[Top] [Prev] [Next] [Bottom]

Using Boundary Access Node

This document describes the Nx Networks implementation of Boundary Access Node (BAN). Developed in close collaboration with IBM, BAN provides a reliable, low-cost way for attached PU Type 2.0 and 2.1 end stations to communicate with the SNA environment across wide area links.

The following sections explain how to configure your router for BAN:

About Boundary Access Node

Using BAN

Using Multiple DLCIs for BAN Traffic

Checking the BAN Configuration

Enabling BAN Event Logging System Messages

BAN Configuration and Monitoring Commands

About Boundary Access Node

Boundary Access Node (BAN) is an enhancement of the Frame Relay (FR), DLSw, and Adaptive Source Route Bridging (ASRT) capabilities of Nx Networks router software.

BAN is designed to meet the business goals of customers who do not need a full DLSw implementation. It provides a low-cost method for connecting to IBM environments, enabling SNA end stations to bridge Ethernet, FDDI, or Token Ring traffic directly to the FEP without frame conversion by another DLSw router. This saves significantly on capital equipment costs, since it removes the need for another router, a Token Ring, and TIC-3745 interface card attached to the remote SNA device.

BAN accomplishes this by enabling IBM type 2.0 and 2.1 end nodes connected to a router running OpenROUTE software to make a direct connection via Frame Relay with the front end processor (FEP) attached to an IBM mainframe.

Figure 6 Direct Connection of End Nodes to IBM FEP Using BAN

.

How BAN Works

BAN works by filtering the frames that Type 2.0 or 2.1 end stations send. The router modifies each BAN frame to comply with Bridged 802.5 (Token Ring) Frame format. The router subsequently examines each frame and allows only those with the BAN DLCI MAC address to pass over a DLCI (Data Link Connection Identifier) to the FEP.

Note: To support BAN, an IBM FEP must be running NCP software 7.3 or greater, or NCP software 7.10 or 7.2 with a software patch. If you have questions about whether your FEP can support BAN, contact your IBM representative.

With BAN, one DLCI is ordinarily all that is needed. However BAN may use many DLCI connections between the router and the IBM environment. In some cases, you may want to set up more than one DLCI to handle BAN traffic. See Setting Up Multiple DLCIs.

There are two ways to use BAN: straight bridging, using the router's bridging capability, and DLSw terminated. In the majority of cases, you should choose the bridging option. However you may consider choosing the terminated option if you want to reduce session timeouts on the DLCI. The sections that follow explain how to set up each option.

Bridged and DLSw-terminated BAN

Proteon enables you to implement BAN in two ways. With the straight bridging method, you configure BAN to bridge LLC2 frames from Type 2.0 or Type 2.1 end stations straight into the NCP. With the DLSw terminated method, BAN terminates the LLC2 connection at the DLSw router.

Within this discussion, we refer to these two methods as BAN Type 1 and BAN Type 2, respectively.

Figure 7 shows a BAN Type 1 (bridged) connection. In this illustration, the router does not terminate the LLC2 traffic it receives from attached end nodes. Instead, the router converts the whatever frames it receives to bridged Token Ring format (RFC 1490) frames, and bridges directly to the NCP.

Figure 7 BAN Type 1: The Router as an LLC-2 Bridge

In this case, the router acts as a bridge between the FEP and end stations. DLSw does not terminate LLC2 session at the router, as in BAN Type 2. End station frames can be Token Ring, SDLC, Ethernet, or FDDI format, provided the bridge is configured to support that type of frame.

Figure 8 shows a BAN Type 2 (Virtual BAN DLSw) connection. In this illustration, the DLSw router does not function as a bridge. The router terminates the LLC2 traffic received from attached end nodes. At the same time, the router establishes a new LLC2 connection to the NCP over the

Frame Relay network. Thus, though two LLC2 connections exist within the transaction, the break between them is transparent both to the NCP and the end nodes. The result is a virtual LLC2 connection between NCP and end nodes.

Figure 8 BAN Type 2: Local DLSw Conversion

Which Method Should You Use?

