be assigned a unique IPX
network number to distinguish it from other segments on the internetwork.
A segment's network number must be configured into each of the routers
connected to that segment. The network number serves as a common address
for each node connected to a segment.

: OSI Representations of Network Devices

Packet Routing

When a node wants to send information to another node, it must first have
network address-as well as the node address-of the destination node. If
the two nodes have the same network number (reside on the same segment),
the sending node can simply send packets to the destination node using
method illustrated in Fig. 8. On the other hand, if the two nodes have
different network numbers (reside on different network segments), the
sending node must find a router on its own segment that can forward
packets to the destination node's network segment. To find this router,
the workstation broadcasts a RIP packet requesting the fastest route to
the destination node's network number (RIP requests are discussed in more
detail later in the section entitled "Establishing a Connection". This
RIP request is responded to by the router residing on the sending nodes
segment with the shortest path to the desired segment; in the response,
the router includes its node address.

Once the sending node receives the router's node address, it is prepared
to send packets to the destination node. The sending node addresses these
packets in the following way: It places the destination node's
internetwork address (network, node and socket number) in the destination
address fields of the IPX header. Next the sending node places its own
internetwork address in the source address fields of the IPX header. Then
the sending node places the node address of the router-the one that
responded to the RIP request-in the destination address field of the MAC
header. The sending node places its own node address in the source
address field of the MAC header. (See Fig. 11.)

: Packet Addressing Through a Router

 When a router receives a packet to be routed, it can take one of two
possible actions. If the packet is destined for a network number that the
router is directly connected to, the router will place the destination
node address from the IPX header in the destination address field of the
MAC header, place its own node address in the source address field of the
MAC header, and transmit the packet. (See Fig. 11.)

If the router is not directly connected to the segment that the final
destination node resides on, however, it will send the packet to the next
router in the path to the destination node. To forward the packet to
another router, the router will place the node address of that other
router in the destination address field of the MAC header. The router
will place its own node address in the source address field of the MAC
header. The router leaves the IPX header as initially set by the sending
node and sends the packet.

Routing Information Administration

To forward packets by the best possible route, NetWare routers maintain a
Routing Information table that holds information about all the network
segments on the internetwork.  Fig. 12 gives an example of a Routing
Information table (only the fields  pertinent to this discussion have
been included). Each entry in the Routing Information table gives the
router forwarding information for a network segment.

: Portion of Routing Information Table

The first field contains the network numbers for segments that the router
is currently aware exist. The router simply matches the destination
network number in the packet's IPX header with an entry in this field to
get its forwarding instructions for the packet. The second field
indicates the number of routers that must be traversed to reach the
network segment.

An estimate of the time necessary to reach the destination segment is
recorded in the third field. The initial time estimate for a segment is
the responsibility of the driver directly connected to it. This driver
reports this estimate to its router. This time estimate is used by the
router in its periodic broadcasts to indicate the time necessary to
deliver a packet to a node on that segment. The method that drivers use
for estimating the time delay on a segment depends on the segment type.
For local segments with more than 1 Mb/sec of bandwidth (Token-Ring,
Ethernet, Arcnet, and so on), the driver makes the assumption that
delivery time is one tick. For remote segments (T1, 64 kbps, X.25, and
asynchronous), the driver will periodically poll to determine the current
time delay. For instance, the delay for a T1 link normally ranges from
six to seven Ticks. If this delay changes, the driver will inform its
router. As information about the segment is passed along throughout the
network (by way of periodic broadcasts), routers will add any additional
delay that they impose to the initial time estimate for the segment.

The NIC field of the Routing Information table records which NIC in the
router the network segment can be reached through. The Immediate Address
field contains the node address of the router that can forward packets to
each segment. If the segment is directly connected to the router, this
field will remain empty. The "Net Status" field indicates whether the
segment is directly connected to the router and whether the segment is
considered reliable. The final field is used to make sure that
information about the segment is current.

For NetWare versions prior to 2.15c, the Routing Information table keeps
a list of all alternate routes for each network number in case the
primary shortest route to a network number goes down. In other words, if
the router can reach the segment through more than one of its NICs, it
will make a record of both routes. The fastest route, the one that
requires the least number of Ticks, will always be used as the primary
route. NetWare versions after 2.15c maintain alternate routes only if
these alternate routes require the same amount of Ticks to reach the
segment as the primary route. This reduces the size of the Routing
Information table.

Routing Information Broadcasts

On an internetwork, routers are constantly exchanging information with
each other to make sure that their Routing Information tables reflect up-
to-the-minute changes in the layout of the internetwork. To accomplish
this, routers transmit a series of broadcasts from the time they come up
until they are brought down. These broadcasts can be separated by the
time at which they occur:

o    Initial broadcast of directly connected network segments

o    Initial request to receive routing information from other routers

o    Periodic broadcasts (every 60 seconds) of current list of active
     network numbers

o    Broadcast of change in internetwork configuration

o    Final broadcast when brought down

Although the broadcasts occur at different times and, for the most part,
contain different information, they must follow two important rules.
First, each broadcast must be a local broadcast, addressed so that it
will not be immediately passed on, intact, by the routers that receive
it. This reduces the network traffic created by these information
exchanges. Second, routers must follow a "best information" algorithm
when providing information to other routers through a broadcast (since
the second broadcast listed above is a request for information, this rule
does not apply to it).

Best Information Algorithm

The purpose of routing information broadcasts is twofold: to allow a
router to share its current impression of the layout of internetwork with
other routers, and to inform the routers of an internetwork change so the
routers can update their tables. A router sends routing information
broadcasts to every network segment that it is directly connected to. The
first rule of the best information algorithm dictates that a router about
to broadcast to a particular network segment should not include any
information about other segments that it has received from the segment to
which the information is being sent.

For example, if the router within server FS2 in Fig. 13 is going to
broadcast a routing information broadcast to network segment BB, it will
not include information that it received from FS1 about network segment
AA. If it did, someone on segment BB might erroneously conclude that
there are two paths to segment AA-one through FS1 and another through
FS2.

