[an error occurred while processing this directive]

HP OpenVMS Systems Documentation

Content starts here

HP TCP/IP Services for OpenVMS
Management


Previous Contents Index

4.3 Enabling and Disabling Dynamic Routing

Use the configuration procedure TCPIP$CONFIG to enable dynamic routing and configure your host to receive routing protocol messages as follows:

  1. Select the Routing option from the Core Environment menu.
  2. Answer "Yes" to the question "Do you want to configure dynamic ROUTED or GATED routing [NO]:"
  3. You are asked whether you want to enable GATED.


    Do you want to enable GATED routing configuration?
    

    If you answer "Yes" to this question, GATED will be enabled. If you answer "No," ROUTED will be enabled.
  4. If you choose to enable ROUTED, indicate whether you want your host to supply RIP updates to other hosts on the network (in addition to receiving RIP updates) and the default network route.
  5. If you choose to enable GATED, you must also configure the routing protocols in the GATED configuration file TCPIP$GATED.CONF. See Section 4.4 for more information about configuring GATED.

To disable dynamic routing:

  1. Select the "Routing" option from the CORE ENVIRONMENT menu.
  2. Answer "Yes" to the following questions:


    Do you want to reconfigure dynamic ROUTED or GATED routing [NO]: Y
    
    Do you want to disable dynamic ROUTED or GATED routing configuration
    [NO]: Y
    

    Alternatively, enter the TCP/IP management command STOP ROUTING.

When you disable GATED routing, the GATED routes are preserved. To disable GATED and remove all GATED routes from the routing table, enter the command STOP ROUTING/GATED.

4.4 Configuring GATED

You must configure the GATED protocols before starting GATED routing. Edit a copy of the sample file TCPIP$GATED.TEMPLATE (located in the SYS$SYSDEVICE:[TCPIP$GATED] directory) to add statements that select routing protocols, manage routing information, manage independent system routing, and control tracing options.

  1. Use TCPIP$CONFIG to enable GATED.
  2. Edit the TCPIP$GATED.TEMPLATE file.
  3. Save the file TCPIP$GATED.CONF in the SYS$SYSDEVICE:[TCPIP$GATED] directory.
  4. If GATED is already running, stop it by entering the command STOP ROUTING/GATED.
  5. Start GATED by entering the command START ROUTING/GATED.
    See the HP TCP/IP Services for OpenVMS Management Command Reference manual for detailed descriptions of the SET GATED and START ROUTING/GATED commands.

If you do not format the configuration file correctly, GATED terminates.

For specific information about how to edit the GATED configuration file, see Appendix A.

4.4.1 Datagram Reassembly Time

Reassembly is the process of reconstructing a complete data message from received fragments. The reassembly timer determines the length of time allowed for the reassembly process. You can modify the reassembly timer to ensure that IP datagram fragments are optimally reassembled at the destination host.

Consider the following when setting the reassembly timer:

  • If the timer expires before the host receives all the fragments, they are discarded.
  • An inappropriately small interval might result in too many datagrams being discarded.
  • An excessive interval might degrade internet performance.

Enter the following commands to reset the reassembly timer:

  • For the current session:


    TCPIP> SET PROTOCOL IP /REASSEMBLY_TIMER=n
    
  • To reset at the next TCP/IP Services startup:


    TCPIP> SET CONFIGURATION PROTOCOL IP /REASSEMBLY_TIMER=n
    

In the following example, the first command changes the IP reassembly time to 20 seconds on the running system. This new setting remains in effect until the next TCP/IP Services startup.

The second command makes the change permanent by modifying the configuration database, TCPIP$CONFIGURATION.DAT.


TCPIP> SET PROTOCOL IP /REASSEMBLY_TIMER=20

TCPIP> SET CONFIGURATION PROTOCOL IP /REASSEMBLY_TIMER=20

4.4.2 Enabling Forwarding

To enable packet forwarding between networks, enter the following TCP/IP management command:


TCPIP> SET PROTOCOL IP /FORWARD

To ensure this is set up the next time TCP/IP Services is restarted, enter the following command:


TCPIP> SET CONFIGURATION PROTOCOL IP /FORWARD

Display the setting using the following command:


TCPIP> SHOW PROTOCOL /PARAMETERS

Or use the sysconfig utility to enable forwarding. First, define foreign commands:


$ @SYS$MANAGER:TCPIP$DEFINE_COMMANDS.COM

Enter the following sysconfig command:


$ sysconfig -r inet ipforwarding=1 ipgateway=1

To make sure forwarding is enabled after restarting TCP/IP Services, define these attributes in the SYSCONFIGTAB.DAT database file, as described in the HP TCP/IP Services for OpenVMS Tuning and Troubleshooting guide.

