3COM 11.1 User Manual

Size:
197.86 Kb
Download

NETBuilder® Family Software

Version 11.1 Release Notes

3Com provides a documentation CD-ROMthat includes all NETBuilder® software version 11.1 manuals. To obtain a hardcopy version of the 11.1 documentation, order part number 3C6460P.

You can order the documentation CD-ROMusing part number 3C6461P.

Additionally, all documentation for NETBuilder software version 11.1 is located on the 3Com website:

http://infodeli.3com.com/infodeli/tools/bridrout/index.htm

http://www.3com.com/

Part No. 86-0595-001

Published July 1998

3Com Corporation

Copyright © 3Com Corporation, 1998. All rights reserved. No part of this documentation may be

5400 Bayfront Plaza

reproduced in any form or by any means or used to make any derivative work (such as translation,

Santa Clara, California

transformation, or adaptation) without permission from 3Com Corporation.

95052-8145

3Com Corporation reserves the right to revise this documentation and to make changes in content from

 

 

time to time without obligation on the part of 3Com Corporation to provide notification of such revision or

 

change.

 

3Com Corporation provides this documentation without warranty of any kind, either implied or expressed,

 

including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose.

 

3Com may make improvements or changes in the product(s) and/or the program(s) described in this

 

documentation at any time.

 

UNITED STATES GOVERNMENT LEGENDS:

 

If you are a United States government agency, then this documentation and the software described herein

 

are provided to you subject to the following restricted rights:

 

For units of the Department of Defense:

 

Restricted Rights Legend: Use, duplication, or disclosure by the Government is subject to restrictions as set

 

forth in subparagraph (c) (1) (ii) for Restricted Rights in Technical Data and Computer Software Clause at 48

 

C.F.R. 52.227-7013.3Com Corporation, 5400 Bayfront Plaza, Santa Clara, California95052-8145.

 

For civilian agencies:

 

Restricted Rights Legend: Use, reproduction, or disclosure is subject to restrictions set forth in subparagraph

 

(a) through (d) of the Commercial Computer Software – Restricted Rights Clause at 48 C.F.R. 52.227-19and

 

the limitations set forth in 3Com Corporation’s standard commercial agreement for the software.

 

Unpublished rights reserved under the copyright laws of the United States.

 

If there is any software on removable media described in this documentation, it is furnished under a license

 

agreement included with the product as a separate document, in the hard copy documentation, or on the

 

removable media in a directory file named LICENSE.TXT. If you are unable to locate a copy, please contact

 

3Com and a copy will be provided to you.

 

The software you have received may contain strong data encryption code that cannot be

 

exported outside of the U.S. or Canada. You agree that you will not export/reexport, either

 

physically or electronically, the encryption software or accompanying documentation (or copies

 

thereof) or any products utilizing the encryption software or such documentation without

 

obtaining written authorization from the U.S. Department of Commerce.

 

Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may

 

not be registered in other countries.

 

3Com, AccessBuilder, Boundary Routing, NETBuilder, NETBuilder II, OfficeConnect, SuperStack, and

 

Transcend are registered trademarks and Edge Server and Total Control are trademarks of 3Com

 

Corporation.

 

IBM, AS/400, SNA, and LAN Net Manager are registered trademarks of International Business Machines

 

Corporation. Advanced Peer-to-PeerNetworking and APPN are trademarks of International Business

 

Machines Corporation. DECnet is a registered trademark of Digital Equipment Corporation. AppleTalk is a

 

registered trademark of Apple Computer, Inc. NetWare is a registered trademark of Novell, Inc. RealPlayer is

 

a trademark of Real Networks. UNIX is a registered trademark in the United States and other countries,

 

licensed exclusively through X/Open Company, Ltd. VINES is a registered trademark of Banyan Systems.

 

SunOS is a trademark of Sun Microsystems, Inc. XNS is a trademark of Xerox Corporation.

 

Other brand and product names may be registered trademarks or trademarks of their respective holders.