: The Best Information Algorithm

The best information algorithm also states that routers should not
include information about the network segment that they are sending
routing information broadcasts to. For example, FS2 would not include
information about BB in its broadcast onto BB.

Taking these rules into account, the information that FS2 would broadcast
onto segment BB would be information about segments CC and DD.

Initial and Periodic Broadcasts

When a router is first brought up, it places the network numbers of its
directly connected segments into its Routing Information table. Then,
following the best information algorithm, the router sends a routing
information broadcast to inform the routers on its directly connected
segments of the segments that the router will be making available. The
router next broadcasts a request to each of its directly connected
segments for information about all other network segments that exist on
the internetwork. This request is responded to by all the routers (each
using the best information algorithm) on these directly connected
segments. The router places the information gleaned from these responses
in its Routing Information table. Fig. 14 illustrates this initial
sequence of broadcasts.

: Sequence Used to Build and Maintain Routing Information Table

Once the router has performed these initial broadcasts and updated its
Routing Information table, it is ready to accept routing requests and
route packets. In addition to routing packets, the routers will broadcast
all the information in their Routing Information table (except that
excluded by the best information algorithm) to each of their connected
network segments every 60 seconds. Routers perform these periodic
broadcasts to make sure that all routers on the internetwork remain
synchronized.

Because of lower bandwidth of X.25 and asynchronous links, routers do not
perform 60 second broadcasts on these links-only initial broadcasts,
changed information broadcasts and final broadcasts are sent over these
links.

Changed Information Broadcasts

When a router receives information that causes it to change its Routing
Information table, the router will immediately pass that information on
to its other directly connected network segments except the segment that
the router received the information from. If a new network segment comes
up or an existing segment goes down, all the routers on the internetwork
will learn about the change in a short amount of time.

The primary cause of a change in the internetwork's configuration are
file servers and external routers coming up or going down. If a router
needs to be brought down (using the DOWN command at the console) the
router will inform its directly connected segments of the fact before
discontinuing service. The router issues broadcasts (as always, using the
best information algorithm) that indicate that the network segments which
the router had made available will no longer be accessible through this
router. (See Fig. 15.)

: Routers Inform Other Routers When Going Down

The Process of Aging

If a router goes down due to a hardware failure, power glitch, or power
outage, other routers will not be notified that a change has occurred. To
safeguard against this eventuality an "aging" mechanism has been built in
to NetWare routers.

Routers maintain a timer for each entry in their Routing Information
table. Every time that information is received concerning the entry, the
timer is reset to zero. If the timer reaches three minutes, the router
assumes that the route to the network number is down and broadcasts that
fact to its other segments. Since this information is new or changed, the
routers that receive the information will pass it on immediately and the
change will quickly permeate the internetwork.

Service Advertising

Using the SAP, servers on a NetWare network can advertise their services
and addresses. The information that these servers broadcast is not
directly used by clients but instead collected by a SAP agent within each
NetWare router on the server's segment. The SAP agents store this
information in a Server Information table and, if they reside within a
server, in their server's bindery. The clients can then contact the
nearest SAP agent or file server for server information.

The SAP broadcasts that servers perform are local broadcasts and,
therefore, only received by SAP agents on their connected segments.
Consequently, SAP agents periodically broadcast their server information
so that all SAP agents on the internetwork have information about all
servers that are active on the internetwork-this is the same broadcast
method used by routers to distribute and exchange network number (RIP)
information.

Server Information Table

The table that SAP agents use to store information received in SAP
broadcasts is called the Server Information table. If all SAP agents on
the internetwork are exchanging SAP information properly, each agent's
Server Information table should have information about all the servers on
the internetwork-thus providing clients with nearby access to the
addresses of all the servers on the internetwork. Fig. 16 illustrates
some of the more pertinent fields of the Server Information table.

: Portion of a NetWare Router's Server Information Table

The Server Address field contains the service's full address, including
network, node, and socket addresses. The Server Type field holds a number
designating what type of service the server provides. One server might
provide printing services as opposed to file services, for instance. The
server type designation used to assign numbers to the different services
that servers provide is part of a more generic scheme used in the bindery
to classify objects. Some of the more common object types are shown in
Fig. 17.

: Object Types

The Time Since Changed field is used for aging servers that have
unexpectedly gone down. The NIC that the information about the server was
received on is specified in the NIC Number field.

The way that information within the Server Information table is stored
makes sequential access (send me information about all servers with
server type 4, for instance) possible but makes database access (send me
information about server NCS) very difficult. Therefore, the Server Name,
Server Address, Server Type and Hops to Server fields of the Server
Information table are periodically copied to file server's binderies by
internal SAP agents-SAP agents that reside within file servers. With this
information stored in file server binderies, any client that has a
connection with a NetWare file server can query the bindery for the
address of a specific server.

Server Information Administration

When a file server is first brought up, its internal SAP agent places the
name of the server in the agent's Server Information table. The SAP agent
then sends a SAP broadcasts onto each of its directly connected segments
to inform the SAP agents on those segments that a new server has become
available. (See Fig. 18.)

: Sequence Used to Build and Maintain Server Information Table

After performing its initial broadcasts, the SAP agent broadcasts a
request onto each of its directly connected segments for information
about other servers that exist on the internetwork. These requests are
responded to by all the SAP agents on these directly connected segments.
The SAP agent places the information received in these responses in its
Server Information table. Thereafter, the SAP agent performs broadcasts
about the servers that it is aware of every 60 seconds (except on
asynchronous and X.25 links). illustrates these initial and periodic
broadcasts.

As with routing information broadcasts, all server information broadcasts
are local broadcasts and are subject to the best information algorithm.
Any changes in server information are passed on immediately to ensure
current information across the internetwork. The router applies the aging
process to its Server Information table entries in case any servers
become unavailable. Finally, if the router is brought down, it will
indicate to its directly connected segments that the servers the router
has been advertising will no longer be available. (See Fig. 19.)

