A supplement to Novell's CNE Study Set -- IntranetWare/NetWare 4.11
by David James Clarke, IV

Featuring: 

• NetWare 4.11 Operating System 
• IntranetWare TCP/IP 
• IPX/IP Gateway 
• The Novell Web Server 
• FTP Services for IntranetWare 

TCP/IP was originally developed by the U.S. Department of Defense (DOD) in the early 1970s. Back then, it provided packet-switched network connectivity among government agencies, universities, and research institutions. Today, TCP/IP is an "open" industry protocol supported by a variety of manufacturers including Novell, SUN, Apple, DEC, and IBM. TCP/IP offers millions of users immediate access to a complete spectrum of services and information via intranets and the Internet. I guess it's safe to say that TCP/IP is the foundation of our global electronic village. 

In this section, we explore a variety of TCP/IP issues, including: 

• Novell's IPX vs. TCP/IP 
• The TCP/IP Protocol Suite 
• Understanding IP Addressing 
• Understanding Host Naming 
• Installing IntranetWare TCP/IP 

Novell's IPX vs. TCP/IP 

Both TCP/IP and IPX are excellent networking protocols. Both share many common elements, including large, installed bases, routability, and a history of coexistence on LANs and WANs. However, several important differences exist between TCP/IP-based and IPX-based networks, including: 

• The Host
• Addressing
• Locating
• Security

IPX vs. TCP/IP: The Host

In the IPX world, the term "host" refers to a LAN-based server. An IPX workstation is not normally considered a host because it is not a service provider. 

In the TCP/IP world, on the other hand, a host can be either a workstation or a server. This is because both machines offer services to the network. Addionally, all IP workstations and servers require a unique IP address. 

IPX vs. TCP/IP: Addressing

The fundamental difference between IPX and IP addressing can be observed in the way each is used. The IPX protocol was designed for use on private LANs and WANs. Therefore, addressing is a high priority. As a CNE, you need to track only the internal server node and segment addresses on an IPX LAN. Workstation addressing is built into the NIC and is automatic. Addionally, you can register your IPX address with Novell or public IPX network services such as AT&T WorldNet Intranet Connect Service. 

IP addressing, on the other hand, is designed for global public network -- that is, the Internet. As a result, IP addressing is often more complex and more difficult to track. In summary, IP network, subnetwork, and node numbers are all defined in a single IP address, which is decoded by its subnet mask (I explain more about this later). IPX, on the other hand, automatically references the internal NIC's node number. 

If you intend to connect your intranet to the Internet, you will need to obtain registered IP addresses for public use. Global registration is handled by the following organization: 

Network Solutions 
InterNIC Registration Services 
505 Huntmar Park Drive
Herndon, VA 22070

In addition to registered IP addresses, you can obtain your own registered domain name. A domain name is a unique name (such as NOVELL.COM) that identifies you for Web browsing, e-mail, FTP, and so on. I discuss domain names later in this section. 

 

REAL WORLD Most businesses connect to the World Wide Web using an Internet Service Provider (ISP). In the U.S., several types of ISPs cater to business needs. First, carrier-level companies such as AT&T, MCI, and Sprint offer guaranteed Internet connectivity on their respective phone networks. National ISPs, including Netcom and UUNET, offer high levels of service and competitive prices throughout the country; they cater primarily to the "dial-up" customer. Finally, Regional ISPs, such as Earthlink, are usually cheaper than national ISPs, but may not always offer the latest services.  The business ISPs mentioned above typically offer a variety of hosting, services including built-in IP addressing, customized billing, T-1 connectivity, domain name registration, and more.  It just goes to show that in cyberspace, just like anywhere else, you can always get what you want ... for a price.

IPX and TCP/IP networks differ in the way they locate network services. Both protocols rely on directories of network hosts, but each does so in a slightly different way. As you know from previous CNE courses, IPX networks generally rely on Novell Directory Services (NDS) and/or Service Advertising Protocol (SAP) for server identification. Of these, NDS is the newest and preferred solution. 

TCP/IP WANs, on the other hand, rely on either Host Tables or Domain Name System (DNS) servers. Host Tables are typically small text files which list local host names and their corresponding IP addresses. They are very impractical because tables must be copied to every TCP/IP server and client. On most of today's intranets, Host Tables have been replaced by DNS servers, which keep track of virtually all host names and their addresses on the Internet. DNS services can be provided by your ISP or by the built-in functionality of IntranetWare. We'll take a closer look at both of these topics later in this section. 

For more in-depth information on DNS capabilities, see Novell Education Course 658 -- DNS/FTP Installation and Configuration.

