File "tcpstart.txt"
Path: /info/tips/tcpstart.txt
File size: 97.37 KB
MIME-type: text/plain
Charset: utf-8
=============================================================================
Document: ftp-os2.cdrom.com:pub/os2/2_x/network/tcpstart.txt
or: ftp-os2.nmsu.edu:os2/2_x/network/tcpstart.txt
Guide to getting started with OS/2 networking using IBM's TCP/IP software
=============================================================================
Recent Changes
Aug 03 1993 Added 3c503 Netware+TCP/IP sample files from Roger de Reus.
Added Appendix III on LaMail (thanks R. Walker!).
Changed directories for CSDs, made fixes to unpacking hints.
Added section on useful software to download.
Feb 28 1993 Fixed advice for routed, FTP security (thanks, Andre Asselin!).
Added some tuning ideas. Added lprmon BUFSIZE caution.
Feb 22 1993 Fixed phone numbers, added SLIP appendix. Fixed year to 1993!
Feb 02 1993 Added Netware appendix, tuning hints, other hints and insertions.
=============================================================================
Table of Contents (find sections by searching for the parenthesized number)
(0) Purpose and introduction
(1) Request for more information
(2) Some terminology
(3) Selecting parts of the IBM TCP/IP packages
(4) Preparing to hook up to a TCP/IP network
(5) Installing IBM's TCP/IP Package
(6) Installing the driver for the network adapter
(7) Initial tryout
(8) Downloading CSDs (bug fixes)
(9) A few reminders
(10) Security concerns
(11) Tuning your setup
(12) Interesting TCP/IP software you can download
(13) Good luck
(A1) Appendix I: Coexistence of TCP/IP with Netware
(A2) Appendix II: Supplementary information on SLIP
(A3) Appendix III: Setting up LaMail
=============================================================================
----------------------------
(0) Purpose and introduction
----------------------------
The purpose of this document is to:
1) Orient someone who has heard a bit about networking on OS/2, but
can't yet hold an entire conversation in three to five letter
networking acronyms ("So, Bob, how's TCP/IP coming along today?" "Well,
Jane, NFS if fine, but I'm having trouble with FTP." "Have you
installed the CSDs?" "Yes, but can you ping over SLIP before sending a
job to LPD?"....).
2) Help a new networker install the IBM TCP/IP networking package and
some of its more popular additional modules.
I'm no networking pro, but I've managed to start a working network
system using OS/2 and IBM's TCP/IP offerings. It took me long enough
to sort it all out. I hope I can save someone else the trouble.
I make no guarantees that the following is entirely correct! It's
based on my experiences. PLEASE correct me by mailing me your comments
if you find anything misleading or wrong. Please send me additional
hints based on your own experiences that you feel would be helpful to
put into this document.
-Dean
--
N. Dean Pentcheff
Biological Sciences, Univ. of South Carolina, Columbia SC 29208 (803-777-8998)
Internet addresses: pentcheff@pascal.acm.org or dean2@tbone.biol.scarolina.edu
--------------------------------
(1) Request for more information
--------------------------------
Please let me know of improvements I can make to this document!
Notable gaping holes that I notice (hint, hint) are:
1) Performance tuning - success stories and failure stories are
both equally welcome.
2) Other useful network software - surely some net.geeks have some
nifty utilities and addons that make a networked OS/2 system more of a
joy.
3) Tricks and tips that you've discovered.
--------------------
(2) Some terminology
--------------------
TCP/IP is the name of a communications protocol - it defines a way for
computers to chat with each other.
(PC)TCP is a family of products from several vendors that use TCP/IP on
a PC, generally under the DOS operating system. Note that PC/TCP is a
specific product marketed by SunSoft (the (PC)TCP name has been adopted
as a generic name for that type of product). (PC)TCP is not addressed
in this document - you may have heard about it from DOS systems. The
programs described here do what PC/TCP on DOS does (and more).
Ethernet is a specific hardware protocol for computer communications.
For example, a 3Com 3C503 card is a (very cheap and popular, if not
screamingly fast) Ethernet board for PCs. Using it (and appropriate
software) you can connect a PC to an Ethernet TCP/IP network. TCP/IP
is just one of many communication protocols that can run atop
Ethernet. For example, a Novell Netware network running the IPX
protocol could run on the same Ethernet - same hardware, just different
protocols.
Token-Ring is another hardware protocol in common use. IBM's TCP/IP
package supports both Ethernet and Token-Ring network adapters.
FTP is a "file transfer protocol" that runs on top of TCP/IP (there are
implementations of FTP for pretty much any computer that can talk
TCP/IP, making it a lingua franca for file exchange - it's not pretty
but it works).
Telnet is a defined way for TCP/IP-speaking computers to set up
terminal sessions between each other so that you can actually log onto
a remote computer and interact with your account there.
SLIP stands for serial line IP. It defines a way that you can
connect to a TCP/IP network over a serial line (via a phone modem,
for example). Serial communications is slower than a direct network
connection, but can sometimes be useful. IBM's TCP/IP packages does
support SLIP.
CSD is IBM's word for a publicly distributed bug fix package. Note
that CSDs obsolete prior CSDs. That is, application of any later CSD
will take care of everything that was done by earlier CSDs. You don't
have to apply the whole chronological string of CSDs, just the most
recent one. God help you if you install an earlier CSD over a later
one (IBM sure won't help you).
----------------------------------------------
(3) Selecting parts of the IBM TCP/IP packages
----------------------------------------------
IBM sells a bunch of pieces, many of which are optional, for TCP/IP
networking. Following is a brief summary of them. Note that all of
the following come with both 1.2 Mb 5-1/4" and 1.44 Mb 3-1/2" disks in
the same package (you don't need to specify medium).
-- TCP/IP Base Program (Part #02G6968). Price: US$131. You need this
in order to use any of the other following parts. It gives you the
software to connect your Ethernet or Token Ring card to a network, plus
a few character-oriented programs (Telnet, FTP, ping, etc.). It's sort
of equivalent to the public domain NCSA Telnet package for DOS.
-- NFS Kit (Part #02G6970). Price: US$95. This gives your OS/2 system
the ability to serve as both a client and a server for sharing disk
space using Sun's NFS (Network File System) protocol. In other words,
you can mount disks over the network that are physically attached to
other minicomputers or OS/2 systems as though they were attached to
your computer. Conversely, you can make parts of your OS/2 computer's
disks available for sharing by others. With this package (along with
the Base Program), you've got the makings of a small local area network
that can share disk space and printers.
-- X-Windows System (Part #02G6980). Price: US$95. This gives your
OS/2 system the ability to display output (and relay input) to X
programs running on other computers. X-Windows is a standardized way
for programs (mostly on Unix-based systems) to put graphics on the
screen and interact with the user. X terminology is a bit peculiar:
the program doing the work is called the "client"; the program doing
the display is called the "server". This package allows your OS/2
system to be an "X server", but not an "X client": you can display and
interact with X programs running elsewhere, but you can't run an X
program on your OS/2 system and have its results displayed elsewhere.
-- X.25 Networking (Part #?). Enables X.25 communications from your
OS/2 system. I have no exposure to this product, so I won't comment.
I assume you'll know if you need it.
-- Source code and programming packages. If you're ordering these you
sure as hell don't need me giving you hints on what to do.
And finally, where to order. Peculiarly, IBM often seems unaware
that they sell this product. So far, people have had the best
luck with calling: 1-800-IBM-2-YOU (1-800-436-2968). Another IBM
order line (1-800-IBM-CALL) apparently knows about the product
but likes to charge you more money (?!).
--------------------------------------------
(4) Preparing to hook up to a TCP/IP network
--------------------------------------------
Once you have the TCP/IP base package, you can be a full-blown node on
the Internet. To do that, you _must_ contact a local system
adminstrator on the network to which you will physically connect your
OS/2 machine. He or she must give you an Internet number. Choosing
one at random is unlikely to work and is exceedingly antisocial (since
it may well disrupt others' use of the network).
You can probably select your own cute name for your machine, unless
there is an iron-fisted net administrator who enforces a naming
convention. As examples, our lab works on crab behavior, so our PCs
are called "fiddler" and "cancer". The last place I worked had a lot
of people working on marine larvae, so they had "cypris", "zoea",
"actinula", etc.
When you decide on a name and send it to your Local Network Guru, also
ask the following questions:
What will my machine's full Internet name be (e.g.
fiddler.biol.scarolina.edu for the machine at which I'm
sitting)?
What is my IP address (e.g. 123.234.221.112 as a totally
fictitious example)?
Is this network subnetted? If so, what's the subnet mask
(e.g. 255.255.255.0)?
Is there a non-default broadcast address? If so, what is it?
What is the IP address of a default router for me to use?
What are the IP addresses of three domain nameservers?
And, before you start the software installation, do yourself a favor.
Open up your machine and take a good look at the network adapter card.
Write down any strap or switch options that are set. You'll probably
need them later when you do the software configuration of the driver
for TCP/IP.
-----------------------------------
(5) Installing IBM's TCP/IP Package
-----------------------------------
All the documentation comes with the Base Program. The other packages
just consist of a folder with disks.
It is not initially clear how to proceed, so here's enough to get you
going:
Begin with the manual "TCP/IP Version 1.2.1 for OS/2 (Refresh):
Installation and Maintenance". You install the TCP/IP software first,
then the specific driver software for your Ethernet or Token Ring board.
There's a nice little configuration program called ICAT (Installation
and Configuration Automation Tool). As per instructions, stick in disk
1 and run ICAT from an OS/2 command line.
Push the "Install" button first. It will give you the opportunity to
install any/all of the options you've ordered (base package, NFS,
X-Windows, X.25, and source packages). Check off whatever boxes you
want and feed disks as requested. Go ahead and install everything
you've got.
Once everything has been copied to disk, push the "Configure" button of
ICAT. Now comes the fun stuff. I'm assuming you have the
documentation, so I'll just give you some hints based on what I did.
There's a numbered list of 6 configuration things to do. We'll run
down the list.
1. Configure Network Interface Parameters. You probably only have one
Ethernet or Token Ring board in your computer, so you only have to fill
in half this screen (the other half is for another board - and up to
two more on a "Next Screen"). Your IP address is whatever was issued
to you by your Friendly Local Network Adminstrator. If he/she told you
anything about a "Subnet Mask", enter it appropriately. Leave
"Broadast" and "Destination Address" blank (unless you've been
explicitly instructed otherwise). For that matter, leave the rest of
the screen untouched unless told otherwise. Don't forget to check the
little "Enabled" box in the top left corner. When done, press the
"Menu" button to return to the main Configure menu.
2. X.25 Parameters. You're on your own here (I haven't done this),
but it looks straightforward - stick in your IP address.
3. SLIP Parameters. This is if you're going to use a serial port for
access, instead of a network adapter (SLIP = Serial Line Internet
Protocol). Fill in the IP address, and the rest is like setting up the
dialer in a communications program.
4. Automatic Starting of Services. Again, the following are
reasonable defaults if (a) you haven't been told otherwise; and (b) you
have the software involved.
DO enable the inetd super server - this is one program which
runs all the time and spawns off some of the other network
service programs on an as-needed basis. This way they don't
all have to be started at once.
If you want yourself or others to be able to Telnet into this
machine, enable the Telnet server (BUT SEE NOTES BELOW - THIS
CAN BE A REAL SECURITY RISK). This does not influence your
ability to telnet out of this machine to other machines.
If you want to be able to access files on this machine from
other machines using the FTP protocol, enable the FTP server.
This does not influence your ability to use FTP on your machine
to access other machines. (SEE NOTES BELOW - THIS IS A
POTENTIAL SECURITY RISK).
Unless you know otherwise, DO NOT enable TFTP.
I lean towards not enabling rexec and rsh unless there's a
compelling reason to do so. THESE ARE A REAL SECURITY RISK.
Again, this does not affect your ability to rexec or rsh from
your OS/2 machine to other machines.