: FS2 Brought Down

File Server Addressing

Value-added servers, such as gateway and print servers, normally contain
only one network adapter and will use the address of that adapter as the
address they advertise in their periodic SAP broadcasts. NetWare file
servers, on the other hand, may contain multiple adapters. This requires
that they use some sort of convention for advertising the address of
their file services; the convention used for this addressing differs for
286- and 386-based servers. Within the 286-based environment, the file
services of a server are addressed with respect to its NIC A. This
convention guarantees consistency since every server will have at least
one network adapter installed. (See Fig. 20.) If you enter an SLIST
command, the address you see for 286-based servers is the network and
node address assigned to the server's NIC A.

: Addressing of File Services on a 286-based NetWare File Server

In the NetWare 386-based servers, an internal network has been added for
the addressing of internal services, as shown in Fig. 21. This different
method of addressing requires that an internal network number be assigned
when a NetWare 386-based file server is brought up.

: Addressing of File Services in NetWare 386-based Server

Fig. 22 displays an SLIST screen that contains 286- and 386-based
servers. The 386-based servers can be distinguished by their node address
of one. This node address is assigned to the file services on the
internal network number. The implementation of redundant cabling systems
with 286-based servers is discussed in a later section.

: Example SLIST Listing

Client-Server Interaction

The NetWare shell facilitates client-server communications for DOS-based
workstations. In a typical client-server interaction, one station (the
client) requests services from another station (the server). Through the
shell, DOS-based applications can request file services (such as writing
to and reading from files) from NetWare file servers. At the workstation,
the shell, the user application, and the user together act as the client
requesting file services; the NetWare file server acts as the server
providing file services.

The shell, then, is the liaison between the client (the user application)
and the server. The shell performs the tasks necessary to request file
services from a NetWare file server: for example, establishing a
connection with the file server, maintaining the connection, and
terminating the connection.

The NetWare shell is a terminate-and-stay-resident (TSR) program called
NETx.COM (where x depends on the version of DOS being run). NETx.COM is
loaded into a NetWare workstation's memory when the workstation is
booted. Before you load the shell, however, you must load another TSR
called IPX.COM

IPX.COM

Novell's IPX protocol serves as the communications link with the NIC
installed in the workstation. At installation, a customized version of
IPX.COM is generated for each workstation by linking in a driver written
specifically for the NIC that resides in that workstation. Once IPX.COM
is loaded, any workstation programs, including the shell, can communicate
on the network through NetWare's IPX protocol.

In addition to interfacing with the NIC, IPX.COM performs several
communication-related functions. For example, it manages the IPX sockets
used with the workstation. The shell and other applications access
IPX.COM to open and close IPX sockets. When the workstation receives an
IPX packet, IPX.COM checks which socket the packet is addressed to and
passes the packet to the program having that socket open.

Finally, IPX.COM is responsible for determining the address of the
network segment to which the workstation is physically connected. The
workstation's network number, along with its node address, make up the
workstation's full internetwork address.

IPX can determine the workstation's network number in one of two ways. In
the first method, IPX.COM watches for any RIP broadcasts sent on the
network. Since RIP packets are not forwarded to other network segments,
IPX knows that this type of broadcast originated on the segment to which
the workstation is directly connected. IPX simply reads the source
network address contained in the IPX header of a RIP broadcast to
determine the workstation's network number.

IPX uses an alternate method if the shell requests a route to a network
number before IPX can determine the workstation's network number from a
RIP broadcast. In this case, IPX broadcasts a Get Local Target request,
which requests the fastest route to the destination network number
requested by the shell. Upon receiving a response, IPX.COM checks the
source network number in the IPX header of the response packet. This
source network number (the network number of the router that responded to
the Get Local Target request) is the workstation's network number.

The NetWare Shell

The shell (NETx.COM) acts as the interface between user applications and
NetWare file servers. As user applications make requests, the shell
determines whether the requests should be handled locally by DOS or sent
to a server on the network. If the shell determines that the request
should be sent to a network server, the shell formulates a request
packet, hands it to IPX.COM for transmission, and waits for a response.

Prior to submitting any requests to a server, the shell must establish a
connection with that server. The shell can establish a connection to a
server in two ways: When the shell is first loaded at the workstation, it
logically attaches to the first server that responds (usually the server
nearest to the workstation). The LOGIN and ATTACH command line utilities,
when executed, also establish a server connection.

To establish a connection, the workstation and the server must exchange
several packets: a packet requesting that a connection number be assigned
to the shell, and another proposing the maximum packet size that will be
allowed in the interaction between the file server and the shell. Before
sending these initial packets, the shell needs the address of the server
and a route to the server.

Getting a Server's Address

To get a server's address, the shell can use the SAP to broadcast a
request for the address of the nearest server-a Get Nearest Server
request. All routers on the workstation's network segment having
information about the nearest server respond to the Get Nearest Server
request. Each response contains the nearest server's name, its full
internetwork address, and the number of Hops required to reach the
server. (See Fig. 23.)

: Getting the Address of the Nearest File Server

 When first loaded at a workstation, the shell issues a Get Nearest
Server request to establish an initial connection to a file server. If
the shell loses its connections with all file servers, it resorts to the
Get Nearest Server request method to re-establish a server connection.

A second method the shell uses to get a server's address is to use the
NCP to access a file server's bindery. The bindery is a database within
NetWare file servers that contains information about many network
entities, including users, groups, and servers.

Because the shell must already have a server connection before it can
access the server's bindery, the shell can use this second method only
after it has established an initial connection to a file server. The
LOGIN and ATTACH utilities use this method, as does the new "preferred
server" shell (version 3.01). These utilities allow the user to specify a
specific file server name, and then these utilities use that name to scan
the bindery for the server's address.