Straight bridging of frames (BAN Type 1) is generally preferable. This method provides fast delivery of data with minimal network overhead. However, there are exceptions to this rule. If usage on a DLCI is too high, session timeouts may occur in a bridged configuration.

Conversely, session timeouts rarely occur in a DLSw-terminated configuration (BAN Type 2), since this type of configuration terminates and then recreates LLC2 sessions at the local (DLSw) router. For this reason, you may want to use DLSw-terminated BAN in situations where reducing the possibility of session timeouts is a concern. When running in DLSw-terminated mode, the router terminates all traffic on the DLCI. This mode also limits the number of remote end stations the BAN configuration can support.

Using BAN

To configure BAN, follow these steps:

1. Configure the router for Frame Relay (FR)

2. Configure the router for Adaptive Source Route Bridging (ASRT)

3. Configure the router for BAN

4. Open Service Access Points (SAPs) on the FR and LAN interfaces

These steps are documented in the example that follows.

This example assumes that you are setting up a single DLCI to carry BAN traffic. Depending on your circumstances and needs, you may want to set up multiple DLCIs for the sake of redundancy, or to increase total bandwidth to the IBM environment. See Setting Up Multiple DLCIs.

Configuring Frame Relay

To access the Frame Relay configuration area, use the network command at the Config> prompt as shown:

Config>network 2
Frame Relay user configuration
FR Config>
At the FR Config> prompt, add a permanent circuit. The router prompts you for a circuit number, which is the DLCI number. The router then prompts you for a committed information rate, and for a circuit name.

The circuit name is extremely important. It tells the bridge which DLCI to use for BAN frames. In doing so, it provides the linkage between the router (which is acting as a bridge in this case) and the FR protocol. 

FR Config>add permanent
Circuit number  [16]? 20   
Committed Information Rate in bps  [64000]? 
Assign circuit name []? 20-ncp10        
Is circuit required for interface operation? [N]?
You should assign a circuit name that identifies the IBM NCP in some obvious way (as in this example, where the assigned circuit name is
20-ncp10). You should also use a name that has 8 characters or fewer. Choosing a short name may prevent it from being truncated on some bridge configuration screens.

The DLCI you create by assigning a circuit number and name becomes the PVC that connects Proteon's router with the IBM FEP when using BAN. The next step consists of configuring this PVC as a bridge port.

Note: If you want to set up multiple BAN DLCIs connected to the same or different FEPs, you have to configure Frame Relay separately for each DLCI. See Setting Up Multiple DLCIs.

Configuring the Router for Adaptive Source Route Bridging

Next, configure the PVC as a bridge port. To do this, enter protocol bridge at the Config> prompt.

Config>protocol bridge
Adaptive Source Routing Transparent Bridge user configuration
Bridge config>
At the Bridge Config> prompt, add a port. The router prompts you for an interface number. The number you assign is the FR interface number on the bridge. The router then prompts you for a port number and for a circuit name. You must assign the same circuit name as you did when configuring the router for bridging over FR in step 1.

Bridge config>add port
Interface Number [0]? 2
Port Number [5]? 
Assign circuit name []? 20-ncp10
The next step consists of enabling source routing and defining source routing segment numbers for the FR port. 

Bridge config>enable source routing
Port Number [3]? 5
Segment Number for the port in hex(1 - FFF) [1]? 456
Bridge Virtual Segment Number in hex(1 - FFF) [1]? 789
Then, disable transparent bridging on the bridge port as shown: 

Bridge config>disable transparent bridging
Port Number [3]? 5

Configuring the Router for BAN

 You configure BAN from the Bridge config> prompt. The addition of a BAN port is not verified until you restart the router. Note that, as in steps 1 and 2, bridge port 5 is the port used throughout this step.

Config> protocol bridge
Bridge config>ban
BAN (Boundary Access Node) configuration
At the BAN config> prompt, add the port number (5) on which you want to enable BAN. The router prompts you to enter a BAN DLCI MAC address and the Boundary Node Identifier address:

BAN config>add 5                                     
Enter the BAN DLCI MAC Address []? 400000000001   
Enter the Boundary Node Identifier MAC Address [4FFF00000000]?
In this example, 400000000001 is the MAC address of the DLCI: this is the address to which attached end stations send data. The other address, 4FFF00000000, is the default Boundary Node Identifier Address. To accept it, press Enter.

