Cabletron Systems Cabletron CyberSWITCH CSX5500 User Manual

Also see for CyberSWITCH 5500: Quick start Manual

Contents

Central Site Remote Access Switch 339CONFIGURING IPXIPX SpoofingW ATCHDOG P ROTOCOLWatchdog Protocol is used by NetWare Servers to detect “dead” clients. If no traffic has been seenby a server from an attached client for a configurable amount of time, the server sends a watchdogpacket to the client to determine if the client is still alive or merely inactive. If, after a few minutes,a watchdog reply is not received by a server, it is assumed that the client is no longer alive and theconnection to the server is terminated.If no connection exists to a device and the server sends a watchdog request to a remote client, aconnection would have to be established to deliver the watchdog request. With watchdog spoofingenabled, a watchdog response is generated internally and delivered to the server as if the packetwas sent by the remote client. This satisfies the server without causing a connection to beestablished. To allow a server to timeout a client that is no longer alive, the watchdog requests areforwarded over the WAN when a connection already exists. In addition, a watchdog spoofingduration time, T, can be specified. When the connection is down to a device and a watchdog requestis received that should be forwarded to this device, a watchdog response will be spoofed for Tamount of time. After T amount of time, the watchdog request will be filtered without generatinga response. The duration timer T starts when a device is disconnected and is reset each time a newconnection is established.This above described implementation will be followed for watchdog request packets received overthe LAN and the WAN. If a watchdog request is received over the WAN and it is determined thata spoofed watchdog response should be generated, it will be returned over the same WANconnection on which it was received.The implementation of watchdog spoofing eliminates unnecessary connections while allowingclients to be aged out and does not require any client side spoofing or end-to-end-protocol.The parameters for watchdog spoofing are configured for each remote device. The watchdogspoofing option can be enabled or disabled. By default the option is enabled. When disabled thewatchdog requests are routed without any special handling. If the option is enabled, the watchdogspoofing duration time T is specified in minutes. The default is set to 120 minutes.SPX P ROTOCOLSPX Protocol is optionally used by NetWare applications requiring guaranteed, in-sequencedelivery of packets by a connection-oriented service. Each end of an SPX connection sends keep-alive packets, identified as packets, to monitor the status of the connection.The SPX protocol ensures connection integrity by exchanging a keep-alive packet between theconnection end-points, once every 6 seconds. If an SPX keep-alive packet is received that is destinedfor a remote device and no connection exists to the device, a connection would have to beestablished to deliver the packet. The keep-alive packets are handled using the same approachbeing used for server watchdog request packets. With SPX spoofing enabled, a keep-alive isgenerated internally and delivered to the local endpoint as if the packet was sent by the remoteendpoint. This satisfies the local endpoint without causing a connection to be established. To allowan SPX connection to timeout the keep-alives are forwarded over the WAN when a connectionalready exists. In addition, an SPX spoofing duration time T can be specified. When the connectionis down to a device and a keep-alive is received that should be forwarded to this device, a keep-alive will be spoofed for T amount of time. After T amount of time, the keep-alive will be filteredwithout generating a keep-alive response. The duration timer T starts when a device isdisconnected and is reset each time a new connection is established.