If you are going to make a printer attached to your computer
available to other computers (i.e. your machine will be a
network print server), enable the lpd server. NOTE: To prevent
lpd from printing a banner and control file before each
document, set lpd to run in the "Foreground" (not via inetd),
and type in "-b -c" (without the quotes) in the blank for
arguments. This is particularly important if you have a
Postscript printer (since the banner and control files are in
ASCII, not Postscript, they will mysteriously stuff the
printer).
If you've got the X-Windows stuff, enable it (leave the
"Parameters" as it is).
If you're into online typing to people, enable Talk, but
honestly, why not just use the phone?
Enable the NFS Server if you want other people to access your
hard disk (SEE SECURITY NOTES BELOW).
Enable NFSCTL if you want to be able to mount other machines'
disks (but note that they must allow you to do so).
If you have the IP address of a default router on your network,
you can skip enabling the automatic routing server "routed".
If you couldn't get such an address from the Local NetNerd, go
ahead and enable the automatic routing server "routed". (See
some further remarks on this below in the "Tuning" section.)
FINALLY, if you're going to receive mail directly onto your
machine, enable "sendmail". If you're already receiving mail
on another machine, this is FAR more trouble than it's worth
(in my opinion). With the other software you've got, you'll
easily be able to read your mail on another machine, so why
bother with all the sendmail setup stuff (which is relatively
fierce)?
5. Configure Services. I'm going to give hints based on my slightly
net.paranoid approach. See the security notes below for some details.
Put one and only one entry in the FTP Access Protection:
anonymous. (But see further notes in the "Security concerns"
section below.)
If you're doing X-Windows, X Host Authorization gets the name
of the machine(s) on which your X "clients" (e.g. main
programs) will run.
In the X Client Display Variable, enter your OS/2 machine's IP
address (or Internet name, whichever). Not the name of the
host to which you will be connecting, but this very OS/2
machine's address. Follow the IP address or machine name with
":0" (without the quotes of course). For example, I entered:
fiddler.biol.scarolina.edu:0
Fill in the timezone in standard Unixoid format. See page 95
of the manual for some of the more popular timezones.
If you will use another machine's printer, enter that machine's
name and its printer's name.
If you took my advice on rexec, enter nothing in the rexec
username and password.
Enter nothing in the password field for telnet (BUT SEE THE
SECURITY NOTES BELOW).
Enter your machine's name in the Hostname field (just the very
first part of the name: "fiddler" in the case of
"fiddler.biol.scarolina.edu"). Enter the rest of the name in
the Domain Name field ("biol.scarolina.edu").
Type in (correctly!) the IP numbers of the (up to) three local
nameserver machines your Always Cheerful Network Adminstrator
gave you.
6. Routing Information. If you have the IP address of a default
router, enter it here. Follow the keypress instructions to insert an
entry. Toggle the "Route Type" field using space, leave "Route
Destination" blank, type in the IP address into "Router", and leave
"Metric count" at 1. If you do _not_ have the IP address of a default
router, make sure you enabled the "routed" daemon. Then check below in
the "Tuning" section to see how you can find out your default router's
address later, insert it here, and dispense with "routed."
When this is done, go ahead and "Exit" all the way out of the ICAT
program, reassuring it that you really do want it to write this stuff
to disk as it quits.
-------------------------------------------------
(6) Installing the driver for the network adapter
-------------------------------------------------
Once you finish with all that nonsense, you will realize that you
haven't told the software anything about the network adapter you've got.
Time to turn to the "LAN Adapter and Protocol Support Introduction and
Configuration Guide". Cram in the LAPS disk, and, from an OS/2 command
prompt, start up the "LAPS" program from the floppy.
The following discussion assumes you will be using a network adapter
card (either Ethernet or Token-Ring). If you will be using SLIP (IP
over a serial line with a modem), I suspect things may be a bit
different, but I don't know, I've never tried (as in: "Can you play the
violin?" "I don't know, I've never tried"). See Appendix A2 below for
some supplementary information on SLIP. I don't use it, so I haven't
tested this, but give it a whirl. For now, we'll continue to assume
that you're using a network adapter card...
First do the "install" to copy in the software. Next, go to the
configuration part.
What you do is simple: pick one from column A and one from column B. In
fact, IBM has made it simpler still - there's only one choice in column
B (but you still have to explicitly pick it). Choose your network
adapter from the Network Adapters list (select and "Add" it). (If your
network adapter isn't on the list, see the remarks a few paragraphs
below here.) Then choose the only choice (IBM TCP/IP) from column B.
You've now declared that your network adapter number 0 (the first one)
is of a particular type, and it will run TCP/IP.
Now highlight the adapter name in the Current Configuration window and
press "Edit". Now's your chance to make sure that the hardware options
on your adapter match up with the software's idea of them. Change
anything that needs changing. When in doubt, leave it as it was.
Notably, you should probably leave the "Network Adapter Address"
blank. That number is supplied by the board hardware unless you enter
an overriding number here.
Once you're done with the configuration, press "OK" and the proper
configuration will be copied in.
What if your network adapter isn't "supported"? That is, you didn't see
it on the LAPS list. Odds are good that it really is supported. First
of all, check the documentation - your adapter may emulate an adapter
that is in the LAPS list. If so, you're home free. If not, you need to
get hold of an "NDIS driver" for your adapter. There may be one on a
disk that came with the card. Alternatively, you may be able to find
one on the ftp-os2.nmsu.edu archive (see the section on downloading CSDs
in this document to see how to access the archive).
Once you've got the NDIS driver, you'll need to do a little hand editing
of some configuration information. The following description is edited
from some advice posted to the Usenet group comp.os.os2.networking by
Kai-Uwe Rommel (rommel@Informatik.TU-Muenchen.DE) regarding the popular
3Com Etherlink III card (a very fast, excellent Ethernet card, by the
way). I haven't done this myself, so I don't know how easy it will be
to adapt these instructions to other cards, but take a look at this and
see how it goes...
NDIS drivers for DOS and OS/2 come included with the Etherlink
III card. I'm not sure if the LAPS install program of the TCP/IP
package allows "other cards" to be installed, but otherwise
simply install the Etherlink II drivers first. Then, before
rebooting, copy ELNK3.OS2 from the Etherlink III driver floppy
to the same location where ELNKII.OS2 is and replace ELNKII.OS2
in config.sys by ELNK3.OS2. In the protocol.ini in \IBMCOM, add
[ELNK3_nif]
DriverName = ELNK3$
right below the [ELNKII_nif] section and replace
Bindings = ELNKII_nif
in the [TCPIP_nif] section by
Bindings = ELNK3_nif
and it should work after rebooting. You may want to boot DOS and
run the 3C509 program from the Etherlink III driver disk to set
up the card to use an IRQ > 8 (i.e. IRQ 10, for example) and set
the "client type" to a better suited one (you can choose DOS
client, Windows or OS/2 client or server). If you install the
Etherlink III in EISA machines, run the 3C509 program to switch
the card into EISA mode (yes it has one although it is an ISA
card) and use the EISA setup program and the config files on the
Etherlink III driver disk to configure it. See Appendix E in the
Etherlink III manual.
------------------
(7) Initial tryout
------------------
Are ya feelin' lucky? Hope so. Quit out of LAPS. Do the standard
OS/2 Shutdown. Make sure your network adapter is actually plugged into
a network. Cross fingers and toes. Start up OS/2.
It will take much longer to boot as five zillion networking programs
crank up. Lots of them will put screens up as they come on. Once
things are up, you can minimize these screens. Meanwhile, they will
tell you of your progress.
If things really choke and you don't get a boot, well, you knew the job
was dangerous when you took it. Get an OS/2 guru to boot from a floppy
for you and REM out the line in "startup.cmd" that says "CALL
C:\TCPIP\BIN\TCPSTART.CMD".
Assuming things more-or-less come up, try things out. First, from an
OS/2 command line, try a ping to yourself. In my case, that's "ping
fiddler.biol.scarolina.edu". You should get a series of one-liners
once a second informing you that you've sent 64 bytes to yourself and
received it. Press Control-C to quit that. If, after you enter your
ping command, you get nothing (the command just hangs there), you've
got a problem: you're unable to find yourself. Check your machine name
and Internet number using ICAT, and make sure your network adapter
board is properly set up, and the correct parameters are set using
LAPS.
One thing you'll want to try (but DON'T) is to double-click on the cute
little INETD icon. Don't do it. You'll get a textmode screen with
Inetd's potential clients listed. That's it. No menus. No nothing.
It makes you feel like DOS is back. Press Alt-Tab or Alt-Esc to get
the hell out of there. Memorize this, because one day you'll do it
accidentally anyway.
Try telnetting to your local host. Try an FTP file transfer. Once FTP
file transfers work, I advise you to take the following step next,
before doing much more playing.
Note: unless you've started telnetd and/or ftpd (or have them set
to start from inetd), don't try to telnet and/or ftp to yourself!
--------------------------------
(8) Downloading CSDs (bug fixes)
--------------------------------
My system almost-kinda-sorta worked (flakey is the word that comes to
mind). Following application of the bug fixes, it works very
smoothly. So, to avoid wasting time, apply the bug fixes early.
Following is the scoop on how to do this.
DON'T BE INTIMIDATED BY THE LENGTH OF THIS SECTION! Because the CSDs
change with time, this section is verbose to cover different
contingencies. It's really quite straightforward in practice. Install
the bug fixes - you'll be very happy you did.
1. For neatness' sake, make a subdirectory called "csd" (well, don't
listen to me about it, call it "rosebud" if you want). Do a "cd" to
that directory (all this is done from an OS/2 command line).
2. Give the command: ftp ftp-os2.nmsu.edu
3. If that doesn't work ("host unknown" or "network unknown") you've
got a problem with domain name resolution. MAybe routed.exe isn't
running or you have a bad DNS nameserver entry? Ignore that for now,
but fix it later. Try giving the command: ftp 128.123.35.151
4. Log in as user anonymous, with your full login (joe@ace.b.c.edu) as
password. Yeah, you don't really have a user name ("joe") since you're
on a single-user machine. Make one up. For my machine, for example,
I might enter "dean@fiddler.biol.scarolina.edu" (without the quotes).
5. Give something like the following FTP commands [things in square
brackets are my comments, not parts of the commands]:
binary
cd os2/ibm/tcpip [get to the directory with fixes]
get tcpcsd1.exe [Base TCP/IP package patches]
get tcpcsd2.exe
get basecsd.doc [how to install Base CSDs]
get nfscsd1.exe [if you've got NFS]
get nfscsd.doc [how to install NFS CSDs]
get pmxcsd1.exe [if you've got X-Windows]
get pmxcsd.doc [how to install X-Windows CSDs]
You may find that some of the CSDs have filenames ending in ".zip"
instead of ".exe". If so, do the following as well:
cd /os2/2_x/archiver
get unz50x32.exe [Info-ZIP unzipper for unpacking]
Quit from FTP with the following command:
bye
Of course, this will be out of date soon. Just look for the most
recent CSD packages in the directory and snarf them. Likewise for the
Info-Zip unzipper. You should also check the directories "/os2/new"
and "/uploads": new uploads go there first and may not have made it to
the patches directory yet. If there are several different CSDs for
products you have, download them all. Unpack them (see below) each
separately on your machine and check the comments in the installation
scripts for the latest date.
6. Unpack the suckers. If you got the unzipper program, just just run
unz50x32. It will unpack itself into the unzip program. Each CSD
release seems to be slightly differently packaged, so I'll just give
some general guidelines here. You can probably install them from your
hard disk, without having to copy them onto floppies (though they are
usually designed to be installed from floppies). Make a subdirectory
for each type of CSD (for example, I made subdirectories "base", "nfs",
and "pmx") under the directory where you have the zip files. Then
unpack each bundle into its appropriate subdirectory.