Note: You should always choose the default Boundary Node Identifier address unless the Boundary Node Identifier address of the receiving FEP has changed. This is because the Boundary Node Identifier address must match the corresponding value in the NCP definition. This value is specified by the LOCADD keyword of the LINE statement that defines the physical Frame Relay connection.

Specifying the Type of BAN Connection You Need

 The next prompt asks you to specify which type of BAN connection you want to add, bridged (described earlier as BAN Type 1) or DLSw-terminated (Type 2). Type 1, straight bridging, is the default. You should accept the default unless you want inbound traffic to be terminated at the router.

After you enter b (bridged) or t (terminated), the router informs you that the BAN port has been added. The default choice is b .

Do you want the traffic bridged (b) or DLSw terminated (t) (b/t) [b]?


BAN port record added.

Opening Service Access Points (SAPs)

 To use BAN, you must open the Service Access Points (SAPs) associated with the FR interface, and the LAN interface. If you fail to open these SAPs, you will not be able to use BAN. Failure to open all SAPs is often the cause of configuration problems.

Open the SAPs from the DLSw config> prompt as follows:

DLSw config>open
Interface # [0]?   
Enter SAP in hex (range 0-ff) [0]? 4
Issuing the open command for interface 0 opens the SAP on the LAN interface. You issue the same command to open the SAP on the FR interface. Note that in each case, you enter 4 to open a SAP.

DLSw config>open
Interface # [2]?       
Enter SAP in hex (range 0-ff) [0]? 4

Using Multiple DLCIs for BAN Traffic

 While one DLCI is usually sufficient to handle BAN traffic to and from the IBM environment, setting up two or more DLCIs may prove useful in some circumstances.

Benefits of Setting Up a Fault-tolerant BAN Connection

Redundant connections to multiple NCPs protect against a single NCP failure. In addition, sharing BAN traffic among several DLCIs reduces the chance of one NCP becoming overloaded. In a redundant DLCI configuration, PU Type 2.0 and 2.1 end stations can pass BAN traffic to different NCPs, as shown in Figure 9.

Figure 9 BAN Configuration with Multiple DLCIs to Different FEPs

Setting Up Multiple DLCIs

Setting up multiple DLCIs is a simple matter, particularly if you do it during the initial BAN configuration.

In setting up multiple connections, keep in mind that each Frame Relay DLCI corresponds with a specific FEP in the IBM environment. To pass BAN frames to that FEP, you must specify the correct circuit number when establishing the Frame Relay connection. Your Frame Relay provider can tell you the circuit number for each of your connections.

To set up DLCI connections to different FEPs (Scenario 1, above) you must:

1. Within the Frame Relay configuration:

Define another Frame Relay DLCI on a second bridge port.

2. Within the ASRT configuration:

Add a bridge port for that DLCI.

3. Configure the bridge port for BAN, as shown earlier in this chapter.

Checking the BAN Configuration

When you restart the router, the BAN bridge appears as a FR bridge port with source-routing behavior. Check the BAN configuration with the list command as shown here: 

BAN config>list

bridge  BAN                Boundary              bridged or     
port    DLCI MAC Address   Node Identifier       DLSw terminated  
5       40:00:00:00:00:01  4F:FF:00:00:00:00     bridged
As this example shows, the list command displays each aspect of the BAN configuration, giving the bridge port (5, in this case) the MAC addresses of the router and the NCP, and whether the port is bridged or DLSw terminated.

To check to see that BAN has initialized properly on startup, you can use the router's monitoring environment (at monitor) as follows:

Monitor>protocol bridge
Bridge>ban
BAN (Boundary Access Node) console
BAN>list

bridge  BAN                Boundary           bridged or     
port    DLCI MAC Address   Node Identifier    DLSw terminated  Status
5       40:00:00:00:00:01  4F:FF:00:00:00:00  bridged          Init Fail
BAN has three associated status messages:

If you receive a status other than Up you should check the router's ELS messages to diagnose the problem. The following section explains how to enable ELS messages.