To view the setting, use the following command:


$ sysconfig -q inet ipforwarding ipgateway

When multiple networks share the same physical media and the host has just one interface, it is still possible to forward packets between these networks by creating a network alias, as described in Section 2.3.3.

For example, consider a network in which two networks have network addresses of 16.20.1/24 and 16.20.2/24, and the host address is 180. If the host has a single ethernet interface, WE0, create the interface and pseudointerfaces as follows:


TCPIP> SET CONFIGURATION INTERFACE WE0 /HOST=16.20.1.180 -
_TCPIP> /NETWORK_MASK=255.255.255.0 /BROADCAST_MASK=16.20.1.255

TCPIP> SET CONFIGURATION INTERFACE WEA0 /HOST=16.20.2.180 -
_TCPIP> /NETWORK_MASK=255.255.255.0 /BROADCAST_MASK=16.20.2.255

TCPIP> SET CONFIGURATION PROTOCOL IP /FORWARD

When TCP/IP Services is restarted, the host will forward packets between these networks.

Alternatively, you can add the following commands to TCPIP$SYSTARTUP.COM and then restart TCP/IP Services:


$ ifconfig we0 aliaslist 16.20.1-2.180/24

$ sysconfig -r inet ipforwarding=1 ipgateway=1

4.4.3 Extending Routing

To use extended routing, define pseudointerfaces. A pseudointerface is a data structure that extends routing. Like an interface, the name of an internet pseudointerface is three alphabetic characters, followed by the pseudointerface unit number in the range of 0 through 255.

The first two characters are the same as the two characters in the internet interface name (interface type and interface class). See Section 2.3.1 for more information about interface names.

The third character identifies the controller letter that corresponds to the OpenVMS hardware controller.

For example, for an OpenVMS Alpha system with two Ethernet controllers, EZA0 and EZB0, you can define the following internet interfaces and pseudointerfaces:

  • Internet interfaces:
    • ZE0
    • ZE1
  • Internet pseudointerfaces, each with its own IP address, network mask, and broadcast mask:
    • SEA
    • SEA0
    • SEA1
      .
      .
      .
    • SEA254
    • SEB255

To extend routing, follow these steps:

  1. Define the pseudointerfaces using the SET INTERFACE and SET CONFIGURATION INTERFACE commands:


    TCPIP> SET NOINTERFACE interface
    
    TCPIP> SET INTERFACE interface /HOST=host -
    _TCPIP> /NETWORK_MASK=mask /BROADCAST_MASK=b_mask
    
    TCPIP> SET CONFIGURATION INTERFACE interface /HOST=host -
    _TCPIP> /NETWORK_MASK=mask /BROADCAST_MASK=b_mask
    

    For example, to specify the pseudointerface FFA0 on host KESTREL, with network mask 255.255.0.0 and broadcast mask to 128.30.0.0, enter:


    TCPIP> SET NOINTERFACE FFA0
    
    TCPIP> SET INTERFACE FFA0 /HOST=KESTREL /NETWORK_MASK=255.255.0.0 -
    _TCPIP> /BROADCAST_MASK=128.30.0.0
    
  2. Enter the same information into the configuration database to set up the interfaces at startup. For example:


    TCPIP> SET CONFIGURATION INTERFACE FFA0 /HOST=KESTREL -
    _TCPIP> /NETWORK_MASK=255.255.0.0 /BROADCAST_MASK=128.30.0.0
    

    To display information about the network interfaces, use the SHOW INTERFACE command. To remove the interface from the configuration database, use the SET CONFIGURATION NOINTERFACE command.

4.4.4 Interface Routes

If you have a configuration in which multiple networks share the same physical LAN, you can communicate directly with hosts in other networks without the need of a pseudointerface for each network.

You can use a broadcast address to designate an interface route, also called a metric 0 route.

To create interface routes, follow these steps:

  1. As the gateway for the route, enter either one of the host's own addresses or the broadcast address associated with an interface.
    TCP/IP Services recognizes this route as an interface route.
  2. Configure the hosts in the other network to recognize that your network is present on their LAN.