CONTENTS

NETBUILDERSOFTWAREVERSION11.1 RELEASENOTES

Encryption Packages Notice 9

 

 

 

Supported Platforms

10

 

 

 

 

 

New Products

10

 

 

 

 

 

 

SuperStack II SI 5xx (4-port)

10

 

 

Supported PC Flash Memory Cards

10

 

 

Approved DRAM SIMMs

11

 

 

 

 

New Features

11

 

 

 

 

 

 

VPN Features

11

 

 

 

 

 

New and Enhanced Protocol Features

13

 

System Features

15

 

 

 

 

 

Legacy/ATM Features

15

 

 

 

 

Network Management Features

16

 

 

New Features Application Notes

17

 

 

Placing a Data Over Voice Call

17

 

 

Digi64S2 18

 

 

 

 

 

 

ASCII Boot

18

 

 

 

 

 

 

11.1 Software Packages

20

 

 

 

 

NETBuilder II

20

 

 

 

 

 

SuperStack II SI

22

 

 

 

 

 

SuperStack II Token Ring

24

 

 

 

OfficeConnect

25

 

 

 

 

 

Item Not Supported

30

 

 

 

 

 

NETBuilder Upgrade Management Utilities

30

 

Downloading NETBuilder Upgrade Management Utilities

30

UNIX Files

30

 

 

 

 

 

 

Windows Files

30

 

 

 

 

 

Executing

 

 

 

 

 

 

 

profile.bat

31

 

 

 

 

 

 

Version 11.1 NETBuilder Upgrade Management Utilities

31

Upgrading to 11.1 Utilities with Transcend Enterprise Manager 31

Upgrade Management Known Issues 32

 

bcmdiagnose Error Message

32

 

Unreleased Netscape Communicator Version

32

SuperStack II NETBuilder Token Ring Upgrades

32

Sysupgrade Not Supported

32

 

IP Address Link

32

 

 

Concurrent Usage

32

 

 

bcmdiagnose and HP-UX

32

 

bcmfdinteg

32

 

 

 

 

 

 

 

 

File Conversion Considerations

33

 

 

 

 

Upgrading From Release 8.3 or Earlier

33

 

 

 

Upgrade Link and Netscape Browser Scroll Bars

34

 

Upgrade Link Window Resizing

34

 

 

 

 

Notes and Cautions

34

 

 

 

 

 

 

 

APPN Connections to 3174 through Token Ring

34

 

Asynch Tunnelling on Serial Ports

34

 

 

 

ATM LAN Emulation Clients and Large 802.3 Frames

34

Automatic Line Detection

34

 

 

 

 

 

Bandwidth-on-

 

 

 

 

 

 

 

 

 

Demand Timer Precedence

34

 

 

 

 

 

Baud Rates for WAN Ports in DCE Mode 35

 

 

 

Supported Modems

35

 

 

 

 

 

 

 

BGP Configuration Files

35

 

 

 

 

 

 

BSC Cabling and Clocking

35

 

 

 

 

 

Boundary Routing and NetView Service Point

36

 

Compression Requirements

36

 

 

 

 

 

Configuring BSC and NCPs

36

 

 

 

 

 

CONNectUsage Parameter Default Change

36

 

 

DLSw Circuit Balancing

36

 

 

 

 

 

 

DLSw Prioritization

36

 

 

 

 

 

 

 

Disaster Recovery on Ports Without Leased Lines

36

 

DTR Modems

36

 

 

 

 

 

 

 

 

Firmware Configuration

36

 

 

 

 

 

Firmware Update 36

 

 

 

 

 

 

 

IBM-RelatedServices in Token Ring

37

 

 

 

IPX Routing, Route Receive and Route Advertisement Policies 38

LAN Network Manager with NETBuilder II Systems

39

LLC2 Frames and PPP

39

 

 

 

 

 

 

Remote Access Default Change

39

 

 

 

 

SuperStack II and OfficeConnect Boot Path

39

 