If the CSD filename ends in ".exe", things are easy: it will unpack
itself into its component files. For example, to unpack the Base
packages, I'd do the following:
mkdir base
cd base
..\tcpcsd1
..\tcpcsd2
If the CSD filename ends in ".zip", you have to explicitly use the
unzip program to unpack the file. For example (if the CSD files were
called "tcpcsd.base1.zip" and "tcpcsd.base2.zip"):
mkdir base
cd base
..\unzip ..\tcpcsd.base1
..\unzip ..\tcpcsd.base2
Normally, the unzipping leads to the creation of 5-50 updated programs
and files, one of which is an installation script (ending in ".cmd").
In some cases, the zip files will unzip into one or two monolithic
".exe" programs. These aren't really standalone programs, but are
self-unpacking zip files. If, when you're done unpacking the first
level of zip files, you only have one or two huge ".exe" files and you
DO NOT HAVE ANY FILES THAT END IN ".CMD" (i.e. you don't have an
installation script yet), check to see if the couple of huge programs
are actually zip files in disguise. To do that, run the listing
function of unzip.exe. For example, to check a hypothetical file
"basecsd.exe", try running:
..\unzip -v basecsd.exe
If the unzip program barfs, it's not a zip file. If you get a nice
listing of lots of filenames, you can unzip the archive by simply
running the program. For example:
basecsd
Don't do any of this fussing if there's a ".cmd" file in the directory
from your inital unzipping - that's probably the installation script
which will take care of the next level of unzipping for you.
7. Check the installation scripts. I've found two types. One is a
pretty elaborate script that quite neatly checks your system out and
installs the CSDs from the hard drive directory. These longer scripts
are over 100 lines long. If there are just a few files that need
copying, there may be a short script instead. In some cases, these
short scripts are "hardwired" to copy from the A: drive (tacky!). A
quick edit of any offending lines takes care of the problem. For
example, changing the line:
copy 'A:nfsctl.exe' BASE'\bin\nfsctl.exe'
to read:
copy 'nfsctl.exe' BASE'\bin\nfsctl.exe'
converts the command so that it will run from the hard drive instead of
needing to be put on a floppy.
8. Now you've got your CSDs (bug fixes) on disk, ready to install. You
have to first REM out a couple of lines in your startup scripts, then
reboot. Otherwise, OS/2 will refuse to let you update programs that are
currently running. Using your favorite editor, edit your c:\config.sys.
Find the line that runs CNTRL.EXE. Insert REM (followed by a space)
before it. Save the file (as Plain Text, if you're asked). I found
that I also had to edit the file c:\startup.cmd and REM out the line
that reads "CALL C:\TCPIP\BIN\TCPSTART.CMD".
Now reboot.
Why not do all this before even rebooting once? Because applying the
CSD depends on a lot of networking environment that is set up in the
main config.sys file, so you've got to have booted with the networking
stuff installed but REMed out for the CSD to apply properly.
9. If you're lucky, IBM will have included a "*.doc" file that will
give you some hints on how to install each CSD. If so, read the file,
and read the hints in the next paragraph. Between them all, decide how
to install the CSDs.
In the absence of an official "*.doc" file, you're on your own. Each
CSD has its own handy install script. Go to each CSD's subdirectory
and run the something-or-other.CMD file. For example, for the Base
Package it might be basecsd.cmd; for NFS it might be nfscsd.cmd; for
X-Windows it might be installx.cmd (thanks for the consistency, guys).
Or it may be called something new and exciting. Basically all that
these do is copy over a bunch of new versions of programs on top of the
old ones. As far as I can tell, they don't meddle with initialization
setups. [Late note on that - one of the newer CSDs does install a new
xinit.cmd, but quite politely informs you that it is moving your old
one to "xinitbak.cmd".]
10. With your trusty editor, remove the REMs from config.sys and
startup.cmd.
11. Reboot OS/2 to a far less bugfull networking setup.
12. Periodically check in at ftp-os2 for new CSDs. Apply as above and
they will overwrite whatever is needed to bring you up to date. Note
that later CSDs make earlier CSDs obsolete: each CSD is complete. You
do NOT need to install the whole chronological string of CSDs to get up
to date. The latest CSD will do everything that any earlier CSDs did.
-------------------
(9) A few reminders
-------------------
If you want to mount part of a Unix box's disk, the Unix machine will
need an entry in its /etc/exports file describing what you're allowed
to mount. Similarly, your OS/2 system's \tcpip\etc\exports file will
have to list systems you allow to mount your disks (SEE SECURITY NOTES
BELOW).
If you want to redirect printer output from your machine to an LPD
program on some other machine, you'll have to start up an lprmon process
for each of the printer ports you wish to redirect. See the manual for
the syntax. The trick is where to put the startup commands. If you
don't mind seeing the lprmon windows appear at boot time, edit the file
\startup.cmd and insert the command(s) there. That's a better solution
than putting them in \tcpip\bin\tcpstart.cmd, since tcpstart.cmd gets
clobbered if you rerun ICAT to reconfigure your setup. If you are going
to edit your tcpstart.cmd file anyway (see the section below on tuning
for reasons you might do that), go ahead and stick them into
tcpstart.cmd.
Note that there's a weirdness associated with lprmon: it apparently
cannot monitor a port that has a larger-than-default buffer size. So
make sure that you check the PRINTMONBUFSIZE in your \config.sys. For
any port(s) on which you will run lprmon make sure that the buffer size
is left on the default setting (134). For example, a vanilla version
should be: PRINTMONBUFSIZE=134,134,134
----------------------
(10) Security concerns
----------------------
You are now a node on the Internet (assuming you've hooked up to an
Internet-worked network). That means you have to be security conscious.
You don't have to be an international bank to be chosen as a victim.
There really are people out there trying to break into whatever
computers they can. You don't want to leave yourself open to that.
Furthermore, if your computer is ever broken into, you stand a far
better chance of getting sympathetic help if you didn't leave it wide
open in the first place. If I leave my door open and someone walks in
and takes things, they are still doing wrong, but I'd be more likely to
get sympathetic help had I locked the door.
I will outline the approach I've taken to setting up our OS/2 systems.
I AM NOT A UNIX OR NETWORK SECURITY EXPERT. Just for good measure, I'll
say that again: I AM NOT A UNIX OR NETWORK SECURITY EXPERT. I've done
enough reading to know that (a) it matters; and (b) security holes can
be very subtle. So don't necessarily believe what I'm recommending. I
welcome comments (but I will not open a debate on the morality of
computer breakins).
1. Enable Telnet but only with the real password option. The default
password option offered is very weak. It requires a single password
that is readable by anyone who has access to the system. VERY WEAK.
But, buried deep is a better solution. On page 72-73 of the
Installation and Maintenance Manual is the description of how to set up
telnet to require a Unix-style password file. Now, Unix-style passwords
are far from hyper-secure, but they're better than a clear-text
"password"! Perversely, IBM doesn't provide you with a program to make
the passwd file: you'll need to copy an /etc/passwd file from a Unix
host. But you've probably got a login on a Unix machine - you can use
its password file.
Follow the directions to install the passwd file and shuffle in a
different version of the login.exe program on OS/2.
In general, don't depend on any of the so-called "passwords" that appear
in environmental varibles. World-visible passwords are a (bad) joke.
2. Disable incoming FTP except for the very restricted "anonymous"
account. Your TRUSERS file should look like this:
user: anonymous
rd: c:\anonymous
wr: c:\anonymous
Make sure to create the directory c:\anonymous. Someone can stuff your
system by filling disk's c:\anonymous directory with garbage, but that's
relatively benign. If that's a problem, remove "c:\anonymous" from the
"wr:" field. How can anyone FTP a file into your machine if you don't
even let them have ftp write access to "\anonymous"? With this setup, a
really trusted user can have an entry in the Unix-style passwd file.
Then she or he can telnet into your machine and run FTP on your machine
to suck the file in.
Don't have anything else in the TRUSERS file. The idea of unencoded
passwords is ludicrous.
[Supplementary note added later:] Perhaps the above approach is a
little harsh. It turns out that FTP will not allow reading or writing
of the TRUSERS file. Hence, you _could_ put other entries into the
TRUSERS file and an FTP-logged-in person couldn't pilfer the TRUSERS
file itself. NOTE however, that TRUSERS will be accessible to any NFS
or Telnet users, so passwords there are still available. You decide.
Personally, it makes me too nervous.
3. Don't enable the rexecd server. It depends on clear-text passwords
in the environment or in the NETRC file. People can Telnet in through
the passwd-protected telnet, then execute the command. Same goes for
the rshd server.
Come on. Do you really want Joe Unwashed-behind-the-ears to be able to
do "rexec yourmachine del c:\*"? And then giggle a bit. Yup, that
could happen.
4. Don't enable the TFTP daemon "tftpd" unless you really need it for
some obscure reason. FTP does the job.
5. Vanilla NFS is well known to be full of security holes. You'll
notice the tight security demanded by the Unix host: give it a UID and
GID number and that's who you are. Cute. I'd be very wary about giving
write permission to my disk.
REMEMBER: THERE ARE NO ACCESS CONTROLS ONCE SOMEONE HAS ACCESS TO YOUR
OS/2 SYSTEM. No files are protected from reading or deletion. Once
someone is into your system, they can happily read any of your setup
files in \tcpip\etc (which could [if you're naive] contain real live
readable passwords). They can also read your \config.sys and
tcpstart.cmd files, in case they missed a password or two.
The only people I want to have write access to my system are people
who've passed the (really minimal!) test of having logged in past the
Telnet-with-Unix-style-passwords.
----------------------
(11) Tuning your setup
----------------------
Following are a few hints and suggestions that may help your networking
system work better. Where I remembered, I've attributed suggestions to
the people who suggested them. In most cases, these suggestions
appeared on the Usenet newsgroup comp.os.os2.networking. I have edited
many/most of these for conciseness and format, so I'm to blame if I've
screwed them up (sorry). My apologies to those whom I forgot!
1. If you edit any of the installation scripts yourself, note that IBM
uses an undocumented syntax. They use "attrib file parameters" instead
of "attrib parameters file". This works fine unless you use 4OS2 (a
command-line enhancer). If you do, start up an unenhanced cmd shell
first. (mathelmr@nuscc.nus.sg (Helmer Aslaksen))
2. After the initial thrill wears off, you'll wish there was some way to
get OS/2 to stick all the networking windows into the Minimized Window
Folder automatically at boot time. Following is a scheme for doing so.
The basic idea is to stop tcpstart.cmd from being run in the
\startup.cmd script (running it as a "Startup" folder object instead)
and get all the programs started minimized, instead of as normal
windows. (sip1@midway.uchicago.edu (Timothy F. Sipples),
mathelmr@nuscc.nus.sg (Helmer Aslaksen), others)
A) Edit \startup.cmd and put a REM in front of the line that
runs the tcpstart.cmd script. Add an "exit" to the end of the
\startup.cmd file (if you want its window to vanish, too). In
fact (if nothing else is started in that file) instead of
editing it, you can just move it to \startup.old and forget
about it.
B) From the desktop, open the "OS/2 System" object, then the
"Startup" object within that.
C) From the "Drives" object, open up directories until you have
an icon view of the \tcpip\bin directory. Click the right mouse
button once on the \tcpstart.cmd script. Using the resulting
popup menu, create a shadow of the object, selecting the
"Startup" window to be its location. The reason for doing A-C
is that things in the "Startup" folder start up late enough in
the boot process that they start after the Minimized Window
Viewer is in place. Otherwise, you get icons across the bottom
of the desktop (eeeeww!).
D) Now edit the file \tcpip\bin\tcpstart.cmd. Wherever you see
a "start ..." line, change it to "start /min ...". That will
cause the programs to start minimized. NOTE: Check this file
again any time you run ICAT: your changes may get blown away
so that you'll have to reinsert the "/min"s.
E) For any line in tcpstart.cmd that starts "call ...", edit the
script that gets called. In those scripts, again change "start
..." lines to "start /min ...". Check this also after running
ICAT.