For example, network 99.0.0.0 is on the same cable as network 192.199.199.0. On host 99.1.2.3, specify network 192.199.199.0 as directly reachable:


TCPIP> SET ROUTE 192.199.199.0 /NETWORK /GATEWAY=99.1.2.3

On the hosts in network 192.199.199.0, enter:


TCPIP> SET ROUTE 99.0.0.0 /NETWORK /GATEWAY=192.199.199.255

4.4.5 Manually Configuring a Hardware Address

Network hosts require manual configuration of a hardware address for a remote IP address under the following conditions:

  • The remote host does not support the Address Resolution Protocol (ARP). You need static mapping of IP addresses to hardware addresses.
  • The remote host is running ARP, but a change was made to the internet interface on that host.
    To notify your system about the change, flush the address mapping tables. Use the SET NOARP command to do this.

For example, to map the Ethernet address AA-02-04-05-06-07 of host ROOK, add the hardware address to the ARP table by entering the following command:


TCPIP> SET ARP AA-02-04-05-06-07 ROOK


Chapter 5
Configuring and Managing failSAFE IP

failSAFE IP is an optional service provided by TCP/IP Services to allow IP addresses to fail over when interfaces cease functioning on a system where multiple interfaces have been configured. When the same IP address is configured on multiple interfaces, network connections can be maintained when:

  • The network interface card (NIC) fails.
  • A cable is disconnected or broken.
  • A switch for a port fails.
  • The node or the TCP/IP Services software is shut down.

This chapter reviews key concepts and describes:

5.1 Key Concepts

The failSAFE service monitors an interface and takes appropriate action upon detecting interface failure or recovery. failSAFE IP provides IP address redundancy by requiring the same IP address to be configured on multiple interfaces. Only one instance of each IP address is active at any time; the other duplicate IP addresses are in standby mode.

Standby IP addresses can be configured on multiple interfaces within the same node or across an OpenVMS Cluster. The interfaces are monitored by the failSAFE IP service. When an interface fails, each active IP address on the failed interface is removed and the standby IP address becomes active. If an address is not preconfigured with a standby, then the address is removed from the failed interface until it recovers.

Static routes on the failed interface are also removed and are configured on any interface where their network is reachable.

When an interface recovers, it can request that its IP addresses be returned to it when the interface is configured as the home interface for one or more addresses. When the home interface recovers, it requests that the current holder of the address give it up. (For more information about home interfaces, see Section 5.2.3.)

The current holder of an address does not release an address if this action will result in dropped connections, or if the current holder is also designated as a home interface for that address.

Management intervention can be taken to force the removal of an address.

5.2 Configuring failSAFE IP

Configuring failSAFE IP requires two steps:

  1. Assign the same IP address to multiple interfaces. Only one instance of that address is active; all other instances are in standby mode. For simple configurations, use the TCPIP$CONFIG Core Interface menu to assign an IP address to multiple interfaces. Alternatively, use the ifconfig utility, which provides a greater degree of management control. For more information, see Section 5.2.1.
  2. Use the TCPIP$CONFIG.COM command procedure to enable the failSAFE IP service, which monitors the health of interfaces and takes appropriate action when it detects interface failure or recovery. This service is available from the Optional Components menu.

5.2.1 Configuring failSAFE IP Manually

A failSAFE IP address can be configured by using the TCPIP$CONFIG.COM command procedure, or manually by using the TCP/IP management command SET INTERFACE.

For instance, to create an IP address of 10.10.10.1 on interface IE0 and a standby alias address on interface IE1 (pseudointerface IEB0), use the following commands:


$ TCPIP
TCPIP> SET INTERFACE IE0/HOST=10.10.10.1
TCPIP> SET INTERFACE IEB0/HOST=10.10.10.1

Alternatively, you can use the ifconfig utility to configure an interface manually. For example:


$ ifconfig ie0 10.10.10.1
$ ifconfig ie1 alias 10.10.10.1

To view the standby addresses, use the ifconfig utility. For example:


$ ifconfig -a
IE0: flags=c43<UP,BROADCAST,RUNNING,MULTICAST,SIMPLEX>
   *inet 10.10.10.1 netmask ff000000 broadcast 10.255.255.255
IE1: flags=c03<UP,BROADCAST,MULTICAST,SIMPLEX>
     failSAFE IP Addresses:
        inet 10.10.10.1 netmask ff000000 broadcast 10.255.255.255 (on HUFFLE IE0)

In this example, interface IE1 displays a failSAFE IP address that is active on node HUFFLE, interface IE0.