IPX vs. TCP/IP: Security

Finally, IPX and TCP/IP networks differ in the way they handle network security. In the IPX world, security is primarily enforced by NDS Authentication (IntranetWare) or the server bindery (NetWare 3.12). It's important to note that IPX security is service-based, not host-based. 

On IP networks, however, firewall security enables you to prevent unauthorized access to a specific network or host. A firewall is typically a network configuration consisting of both hardware and software that forms a boundary between your network computers and the outside world. The computers within the firewall then form a secure subnetwork with internal autonomy. A variety of manufacturers create firewall products, including CyberGuard, DEC, and On Technology. Additionally, Novell has released an advanced firewall for IntranetWare, called Border Services. 

This completes our comparison of Novell's IPX protocol and TCP/IP. Hopefully, you've gained an appreciation for the intranet-based functionality built into TCP/IP. In many ways, it has evolved as a perfect platform for our global electronic village. Now, let's take a closer look at its basic architecture. 

SMART LINK
To learn more about TCP/IP security online, consider browsing to one or more of the following sites: 

The Site Security Handbook RFC

US National Computer Security Association

US National Institute of Standards and Technology, Computer Security Resource Clearinghouse
 
 

The TCP/IP Protocol Suite actually encompasses much more than the IP and TCP protocols. More accurately, it's a group of protocols operating at five of the seven layers of the OSI (Open System Interconnection) model. 

As you undoubtedly recall from your Networking Technologies odyssey (Course 200), the OSI model is the backbone of our networking galaxy. It provides a reference point for communications, networking, and application standards. Today, we're interested in the top five layers and how they relate to the TCP/IP Protocol Suite. 

Additionally, TCP/IP maps to a second standard model developed by the Department of Defense, called the DOD model (how original). The DOD model defines four layers that relate to specific TCP/IP functionality. Each of the four layers maps directly to multiple layers of the OSI model. Here's how it works (follow along with Figure 540SG-1 below): 

• Network Access -- defines the bottom of the DOD model and maps directly to the OSI Physical and Data Link layers. Network Access standards, including Ethernet, Token Ring, FDDI, and the 802 Series, are common throughout the networking industry. 
• Internet -- defines the second level of the DOD model and maps directly to the OSI Network layer. Internet protocols help move data through and between networks, thus connecting diverse senders and receivers. The two most popular Internet protocols are IP and ICMP. 
• Host-to-Host -- defines the third layer of the DOD model and maps directly to the OSI Transport layer. Host-to-Host protocols deliver data to, and receive data from, peer protocols in other network systems. The most popular Host-to-Host protocols are TCP and UDP (User Datagram Protocol). 
• Process/Application -- defines the highest level of the DOD model and maps directly to the OSI Session, Presentation, and Application layers. Process protocols provide user application services and an interface for network connectivity. The most popular Process protocols are HTTP, FTP, Telnet, SMTP, and NFS. 

As you can see in Figure 540SG-1, the TCP/IP Protocol Suite resides primarily at the top five layers of the OSI model. The bottom two layers are occupied by general industry standards (such as Ethernet and Token Ring). Also, pay attention to the top three layers of the DOD model. This is where TCP/IP happens. Let's take a closer look. 

Internet Layer Protocols 

The primary purpose of the Internet Layer Protocols is to route packets between different hosts. Depending on the network structure, several paths may be available between the sender and receiver. Internet protocols move datagrams through the internetwork one hop at a time, by referencing dynamic tables at each hop. Each router along the way makes a decision about a datagram's next hop, based on the logical network and physical device addresses. 

The two most popular Internet Layer Protocols are: 

• IP -- This is the main Internet protocol. IP is a connectionless, packet-switched implementation that performs logical addressing and dynamic route selection. It is also responsible for fragmentation and reassembly. 
• ICMP -- This is the Internet Control Message Protocol. ICMP works with IP to provide error and other control information. Because IP is connectionless, it cannot detect internetwork conditions such as a congested WAN or a failed path. ICMP is used to notify IP and other upper-layer protocols of flow control problems. 

The Host-to-Host layer of the TCP/IP Suite maintains data integrity and sets up reliable end-to-end communication between systems. The main goal of Host-to-Host protocols is to ensure error-free delivery of packets in the proper sequence, with no loss or duplication. 