Getting a Route to a Server

Once the shell has the address of a server, it needs a route to that
address. The shell uses this route for all subsequent communications with
the server for the duration of the connection.

To obtain a route, the shell submits a Get Local Target request to
IPX.COM. IPX first compares the network number of the desired server to
the workstation's network number. If these two numbers are the same, IPX
tells the shell to send requests directly to the server (without going
through an intermediate router).

If the network number the shell submits and the workstation's network
number are not the same, IPX broadcasts a RIP request for the fastest
route to the submitted network number. Whichever router on the
workstation's network segment has the shortest route to the network will
respond to the request. More than one router might respond if several
routers have a route equal to the shortest route. IPX accepts only the
first router's response, discarding all others.

IPX then returns to the shell the node address of the first router that
responded. The shell places the node address of this router in the MAC
header of a Create Connection request packet; it addresses the IPX header
of the request packet to the file server it wants to connect to. With the
packet addressed in this fashion, the router will receive the packet
first, check the IPX destination address, and forward the packet toward
the network number on which the file server resides. (See Fig. 24.)

: Requesting the Fastest Route to an Address

Establishing an Initial Connection

To establish its connection to a file server, the shell uses a
combination of the SAP, the RIP, and the NCP. The sequence followed is
slightly different for the new "preferred server" shell (version 3.01)
than it is for previous shell versions.

Fig. 25 shows the steps taken by pre-v3.01 shells to make a connection
with a file server. The first column represents the call or packet sent.
The second column lists the source, or sender, of the packet. The third
column lists the addressee of the packet. The final column indicates the
protocol used for the packet.

: Initial Connection Sequence for NetWare Shells

We have already seen how the first four steps work. In steps 1 and 2, the
shell obtains the address of the nearest server. Step 3 is IPX.COM's
request for the fastest route to the address that the shell received in
step 2. Step 4 is the response by all routers with the shortest route to
that segment.

Steps 5 through 8 show the packets exchanged between the shell and the
server to establish the initial connection. Once this connection is made,
the shell moves to the background (terminates-and-stays-resident) and
returns the DOS prompt to the user. The user can then execute LOGIN.EXE
to log in to the connected server or to another server.

The Preferred Server Shell

The preferred server shell (v3.01 and above) features several additional
functions not offered by older versions of the shell. As its name
implies, the preferred server shell allows users to specify, either at
the command line or in the SHELL.CFG file, which server they would like
to connect with. Whether or not a preferred server is specified, the
preferred server shell goes through the same initial eight steps as the
old shells.

If the server the shell connects to during the initial eight steps is not
the preferred server the user specified, the preferred server shell
performs several additional steps to establish a connection with the
specified server. (See Fig. 26.)

For instance, if the workstation in Fig. 24 initially connects to FS1 and
the user specified FS3 as the preferred server, the shell will follow a
sequence similar to that shown in Fig. 25. As you can see in step 9, the
preferred server shell uses the bindery method of acquiring the server's
address.

: Connection Sequence for the Preferred Server Shell

Steps 11 and 12 of this preferred server sequence are not always
required. If the preferred server resides on the same network segment as
the workstation, the shell skips these two steps and sends the Create
Connection request directly to the server. The shell destroys the
connection with the initial server once it has successfully established
the connection with the preferred server.

Another major difference between old shells and the preferred server
shell involves the receipt of Give Nearest Server responses. Older shells
accept the first Give Nearest Server response they receive and ignore all
subsequent responses. Preferred server shells accept the first response
also, but save the next four Give Nearest Server responses in case a
connection cannot be made to the first server.

Servers respond to Get Nearest Server requests even if they have no free
connections. Consequently, older shells fail to establish a connection
(steps 5 and 6 of Fig. 25) if the first Give Nearest Server response they
receive is from a server with no free connections. The preferred server
shells, on the other hand, can refer to the next saved Give Nearest
Server response if the current attempt to establish a connection fails.

LOGIN.EXE

Users can run LOGIN.EXE at any time after they have established a
connection to a NetWare file server. LOGIN submits the user's name and
password to the file server for verification. It also establishes a new
server connection if the user specifies a file server in the LOGIN
command.

If the server specified at the command line is not the one the shell is
already connected to, LOGIN follows the steps outlined in Fig. 27. Once
these steps are completed, LOGIN verifies the username and password. If
the server specified at the command line is located on the same segment
as the workstation, steps 3 and 4 are not necessary.

: Additional Steps Performed by LOGIN.EXE

 ATTACH.EXE uses the same sequence as that described for LOGIN.EXE when
establishing connections to a file server.

Connection Management

Communication between any two workstations requires a certain amount of
responsibility on both sides to ensure that no information is lost. NICs
maintain error checking at the bit level in the NetWare environment. File
servers and workstation shells  handle packet- and session-level error
checking; each maintains a table to handle this level of error checking.
The NCP governs the way that the connection control information is
exchanged. (It is a common misconception that SPX is used for packet
level error checking between workstations and servers; however, SPX is
only used for peer-to-peer interaction.) Every NCP packet submitted to a
NetWare file server by a client must have a connection number and
sequence number attached to it. The connection number is the number that
client was assigned by the file server when the connection was
established. The sequence number identifies each packet so that both the
server and the shell can determine when a packet is lost.

The Shell's Connection Table

NETx.COM (the shell) can support up to eight server connections
concurrently. NETx.COM maintains a connection table to track these
connections. (See Fig. 28.) Within each entry in this table, the shell
stores the name and full internetwork address of the server it is
connected to. If the shell is forwarding packets through an intermediate
router to the server, the node address of that router will be stored in
the Router's Node Address field. The shell's connection number and packet
sequence number are also in the table. The sequence number is set to zero
when the connection is first established and incremented with each new
request.

