 |
|
|
|
Chapter 3
Remote Node Dial-in Operation
WorldDesk provides a remote node dial-in facility that allows remote clients to connect to an Ethernet network via dial up modem access. A remote client is a workstation that is not directly connected to an Ethernet network that gains access to that network via dial up modem. Once connected to a WorldDesk Server providing remote node capabilities, the remote client can access network resources by sending network packets as would be the case with any other network client.
Dial-in Concepts
The technology used to provide remote node access is a mix between bridging and routing technologies. The protocol independence characteristic of bridging technologies allows WorldDesk to provide remote access for nearly any protocol. The network knowledge and packet header compression characteristic of routing technologies allow for maximum performance.
The WorldDesk remote node capability is based on the Point to Point Protocol (PPP) specified by the Internet Engineering Task Force (IETF). A proprietary network control protocol operating on top of PPP*s link control protocol (LCP) provides sophisticated capabilities including advanced compression, flexible dialback, greeting message exchange, detailed identification, link validation, inactivity timing, and broadcast/multicast filtering.
WorldDesk supports DOS, Windows 3.1x and Windows 95 client operating systems. DOS and Windows 3.1x support are available through an ODI driver supplied with WorldDesk. Off-the-shelf conversion utilities from Novell and Microsoft may be used to allow NDIS compatible programs to work with WorldDesk via the ODI driver. Windows 95 client support is available through a 32-bit native NDIS 3.1 driver provided with WorldDesk products.
Remote Node Client Installation and Configuration
Installation of remote node services for clients requires execution of a provided client setup program that is specific to the operating system being used by the client. Consult the Installation Summary included with the client software for instructions.
Each of the remote node client programs contains certain features that are common to all client operating systems. In this section, we examine some of these features and their implications.
Remote Node Security
Each client contains built-in support for the Password Authentication Protocol (PAP) and Challenge/Response Handshake Authentication Protocol (CHAP). When dialing in to a WorldDesk Server, the client automatically determines the authentication protocol that is configured at the server and prompts the user appropriately. As a convenience, the username may be entered in the configuration file for the remote node client via the configuration utility. As a security precaution, the password may not be specified via this utility. For more information on dial-in security and configuring the server for security options, consult Chapter 7.
Client Hardware Configuration
The client configuration utility is used to establish the port, modem type, and baud rate to be used to connect to the server. The WorldDesk client software automatically determines whether the port selected is supported by UART hardware that provided buffered (first-in/first-out) operation, and takes full advantage of the FIFO if it is detected.
Client Frame Type Settings
It is necessary to specify the frame type to be used for each protocol. The frame type is selected via the client configuration utility. Consult your network administrator to find out which frame types are in use at your site.
Client Phone Number
The user must also provide the network access phone number that should be dialed in order to connect to the WorldDesk Server. Two phone numbers may be provided: a primary and secondary number. When the retry limit is reached for failed connection attempts on the primary number, the secondary number is tried for the same number of times.
The local phone number may optionally be specified; the local phone number is made available to management facilities at the server and is used in conjunction with server initiated resume and dialback is enabled.
Password Prompting
Ordinarily, the user is prompted for a password only upon the initial connection to the server. On this initial connection, the client is assigned a globally unique session identifier that is maintained internally by the client software. This key is not exposed to the user. On subsequent connection attempts, this key is required to resume an existing session.
The password prompting option may be used to require the user to reenter a password on every call to the server. This provides a slightly higher level of security, as it limits the possibility that an intruder has taken command of a workstation while its session was suspended.
Due to its greater security implications, challenge/response always prompts the user for a response on every call to the server.
Abort Key
For DOS and Windows 3.1x clients, WorldDesk provides an "abort" key which by default is configured as "Ctrl-Shift-a". Pressing the abort key immediately disconnects the client from the network without regard to any current operation. The disconnection will block the send and receive network paths as well as drop the connection to the server. The protocol stack receives errors for any packets that it tries to send, and receives no further packets.
Pressing the abort key a second time causes the above effect to be "undone", logically enabling the network connection. The connection will then be reestablished upon receipt of the first packet from the protocol stack or upon an attempt to send a packet.
The primary purpose of the abort key is to allow the user to interrupt a network operation that was accidentally started without rebooting the client workstation. Since use of the abort key causes a loss of the connection to the file server, the abort key should be used only when absolutely necessary.
For Windows 95, a similar capability, available through the WorldDesk client manager, allows the user to logically disable/enable the network to achieve similar results.