The two main Host-to-Host layer protocols are: 

• TCP -- This is the Transmission Control Protocol. TCP is the main Host-to-Host Internet protocol. It accepts messages of any length from an upper-layer application and provides full duplex, connection-oriented transport. To accomplish this, TCP uses a virtual circuit between hosts and acknowledges all packets. This ensures a reliable connection for data exchange. TCP is the protocol of choice for Telnet and FTP applications. 
• UDP -- This is the User Datagram Protocol. UDP is closely related to TCP in that it provides Host-to-Host functionality. UDP is not connection oriented, however, and does not acknowledge data receipt. Instead, it uses an unreliable, connectionless delivery system. UDP simply accepts and transports datagrams. On the upside, UDP isn't burdened by all the bureaucracy of TCP; therefore, it can transfer data much faster. This is the protocol of choice for TFTP (Trivial File Transfer Protocol), DNS (Domain Name System), and NFS (Network File System) applications. 

Protocols at the highest level of the DOD model operate much like server NLMs (Novell Loadable Modules). Typically, these processes are not continually running on the host machine. Instead, they are triggered by certain events, such as client requests. Of course, Novell's Web Server is an exception -- it's open 24 hours a day. In the simplest terms, these are the applications that interface with TCP/IP users. 

Some of the most popular Process/Application layer protocols are: 

• Telnet -- This is a remote control protocol for contolling UNIX-based hosts. Using Telnet is much like using RCONSOLE in the NetWare environment. 
• FTP -- This is the File Transfer Protocol. FTP enables a user to transfer files between two networked computers. It also provides a variety of login, directory inspection, file manipulation, command execution, and other Application services. FTP also has a sister protocol called TFTP (Trivial File Transfer Protocol). In a later section, we'll explore Novell's FTP solution: FTP Services for IntranetWare. 
• NFS -- This is the Network File System protocol. It provides file sharing capabilities between users of dissimilar computers. 
• SMTP -- This is the Simple Mail Transfer Protocol. SMTP is an electronic mail routing standard that uses TCP and IP to route mail messages between network hosts. SMTP does not provide a local mail user interface, so you'll have to go find one of your own (such as Netscape). 
• X Windows -- This is an Internet-based application sharing environment. 
• RPR -- This is the remote printing protocol and is an Internet-based remote printing application. 
• SNMP -- This is the Simple Network Management Protocol. SNMP is a troubleshooting application built into hardware at the Network Access level. You can use SNMP to remotely monitor the health of distant Internet hosts. 

Easy . . . you use a virtual e-map. Check it out. 

Understanding IP Addressing 

Now that you understand what the TCP/IP protocol looks like, let's take a moment to explore how it works. Addressing is the most basic law of the information superhighway. After all, you can't successfully travel from point A to point B if you don't know where point B is! Earlier, we learned that one of the simple strengths of TCP/IP is that it treats every host on the network equally; therefore, each host must have its own unique IP address. The IP address is a unique software identifier that contains two important pieces of information: 

• Network Address -- All hosts on the same network segment must use the same network address. 
• Node Address -- Each host on the same network must have a unique node address. 

206.127.205.131 

• IP Address Classes 
• Assigning Your IP Address 
• Host Naming 

The global electronic village has zillions of cyber-citizens; therefore, we need a way to classify different types of hosts. Earlier we learned that IP addresses combine both the network and node address into one identifying number. Classes help hosts determine which portion of the IP address is the network address and which portion is the node address. As you can see in Figure 540SG-2 below, Class A, B, and C networks have increasingly larger network address fields. 

Here's how it works: 

• Class A Networks -- The first octet (8 bits) identifies the network segment, and the final three octets identify the node. In this scheme, the first bit must be a zero ("0"), leaving a total of 127 available network segments. If this seems limiting, consider that each segment can host up to 16,777,216 hosts. Virtually all Class A addresses have already been assigned by InterNIC. 
• Class B Networks -- The first two octets are used to identify the network segment, and the last two octets identify the host. This is the most common network type on the Web, and is reserved for universities and commercial organizations. In a Class B scheme, the first two bits are "10," therefore limiting it to the 128 to 191 address range. There are 16,384 possible Class B network segments, each with up to 65,534 hosts. Relatively few Class B addresses remain available from InterNIC. 
• Class C Networks -- The first three octets identify the network segment, and the last octet is assigned to the host. In this scheme, the first three bits must be "110," therefore confining it to the 192 to 223 address range. There are 2,097,152 possible Class C network segments, each hosting up to 254 nodes. 

Fortunately, these complex, dotted, decimal addresses can be converted into more user-friendly names. This is accomplished using Host Naming, which we'll discuss in a moment. But first, let's learn how to assign IP addresses to custom networks and nodes. 