3. Some of the networking software doesn't actually need to be run as a
subprocess of a "cmd" process. For these cases, rather than issuing a
"start ..." or a "start /min ..." to kick them off, you can issue a
"detach ...". For some processes (ones that have certain requirements
for interaction with keyboard and display), this won't work.
Experiment with it, though, you can save some memory that way. I've
found that it works with lprmon, lpd (run standalone, not via inetd),
portmap, and nfsd. It does not work with telnetd. I think it works
with inetd itself, but if inetd starts telnetd for you, then telnetd is
stuffed. Hence, I gave up on inetd. Others, you're on your own...
4. If you have already put a default router's IP address into your
configuration, you're probably not running routed. If you are running
routed, however, you may be able to discover what your default router
is, insert its address, and stop running routed. After you've been
doing network things for a while (including pinging or ftping some
remote sites), give the following command from an OS/2 command window:
netstat -r
Look for an entry that begins with "default". You guessed it: use that
IP address as your default router address. Use ICAT to edit your
network configuration: turn off "routed" and configure the default
router's IP address into the Routing Information section. (Routed
information: assela@rpi.edu (Andre Asselin))
5. The networking software sucks memory. If you have 8 Mb or less of
memory, your performance will go down noticeably (but far from fatally)
as OS/2 swaps things in and out more often. Don't need the TELNET
server? Close it. Don't need the FTP server? Shut it down. Don't
need the TALK daemon? Get rid of it. Mailer unnecessary? Leave it
aside. Only use X Windows occasionally? Start up the PMX daemon "by
hand" when you need it. That said, we find that full blown TCP/IP does
quite well in (true) 9 MB. The extra megabyte appears to make all the
difference in the world. If you don't run with everything but the
kitchen sink, 8 MB is viable. The 2.1 release should improve on that
even more [since IBM is making efforts to make the OS/2 base use up
less memory]. Pay attention to cache sizes, by the way: a disk cache
that is too large will actually decrease performance.
(sip1@midway.uchicago.edu (Timothy F. Sipples)) Our experience is that
beefing up our systems to 16 Mb made things run _far_ more nimbly: the
near-continual disk grinding stopped and the agonizing pauses went
away.
--------------------------------
(12) Interesting TCP/IP software
--------------------------------
There is a plethora of free software available on the Internet. One of
the largest repositories of OS/2 software is the machine:
ftp-os2.nmsu.edu. Access it using anonymous FTP. That is, connect to
it using ftp (give the command: ftp ftp-os2.nmsu.edu) and give the user
name "anonymous" (without the quotes) when prompted for a user ID.
When prompted for a password, give your email address. See the manual
entries on the FTP program for more details. Also see part (8) of this
document for an example of downloading some files using FTP.
Following are some pointers to useful TCP/IP-oriented programs (and
some other "indispensables") that can be downloaded from ftp-os2 or
other archive sites. The filenames are indented under the names of the
directories under which they are found on ftp-os2 - locations may vary
on other archives. A "*" for the filename indicates that there are
several files in that directory that are relevant.
os2/all/info/faq/
* The OS/2 Frequently Asked Questions (with answers!)
os2/ibm/ews/
gopher.zip PM client for the Internet Gopher Client
goserv.zip A Gopher Server protocol for OS/2 2.x
os2/2_x/network/
nistime.zip Update time/date from NIST Internet server
os2gofer.zip Gopher client for OS/2 PM (requires VREXX & TCP/IP)
os2nosv4.zip TCP/IP for OS/2 (via SLIP) - text-based
passwd.zip IBM TCP/IP passwd file maintenance utilities
slip20b1.zip Better performing SLIP for IBM TCP/IP 1.2.1
tcpstart.txt This document you're reading now!
tn_enh11.zip Enhancement for IBM OS/2 2.0 telnet daemon
wsos21.zip Novell Netware Requester 2.01 for OS/2, Disk 1 of 3
wsos22.zip Novell Netware Requester 2.01 for OS/2, Disk 2 of 3
wsos2d.zip Novell Netware Requester 2.01 for OS/2, Disk 3 of 3
nsd202.zip Novell Service Diskette (NSD #2) for WorkStation Kit
os2/2_x/network/ndis/
* NDIS drivers for many Ethernet cards
os2/all/network/ndis/
* NDIS drivers for many Ethernet cards
os2/ibm/tcpip/
* Home of "official" IBM bug fixes to TCP/IP
os2/2_x/patches/
* Home of more CSDs and bug fixes
os2/2_x/unix/unixutil/
elvis172.zip Elvis 1.7, a vi clone (for Unix devotees)
xfeel11.zip A utility to make PM behave like X-Windows
--------------
(13) Good luck
--------------
That's about it for now, folks. Read the IBM manuals - they're actually
not too bad. Not hold-your-handish, but most of what you need is
(somewhere) in there.
Best of luck with networking. Maybe we'll ping each other one day...
---------------------------------------------------
(A1) Appendix I: Coexistence of TCP/IP with Netware
---------------------------------------------------
Personally, it's hard for me to believe, but apparently there's this
other networking scheme out there by this little startup called
Novell... I haven't needed to interact with a Novell network, but lots
of people do. I've collected some of the postings from the Usenet
newsgroup comp.os.os2.networking that address this issue. I hope that
they will help you get things working if you need to access TCP/IP and
Novell.
I have edited the text for brevity and consistency, so please pardon any
errors I may have introduced in the process. Thanks go entirely to the
original posters of these messages - I've done nothing but copy their
work.
********************************************************************
From: ccherry@vnet.ibm.com
Organization: IBM Boca Programming Center
Date: Wed, 27 Jan 93 23:53:32 GMT
Install the NetWare requester. Then install LAN Adapter Protocol Support
(LAPS). This came with your TCP/IP disks. Choose NetWare Requester
support if it is available. Next install TCP/IP Support.
If your version of LAPS offered NetWare requester support, double click
on the NetWare line and a dialog will appear. The first line will be for
the universal address of your Ethernet card. Enter that number and exit
LAPS. Alternately, you can edit the LANADDRESS = line in
\IBMCOM\PROTOCOL.INI
If LAPS did not have NetWare support, you must follow the directions in
Chapter 6 of the NetWare Requester for OS/2 manual.
Good luck!
********************************************************************
From: davbur@joyner.lib.ecu.edu (David L. Burke)
Organization: UNC Educational Computing Service
Date: Mon, 25 Jan 1993 23:54:56 GMT
Hope this stuff helps, guys. It was a bitch, but I got Requester to
work with TCP/IP for OS/2 1.2.1. Below are The Big Three: CONFIG.SYS,
NET.CFG, and PROTOCOL.INI.
Before I say anything else, I hope to hell that after making these
changes that your machine doesn't boot up with a register dump or some
stupid message like "unable to locate Country.sys," or anything else
which stops you in your tracks. Please make sure you have a floppy boot
disk handy (I prefer makeboot.cmd myself.) Good luck.
General points: Don't let ICAT or LAPS alter your config.sys. Add the
appropriate lines and include \TCPIP... and \IBMCOM... in the necessary
path statements.
Setup: I'm using an NE2000 NIC (there's a NE2000.NIF on hobbes for
LAPS). This setup works with 2.1b (as long as OS/2 is not loaded on
Drive E: for some wierd reason). I'm superstitious about the INET.SYS
and IFNDIS.SYS files, making sure I use the same ones with each new
install. Don't have any idea why that is though.
* * * * * *
* CONFIG.SYS (Notice that all the TCPIP and IBMCOM stuff is at the end of
* the file, after the requester stuff.)
* * * * * *
IFS=D:\OS2\HPFS.IFS /CACHE:512 /CRECL:4 /AUTOCHECK:D
PROTSHELL=D:\OS2\PMSHELL.EXE
SET USER_INI=D:\OS2\OS2.INI
SET SYSTEM_INI=D:\OS2\OS2SYS.INI
SET OS2_SHELL=D:\OS2\CMD.EXE
SET AUTOSTART=PROGRAMS,TASKLIST,FOLDERS,CONNECTIONS
SET RUNWORKPLACE=D:\OS2\PMSHELL.EXE
SET COMSPEC=D:\OS2\CMD.EXE
LIBPATH=.;D:\OS2\DLL;D:\OS2\MDOS;D:\;D:\OS2\APPS\DLL;D:\NETWARE;
D:\TCPIP\DLL;D:\IBMCOM\DLL;D:\TALKTHRU\PROGRAMS;
SET PATH=D:\OS2;D:\OS2\SYSTEM;D:\OS2\MDOS\WINOS2;D:\OS2\INSTALL;
D:\;D:\OS2\MDOS;D:\OS2\APPS;L:\OS2;P:\OS2;D:\NETWARE;D:\TCPIP\BIN;
D:\IBMCOM;d:\tools\utilities;D:\TALKTHRU\PROGRAMS;
SET DPATH=D:\OS2;D:\OS2\SYSTEM;D:\OS2\MDOS\WINOS2;D:\OS2\INSTALL;
D:\;D:\OS2\BITMAP;D:\OS2\MDOS;D:\OS2\APPS;D:\NETWARE;D:\IBMCOM;
SET PROMPT=$i[$p]
SET HELP=D:\OS2\HELP;D:\OS2\HELP\TUTORIAL;D:\TCPIP\HELP;
SET GLOSSARY=D:\OS2\HELP\GLOSS;
SET IPF_KEYS=SBCS
PRIORITY_DISK_IO=YES
FILES=20
SET DIRCMD=/O:GN
DEVICE=D:\OS2\TESTCFG.SYS
DEVICE=D:\OS2\DOS.SYS
DEVICE=D:\OS2\PMDD.SYS
BUFFERS=30
IOPL=YES
DISKCACHE=512,LW
MAXWAIT=3
MEMMAN=SWAP,PROTECT
SWAPPATH=D:\OS2\SYSTEM 2048 2048
BREAK=OFF
THREADS=256
PRINTMONBUFSIZE=134,134,134
COUNTRY=001,D:\OS2\SYSTEM\COUNTRY.SYS
SET KEYS=ON
REM SET DELDIR=C:\DELETE,512;D:\DELETE,512;
BASEDEV=PRINT01.SYS
BASEDEV=IBM1FLPY.ADD
BASEDEV=IBM1S506.ADD
BASEDEV=OS2DASD.DMD
SET BOOKSHELF=D:\OS2\BOOK
SET EPMPATH=D:\OS2\APPS
SET FAXPM=D:\OS2\APPS
REM DEVICE=D:\OS2\APPS\SASYNCDA.SYS
PROTECTONLY=NO
SHELL=D:\OS2\MDOS\COMMAND.COM D:\OS2\MDOS /P /E:1024
FCBS=16,8
RMSIZE=640
DEVICE=D:\OS2\MDOS\VEMM.SYS
DOS=LOW,NOUMB
DEVICE=D:\OS2\MDOS\VDPX.SYS
DEVICE=D:\OS2\MDOS\VXMS.SYS /UMB
DEVICE=D:\OS2\MDOS\VDPMI.SYS
DEVICE=D:\OS2\MDOS\VWIN.SYS
DEVICE=D:\OS2\MDOS\VCDROM.SYS
REM DEVICE=D:\OS2\PCMCIA.SYS
REM DEVICE=D:\OS2\MDOS\VPCMCIA.SYS
DEVICE=D:\OS2\MDOS\VMOUSE.SYS
DEVICE=D:\OS2\POINTDD.SYS
DEVICE=D:\OS2\MOUSE.SYS SERIAL=COM1
DEVICE=D:\OS2\COM.SYS
DEVICE=D:\OS2\MDOS\VCOM.SYS
CODEPAGE=437,850
DEVINFO=KBD,US,D:\OS2\KEYBOARD.DCP
SET VIDEO_DEVICES=VIO_SVGA
DEVICE=D:\OS2\MDOS\VSVGA.SYS
REM --- NetWare Requester statements BEGIN ---
DEVICE=D:\NETWARE\LSL.SYS
RUN=D:\NETWARE\DDAEMON.EXE
DEVICE=D:\NETWARE\NE2000.SYS
DEVICE=D:\NETWARE\IPX.SYS
DEVICE=D:\NETWARE\SPX.SYS
RUN=D:\NETWARE\SPDAEMON.EXE
rem DEVICE=D:\NETWARE\NMPIPE.SYS
rem DEVICE=D:\NETWARE\NPSERVER.SYS
rem RUN=D:\NETWARE\NPDAEMON.EXE NP_COMPUTERNAME
DEVICE=D:\NETWARE\NWREQ.SYS
IFS=D:\NETWARE\NWIFS.IFS
RUN=D:\NETWARE\NWDAEMON.EXE
DEVICE=D:\NETWARE\NETBIOS.SYS
RUN=D:\NETWARE\NBDAEMON.EXE
DEVICE=D:\NETWARE\VIPX.SYS
DEVICE=D:\NETWARE\VSHELL.SYS
REM --- NetWare Requester statements END ---
REM Below is all the TCPIP and IBMCOM stuff (not before!)