: Portion of Shell's Connection Table

The shell's connection table also maintains two time-outs. One time-out
is the maximum time that the shell will wait for a response from the
server before resending a request packet. This time-out is based on an
estimate of the time (in ticks) needed to deliver a packet to the server.
This time estimate is provided by the router in its Give Immediate
Address response. (If the workstation and the server are on the same
segment, this value is set to one tick.) The shell multiplies this
estimate by 16 and adds 10 ticks to the result to set its maximum time-
out for communications with that server.

The Receive Time-Out is a dynamic time-out that is originally set to four
times the time estimate (received in the Give Local Target response) plus
10 ticks.

Once initially set, the receive time-out adjusts up or down to adapt to
changing network conditions. The receive time-out is increased if the
shell issues a request to a server and does not receive a response within
its current receive time-out. The receive time-out is multiplied by one
and one-half when the first retry to the server is issued. It remains at
this new value for all subsequent retries on the request and for use on
the next request. If the next request requires a retry, the receive time-
out will be increased again. The receive time-out will continue to be
increased in this fashion until it reaches the maximum time-out.

The shell decreases the receive time-out each time that the shell does
not have to issue a retry to a request. To decrease the receive time-
out, the shell takes the time necessary to receive a response to the last
request-the request that didn't require a retry-and multiplies that value
by two and adds 10 Ticks to it. The shell sets the new receive time-out
to the average of this calculated value and the current receive time-
out.

The number of times that the shell will resend a request to a server is
determined by a number called the IPX Retry Count. If this count is
exceeded the shell will give up and present the user with a "Network
error on server xxxxx. Error xxxxx from network. Abort, Retry?" message.
A default for this retry count exists for all drivers. This default
differs from driver to driver but is generally between 20 and 40. The
"IPX RETRY COUNT = xx" option for the SHELL.CFG files allows the default
IPX retry count to be modified; however, some drivers will ignore this
entry in the configuration file and leave the retry count at their
default.

The File Server Connection Table

The file server connection table, shown in part in Fig. 29, allows the
server to keep information about each of the clients that it is
servicing. The address fields are used for addressing response packets
and for security purposes. When a packet arrives with a service request,
it contains the connection number assigned to the sender. The server
matches the packet's IPX source address (network, node, socket) with the
address registered for that connection number. If the addresses don't
match, the server regards the request as a security breach.

: A Portion of the NetWare File Server's Connection Table

The NIC Number and Intermediate Router's Address fields are used for
sending responses to clients. As a request packet is received, the 
number of NIC that the request came in on is placed in the NIC Number
field-this number would be A, B, C, or D for NetWare v2.15c and earlier
versions, or the network number of the NIC for NetWare versions 3.0 and
above. If the packet was forwarded through one or more routers, the node
address of the last router is stored in the Intermediate Router's Address
field. Hence, when the request has been processed, the server does not
have to find a route to the client to send a response. The server places
the node address of the first router in the path to the client-from the
Intermediate Routers Address field-in the MAC header destination address
field and sends the packet through the NIC specified in the NIC number
field. Of course, it first places the client's and its own full network
address in the destination and source address fields of IPX header,
respectively.

The Sequence Number field is used for packet-level error checking. The
Watchdog Count and Timer fields are used by the watchdog process, which
is discussed later. File servers also maintain a 100-byte reply buffer
for each of their connections. If a response to a client is less than 100
bytes, the server will make a copy of the response in the buffer that
corresponds to that connection. If the client does not receive the
response and resends the request, the server will not have to reprocess
the request.

Packet-Level Error Checking

The bit-level error checking that network adapters provide detects the
corruption of individual bits within a packet. When an adapter finds that
part of a received packet is corrupted, it discards the entire packet.
Due to the driver's simple design, no mechanism exists within the driver
to request that the packet be resent or to inform the upper-layer
processes and applications that an error occurred. Therefore, the upper-
level sending process (shell or file server) must determine when a packet
has not reached its intended destination.

In the NetWare environment, this packet-level error checking is the
responsibility of the shell. The NCP specifies that a workstation shell
can submit only one request to a server at a time. Furthermore, the
response that the server provides must fit in a single packet-the shell
should never request more than a packet's worth of information. Thus, to
guarantee that no packets have been lost, the shell only has to make sure
that it receives a completed response to each of its requests.

Each request that a shell sends to a server has a sequence number
attached to it within the NCP header. The response that the server
returns is labeled with the same sequence number. Ultimately, the shell
is responsible for getting completed responses for each of the service
requests that it submits. If the shell does not receive a response to its
most recent request within the specified receive time-out, it will
resubmit the request. The shell continues to resubmit the request until
it receives a response or exceeds its IPX Retry count.

Three conditions could cause a shell to time-out while waiting for a
response from a server. Fig. 30 illustrates a case in which the request
is lost in transit to the server. The workstation's timer eventually
expires and the shell resends the same request. The server receives the
second request, processes it, and sends back the response.

: Request Lost in Transit to File Server

In Fig. 31, the request is received by the server but the response is
lost in transit to the workstation. Once the workstation's timer reaches
its limit, the shell sends a second identical request to the server.

When a server receives any request, it checks the request's sequence
number to see that it is one greater than the sequence number registered
in the server's connection table. If it is, the server increments that
number and processes the request as usual. However, if the two numbers
are the same, the server determines that the client, for whatever reason,
is resubmitting its last request. In some cases, the server will have a
copy of the last response. NetWare file servers maintain a 100-byte
response buffer for each of their connections. If the server is sending a
response that is less that 100 bytes in size, the server will make a copy
to that client's buffer-that is, the buffer corresponding to that
client's connection number. Since a large percentage of responses are
less that 100 bytes, a good chance exists that a server will have a copy
of the response when requests are resubmitted by clients. (This type of
response increments the Duplicate Replies Sent counter on the FCONSOLE
Statistics->LAN I/O Statistics screen.) On the other hand, if the request
was larger than 100 bytes, the server must reprocess the request and send
the response. (This type of response increments the Reexecuted Requests
counter in FCONSOLE.)

