A Single-Step Internet Access Solution for Novell NetWare LANs

Novell NetWare is a network operating system (NOS) that provides personal computer users shared access to file servers, printers, and other resources through the use of applications that run over Novell's Internetwork Packet Exchange (IPX) network protoco l. According to some analysts, NetWare boasts a 70 percent share of the NOS market, and IPX is used on over 40 million machines. However, the rapidly growing Internet and its popular suite of applications, such as FTP, Gopher, Mosaic, and Netscape Navigat or, run over the Transmission Control Protocol/Internet Protocol (TCP/IP) network protocol, not IPX. Historically, connecting Novell LAN users to the Internet has proven to be difficult and expensive, because they communicate using entirely different prot ocols. The Cisco Internet Junction^TM gateway software makes the process of connecting IPX-based NetWare networks to the Internet simpler, faster, and less expensive to implement than ever bef ore.

This document identifies the different methods of connecting Novell NetWare networks to TCP/IP-based internetworks. It exposes the limitations of past solutions and examines the benefits offered by the Cisco Internet Junction software.

Traditional Novell NetWare LAN-to-Internet Connection Method

In the past, providing Internet access to NetWare network users was a complicated and expensive proposition. IPX-based applications do not generally interoperate with TCP/IP-based applications, so historically, for a single workstation to connect to bo th IPX and TCP/IP-based services, the workstation required both an IPX and TCP/IP protocol stack installed. This is known as a dual-protocol solution. (See Figure 1.)

Figure 1: Dual-Protocol Solution

Dual-Protocol Solution

Considerations of a Dual-Protocol Solution

While a dual-protocol solution can be appropriate for some environments, users considering such a solution must evaluate the following issues:

What is the goal of the project? If the objective is only to provide Internet access to NetWare clients, loading the TCP/IP protocol on each workstation may be overkill.
In some environments, the cost of purchasing a TCP/IP stack for each user workstation might be significant.
Managing multiple protocols at the user workstation requires a significantly higher level of technical support and maintenance, which leads to higher costs for network ownership.
In some situations, Security of workstations using the TCP/IP protocol may be an issue.
When multiple protocols are loaded on a single workstation, memory limitations can hinder performance of networked applications.

The costs associated with the acquisition, installation, and maintenance of TCP/IP and Internet connectivity can be significant. When evaluating which solution to use, users must also consider the following:

NetWare sites often do not have personnel with the right training and experience to quickly install and configure TCP/IP without significant delays.
Typically, the addition of a TCP/IP protocol stack to an existing NetWare client is a management-intensive process. Designing the network, installing the TCP/IP protocol and client software, and assigning a TCP/IP address are all tasks that general ly require the talents of a network manager. To determine the scope of the project, multiply the time required to perform these tasks by the number of clients being connected.
Another major cost associated with TCP/IP is security. When all workstations possess TCP/IP addresses, they become targets for hackers and network intruders attempting to gain access from the Internet. Some environments might require the use of a f irewall in order to protect these workstations from unauthorized access and tampering. A simple firewall solution can cost a minimum of $10,000 to purchase and configure. A top-of-the-line firewall software installation may cost over $50,000.

Cisco's Solution for NetWare LAN-to-Internet Connections

The Cisco Internet Junction software delivers powerful, reliable, and secure Internet and World Wide Web access to NetWare client workstations without the cost and complexities of TCP/IP networking at the desktop. The product connects Novell NetWare with the vast resources available on the TCP/IP-based Internet. Internet Junction software enables Novell NetWare users to run WinSock 1.1-compliant TCP/IP applications over IPX without having to install a TCP/IP stack at each workstation. Only one IP address is required in order to provide Internet access to a large number of IPX clients on a Novell network, thus preserving scarce IP addresses and reducing maintenance and administration costs.

The Cisco Internet Junction gateway is available today as a client/server software package. The server (or gateway) software operates on a PC running Microsoft Windows NT, and the client software supports such platforms as Microsoft Windows 3.1, Windows f or Workgroups, and Windows 95. Cisco Internet Junction software supports various WAN connections including dial-up, Integrated Services Digital Network (ISDN), Switched 56, T1/E1, and T3.

Because TCP/IP evolved as an open protocol, security is a greater concern in TCP/IP networks than in networks that use proprietary protocols such as IPX. Because the Internet Junction gateway effectively functions as a firewall solution, it establishes a high level of security at an affordable investment. IPX clients are not assigned individual TCP/IP addresses; therefore the NetWare network is effectively isolated from intruders attempting to gain access via the Internet.

In order to offer a complete, economical, and easy-to-implement solution, the Cisco Internet Junction gateway software comes bundled with Netscape Navigator software.

Cisco Internet Junction software operates as an IPX-to-TCP/IP gateway implemented in a client/server architecture. The software comprises two components: the server and the client executables.

Internet Junction Server

The server software runs on a Windows NT 3.5x-based PC and includes two executable files. The first and most important file is IJGATE.EXE, which performs the translation or bridging of IPX to TCP/IP. The other file, IJDNSD.EXE, handles Domain Name Server (DNS) resolution at the gateway. IJGATE.EXE uses approximately 180 KB of memory, and IJDNSD.EXE uses approximately 45 KB of memory.