DEVICE=D:\IBMCOM\LANMSGDD.OS2 /I:D:\IBMCOM
DEVICE=D:\IBMCOM\PROTMAN.OS2 /I:D:\IBMCOM
rem DEVICE=D:\IBMCOM\MACS\NE2000.OS2 /I:D:\IBMCOM
DEVICE=D:\NETWARE\ODINSUP.SYS
RUN=D:\IBMCOM\PROTOCOL\NETBIND.EXE
RUN=D:\IBMCOM\LANMSGEX.EXE
SET ETC=D:\TCPIP\ETC
SET TMP=D:\TCPIP\TMP
DEVICE=D:\IBMCOM\PROTOCOL\IFNDIS.SYS
DEVICE=D:\IBMCOM\PROTOCOL\INET.SYS
RUN=D:\TCPIP\BIN\CNTRL.EXE
SET VIO_SVGA=DEVICE(BVHVGA,BVHSVGA)
DEVINFO=SCR,VGA,D:\OS2\VIOTBL.DCP
* * * * * *
* NET.CFG (nothing special here)
* * * * * *
Link driver ne2000
protocol ipx 8137 ethernet_ii
frame ethernet_ii
int 5
port 360
node address 1B198826
netware requester
preferred ecu_joyner_library
protocol odinsup
bind ne2000
link support
buffers 16 1514
* * * * * *
* PROTOCOL.INI (Don't worry about the LAPS settings during install. They
* only write to the PROTOCOL.INI as far as I know.)
* * * * * *
[PROT_MAN]
DriverName = PROTMAN$
[IBMLXCFG]
NE2000_nif = NE2000.nif
TCPIP_nif = TCPIP.nif
;*----------------------------------------------*
;*------------- PROTOCOL SECTION ---------------*
;*----------------------------------------------*
[TCPIP_nif]
DriverName = TCPIP$
; Bindings = NE2000_nif
Bindings = NE2000
;*----------------------------------------------*
;*--------------- MAC SECTION ------------------*
;*----------------------------------------------*
[NE2000]
[NE2000_nif]
DriverName = MS2000$
IOBASE = 0x360
INTERRUPT = 5
********************************************************************
From: loflin@emx.cc.utexas.edu (Don Loflin)
Organization: The University of Texas at Austin, Austin, Texas
Date: 28 Jan 1993 08:55:21 -0600
I found the following settings to be the most crucial, especially the
"protocol odinsup / bind ne2000" part, which the ODINSUP readme claimed
was optional if you only had 1 ODI driver loaded (e.g. it would bind to
the only driver found).
* * * * *
* NET.CFG
* * * * *
protocol odinsup
bind ne2000
* * * * *
* PROTOCOL.INI
* * * * *
[TCPIP_nif]
Bindings = NE2000
********************************************************************
From: RZHM@rz.uni-osnabrueck.DE (Helmut Meyhoefer)
Organization: Computing Center
Date: Thu, 28 Jan 1993 13:38:27 GMT
This is my configuration for CM, TCPIP and NW Requester with NSD201. No
problems.
* * * * *
* CONFIG.SYS
* * * * *
IFS=C:\OS2\HPFS.IFS /CACHE:384 /CRECL:4 /AUTOCHECK:CDE
REM ******* LAPS:
RUN=C:\OS2\INSTALL\IBMLANLK.EXE C:\OS2\INSTALL\IBMLANLK.LST
RUN=C:\OS2\XCOPY.EXE C:\OS2\OS2*.INI E:\OS2\IniSave
PROTSHELL=C:\OS2\PMSHELL.EXE
SET RESTARTOBJECTS=STARTUPFOLDERSONLY
SET USER_INI=C:\OS2\OS2.INI
SET SYSTEM_INI=C:\OS2\OS2SYS.INI
SET OS2_SHELL=C:\OS2\CMD.EXE
SET AUTOSTART=PROGRAMS,TASKLIST,FOLDERS
SET RUNWORKPLACE=C:\OS2\PMSHELL.EXE
SET COMSPEC=C:\OS2\CMD.EXE
LIBPATH=.;C:\OS2\DLL;C:\MUGLIB\DLL;C:\OS2\MDOS;E:\CMLIB\DLL;C:\;C:\OS2\APPS\DLL;C:\IBMCOM\DLL;E:\NETWARE;E:\TCPIP\DLL;
SET PATH=C:\OS2;C:\OS2\CMD;C:\MUGLIB;C:\OS2\SYSTEM;D:\SYSTEM;C:\OS2\MDOS\WINOS2;E:\CMLIB;E:\CMLIB\APPN;C:\OS2\INSTALL;C:\;C:\OS2\MDOS;C:\OS2\APPS;L:\OS2;P:\OS2;E:\NETWARE;E:\TCPIP\BIN;
SET DPATH=C:\OS2;C:\MUGLIB\DLL;E:\CMLIB;E:\CMLIB\APPN;C:\OS2\SYSTEM;C:\OS2\MDOS\WINOS2;C:\OS2\INSTALL;C:\;C:\OS2\BITMAP;C:\OS2\MDOS;C:\OS2\APPS;C:\IBMCOM;E:\NETWARE;L:\OS2;
SET PROMPT=$e[32;40m$e[1mrc=$r [$p] $i$e[0m
SET HELP=E:\CMLIB\APPN;C:\OS2\HELP;C:\OS2\HELP\TUTORIAL;E:\TCPIP\HELP;
SET GLOSSARY=C:\OS2\HELP\GLOSS;
SET THE_HELP=D:\OS2\UTILS\THE\OS2.HLP
SET THE=D:\OS2\UTILS\THE\PROFILE.THE
SET DIRCMD=/O:GN
PRIORITY_DISK_IO=YES
FILES=20
DEVICE=C:\OS2\R0CSDD.SYS
REM ******* LAPS:
DEVICE=C:\OS2\INSTALL\IBMLANLK.SYS C:\OS2\INSTALL\IBMLANLK.LST
DEVICE=C:\IBMCOM\LANMSGDD.OS2 /I:C:\IBMCOM
DEVICE=C:\ibmcom\protman.os2 /I:C:\ibmcom
DEVICE=C:\OS2\TESTCFG.SYS
DEVICE=C:\OS2\DOS.SYS
DEVICE=C:\OS2\PMDD.SYS
BUFFERS=30
IOPL=YES
DISKCACHE=64,LW
MAXWAIT=3
MEMMAN=SWAP,PROTECT
SWAPPATH=E:\SWAPSPACE 2048 4096
BREAK=OFF
THREADS=256
PRINTMONBUFSIZE=134,134,134
COUNTRY=049,C:\OS2\SYSTEM\COUNTRY.SYS
SET KEYS=ON
SET DELDIR=C:\DELETE,512 D:\DELETE,1024 E:\DELETE,1024
BASEDEV=PRINT02.SYS
BASEDEV=IBM2FLPY.ADD
BASEDEV=IBM2ADSK.ADD
BASEDEV=OS2DASD.DMD
SET BOOKSHELF=C:\OS2\BOOK;
SET EPATH=C:\OS2\APPS
DEVICE=C:\OS2\APPS\SASYNCDB.SYS
PROTECTONLY=NO
SHELL=C:\OS2\MDOS\COMMAND.COM C:\OS2\MDOS /E:1000/P
FCBS=16,8
RMSIZE=640
DEVICE=C:\OS2\MDOS\VEMM.SYS
DEVICE=C:\OS2\MDOS\VMOUSE.SYS
DOS=LOW,NOUMB
DEVICE=C:\OS2\MDOS\VDPX.SYS
DEVICE=C:\OS2\MDOS\VXMS.SYS /UMB
DEVICE=C:\OS2\MDOS\VDPMI.SYS
DEVICE=C:\OS2\MDOS\VWIN.SYS
DEVICE=C:\OS2\MDOS\VCDROM.SYS
DEVINFO=SCR,VGA,C:\OS2\VIOTBL.DCP
SET VIDEO_DEVICES=VIO_VGA
SET VIO_VGA=DEVICE(BVHVGA)
DEVICE=C:\OS2\MDOS\VVGA.SYS
CODEPAGE=850,437
DEVINFO=KBD,GR,C:\OS2\KEYBOARD.DCP
DEVICE=C:\OS2\POINTDD.SYS
DEVICE=C:\OS2\MOUSE.SYS
DEVICE=C:\OS2\COM.SYS
DEVICE=C:\OS2\MDOS\VCOM.SYS
DEVICE=C:\OS2\MDOS\ANSI.SYS
REM Protokollierung einschalten:
DEVICE=C:\OS2\LOG.SYS
RUN=C:\OS2\SYSTEM\LOGDAEM.EXE
REM ********* Netware Requester ***************
REM --- NETWARE REQUESTER STATEMENTS BEGIN ---
DEVICE=E:\NETWARE\LSL.SYS
RUN=E:\NETWARE\DDAEMON.EXE
DEVICE=E:\NETWARE\TOKEN.SYS
DEVICE=E:\NETWARE\ROUTE.SYS
DEVICE=E:\NETWARE\IPX.SYS
DEVICE=E:\NETWARE\SPX.SYS
RUN=E:\NETWARE\SPDAEMON.EXE
DEVICE=E:\NETWARE\NWREQ.SYS
IFS=E:\NETWARE\NWIFS.IFS
RUN=E:\NETWARE\NWDAEMON.EXE
DEVICE=E:\NETWARE\VIPX.SYS
DEVICE=E:\NETWARE\VSHELL.SYS
DEVICE=E:\NETWARE\ODINSUP.SYS
REM --- NETWARE REQUESTER STATEMENTS END ---
REM ********* Communications Manager ***************
DEVICE=C:\ibmcom\protocol\LANDD.OS2
DEVICE=C:\ibmcom\protocol\LANDLLDD.OS2
DEVICE=E:\CMLIB\ACSLDLAN.SYS
RUN=C:\OS2\EPW.EXE
RUN=C:\ibmcom\protocol\landll.exe
DEVICE=E:\CMLIB\APPN\CMKFMDE.SYS
DEVICE=C:\IBMCOM\PROTOCOL\IFNDIS.SYS
DEVICE=C:\IBMCOM\PROTOCOL\INET.SYS
REM ******* TCPIP
SET ETC=E:\TCPIP\ETC
SET TMP=E:\TCPIP\TMP
RUN=E:\TCPIP\BIN\CNTRL.EXE
REM ******* LAPS:
RUN=C:\ibmcom\protocol\netbind.exe
RUN=C:\ibmcom\lanmsgex.exe
REM ******* TCPIP
SET XFILES=E:\TCPIP\X11
SET USERNAME=
SET HOSTNAME=
SET TELNET.PASSWORD.ID=
CALL=CMD.EXE
* * * * *
* NET.CFG
* * * * *
Link Driver token
frame token-ring
frame token-ring_snap
node address 400031741015
Link Support
buffers 14 4210
protocol odinsup
bind token
protocol stack ipx
sessions 50
Sockets 64
PROTOCOL STACK SPX
Abort Timeout 30000
Verify Timeout 3000
Listen Timeout 6000
Send Timeout 6000
Retry Count 20
Sessions 50
Netware Requester
cache buffers 20
sessions 8
request retries 20
preferred server server_name
Netware Spooler
copies 1
keep
size 8
banner
form feed
* * * * *
* PROTOCOL.INI
* * * * *
[PROT_MAN]
DriverName = PROTMAN$
[IBMLXCFG]
TCPIP_nif = TCPIP.nif
LANDD_nif = LANDD.NIF
[TCPIP_nif]
DriverName = TCPIP$
Bindings = TOKEN
[LANDD_nif]
DriverName = LANDD$
Bindings = TOKEN
********************************************************************
From: reus@mic.dth.dk (Roger de Reus)
Organization: Mikroelektronik Centret, DTH, Denmark
Date: Thu, 10 Jun 93 12:11:44 METDST
One suggestion for your document: Since you refer to ftp.nmsu.edu to
get the CSD's for TCP/IP, you may as well refer to the same place to
get the latest Netware release (/pub/os2/2_x/network/novell) and
documentation.