If the response is still in transit to the workstation when the shell
times out and resubmits the request-that is, the shell receives the
completed response after resending the request-the server will send
another response, but the shell will ignore it.

:  Response Lost in Transit to Shell

Sometimes a server may be too busy to respond within the shell's time-
out. The shell then resends the request. When the server receives this
second request, it sends a reply to the workstation stating that the
initial request was received successfully, but that the processing of it
has not yet been completed (This intermediate response increments the
Positive Acknowledgments Sent counter within the FCONSOLE Statistics->LAN
I/O Statistics screen.) When the shell receives this reply from the
server, it sets its time-out to zero and waits for the request. If the
shell's time-out expires again, it will send a third copy of the request
just in case the response was sent by the server but lost in transit.
This process will continue until the shell finally receives a completed
response. (See Fig. 32.)

: File Server is Busy

Connection-Level Error Checking

The connection between a workstation and server can be lost due to a
power failure or a communications problem. Both file servers and
workstation shells are equipped to handle this eventuality. On the
workstation side, the connection is checked each time a request is made.
If the shell does not receive a response to a request after it retries a
certain number of times (the number dictated by the IPX Retry Count), the
shell assumes that a problem exists with the connection and displays a
message for the user. At this point, the user has the choice of ordering
the shell to resubmit the request again or to abort the operation
completely.

If the operation is aborted the shell removes that connection from its
Connection table. If it does not have any other server connections, it
attempts to create a new connection with a server (using the initial
connection sequence outlined in Fig. 25). If this attempt is
unsuccessful, the shell informs the user with the following message: You
are not connected to any file servers. The shell will try to connect to a
file server whenever the current default drive is changed to an invalid
drive. <Current drive is no longer valid>.

Connection-level error checking at a NetWare file server comes in the
form of address verification and periodic watchdog polling. When a file
server receives a request packet for a certain connection, it verifies
that the IPX source address within the request packet matches the address
recorded for that connection within its connection table. If the
addresses do not match, the server returns a response to the sender of
the request indicating that the connection number and address do not
match.

The Watchdog Process

When a workstation is turned off, regardless of whether the LOGOUT
command was issued, the station's connection remains occupied at the
server. To clear these unused connections, the server uses the watchdog
process to poll (send a query packet to) clients that the server hasn't
heard from for a period of five minutes. This five-minute period is
tracked for each connection in the Watchdog Timer field of the server's
Connection table. If the shell within the station that the server is
polling is still operational, it will respond to the query and the server
will reset its timer for that connection.

However, if the workstation has been turned off or some communications
problem exists on the network, the server will not receive a response
from the shell. In this instance, the watchdog process resets the
connection's Watchdog Timer field to zero, but increments the Watchdog
Counter field by one. The next packet that the watchdog process sends to
the workstation will be sent a minute later. If the watchdog continues to
hear nothing from the workstation, it will send a packet every minute
until it has sent a total of 11 polling packets to that workstation. 
Fig. 33 illustrates the timetable for a connection that does not answer
to a server's queries. The server will clear the workstation's connection
if no response to the last watchdog packet is received. (NetWare 386-
based servers provide a setable parameter that allows administrators to
monitor when workstations are logged out by the watchdog process. This
option is set with the following command: SET CONSOLE DISPLAY WATCHDOG
LOGOUTS = ON.)

: Watchdog Timetable for a Connection that Does Not Respond

Conclusions

NetWare's client-server communications are governed by a series of
protocols. These protocols can be broken up by functionality: protocols
used for all communications (the medium access protocols and IPX),
administrative protocols (the RIP and SAP), protocols concerned with
connection control (the NCP and Watchdog) and, finally, the protocol with
defines the coding of service requests (the NCP). This document explains
the operation and interoperation of these protocols; however, it does not
attempt to apply this information to all possible network configurations
and environments. It is up to you to apply this information to your
specific network(s).

Appendix A: Implementing Redundant Cabling

In internetworks that contain 286-based NetWare file servers,
incorporating multiple paths to those file servers may result in
inefficient routing. Fig. 34 shows an example of a 286-based NetWare
internet work that contains redundant paths to two file servers.

: Sample Redundant Path Configuration

The problem with this sample network configuration involves the route
taken by workstations on segment BB to communicate with file server FS1.
Although the shortest route between the workstations on BB and FS1 is
through NIC B on FS1, there is a good chance that packets may pass
through FS2 onto AA and subsequently through NIC A of FS1.

Since traversing through an intermediate NetWare router can cause up to
40 percent degradation in the performance of packet exchanges between a
workstation and a file server, the scenario illustrated in Fig. 35 is not
the most desirable.

: Inefficient Path to FS1

Routing problems occur because of the file service addressing scheme used
for 286-based NetWare file servers, combined with the algorithm for
establishing a connection to a file server.

File Service Addressing

The file services of a NetWare file server are assigned a specific
address within the file server. With 286-based NetWare servers, file
services are addressed with respect to NIC A in the file server. In other
words, when the file server advertises its existence, it provides only
the network and node address assigned to its NIC A-a socket address is
also included but it is not specific to NIC A. a shows a logical
representation of the file service addressing within a 286-based NetWare
file server.

: Addressing of File Services in NetWare File Servers

With NetWare 386, the file services are addressed with respect to an
internal network number assigned when the server is booted up. NetWare
386 assigns the file services node address 1. (See Fig. 36b.)

The Connection Algorithm

The problem inherent to the addressing scheme used for 286-based NetWare
file servers arises when LOGIN, ATTACH or the preferred server shell
attempts to connect to a specific server. Fig. 37 illustrates the way
that the file services of both servers appear to the workstations.

As we have seen, a workstation's Get Local Target request asks for the
fastest route to the network segment on which the file server is located
(segment AA for FS1.)  Since the router in FS1 and the router in FS2 both
register the same distance to network segment AA (two Ticks), both will
respond to the Get Local Target request.