Fixed Node Address
In some applications, it may be desirable to specify in advance the network address that will be used by the client workstation. Normally, the WorldDesk Server dynamically assigns an available unique address to the workstation when it first connects to the network. However, if using an application that requires a fixed node address, the WorldDesk Server uses the fixed node address specified by the client instead of dynamically allocating a client address.
The fixed node address is always assigned from a range assigned to WorldDesk, with a bit that indicates that the address has been locally assigned. All WorldDesk assigned addresses carry a setting that indicates that they are globally unique. All fixed node addresses used with WorldDesk must be of the form (in hexadecimal) 022094Fxxxxx, where xxxxx represents the user configurable portion of the address.
In most applications, a dynamically assigned address will work acceptably and greatly reduces difficulties associated with assignment of unique addresses to each client. Customers are urged to use dynamically assigned addresses whenever possible.
Broadcast and Multicast Filtering
Broadcast packets received at the WorldDesk Server are not usually sent to client workstations. Such broadcast packets are usually not necessary for proper client operation, and would consume valuable serial link bandwidth that would result in performance reduction.
Some applications, however, may require the ability to receive broadcast packets. In such cases, the client configuration utility may be used to enable broadcast packets on a protocol by protocol basis.
Multicast packets are usually forwarded across the serial link by the WorldDesk Server. Since the client has requested receipt of such packets by adding the multicast address via the NDIS or ODI interface, it is likely that such packets are required for proper client operation. In some applications, performance benefits may result from changing the client configuration to cause such packets to be filtered.
Users of peer-to-peer operating systems such as Windows for Workgroups, usually require multicasting enabled for proper operation. Multicast filtering should not be set to "NONE" except by knowledgeable network personnel that are sure that client applications will not be impacted.
Inactivity Timer and Action
To minimize telephone charges, WorldDesk provides a built-in inactivity timer and associated software support. When WorldDesk senses that the link has been idle for the period of time set by the user, the inactivity timer takes the action specified by the user.
The Inactivity Action can be either suspension of the session or termination of the session. When the session is suspended, the state of the connection is logically maintained at the WorldDesk Server so that it may be resumed. When the session is terminated, the WorldDesk Server performs necessary cleanup to release any reserved resources. When the session is terminated, it cannot be resumed at a later time.
If a session is suspended due to inactivity, the next attempt to transmit a packet to the network will cause the WorldDesk client to automatically redial and resume the session. The session may be manually resumed using the client configuration/management utility, but use of such action is atypical.
It is important to note that the WorldDesk security facility allows the system administrator to establish limits for the length of time that a session may remain in the suspended state. This is important to ensure that resources are eventually released for clients that never resume the suspended session (consider, for example, a client workstation that is rebooted while in the suspended state).
Lost Connection Action
WorldDesk allows client configuration of the action to be taken when the connection to the WorldDesk Server is lost. A connection may be lost due to a communications (modem-to-modem) failure or a WorldDesk Server failure.
The action taken may be either suspension of the session or termination of the session. Normally, suspension of the session is specified as the lost connection action, resulting in automatic WorldDesk failure recovery for lost connections. See "Inactivity Timer and Action" for information on the implications of suspended versus terminated sessions.
Server Initiated Resume for Suspended Sessions
When sessions are suspended (due to inactivity as described in the "Inactivity Timer and Action" section or due to a lost connection as described in the "Lost Connection Action" section), they are ordinarily resumed when the client next attempts to send data to the network. In some cases, however, clients may want the server to be able to call the client to resume the session if data destined for the client is received.
One example where it is desirable for the server to be able to resume the connection is a remote printing application. In this case, the WorldDesk Server reestablishes the link to the printer when data destined to the printer is received via the network.
Server initiated callback should be used carefully. If the client is rebooted, leaving the session suspended at the server for some period of time, the server may try repeatedly to reestablish the connection if data for the client is received. This could result in an unexpected call in the middle of the night for an unsuspecting home computing user.
Since the client initiates connection resumption in nearly all cases, the default setting for this option is disabled.
Management of Remote Nodes
WorldDesk provides the ability to gather diagnostics information on connected remote users via the WorldDesk Manager facility. To perform this task, right click the mouse on the user icon in WorldDesk Manager, and select the diagnostics option.
Management information is available for the WorldDesk client serial driver, IPX, SPX, NetBIOS, and the NetWare shell (if these components are loaded). Access to management data slows throughput on the connection slightly (because the management data consumes bandwidth), but does not otherwise disrupt normal client application processing or network utilization.
This document, and all Web contents, Copyright © 1997 by Cubix Corp., Carson City, NV, USA.