Here the (excerpts) of the configuration files. I have TCP/IP (with
X11) and Netware (finally) running simultaneously over one single 3COM
3C503 card. I did not use the configuration programs (ICAT and LAPS)
but manually edited the files. Note that all the ELINKII stuff is
commented out. I was happy when things finally worked out, and did not
try more. Probably lots of extraneous code lying around. Did not get
things running by automatically routing, so explicitly added a
default gateway in the routing command (last line of this file).
Hope this will get some people getting ahead quicker than I did.
Credits should go to the Hobbes ftp server
(ftp-os2.nmsu.edu) which made the latest changes to both TCP/IP and
Netware software available (and now supplies all the OS/2 goodies on
CD-ROM for $25,-, I believe---grab it you American guys), Kerry
Sesker (cmdses@pmvax.weeg.uiowa.edu) who supplied me with some
configuration files I could start with, and Prof. Mike Thompson
(Cornell University), who pointed me to ftp-os2 for the Novell
software update.
________________________________________________________________/\_____
Roger de Reus (REUS@MIC.DTH.DK) \/
Mikroelektronik Centret /\ /\ /\ /--
Ph. (+45) 45 93 12 22--5764 DTH, bldg. 345-east -- -- -- ----
Ph. (+45) 45 93 46 10 DK--2800 Lyngby -- -- -- ----
Fax (+45) 42 88 77 62 Denmark -- -- -- `--
_______________________________________________________________________
* * * * *
* CONFIG.SYS (relevant parts)
* * * * *
LIBPATH=...;C:\TCPIP\DLL;C:\USR\NETWARE;C:\IBMCOM\DLL;
SET PATH=...;C:\TCPIP\BIN;...;C:\USR\NETWARE;C:\IBMCOM;
SET DPATH=...;C:\USR\NETWARE;C:\IBMCOM;
SET HELP=...;C:\TCPIP\HELP;
REM --- TCP/IP and NetWare Requester statements BEGIN ---
DEVICE=C:\IBMCOM\PROTMAN.OS2 /I:C:\IBMCOM
DEVICE=C:\IBMCOM\LANMSGDD.OS2 /I:C:\IBMCOM
SET ETC=C:\TCPIP\ETC
RUN=C:\TCPIP\BIN\CNTRL.EXE
SET XFILES=C:\TCPIP\X11
SET DISPLAY=reus026.mic.dth.dk:0
SET TZ=CET
SET LPR_SERVER=mic.dth.dk
SET LPR_PRINTER=ps
SET HOSTNAME=reus026
SET LANG=Da_DK
SET NWLANGUAGE=ENGLISH
DEVICE=C:\USR\NETWARE\LSL.SYS
RUN=C:\USR\NETWARE\DDAEMON.EXE
DEVICE=C:\USR\NETWARE\3C503.SYS
DEVICE=C:\USR\NETWARE\ODINSUP.SYS
DEVICE=C:\USR\NETWARE\IPX.SYS
DEVICE=C:\USR\NETWARE\NWREQ.SYS
IFS=C:\USR\NETWARE\NWIFS.IFS
RUN=C:\USR\NETWARE\NWDAEMON.EXE
RUN=C:\IBMCOM\PROTOCOL\NETBIND.EXE
RUN=C:\IBMCOM\LANMSGEX.EXE
DEVICE=C:\USR\NETWARE\VIPX.SYS
DEVICE=C:\USR\NETWARE\VSHELL.SYS
DEVICE=C:\IBMCOM\PROTOCOL\INET.SYS
DEVICE=C:\IBMCOM\PROTOCOL\IFNDIS.SYS
rem DEVICE=C:\IBMCOM\PROTOCOL\ELINKII.OS2
REM --- TCP/IP and NetWare Requester statements END ---
* * * * *
* NET.CFG
* * * * *
cache buffers = 40
file handles = 120
max tasks = 60
pb buffers = 10
preferred server = mic
show dots on
link driver 3C503
frame ethernet_802.3
frame ethernet_ii
frame ethernet_802.2
frame ethernet_snap
node address 02608c8c04eb
protocol ipx 0 ethernet_802.3
link support
buffers 15 4210
mempool 4096
protocol odinsup
bind 3c503
protocol stack IPX
bind 3c503
protocol tcpip
ip_address 129.142.64.205
ip_router 129.142.6.16
ip_netmask 255.255.0.0
tcp_sockets 8
udp_sockets 8
raw_sockets 1
nb_sessions 4
nb_commands 8
nb_adapter 0
nb_domain
netware requestor
cache buffers 20
displayharderrors no
preferred server mic
netware spooler
no banner
no form feed
* * * * *
* PROTOCOL.INI
* * * * *
[PROT_MAN]
DriverName = PROTMAN$
[IBMLXCFG]
; ELNKII_nif = ELNKII.nif
TCPIP_nif = TCPIP.nif
;*----------------------------------------------*
;*------------- PROTOCOL SECTION ---------------*
;*----------------------------------------------*
[TCPIP_nif]
DriverName = TCPIP$
Bindings = X3C503
;*----------------------------------------------*
;*--------------- MAC SECTION ------------------*
;*----------------------------------------------*
[X3C503]
;[ELNKII_nif]
; DriverName = ELNKII$
; netaddress = "02608C8C04EB"
; interrupt = 3
; ioaddress = 0x300
; transceiver = "ONBOARD"
; maxtransmits = 8
; xmitbufs = 2
* * * * *
* TCPSTART.CMD (initializes also X11)
* * * * *
@echo off
echo CONFIGURING TCP/IP .....
CALL C:\TCPIP\BIN\SETUP.CMD
echo ..... FINISHED CONFIGURING TCP/IP
echo STARTING THE TCP/IP PROCESSES .....
rem start pmx -nocopyright -staticcolor -k 102
CALL C:\TCPIP\BIN\XINIT.CMD -staticcolor -k 102
echo ..... X System Server Started
rem call nfsstart
rem echo ..... Network File System Client Started
echo ..... FINISHED STARTING THE TCP/IP PROCESSES
echo ..... EXITING TCPSTART.CMD .....
* * * * *
* SETUP.CMD (called by TCPSTART)
* * * * *
route -fh
arp -f
ifconfig lan0 129.142.64.205 netmask 255.255.0.0
route add default 129.142.6.16 1
---------------------------------------------------
(A2) Appendix II: Supplementary information on SLIP
---------------------------------------------------
Rather than editing matter that I don't fully understand, I've included
this dialog essentially verbatim. It is Dave Bolen, author of a SLIP
driver (alternative to IBM's own) replying to SLIP configuration
questions from Don Lindbergh. Dave Bolen's SLIP driver is presently
still in the testing stage, but users reporting in the
comp.os.os2.networking newsgroup are uniformly glowing in their reviews
of it.
At the time of writing, Bolen's slip driver can be had via anonymous
FTP from ftp.ans.net in file /pub/misc/slip20a3.zoo.
In any case, the following notes should give you a _lot_ of information
about SLIP connections in general, as well as information that may be
specific to Dave's drivers.
>From: dabl2@nlm.nih.gov (Don A.B. Lindbergh)
Date: Wed, 17 Feb 93 14:04:06 EST
Message-Id: <9302171904.AA09472@nlm.nih.gov>
To: dean2@bigbird.csd.scarolina.edu
Subject: Re: TCP/IP, SLIP, Beat 2.1 Setup Questions (LONG)
Ok, I'm sending you what Bolen sent me. He has sent me two replies.
The first is pretty much *it* as far as what you're probably interested
in. It is long and has diagrams :) The second piece is an attempt at
further clarification. I also included the first piece of mail from a
gentlemen trying to help me put the final piece in place, using
ROUTED. I basically haven't been able to get it to work (I think)
because of:
1. not much time
2. incorrect syntax
There will undoubtably be some more email from him, after which I
predict the light will shine on me, the angles will sing, and I will
actually have a full blow slip home system going......
Oh, near the end of Bolen's first note is an 'off the cuff' 'untested'
method of using 'arp -s' to 'publish' a network card to do routing. I
wasen't able to get this to work for me, it may be I'm doing something
wrong. I intend to at least confirm with him that this method *does*
in fact work. It seems I will be using either this method or ROUTED as
getting a static route added for my SLIP subnet may be a hassle (Bolen
talks about all this).
So, truthfully, I'm not quite out of the woods yet, but I wanted to
send you what he sent me, because it seems he has told me pretty much
everything. I figured it's better to send you more than you need
rather than edit it down myself. If you like, I'll forward what I get
and wrap it up when I get it really working. Your stuff was invaluable
to me when I was trying to get tcp/ip going.
--Don Lindbergh
dabl2@lhc.nlm.nih.gov
_______________________________________________________________________
>From db3l@ans.net Mon Feb 15 16:41:48 1993
To: dabl2@nlm.nih.gov (Don A.B. Lindbergh)
>REQUEST FOR HELP, somewhat lengthy.....
Well, let's see what we can do...
Warning - your request may have been lengthy, but these answers get
real long sometimes :-)
>I'm really unclear on how to setup at home for SLIP. I've read over
>EVERY occurance of 'slip' in the TCPINFO doc's, I don't get it....
Part of the difficulty explaining this sort of stuff is that if you get
generic enough in your explanation to cover anyone's case, the
explanation becomes vague enough to be less than helpful :-)
For example - you don't give any actual IP addresses in your supplied
office and home configurations, and yet it is likely the actual IP
addresses (and routing between them) that is the problem.
So - for these examples, I'll use some explicit IP addresses that we
use here at ANS - hopefully, it will not be difficult to translate
their use into your own addresses.
Let's take the office machine. In my case, it has two interfaces - an
ethernet (lan0) and com1 (sl). The important elements for packet flows
are the addresses of the interfaces, and the routes that the machine
has to specific hosts or networks.
Let's say the office LAN is 147.225.10.x, and my machine has the
address 147.225.10.18. Thus, subnet 10 of network 147.225 (a class B
network) is dedicated to the office ethernet. There is a default
router on the office lan, 147.225.10.1, that I should send packets to
when I don't know where to send them. The subnet mask for my LAN is
255.255.255.0. Also, I have a nameserver at 147.225.10.1.
Now let's say that I choose subnet 11 for my SLIP connection. You
can't give hosts at the far end of the SLIP link an address in subnet
10 since the rest of your LAN all think that subnet 10 hosts are
directly connected to the ethernet itself. (This isn't completely
true, but it's tricky to work around, so let's say it is true for
now). It is possible, as your example showed, to have your office
machine be 147.225.10.18 on both interfaces, but is often clearer if
you give it an address in the same subnet as the far end of the link.