Assigning Your IP Address 

Once you register a valid network address to your segment, you can assign individual node addresses to each of your hosts. For example, if your Class C network address is 206.127.0.0, you can assign any combination of node addresses to IP workstations and servers: 

206.127.0.1 
206.127.0.131 
206.127.0.254 

• 0.0.0.0 refers to the default route used to simplify IP routing tables. 
• 127.0.0.0 is reserved for loopback. 
• 255.255.255.255 is reserved for broadcasts. 
• 0.0.x.x is an address with all Network bits set to zero. This refers to the current network. Class B only. 
• x.x.0.0 is an address with all Host bits set to zero. This refers to the network segment itself. Class B only. 
• 0.0.255.255 refers to all hosts within a given network segment. 

 

 
 
 
 
 

Host Naming

All of this cyberspace numerology is fascinating, but what does it mean to simple Web surfers? Not much. 

Fortunately, these complex dotted decimal addresses can be converted into more user-friendly names. This process is called Host Naming. You can accomplish host naming in one of two ways: 

• Host Table 
• Domain Name System (DNS) 

Internet Address [space] Official Host Name [space] Aliases

While a Host Table is convenient when looking up addresses within your cyber-neighborhood, keeping a library of up-to-date addresses for every host in the world is impractical. This virtual magic is accomplished using a Domain Name System (DNS). The DNS is structured like an inverted tree, much like the directory structure of an IntranetWare volume. Each node on the tree represents a domain starting at the Root. 

Table 540.2 lists the most common Internet DNS domains, by function. The full name for any given host is constructed by listing all the names from the host to the Root. As with NDS naming, a period is used to separate names. For example, the following DNS name identifies the education department within the Novell corporate domain: education.novell.com. See Figure 540-3. 

Figure 540-3: How this Novell address is formed. 

See Table 540-2 for a breakdown of some common DNS domains. 

Table 540SG-2: Common DNS Domains
DNS Domain	Function
COM	Businesses
EDU	Colleges and universities
NET	Gateways or hosts
ORG	Other organizations
MIL	Military sites
GOV	Government sites
AU	Two-character country code for Australia

This concludes our brief romp through TCP/IP addressing rules. Hopefully, now you have an appreciation for what the TCP/IP protocol looks like and how it helps you surf the information superhighway. Now, let's complete our TCP/IP odyssey with a quick look at Novell's solution: IntranetWare TCP/IP. 

Installing IntranetWare TCP/IP 

IntranetWare support for TCP/IP is provided through Novell's Internet Access Server (NIAS) and/or NetWare 4.11. Also, make sure you are using the latest version of Novell's TCP/IP drivers. Ironically, you can find them on the Internet. 

Once you've installed NIAS on the IntranetWare server, you can configure it to support TCP/IP. Once TCP/IP is installed on your IntranetWare server, you can activate the other NIAS services, such as IPX/IP Gateway, Novell Web Server, and FTP Services for IntranetWare. 

To configure the IntranetWare server for TCP/IP, complete the following steps: 

1. First, ensure that TCPIP.NLM has not already been loaded. You can check this by typing CONFIG at the server console. If TCPIP.NLM is already loaded, unload it now. 
2. At the server console, type Load INETCFG.NLM. If you are asked whether to transfer your LAN driver protocol and remote access commands, choose Yes and press Enter. This will move the LOAD and BIND commands from the server AUTOEXEC.NCF file to INETCFG's startup files. Next, you may receive one or more duplicate load errors saying that a particular statement was not imported. If so, press Enter to continue after each. 
3. From the Main Menu, select Protocols, and then choose TCP/IP. 
4. Specify Enabled in the TCP/IP Status field so that the protocol becomes operational. Press Esc to return to the previous menu and select Yes when the Update TCP/IP Configuration? prompt appears. Finally, press Esc to return to the main INETCFG menu. 
5. To bind a local address and subnetwork mask to the internal server NIC, select Bindings from the INETCFG main menu. Next, press Ins and select TCP/IP. Then, select A Network Interface when the Bind to? prompt appears. Next, select your NIC from the list of configured network interfaces. Finally, type the local IP address and subnetwork mask in the correct fields and press Esc. 
6. Select Yes and press Enter when the Update TCP/IP configuration? prompt reappears. You're done! Exit INETCFG and save the changes you've made. 
7. DOWN and Restart the server so that the changes take effect. 

 

 
 
 
 
 

You've successfully poured the concrete of your on-ramp to the information superhighway. In this section, we've learned that TCP/IP is the glue that holds together our global electronic village. It routes messages between hosts using the IP protocol and ensures reliable delivery with TCP. We've discovered the sophisticated TCP/IP architecture and mastered IP addressing. Additionally, we've armed our IntranetWare server with TCP/IP power. 

Now, we're ready to attack the three main solutions of Novell's global electronic village: 

IPX/IP Gateway
The Novell Web Server
FTP Services for IntranetWare

Forward to IPX/IP Gateway

Back to NetWare 4.11 Operating System

Back to Cramsession