 

V.25bis Modem Setup

39

 

 

 

 

 

 

Web Link Documentation Path

39

 

 

 

 

Zmodem Time Out

39

 

 

 

 

 

 

 

Known Problems

39

 

 

 

 

 

 

 

 

APPN CP-CPSessions and SNA Boundary Routing

39

 

APPN CP-CPSessions on Parallel TGs

40

 

 

 

ATM Connection Table

40

 

 

 

 

 

 

Baud Rates for

 

 

 

 

 

 

 

 

 

Async PPP

40

 

 

 

 

 

 

 

 

 

BGP MaxPeers Parameter Changes

40

 

 

 

Boot Cycle Continuous Loop

40

 

 

 

 

Change Configuration and Diagnostic Menu

40

 

Changing the Transfer Mode Parameter Default Value

40

CHAP Rejection Message

40

 

 

 

 

 

CPU Utilization Statistic

41

 

 

 

 

 

 

Deleting ATM Neighbors

41

 

 

 

 

 

DHCP Address Pool Changes

41

 

 

 

 

 

Displaying Configuration Profiles

 

41

 

 

 

 

Dynamic Paths

41

 

 

 

 

 

 

 

 

Extensible Authentication Protocol

41

 

 

 

 

File System Error

41

 

 

 

 

 

 

 

 

Frame Relay Congestion Control

 

41

 

 

 

 

History-BasedCompression Negotiation Failure 42

 

IPX to Non-IPXConfiguration Error

42

 

 

 

 

MBRI Ownership During Board Swapping

42

 

 

Microsoft MPPE Patches and Updates

42

 

 

 

MOSPF DLSw Multicast

42

 

 

 

 

 

 

 

Multiple Paths to BootP Server

42

 

 

 

 

NAT Service - Many to One Outbound Translation

42

 

NAT Service - TCP/UDP Port Mappings

42

 

 

 

PPP Configuration Display Errors

 

42

 

 

 

 

PPTP Tunnel Security Validation

43

 

 

 

 

RAS Ports with Manual Dial Configured Tunnels

43

 

Remote Office RAS Clients and Virtual Port Attributes

43

SPID Wizard Detection Errors

43

 

 

 

 

 

STP AutoMode Does Not Select the Right Mode

43

 

Syntax Checking in PPP AuthRemoteUser Command

44

UI Response Time With Large SDLC configuration

44

 

VTAM Program Temporary Fixes

 

44

 

 

 

 

Web Link Boundary Router Remote LAN Type Display

44

Web Link Firewall Service Support

44

 

 

 

 

Web Link Login Support

44

 

 

 

 

 

 

Web Link Reload Button

44

 

 

 

 

 

 

Limitations

45

 

 

 

 

 

 

 

 

 

ACCM Not Configurable

45

 

 

 

 

 

 

APPN

45

 

 

 

 

 

 

 

 

 

APPN DLUr Connections to 3174 Systems

45

 

 

ATM Emulated LANs 45

 

 

 

 

 

 

 

Auto Start-upDoes Not Include Async

45

 

 

 

BSC and Leased Lines

45

 

 

 

 

 

 

 

DLSw and IBM Boundary Routing in Large Networks

45

Front-EndProcessor/Frame Relay Access for LLC2 Traffic 46

History Compression Not Allowed With Async PPP

46

HPR and ISR Configurations

46

 

 

 

 

 

 

IBM Boundary Routing Topology Disaster Recovery

46

Maximum BSC Line Speed

47

 

 

 

 

 

 

Multilink PPP Configurations

47

 

 

 

 

 

Multiport MBRI Module SNMP Management

47

 

 

NAT Proxy ARP

47

 

 

 

 

 

 

 

 

RouteDiscovery

47

 

 

 

 

 

 

 

 

SDHLC Half-DuplexMode

47

 

 

 

 

 

 

SDLC

47

 

 

 

 

 

 

 

 

 

SDLC Adjacent Link Stations for APPN

48

 

