dlnash@ut-emx.UUCP (Donald L. Nash) (07/13/88)
Here at UT Austin, we have been using KIP for about 1.5 months. We have
been very satisfied with it except for one problem which still plagues us.
KIP assumes that it is running in a subnetted environment and so it tries to
do directed broadcasts to what it thinks are other subnets. Unfortunately,
(for KIP anyway), UT Austin does not do any subnetting. Our campus network
consists of several small to medium sized Ethernet segments bridged together
over broadband cable. Since the entire Ethernet/broadband assembly looks
like one very large Ethernet, we have no need for subnetting. Unfortunately,
we seem to be unable to tell KIP this. It insists on trying to broadcast to
addresses like 128.83.151.0 (we still have some 4.2 hosts, so we must do
zero-fill broadcasts). This causes ARP storms as hosts try to arp
128.83.151.0, and it causes ICMP storms as various hosts and gateways send
"port unreachable" and "host redirect" messages to the kboxes. These storms
use a significant fraction of our network bandwidth and cause high loading
on all machines on the network, since they all must process the broadcasted
ARP packets.
We have tried various combinations of N0 lines and H lines to try to solve
this problem. None of them worked. My question is: Why does KIP assume
subnetting is being used? Further, why isn't there a subnet mask which can
be configured into KIP (via atalkatab), to control how subnetting is done,
rather than just assumming 8 bit subnets?
I've looked through the KIP sources and found this (gw.c, line 726)
idst = (ddp.dstNet == ifp->if_dnet) ? conf.ipbroad :
ar->node + ipbroadtypes[ar->flags&arouteBMask];
which I interpret to mean:
if (destination appletalk network == my directly connected network)
use the broadcast address sent with the config data;
else
construct a directed broadcast and use it;
Why couldn't this be changed to something like this:
#define conf_1fillbroad 1 /* true if broadcast addr is 1-filled */
/* false if broadcast addr is 0-filled */
struct conf {
...
u_long ipsubnetmask;
} conf;
idst = (conf.flags & conf_1fillbroad) ? ar->node | ~conf.ipsubnetmask
: ar->node & conf.ipsubnetmask;
If the network in question uses 1-filled IP addresses for the broadcast
address, then ORing the one's complement of the subnet mask into the IP
address in ar->node will give the correct broadcast address, whether or not
the destination appletalk network is on this subnet or on another one. This
does require support for directed broadcasts, obviously. Likewise, if the
network uses 0-filled IP addresses for the broadcast address, ANDing the
subnet mask into ar->node will give the correct broadcast address.
This scheme has the added advantage of being able to configure just how KIP
is to do subnetting, if it is to do it at all. For example, a class B
network like ours, which does no subnetting, could set the subnet mask to
0xffff0000, which would effectively turn subnetting off. Some other class B
site which uses 4 bits of subnet and 12 bits of host number could set the
mask to 0xfffff000 and get proper operation.
Does this sound reasonable? If it does, I am prepared to implement it here
at UT Austin. If my logic is way off (quite possible, since I haven't made
a deep study of the KIP code), then please explain to me the error of my
ways.
I read comp.protocols.appletalk regularly, so replies sent there are OK. If
you think your reply is of general interest, go ahead and post it (I don't
want to post a summary unless I feel it is necessary.)
Thanks in advance for help, suggestions, approvals, etc.
Don Nash
ARPA: dlnash@emx.utexas.edu
BITNET: DLNASH@UTADNX, D.NASH@UTCHPC
THENET: UTADNX::DLNASH, UTCHPC::D.NASH
UUCP: dlnash@ut-emx.UUCP
UUU UUU
U U The University of Texas at Austin
U TTTTUTTTTTTTTT Computation Center
U T U TT T
U U TT "The world is basically non-linear."
UUUUUUU TT
TT
TTTTcroft@CSLI.STANFORD.EDU (07/14/88)
Don, KIP doesnt really have any subnet assumptions built into it. That is why there is no subnet mask in the conf data. (It could use a subnet mask for routing purposes, instead of depending on proxy ARP, but that is another issue.) For your situation, it sounds like the 'H' line is the way to go, pointing to a UNIX host running the redirector (atalkrd). I dont understand why this didnt work for you. If you use any type of 'N' line, there WILL be storms of some sort because you say you have a mixture of 4.2 and 4.3 style hosts. The only way around this at present is the 'H' hack with a redirector pointing to the specific hosts running CAP (dont tell the redirector to broadcast). Another 'minor' point you have to worry about with an unsubnetted class B net: You can only reach 254 CAP hosts in one contiguous area of your entire class B allocation. For example, if you setup an H line pointing to 128.83.1.33 (emx.utexas.edu), then you can only reach with CAP, hosts numbered 128.83.1.1 thru 128.83.1.254. This is because the appletalk net/host number (16 and 8 bits respectively) maps rather simplemindedly into an IP net/host number (32 bits of IP number, with the lower 8 bits being the host number). It doesnt make any difference whether you use 'N' or 'H', you still only get 254 appletalk hosts per appletalk net number. As you surely know, this is a limitation of ethertalk as well.