Let's say in my case, I've made the office machine 147.225.11.1 on the
sl interface, and my home machine is going to be 147.225.11.2.
Thus, you end up with the following configuration:
-+-
|
| +----------------+ +--------------+
LAN | | Office Machine | | Home Machine |
| | -- -- -- -- -- | Phone Line | -- -- -- -- |
| | | 147.225.11.x | |
147.225.10.x +------| lan0 sl |--------------| sl |
| .18 | | .1 .2 | |
| +----------------+ +--------------+
|
-+-
Now I don't think you've had a problem getting to this stage of
everything, even though your addresses may be different. The next big
problem is getting packets to flow where you want.
In this example, hosts on the 147.225.10 network don't have a problem
talking to one another. They all know that anything in 147.225.10
should be on the LAN wire. They also know a default router at
147.225.10.1. If I did a "netstat -r" on your office machine, I would
find an entry like:
Office with LAN:
destination router intrf (interface)
default 147.225.10.1 lan0
147.225.10.0 147.225.10.18 lan0
or in other words - packets heading to anything on 147.225.10 would go
through my local interface to the LAN, lan0, while anything else also
goes out over lan0, but it gets sent to the 147.225.10.1 host, which
should know what to do with it.
That's just the LAN. Once you start SLIO and create the "sl"
interface, and ifconfig the appropriate addresses, your routing table
will look like the following:
Office with LAN and SLIP:
destination router intrf (interface)
default 147.225.10.1 lan0
147.225.10.0 147.225.10.18 lan0
147.225.11.2 147.225.11.1 sl
which is the same as before except that traffic for host 147.225.11.2
will go over the serial interface. If you use the same address for
your office machine on lan0 as on sl, the above would be the same
except the router field would show 10.18 in both the lan0 and sl cases.
Now, to finish off the scenario, on your home machine all you did is
configure the sl interface - nothing else is running. That gives you
a routing table like the following:
Home with SLIP:
destination router intrf (interface)
147.225.11.1 147.225.11.2 sl
Now, given the differences in IP address, I think that's the state
you've been able to get to in your experiments. Or, to add this
routing information to my original picture, my hosts would look
configured something like the following:
-+-
|
| +----------------+ +--------------+
LAN | | Office Machine | | Home Machine |
| | -- -- -- -- -- | Phone Line | -- -- -- -- |
| | | 147.225.11.x | |
147.225.10.x +------| lan0 sl |--------------| sl |
| .18 | | .1 .2 | |
| +----------------+ +--------------+
| <-- 147.225.10
| <-- default
| 147.225.11.2 --> <-- 147.225.11.1
-+-
Ok. Presuming you're still with me :-) Here's where you begin to run
into problems. As long as you are on your office machine, you'll be
fine. If you try to send packets to someone on the LAN, the route for
147.225.10 will work and you'll find them. If you try to send packets
to your home machine, it will go out over the serial interface and find
it. If you send packets somewhere else, they'll go to the default
router, which will get them there. And, since your office machine is
part of your LAN, packets will find their way back to you since the
rest of the LAN (and outside networks) know how to reach your
147.225.10 addresses. Nameserver stuff will work fine too, since the
nameservers are presumably on your LAN, so queries are just like other
LAN traffic.
The home machine has some problems however. Once you get SLIP running
there, you should be able to ping your office machine's address over
the SLIP link. In other words, in my example, a "ping 147.225.11.1"
would work, and I could do things like FTP to the office machine. But
that's the only communication that works.
The problem with other hosts is routing related. For example, let's
say that your home host tried to talk to the default router,
147.225.10.1. On your home machine you only know how to reach
147.225.11.1, so when you use the 10.1 address, your home machine
doesn't know how to get there. That's where you get the "no route to
host message". It is telling you it doesn't know where to send
packets for hosts other than 147.225.11.1.
Now that's an easy one to fix. Add a default route on your home box
pointing to your office box. Then, if you try to use an address that
the home machine doesn't know about, it will still send it to the
office machine. The office machine will then either know about it (if
it's part of 147.225.10, such as your nameserver), or it will forward
it on to *its* default router, 147.225.10.1.
This is only part of the problem, however. That solves the outgoing
packets from your home machine, but it doesn't fix the case of packets
coming back in to your home machine. For example, your home machine
will now know how to send a packet to the nameserver that you use in
your office, but the nameserver won't know how to send the packet back
to the home machine. The nameserver will know that 147.225.10
addresses are on the LAN, but it won't know what to do with a
147.225.11 address.
There are a few ways to fix this. What you really need to do is to
get all the other hosts on your LAN to know that subnet 147.225.11 is
routed through you, and that they should send packets to you for those
addresses. This is not normally practical, however, since a number of
owners of hosts are involved.
Another alternative is for everyone to run a routing daemon (such as
the ROUTED that came with the TCP/IP package), which lets your
machine announce to the other machines that it has the SLIP route, and
then they know where to send the packages. Again, this may not be
reasonable as everyone may not want to or be able to run a routing daemon.
Probably the easiest thing for you to do is to get whoever administers
the default router to add a static route for your SLIP subnet to that
router. Then, since everyone else on the LAN defaults to that router,
when it gets packets for your SLIP host it will forward them back to
you. Often, it will also issue a redirect to the hosts telling them
where they should have really sent the packets.
So to summarize - your problems are likely twofold. One, that your
home host doesn't know to default to the office host for stuff that it
doesn't have an explicit route to. And two, that the hosts on the LAN
(or the outside world for that matter) don't know to use you to reach
your home host. You need to solve both of those routing problems
before you can see packets flowing between your home host and any
other IP attached host.
In terms of the configurations you posted:
>OFFICE MACHINE SETUP.CMD:
>route -fh
>arp -f
>ifconfig lan0 myipaddress netmask 255.255.255.0
>REM ifconfig lan1
>REM ifconfig lan2
>REM ifconfig lan3
>start slio.exe
>sliowait
>ifconfig sl myipaddress otherpcaddress
>route add default myrouter 1
This should be fine. In general, I don't expect your office machine
would have any problems. It's the one machine in this whole
configuration that knows just what is going on, and how to reach
everyone it needs to reach.
>HOME MACHINE SETUP.CMD:
>route -fh
>arp -f
>REM ifconfig lan0 myipaddress officeipaddress netmask 255.255.255.0
>REM ifconfig lan1
>REM ifconfig lan2
>REM ifconfig lan3
>start slio.exe
>sliowait
>ifconfig sl myipaddress officeipaddress
This is fine.
>route add host officeipaddress officerouter
You don't need this. ifconfig'ing sl will automatically add this
route to your routing tables. What you do need is a statement:
route add default officeipaddress 1
to let the home host pass all other packets through to the office as
well.
And you need the office machines (or default router) to know about
your home address too.
If this sounds convoluted, it's because it's a lot harder to write
about and explain than just to do - at least I find it that way.
If you've stuck with me this far, I'll also throw in a way you can
cheat with your SLIP address and make the rest of your office LAN
think your home machine is right on the LAN - thus avoiding the need
to tell them about routing or get your default router to change.
Some of this is off the cuff - I don't think I've done this explicitly
myself yet, although it should work fine.
What you do first is get another LAN address for your home SLIP machine
- in my case, let's say it was 147.225.10.19. You then configure
everyone just as before, including the default route on your home SLIP
machine. You end up with the following:
Office with LAN and SLIP:
destination router intrf (interface)
default 147.225.10.1 lan0
147.225.10.0 147.225.10.18 lan0
147.225.10.19 147.225.10.18 sl
Home with SLIP:
destination router intrf (interface)
default 147.225.10.18 sl
147.225.10.18 147.225.10.19 sl
For your office machine, any packets to host 147.225.10.19 (your home
host) will go over the serial line. All other packets for 147.225.10
hosts will go over the LAN interface. And anything else will be put
over the LAN interface to the default router also on the LAN.
For your home machine, packets to your office machine will go over the
serial interface, and packets to anything else will first be passed to
your office machine (over the serial interface) for handling.
Now the only rub is getting machines on the LAN to talk back to your
home machine. The problem is that those machines will think (since it
has a 147.225.10 address) that your home machine is directly connected
to the LAN.
What happens on the LAN is that other machines issue ARP (Address
Resolution Protocol) requests to translate an address (147.225.10.19
in this case) into a hardware level address (such as a token ring or
ethernet adapter address). Packets are then sent over the LAN to that
hardware address. For most machines, they answer for their own
address, and give their hardware address. Obviously, your home
machine can't do that in this case since it isn't attached directly to
the LAN.
So what you do is tell your office machine to answer for your home
machine. You use the "arp" command to "publish" a permanent arp entry
for your home machine. The entry will use your office machine's
hardware address as the arp answer. Then, other machines in the
office will use your office machine's hardware address on the LAN when
sending packets to your home machine - so the packets will end up on
the office machine. The office machine will look at the actual IP
address and recognize that it should go down the serial link to the
home machine. This entire process is called "Proxy ARPing", and is
often supplied as an automatic process in SLIP servers or routers -
we'd just be doing it in a more manual fashion.
To set up the arp entry, you need to figure out your hardware address.
You can either do this by looking at the LANTRAN.LOG file in your LAPS
directory (normally C:\IBMCOM). It should have a line like:
"Adapter 0 is using node address 10005A82501A (...)"
Or, check someone else's machine that has recently exchanged traffic
with you and do an "arp -a" and look for your address as in:
hardware address IP address
10005A82501A 147.225.10.18
In either event, you want to know your 12-digit hexadecimal hardware
address. Once you know that, you can stuff an entry for your home
machine in your arp table with the command:
arp -s 147.225.10.19 10:00:5A:82:50:1A pub
which will permanently "publish" an arp entry for your home machine.
>From now on, other machines on the LAN will think that your home
machine is right on the ethernet (or token ring) itself, although your
office machine will actually be routing packets through the serial
link to the home machine.
Note that if you are on a token ring, you need to use a bitwise
reversed address (shown in the LANTRAN.LOG file as the token ring
format on the same line as the adapter node address).
I think that's about it. Like I said - it's more complicated to
explain than it really is. I hope this helps more than it confuses.
I'd suggest also trying to find a local support person at your site
that may be able to help out with the routing issues. Or, if you have
some sort of central SLIP server facility, it will probably be easier
to make use of that, as the routing issues will most likely have
already been addressed for that server.
-- David
/-----------------------------------------------------------------------\
\ David Bolen \ Internet: db3l@ans.net /
| Advanced Network & Services, Inc. \ Phone: (914) 789-5327 |
/ 100 Clearbrook Road, Elmsford, NY 10523 \ Fax: (914) 789-5310 \
\-----------------------------------------------------------------------/
>From db3l@ans.net Tue Feb 16 18:37:53 1993
To: dabl2@nlm.nih.gov (Don A.B. Lindbergh)
Subject: Re: TCP/IP, SLIP, Beat 2.1 Setup Questions (LONG)
Don,
> I had no idea that the slip
> connection ip addresses should have a different subnet than the 'real'
> lan ip addresses.
Yeah - the problem is that while you can get it partially working
without using a different subnet, you really need the separate subnet
for proper operation (barring proxy arp solutions). The reasons for
this are rooted in the fundamentals of how IP routing is handled,
which can be daunting topic for those new to IP networking (or even
old hands :-)). Couple this with the fact that most IP office users
don't necessarily know the subnetting and routing scheme in place at
their site, and it becomes even more fun.
(At the risk of repeating info from my previous message)
I think it starts to become more understandable - and explainable - if
you make believe you are a machine on your LAN. Let's say I'm on your
LAN as address 138.68.31.50. My machine has a routing table telling
me where to send packets for particular destinations, as:
destination 134.68.31.0 gateway 134.68.31.50
(anything on 134.68.31 goes out onto my local LAN
via my LAN interface, and gets my LAN address on it
as the source address)
destination default gateway 134.68.31.103
(anything else goes to the specified gateway. To reach
that gateway, I use my previous route to reach the LAN)
Now I'm in good shape - I know how to reach machines on the LAN, and
those off your LAN. Now say that friendly Don - you - down the hall
(with his machine 134.68.31.25) add a SLIP link, and gives your home
machine address 134.68.31.26. You sets things up so that if you type
"ping 134.68.31.50" from home, the packets reach my machine in the
office. So far so good - the problem is where do I send the answer?