 

 

Source Route Transparent Bridging Gateway (SRTG) Interoperability 48

SDLC Ports and NetView Service Point

48

Source-RouteTransparent Gateway

48

Token Ring+ Modules

48

 

 

VRRP Configuration

48

 

 

 

 

 

 

CONFIGURINGIPSEC

 

 

 

Configuring IPsec

51

 

 

 

Creating Policies

51

 

 

 

Creating Key Sets 52

 

 

Configuring Manual Key Information

53

Enabling IPsec

54

 

 

 

Setting up a

 

 

 

 

VPN PPTP Tunnel

54

 

 

 

Establishing the Dialup Tunnel

56

 

How IPsec Works

56

 

 

 

Policies 57

 

 

 

 

Encapsulation Security Payload (ESP)

57

Authentication Header (AH)

58

 

IPSEC SERVICEPARAMETERS

CONFiguration 61 CONTrol 61 KeyEncryptionKey 61 KeySet 62 ManualKeyInfo 63 manualPOLicy 63

RSVP SERVICEPARAMETERS

CONFiguration 67

CONTrol 67

MaxFlowRate 68

REQuest 68

RESerVation 68

UDPEndcap 68

SR SERVICEPARAMETERS

AllRoutes 69

ROUte 70

SYS SERVICEPARAMETERS

CONFiguration 73

WEBLINKSERVICEPARAMETERS

StatPollInterval 75

NETBUILDERSOFTWAREVERSION

11.1 RELEASENOTES

These release notes provide information on the following topics for NETBuilder® software version 11.1:

 

Encryption Packages Notice

 

Supported platforms

 

New products

 

Supported PC flash memory cards

 

Approved DRAM SIMMs for the DPE Module

 

New Features and application notes

 

11.1 Software Packages

 

NETBuilder Upgrade Management Utilities

 

Notes and cautions

 

Known problems

 

Limitations

 

Changes and additions to the following guides:

 

 

Reference for NETBuilder Family Software

 

 

Using NETBuilder Family Software

 

If you have questions about the software, the guides, or these release notes,

 

contact 3Com or your network supplier.

 

For information on the command syntax used in these release notes, see “About

 

This Guide” in Using NETBuilder Family Software.

 

 

Encryption

The NETBuilder bridge/router software version 11.1 may contain strong

Packages

data encryption that cannot be exported outside the United States or

Notice

Canada. It is unlawful to export/re-exportor transfer, either physically or

 

electronically, the encryption software or accompanying documentation

 

(or copies thereof) or any product(s) utilizing the encryption software or

 

such documentation without obtaining written authorization from the US

 

Department of Commerce.

 

Do not place NETBuilder software version 11.1 packages with encryption

 

on networks or servers that are accessible to users outside of the U.S. and

 

Canada.

 

Software packages with encryption include the following:

 

NETBuilder II®

Part No. 86-0595-001

Published July 1998

10 NETBUILDERSOFTWAREVERSION11.1 RELEASENOTES

Multi-protocolRouter with56-bitEncryption (DE)

Multi-protocolRouter with128-bitEncryption (DS)

SuperStack® II

IP/IPX/AT Router with 56-bitEncryption (NE) (SI model) IP/IPX/AT Router with128-bitEncryption (NS) (SI model)Multi-protocolRouter with56-bitEncryption (CE) (SI model)Multi-protocolRouter with128-bitEncryption (CS) (SI model)

Multi-protocolRouter with56-bitEncryption (TE) (Token Ring models 327 and 527)

OfficeConnect®

IP/IPX/AT Router with 56-bitEncryption (NE) IP/IPX/AT Router with128-bitEncryption (NS)

Multi-protocolRouter with Quick Step VPN and56-bitEncryption (VE)Multi-protocolRouter with56-bitEncryption (OE)

Multi-protocolRouter with128-bitEncryption (OS)

Supported Platforms NETBuilder software version 11.1 is available for the following platforms:

NETBuilder II

SuperStack II NETBuilder models 327 and 527

SuperStack II NETBuilder SI models 43x, 44x, 45x, 46x, 53x, 54x, 55x, and 56x

OfficeConnect NETBuilder models 11x, 12x (K and T variants),13x, and 14x (U and ST variants)

New Products

NETBuilder software version 11.1 supports the following new products:

SuperStack II SI 5xx This release integrates the4-portWAN platform into the NETBuilder software(4-port) version 11.1 code base, which makes it possible to support all SuperStack II

NETBuilder SI, NETBuilder II, OfficeConnect NETBuilder, and SuperStack NETBuilder 327/527 bridge/routers on the same release of software.

Supported PC Flash

Memory Cards

Table 1 lists 3Com®_approved vendors of the PC flash memory card.

The 20 MB flash memory card has a formatted capacity of 19.86 MB. For dual image and full dump capability, 3Com recommends using a 20 MB card.

You can also purchase the blank flash memory card from 3Com:

DPE 20 MB card is 3C6086

Table 1 Approved 20 MB Flash Memory Cards

Vendor and Description

Part Number

Intel Series 2

iMC020FLSA

 

 

Intel Series 2+

iMC020FLSP

 

 

AMD Series D

AmC020DFLKA

 

 

Approved DRAM SIMMs 11

Approved DRAM

Table 2 lists 3Com–approvedvendors of the 32 MB DRAM SIMM for upgrading

SIMMs

the DPE 40 module.

 

 

 

Table 2 3Com–approvedDRAM SIMMs

 

 

 

 

 

 

Size

Vendor and Description

Part Number

 

 

 

 

 

32 MB

NEC

MC428000A32B-60

 

 

 

 

 

72-pin8Mx32 60 ns page mode

Toshiba

THM328020S-60

 

 

 

 

 

 

Toshiba

THM328020B5-60

 

 

 

 

 

 

New Features

This section describes new features in software version 11.1 for the

 

NETBuilder II, SuperStack II, and OfficeConnect NETBuilder bridge/routers.

VPN Features

Layer Two Tunneling Protocol

 

 

 

Layer Two Tunnelling Protocol (L2TP) is a standards-basedprotocol created from

 

combining two similar but incompatible proprietary tunneling protocols,

 

Point-to-PointTunneling Protocol (PPTP) and L2F (Cisco’s tunneling protocol). L2TP

is primarily used in Virtual Private Networking (VPN) environments and allows the creation of a tunnel between a remote site and a central site in order to transport Layer 3 multiprotocol traffic (such as IP, IPX, and AppleTalk) over a public IP network.

L2TP is a connection-orientedprotocol that provides flow control, packet sequencing, and retransmission capabilities. The transport network of L2TP can be anypacket-orientednetwork, but for this release, UDP/IP is the supported transport network type. Similar to a PPTP connection, L2TP puts the data inside a PPP frame and then encapsulates the frame with a UDP/IP header.

A notable difference between L2TP and PPTP is that PPTP precedes Layer 3 frames with a GRE header and forwards them to IP via TCP, but L2TP precedes Layer 3 frames with its own protocol header (which looks similar to a GRE header) and forwards them to IP via UDP.

From a security standpoint, L2TP by itself, like PPTP by itself, does not provide data encryption, authentication, or integrity functions (other than those that exist with IP and PPP) that are critical to maintaining VPN privacy. Also, L2TP does not provide a mechanism for key management. These areas are for further development.

IPX RAS

With this release, the NETBuilder RAS service has been extended to include IPX RAS support. The IPX RAS functionality implemented is Proxy routing (unlike IP RAS which can be either LAN Extension or Proxy Routing). The NETBuilder bridge/router routes IPX traffic between the external IPX network and the internal “Proxy” IPX network. All the IPX clients share a single Proxy IPX network and sit logically on the Proxy IPX network. Forwarding IPX traffic to clients is based on the Node ID (MAC address) of each client.