: Logical Positioning of File Services

If FS2 is the first to respond to the requests, the workstation assumes
that FS2 has the fastest route, and therefore sends the create connection
request packet through FS2. If FS2 is consistently faster than FS1 in
responding to Get Local Target requests, connections to FS1 will always
be established through FS2.

Fig. 38 shows the entire sequence that the workstation goes through to
connect to FS1 if FS2 responds to a Get Local Target request first. In
this sequence, FS2 is assumed to be consistently faster than FS1 in
responding to Get Local Target requests.

Since FS2 is always the first to respond, the shell initially connects to
FS2 (using the sequence shown in Fig. 25).  After making this initial
connection, the shell returns the DOS prompt to the user.

: Workstation Sequence For Get Local Target   Figure 38 (Continued):
Workstation Sequence For Get Local Target

The user can then enter the command "LOGIN FS1/" to log in to FS1
(following the sequence outlined in Fig. 27). First, the shell queries
FS2's bindery for FS1's address. Next the workstation broadcasts a Get
Local Target request. The router for FS1 and the router for FS2 both
answer this request, but FS2's router responds first. Therefore, the
workstation assumes that FS2 must have the fastest route to network
segment AA and sends its connection request-and all subsequent packets
intended for FS1-through FS2. Since FS1 depends on the workstation to
find the fastest route between the, FS1 sends all responses through FS2.

To avoid this inefficient routing scenario, you can connect workstations
on the same segment as a file server's NIC A when you have redundant
paths to the server. (See Fig. 39.)  With the correct configuration, the
shell receives the address of FS1 from FS2's bindery and makes the Get
Local Target call to IPX. IPX determines that FS1 and the workstation are
on the same network segment and tells the shell to address packets
directly to FS1.

: Correct Configuration of Redundant Paths with 286-based NetWare

Note that the connection sequence followed for the pre-v3.01 shell and
LOGIN.EXE  is the same as that followed by the preferred server shell.
Therefore, the scenario described above applies for the preferred server
shell when a preferred is specified by the user.

Another Redundant Path Configuration

Fig. 40 shows another possible configuration that incorporates redundant
paths with 286-based NetWare file servers. In this configuration,
workstations on network BB should have direct access to both FS1 and FS2.
Due to the 286-based NetWare addressing scheme, however, packets destined
for one file server might go through the other file server first.

For instance, if a workstation on BB wants to log in to FS1 but initially
connects to FS2, it will query FS2's bindery for FS1's address. The
address returned will include network number AA. The workstation will
then issue a Get Local Target request for AA. If FS2 responds to this
request first, the workstation's communications with FS1 will go through
FS2.

: Redundant Paths With 286-based NetWare File Server

Unfortunately, there is no all-inclusive solution to the routing problems
possible with this configuration. However, the configuration shown in
Fig. 41 will keep unnecessary routing to a minimum. This configuration
places NIC A for server FS1 and NIC A for server FS2 on different
networks: FS1's NIC A is connected to AA; FS2's NIC A is connected to BB.
Furthermore, workstations that access FS1 the majority of the time are
connected to AA, while those that access FS2 most often are connected to
BB. This configuration guarantees workstations a direct path to the file
server that they access most frequently.

: Keeping Routing To A Minimum

Redundant Paths with NetWare 386

Thanks to the internal network addressing scheme used by NetWare 386-
based file servers, they avoid the redundant-path problems experienced by
286-based NetWare servers. To illustrate, suppose FS1 is a NetWare 386
file server with an internal network address of CC. In this case, FS2
registers two Hops to CC, while FS1 registers only one Hop to CC.

When the shell obtains the address CC from FS2's bindery, only FS1
responds to the Get Local Target request. FS2 does not answer the request
because it no longer has a route equal to the fastest route to network
segment CC.

The algorithms the NetWare shell uses to connect to a file server are
relatively simple in design. The basic procedure is the same: get a
server's address, obtain a route to that address, and send a request to
establish a connection with the server.

However, when you configure 286-based NetWare file servers in an
internetwork with redundant paths, the shell may inadvertently route
packets through an intermediate router, even though the workstation is
connected to the same network segment as the file server it wants to
communicate with. As a result, you must carefully design redundant-path
networks to avoid such routing inefficiencies. As a general rule, always
connect those workstations that will spend most of the time accessing a
certain server to the NIC A segment of that server.

Appendix B: Internal Components of a File Server

It is a common misconception that NIC A enjoys a higher priority within
the 286-based NetWare servers and that it is therefore somewhat faster
than the other NICs. However, NIC A must vie for access to routing and
file services as a peer of NICs B, C, and D. In fact, within 286-based
NetWare servers, the only difference between NIC A and its peers is that
the address of the server is tied to it.

286-Based NetWare Communication Components

To fully understand the part that NICs play within 286-based and NetWare
386 servers, it is necessary to look at the communications components
that make up a server. Fig. 42 gives a graphic representation of the
communication-related components of a 286-based server that contains two
NICs.

: Internal Communication Components of a 286-based NetWare File Server

Each NIC has a corresponding driver. These drivers can be logically
separated into a send portion that transmits packets through the NIC and
a receive portion that pulls packets off the NIC. The receive portion is
commonly called the driver interrupt service routine (ISR) since it is
executed each time the NIC generates a hardware interrupt. (In most
cases, a hardware interrupt from the NIC indicates that a packet has been
received.)  When a packet is received, the ISR checks the length of the
packet to make sure that it is large enough to be a viable IPX packet but
not so large that it will not fit into the server's buffers. If the
packet does not pass this test, the driver simply discards it. If the
packet is viable, the driver attempts to place the packet in a buffer.

A 286-based file server uses two sets of packet buffers: file service
process (FSP) buffers and communication buffers. The FSP buffers are
primarily used for processing service requests (NCP packets) and can
number between one and 10, depending on the configuration of the server.
These buffers reside within the DGroup memory segment of the server and
are subject to its limitations. (Due to the design of the Intel 80286
processor, memory must be divided into 64KB segments. The DGroup segment
has been optimized in the NetWare operating system code to be the fastest
segment. It contains several components besides the FSP buffers which,
for larger server configurations, may limit the memory available for
these FSP buffers.)