I need to reach 134.68.31.26, which according to my routing table is
right on my LAN. I therefore try to send it right over the LAN, but
there's no machine there with that address.
Now I personally can fix that problem by adding a specific (static)
route to my machine that says:
destination 134.68.31.26 gateway 134.68.31.25
which says that if I need to reach the specific machine 31.26, I send
it to your office machine. Anything else in 134.68.31 follows the old
rule and goes directly to the LAN. Now I can communicate with
everyone including your home machine. Of course, this solution
doesn't scale well, and it doesn't help you from home since you have
to get everyone else (or at least the default gateway) to add the
route. Thus the rest of my previous note :-)
> He says getting something like a
> static route added to our subnet requires calling someone else, which
> is not a huge problem, but if we did this, hopefully we could add this
> slip subnet ONCE and that one addition would work for all our group
> who want to use slip. I would like to try your suggestions about
> permanently publishing an arp entry first I think.....
Having a dedicated SLIP subnet and a primary SLIP router is in fact
the way many sites (including ours) handles the issue. For single
SLIP connections into individual office machines a proxy arp solution
may be the simplest and most effective - although it does require
manual configuration - and you still have to get yourself allocated an
extra address in the LAN subnet.
> Some further comments and questions....
Ok.
> I know, I questioned the wisdom of publicly posting all my ip
> addresses, on the other hand, who really cares and what if they did
> right? I've at least got password entry's for telnet and ftp....
Actually, that's a pretty prudent idea, and not so strange, especially
when posting to such a large list. I don't have much of a problem
myself as the addresses I've used are protected by a security
firewall, so external hosts can't reach those subnets of 147.225 anyway.
Since your address is in fact exposed to the outside world, it's not
unreasonable to avoid publishing it in such a wide forum.
> I tried this briefly last night, but apparently it's a whole other
> lesson to get this damned thing to work. I don't really understand
> *who* these manuals are written for.....
You'd be surprised - the IBM stuff really isn't all that bad when you
see what else is out there. Of course, routing daemons are in fact
another whole world of information, of which ROUTED is one of the
simplest daemons. I could start another whole book on handling
routing daemon issues, but since it's unlikely your entire LAN will
start listening to RIP broadcasts, I think I'd just bypass this option
for now. Even if you do run ROUTED and config everything right, it
only fixes things for people who are also listening for the
information that you are then broadcasting.
> As per my comments earlier, is this something we can do once and will
> then work for a number of people? ie if we pick subnet 41 for slip,
> then programmers using slip will be
>
> 134.68.41.1
> .2
> .3 etc?
It depends on how you are servicing the SLIP connections. As long as
there is a single host that is responsible for all of the SLIP users,
then yes - this will work fine. For example, here at ANS, we use
subnet 2 for SLIP - all SLIP users get 147.225.2.x addresses. Our
primary machines have a static route for 147.225.2.0 into our Annex
terminal server (that handles the SLIP users) at 147.225.10.40.
If however, each user is going to handle his or her own SLIP
connection into an office machine, it gets a little tricker. Given
that changing a centrally administered host is probably harder, what I
would suggest is telling those responsible for the site router to send
all SLIP (134.68.41.x) traffic to one particular host - pick someone's
office machine, or some central machine that you manage. Then, as
individual programmers set up SLIP links to a new machine, add a
static route to the machine you manage for that SLIP link. Then,
traffic from LAN or external hosts heading for SLIP home users will
first go to the central machine you manage, which will then forward it
on to the appropriate office machine handling the link. This will
represent an additional hop, but for the amount of traffic generated
by SLIP it won't be much.
Also depending on the central machine of yours, it can send a redirect
message to the site router, telling it the real machine to send the
SLIP traffic to. So it can "learn" to avoid the extra hop. I'm
pretty sure that OS/2 (and most Unix platforms) send a redirect by
default, but don't hold me to that.
> Ah, here's where it gets fun, this would be a good hack......
> I'll try this and let you know. By the way, I keep hearing about your
> super nifty alternate slip drivers, should I try those? Dave are you
> holdin' out on me? :) One guy said I could find them at ftp.ans.net
Well, yes, I do have "super nifty alternate slip drivers" :-) I wasn't
really holding out on you - getting my drivers wouldn't have solved
your problem as it was routing and addressing related. Also, my
driver is technically alpha code so I don't generally recommend it to
just anyone yet. Of course, it's alpha mostly because I'm too
backlogged to do the final cleanup and call it beta, so it's actually
quite stable at this point.
If you're interested - you can anonymously ftp the driver from
ftp.ans.net in the file /pub/misc/slip20a3.zoo. This has the driver,
several utilities, and a readme that should get you up and running.
My driver both performs better than the standard IBM driver (better
performance while using less CPU) as well as including support for
header compression and priority queueing. This yields better
interactive performance over a SLIP link.
The driver does require OS/2 2.0, and TCP/IP 1.2.1 at least at CSD
level 2252. (You can always get the latest CSD from ftp-os2 if you
have an earlier version of TCP/IP - check SYSLEVEL)
=====================================
the below is today's first installment from a gent attempting to help me put
the final piece in place.... ROUTED
======================================
>From jardined@qucis.queensu.ca Wed Feb 17 13:12:00 1993
To: dabl2@nlm.nih.gov
Subject: Re: TCP/IP, SLIP, Beat 2.1 Setup Questions (LONG)
I was going to suggest Bolen's stuff. He is _most_ knowledgeable.
The secret appears to be as follows:
The ifconfig statement _must_ have your home ip address and the office
(slip) machine ip address. Use a netmask of 255.255.255.0 make sure
you set the mtu in ifconfig (and in slip.cfg if you use Bolen's
driver).
Now: in order to get at any other machine on your office net, you must
tell your home machine where on the office LAN is the nameserver. You
use the OS2 ROUTE command to do this. What you do in it is to a) clear
the previous entiries (-fh flag), then b) set up as 'default' the ip
address of the name server on your office LAN This means that when at
the OS2 end you mention a machine on your office lan athat is other
than the machine to which you are directly connected via slip, the
request will be routed by your office PC to that name server, which
will do the address resolution. The test for connection is to use the
'ping' command at your home end.
If you default route to the nameserver, you should be able to ping any
machine on the internet. I tested it by pinging local machines here,
and then finally hobbes. It replied!
I'm at the office so I don;t have access to my rexx scripts. If you
are still having problemsa, I'll send them to you.
I agree the manuals are ghastly. Luckily I have a bunch of Unix TCPIP
experts here to help me, (we have 4 dept. lans with about 100 Sun
workstations, 4 file servers, 3 compute servers etc. etc. here) but
even they took a while to figure it out. I asked, but there is no good
book on TCPIP or X11. You learn it by recursively reading assorted
ill-written documents, and asking someone who knows. I've been around
long enough to have used IBM manuals back in the '50s and '60s, so I'm
resigned to this situation :-)
Prof. Donald Jardine, Software Technology Laboratory, Comp. Sci. Dept.,
Queen's Univ. Kingston Ont. Ph (613) 545 6070 Fax (613) 545 6513
------------------------------------
(A3) Appendix III: Setting up LaMail
------------------------------------
This is a product that I don't use, but rwalker@rwalker.doa.lastat.gov
kindly sent me a document that he prepared for his users there. I've
excerpted and edited from that. Hence I am definitely to blame for
errors of omission and comission in the following suggestions...
1. Installation: You will want to check off "Sendmail" and "LaMail"
in the ICAT "Automatic Starting of Services" setup section (see (5)
section 4. above).
2. Customize your LaMail configuration: In the LaMail screen, select
Options/Set Note Options, then:
Personal Options
1. Your login or userid (e.g. dean)
2. Your hostname (e.g. fiddler.biol.scarolina.edu)
Note Header
1. Check "Add Subject Line"
2. Recommend checking "Long Address Format"
Note Options
1. Signature file: You can create a plain-text file that
contains some address information about yourself. It will
be automatically appended to your outgoing mail. For an
example, see the three lines at the end of section (0) of
this document (that's my .signature file contents). At this
point, enter the name of the plain-text file that holds your
signature information.
3. Send some test mail: Send some mail to someone who's email address
you are sure will work. Ask them to send you a reply. It may be
helpful if you are in adjoining offices so you can ask each other if it
worked...
4. Delivery notification: There's no such thing as registered mail
with SMTP (the mail services that Internet mail uses). But sometimes
if mail cannot be sent to the recipient, LaMail will pop-up with the
rejected mail item.
5. Note editor: The LaMail editor is built upon the OS/2 Enhanced
Editor (EPM). Most users would be more familiar with the OS/2 System
Editor. To configure the LaMail editor to resemble the System Editor
more closely do the following while editing a note:
Select: Options/Preferences:
Deselect: Advanced Marking
Select: Stream Editing
Select: Options/Save
6. How to forward a note: While you are reading/editing a note (i.e.
the box title begins "Note") hit Ctrl-I. In the command dialog box,
either click on an existing command in the top half (if there are any
shown) or type a forward command in the lower half (e.g. FORWARD
dean2@tbone.biol.scarolina.edu). Edit the command in the bottom half
and then select OK. This will bring up a standard LaMail Create Note
menu with the forwarded note included. Edit the subject and other
header lines as usual and select Send to actually forward the mail.
LaMail will keep a copy of the command in its history file for the next
time you select the command option.
7. Spelling check: To check the spelling of an outgoing note, select
the Options/Proof menu item. Note that the spelling checker appears to
have some bugs. Sometimes it gets confused and flags even common words
(e.g. "is"). At other times, it appears to just hang. You may want to
verify the location of the following LaMail files by choosing the
Options/Preferences/Settings/Paths menu:
US dictionary (normally \tcpip\bin\us.dct)
Personal dictionary
8. Folders: At installation, the ALL folder is the default folder for
notes. A copy of your outgoing mail is automatically stored in the
default folder. You can create multiple folders (e.g., and OUT folder
or organize folders by subject). You can also associate folders with
individuals in your NICKNAME.NAM file. Within each folder, the
appearance of mail items can be customized (color and order of fields,
etc.). Each folder can have a distinct icon associated with it.
Create the icons using the OS/2 icon editor and save them in
\tcpip\lamail as xxxxxx.ICO where xxxxxx is the name of the folder that
you want associated with the icon.
9. Sendmail: Sendmail is the background process to LaMail that
actually sends and receives SMTP messages. This normally should be
running all the time, although it can (and probably should) be
minimized on the screen. In general, there is nothing you can do in
this session. If you need to shut sendmail down, you can terminate it
by switching to that session and hitting Ctrl-C. This will bring you
back to the OS/2 command prompt where you can type EXIT to close the
session.
10. Join some mailing lists: The Internet has hundreds of mailing
lists on every conceivable topic. Good ones include ietf-announce (for
Internet Task Force announcements), the OS/2 mailing lists, new-list (a
mailing list that announces new mailing lists!), and many other
computer and non-computer-specific lists. The Internet master list of
mailing lists can be retrieved via anonymous FTP from ftp.nisc.sri.com
as netinfo/interest-groups. Because this is such a large file (over
one million bytes uncompressed), it should be retrieved only on an
exception basis. Do NOT print the mailing list index.
11. Be sure to include your Internet mailing address on your
correspondence and business cards. Because may recipients may not be
entirely familiar with internetwork addressing, and may have accounts
on alternate services (MCI, Genie, etc.), make sure to be explicit.
Tell them that it is an Internet address and be sure to give your
entire address. For example, I'd give the following information:
Internet: dean2@tbone.biol.scarolina.edu