The PC running the Internet Junction server components requires configuration of both the IPX and TCP/IP Protocols. Both protocols are standard and are shipped with Microsoft Windows NT Version 3.5. (S ee Figure 2.)

Figure 2: Internet Junction Server

Client Software

The client software component includes two files: WinSock.DLL and IJCLIENT.EXE. These files enable third-party TCP/IP applications that are compliant with WinSock version 1.1 to run over the IPX protocol. Examples of such applications include Netscape Nav igator, SAP, and Lotus Notes. (See Figure 3.)

Figure 3: Internet Junction Client

Internet Juction Client

The Internet Junction WinSock.DLL was designed according to the Windows Sockets API (WinSock). This is a specification that solves most application compatibility problems. It provides a layer between Internet applications and the underlying TCP/IP communi cations stack. Software developers write applications that communicate directly with WinSock, and TCP/IP stack vendors write WinSock interfaces to their stacks. WinSock is only a specification, so there is no guarantee that every WinSock 1.1 application w ill operate in all situations. Specifications do not ensure compatibility.

The IJCLIENT.EXE file works in tandem with the WinSock.DLL to allow TCP/IP applications to run over IPX.

In order to provide increased flexibility, Internet Junction client software can be loaded either in the public folder of the NetWare server or on each client workstation.

Client and Server Working Together

The Cisco Internet Junction client and server software work together to provide a complete connectivity solution. When a user launches an Internet application such as Netscape Navigator, Netscape opens a connection to the network using the WinSock.DLL fil e. The client then communicates with the Internet Junction gateway LAN server using the IPX protocol. The Internet Junction gateway runs the IJSERVER.EXE file, which translates the IPX information to the TCP/IP protocol before transmitting it to the WAN.

Client applications using the Internet Junction gateway perform at approximately 90 percent of their native performance level. Any dissatisfaction with the performance of such Internet applications as Netscape Navigator is almost always because of inadequ ate bandwidth on the Internet WAN connection. Typically, the more WAN bandwidth available, the higher the degree of performance desktop users will experience.

System Requirements

Gateway Platform

CPU: IBM or compatible suitable for Windows NT
OS: Microsoft Windows NT Version 3.5 workstation or server
Network adapter with IPX (ODI) drivers
WAN options: PPP/SLIP (via dialup modem), ISDN, Frame Relay, 56K, or T1/E1, T3
Internet Connection: A link to the user's choice of Internet Service Provider

Client Workstations

CPU: IBM PC or compatible
OS: Microsoft Windows 3.1, Windows for Workgroups 3.11, or Windows 95
Network: Novell NetWare 3.x or NetWare 4.x
WinSock 1.1-compliant application(s) (Browser, FTP, etc.)

Additional Requirements

Installation of the Internet Junction software is an easy process and offers NetWare users immediate access to internal TCP/IP-based resources. However, in order to provide access to the global Internet, a connection to an Internet Service Provider (ISP) must be established. The local telephone company must be contracted to provide an appropriate WAN line, for example dial-up, ISDN, or 56K. This WAN line will connect the internal network to the chosen ISP. Depending on the configuration, a router, PC card , or modem will be required to provide a connection to the WAN line. The ISP will provide users with IP addresses to install on their Internet gateway PCs. Two IP addresses per user will be needed if a router is used. Often an ISP will contract with the t elephone company for a WAN connection in order to provide an integrated solution. (See Figure 4.)

Figure 4: Connecting to the Internet

Connecting to the Internet

Statement of Direction

Cisco has announced a three-phase plan for the delivery of the Cisco Internet Junction gateway technology. Today, Cisco offers the Internet Junction gateway as a client/server software product. In order to make this solution available to the widest ran ge of users, Cisco intends to expand the range of choices available to network managers.

In early 1996, Cisco will offer a standalone, integrated Internet Junction gateway solution that will include both the hardware and software components of the Internet Gateway server. This turnkey solution will be offered in a number of fixed hardware configurations and will be based on the popular Cisco Internetwork Operating System (Cisco IOS^TM) software. The Cisco IOS software provides a stable development platform, a wide range of internetworking op tions, and a simple and consistent user interface.

Later in 1996, Cisco will incorporate the Internet Junction gateway server software as an optional feature of the Cisco IOS software. By merging the functionality of the Internet Junction gateway into the Cisco IOS software, it will be possible to deli ver the Internet gateway functionality across a wide variety of hardware platforms. Users will be able to purchase the Internet Junction solution as an extra cost option to the Cisco IOS software.

Summary

Using a single TCP/IP address for an entire LAN, the Cisco Internet Junction gateway software connects Novell NetWare users to the Internet with the ability to run TCP/IP applications such as Web browsers and FTP software. This capability eliminates the need to configure and maintain a TCP/IP protocol stack on every deskt op or to run NetWare routing protocols on the corporate network. By simplifying the IP addressing issues and offering expanded services to Novell NetWare sites, Cisco provides a superior Internet connectivity option to Novell NetWare users.

Posted: Mon Sep 30 15:36:12 PDT 1996