Enabling BAN Event Logging System Messages

After initial BAN configuration and restart, it is a good idea to enable ELS messages to see whether the configuration is working as planned. You can enable BAN-specific messages from the Config> prompt as shown: 

Config>event                                 
Event Logging System user configuration
ELS config>display subsystem ban all
Entering this command displays all BAN subsystem messages. This causes ELS to notify you of all BAN-related behavior. After running BAN for a while, you may want to turn off some messages.

You can switch off specific ELS BAN messages using the nodisplay command and the specific message number. This example illustrates how to turn off the ban.9 message. 

ELS config>nodisplay event ban.9
For a list and explanation of all BAN-related messages, see the Event Logging System (ELS) Messages in the Online Library.

BAN Configuration and Monitoring Commands

Accessing the BAN Configuration Environment

 Use the router's configuration process to change the configuration of the router. The new configuration takes effect when the router is restarted.

To enter the configuration environment, enter configure at the * prompt. This brings you to the Config> prompt:

MOS Operator Control

* configuration
Gateway user configuration
Config>
If the Config> prompt does not appear immediately, press Enter again.

Enter all BAN configuration commands at the BAN config> prompt. Access this prompt by entering ban at either the DLSw config> or ASRT config> prompt as shown: 

Config>protocol dls
DLSw protocol user configuration
DLSw config>ban
BAN config>

Accessing the BAN Monitoring Environment

 To enter the monitoring process, enter monitor at the * prompt. This brings you to the Monitor> prompt:

MOS Operator Control

* monitor
Monitor>
Enter BAN monitoring commands at the BAN> prompt. To access this prompt, enter ban at the DLSW> or Bridge> prompt.

Monitor> protocol dls
DLSW>ban
BAN>

BAN Commands

 Enter BAN configuration commands at the BAN config> prompt and monitoring commands at the BAN> prompt. Table 3 lists the BAN configuration and monitoring commands.

Table 3 BAN Commands
Command Function
Add [C] Add a BAN port

Delete [C] Deletes a BAN port.

List [C] [M] Displays the existing BAN configuration, and informs you whether the port has initialized properly.

Exit [C] [M] Exits the BAN configuration process and returns you to the DLSw config> or Bridge config> process.

Add [C]

Use the add command to add a BAN port.

Syntax: add port #

Example: add 2

Enter the BAN DLCI MAC Address []? 400000000001   
Enter the Boundary Node Identifier MAC Address [4FFF00000000] ?

Do you want the traffic bridged (b) or DLSw terminated (t) (b/t) [b]?  

BAN port record added.

Delete [C]

Deletes a previously added BAN port from the configuration.

Syntax: delete port#

Example: delete 2

List [C] [M]

Use the list command to display information on the existing BAN configuration, or to assess whether the DLCI is functioning properly.

Syntax: list

List [C]

When issued in the BAN configuration module, list provides general information on the BAN configuration.

Example: list

bridge  BAN                Boundary              bridged or     
port    DLCI MAC Address   Node Identifier       DLSw terminated  
5       40:00:00:00:00:01  4F:FF:00:00:00:00     bridged
To check to see that BAN has initialized properly on startup, you can use the router's monitoring environment (at monitor) as follows:

List [M]

When issued in the BAN monitoring module, list provides general information on the BAN configuration. The command also informs you whether each BAN port has initialized properly.

Example: list

bridge  BAN                Boundary           bridged or     
port    DLCI MAC Address   Node Identifier    DLSw terminated  Status
5       40:00:00:00:00:01  4F:FF:00:00:00:00  bridged          Init Fail

Exit [C] [M]

Exits the BAN configuration or monitoring process, and returns you to the previous prompt.

Syntax: exit

Example: exit


[Top] [Prev] [Next] [Bottom]

Copyright © 2001, Nx Networks, Inc. All rights reserved.