Note

In an OpenVMS Cluster, an IP address with active connections cannot be reassigned to another node in the cluster. Therefore, you should always configure a standby interface on the same node as the home interface.

DNS-controlled primary addresses should be placed under the control of the BIND/DNS load broker to make sure that the DNS alias continues to be available.

The ifconfig utility provides greater control of failSAFE IP addresses. Table 5-1 describes the ifconfig options that support failSAFE IP.

Table 5-1 ifconfig Options for failSAFE IP
Option Description
[ - ] fail Forces an interface to fail. You can recover the interface using the -fail command.
[ - ] home Forces an alias address to be created with a home interface. This option is used used when creating IP addresses. By default, all primary IP addresses are created with a home interface.
[ - ] fs Creates an address that is not managed by failSAFE IP. All IP addresses are created as failSAFE addresses by default, except for addresses assigned to the loopback interface LO0 (for instance, the local host address 127.0.0.1).

5.2.2 Modifying the failSAFE IP Configuration Parameters

By default, the failSAFE IP service monitors all TCP/IP interfaces on a system, periodically polling each interface using default polling intervals. You can override the defaults by editing the configuration file. To change the name or location of the configuration file, define the logical name TCPIP$FAILSAFE. Be sure to include the /SYSTEM and /EXECUTIVE qualifiers, and make sure that the failSAFE process is stopped, or your changes will not take effect. By default, the configuration file name and location are:


SYS$SYSDEVICE:[TCPIP$FSAFE]TCPIP$FAILSAFE.CONF

Table 5-2 describes the configuration parameters.

Table 5-2 failSAFE IP Configuration Parameters
Parameter Description Default
GENERATE_TRAFFIC Enables failSAFE IP to periodically generate either MAC-level broadcasts or gratuitous ARP packets. ARP traffic requires an active IP address on the NIC. MAC-level traffic is sent regardless of the NIC configured with IP. You can also use this parameter to turn off traffic generation.

This parameter allows three settings:

  • MAC
  • ARP
  • OFF

For example,to generate periodic ARP packets, enter the following parameter in the configuration file:

GENERATE_TRAFFIC: ARP

MAC
MAC_PTY If MAC-level broadcast traffic is being generated, the MAC protocol type may also be specified as a two-byte hexadecimal number. For example, from the Web site, http://www.iana.org/assignments/ethernet-numbers, the DEC Diagnostic protocol type has a value of 6005.

For example, to generate MAC protocol packets of the DEC Diagnostic protocol, enter the following parameter in the configuration file: MAC_PTY: 6005

If this parameter is not specified, an available protocol type is selected.
LOGFILE Specifies the name and location of the log file. The logical name TCPIP$FAILSAFE_LOGFILE points to the log file. For example, to specify an alternate location, enter the following parameter in the configuration file:
LOGFILE: DEV1:[STATS]FAILSAFE.LOG

SYS$SYSDEVICE:[TCPIP$FSAFE] -

TCPIP$FAILSAFE_ nodename.LOG
INTERFACE_LIST The list of interfaces that failSAFE monitors. All interfaces
INFO_POLL Specifies the polling interval used when the interface is known to be functional. It requires two INFO_POLL timeouts to determine that an interface is not responding, at which time the polling frequency is set to the WARN_POLL period. 3 seconds
WARN_POLL Specifies the polling interval used when the interface first stops responding. It will continue polling the interface for RETRY_WARN attempts before the interface is deemed to be malfunctioning, at which time the polling frequency is set to ERROR_POLL and failover occurs. 2 seconds
RETRY_WARN Specifies the number of warning polls before the interface is deemed to be malfunctioning and the IP addresses associated with it are removed. A value of zero skips the WARN_POLL cycle. 1 retry
ERROR_POLL Specifies the polling interval used when the interface is deemed to be malfunctioning. failSAFE monitors a malfunctioning interface at this frequency until it determines that the interface has recovered, at which time the polling frequency is set back to the INFO_POLL period. 30 seconds


Previous Next Contents Index