All FSP buffers are the same size; they are sized to handle the largest
packet that  any of the server's NIC drivers can receive. For instance,
if the server contains an Ethernet driver able to handle 1,024-byte
packets and an Arcnet driver able to handle 512-byte packets, the buffers
will sized to handle 1,024-byte packets.

The communication buffers act as overflow areas for packets being
received by the server. The number of buffers that exist ranges from 40
(the default) to 250 for version 2.15c-this number is set within NETGEN
at installation. These communication buffers are also sized to handle the
largest receivable packet size. Both sets of buffers are set up as first
in, first out queues, or linked lists, where the first packets to be
received are placed at the front of the queue and all subsequent packets
placed in line after that.

Without examining the contents of the received packet, the driver ISR
first attempts to place the packet in an FSP buffer. If the FSP buffers
are full, the ISR will try to place the packet in a communication buffer.
The packet is discarded if both sets of buffers are full. The assumption
is that the packet-level error checking implemented at the transport
layer (handled by the NCP, SPX, and so on.) will cause the sender to send
another packet later when the server is not so busy. Once the ISR has
placed the packet in a buffer or has discarded it, the ISR returns
control of the CPU to the server and waits for another packet to be
received by its NIC. The ISR for each NIC follows this same routine. Each
has equal access to the buffers and places received packets at the end of
the FSP or communication buffer queues.

A routing process services the FSP and communication buffers. (This
process is technically referred to as the Mux process or polling
process.)  The routing process periodically checks the contents of the
FSP and communication buffers. This process is responsible for routing
packets found within these buffers to their proper destination, whether
that be in or outside the server. Generally, five types of packets can be
found in the buffers:

o    Service requests for the file server (NCP packets addressed to the
     server)

o    Packets that need to be routed to another network segment

o    RIP packets

o    SAP packets

o    Packets addressed to other processes internal to the file server,
     such as a nondedicated DOS process or a value-added process (VAP)

When the routing process examines a packet in one of its buffers, it
takes one of four actions:

o    If it finds a service request for the server, the routing process
     will schedule an FSP to service the request. The routing process
     will then go on to the next buffer.

o    If it finds a packet not addressed to the server, the routing
     process will check its Routing Information table for the best route
     to the destination and send the packet through the appropriate NIC.
     In this capacity, the routing process acts as the internal router of
     a file server.

o    If it finds a RIP or SAP packet the routing process will update its
     Routing or Server Information table, respectively, if necessary.
     However, if the packet is a RIP or SAP request (such as a Get
     Nearest Server request) the routing process will get the appropriate
     information from its tables and send a response.

o    If it finds a packet addressed to another process within the server
     (the packet would be identified by the destination socket number in
     the IPX header) the routing process will pass the packet on to that
     process.

The routing process first checks the FSP buffers, starting at the top of
the queue. Since file service requests to the server can only be
processed in the FSP buffers, the routing process must try to keep the
FSP buffers as free as possible for these types of packets. Since the NIC
driver ISRs indiscriminately place packets into whichever buffers are
free at the time, the routing process may have to shuffle packets back
and forth between the FSP and communication buffers. Before checking the
contents of the FSP buffers, the routing process checks into see if all
the buffers are full. If so, the routing process assumes that some NCP
requests may have overflowed to the communication buffers. Therefore, any
non-NCP packets that the routing process finds in the FSP buffers are
moved over to the communication buffers to make room in the FSP buffers
for all the NCP requests. If the FSP buffers are not full, the routing
process simply processes all of the packets where they are.

Having completed the scheduling or movement of packets in the FSP
buffers, the routing process switches its attention to the communication
buffers. The routing process attempts to move any NCP request packets
that it finds over to the FSP buffers. It places these packets in a
separate queue within the communication buffers if the FSP buffers are
full. This queue is later checked by the FSP buffers as they finish
processing their current requests. Any packets that are not NCP requests
are routed or processed within the communication buffers by the routing
process.

NetWare 386

The NetWare 386 servers follow the same communication mode as 286-based
servers, with the following exceptions:

o    NIC drivers may be used re-entrantly to handle one or more NICs,
     therefore saving RAM.

o    Only one set of packet buffers exists within a NetWare 386 server
     (this difference stems from the 32-bit addressing scheme used by 386
     processors.)

o    FSP buffers are taken from a pool as they are needed and are not
     assigned to one specific buffer. The number of FSP buffers may
     increase as the load on the server increases.

o    NetWare 386 servers contain an internal network number for server
     addressing.

Fig. 43 illustrates the structure of the NetWare 386 communications
environment.

: Internal Communication Components of a NetWare 386 File Server

Appendix C: RIP and SAP Bandwidth Requirements

On large internetworks with several hundred servers, administrators
become concerned with the load that RIP and SAP broadcasts will place on
their network segments. Of course, these concerns can be appeased for
asynchronous and X.25 links since only changed server and routing
information is sent on these lines. On other segment types the traffic
caused by these broadcasts does not cause a sginificant load. The
requirements and some examples are shown in Fig. 44. As you can see, the
SAP broadcasts for an internetwork containing 250 servers account for
less than one percent of the total bandwidth (10Mb/s) of an Ethernet
segment.

: Bandwidth Requirements for 60 Second Broadcasts

Total traffic load of routing and server information broadcasts on any
given segment will be equal to broadcasting information about all the
network segments and servers that exist on the internetwork. For example,
on a T1 link between two NetWare routers, one router will broadcast
information about all of the network segments and servers that it is
making available to the other router (using the best information
algorithm). The other router will broadcast information about all the
segments and servers that it is making available to the first router. The
total of the two equals the total number of servers and segments that
reside on the internetwork.