DataMuseum.dk

Presents historical artifacts from the history of:

DKUUG/EUUG Conference tapes

This is an automatic "excavation" of a thematic subset of
artifacts from Datamuseum.dk's BitArchive.

See our Wiki for more about DKUUG/EUUG Conference tapes

Excavated with: AutoArchaeologist - Free & Open Source Software. 

top - metrics - download
Index: T r

⟦e8806c530⟧ TextFile

    Length: 4028 (0xfbc)
    Types: TextFile
    Names: »rev0987«

Derivation

└─⟦9ae75bfbd⟧ Bits:30007242 EUUGD3: Starter Kit
    └─⟦3b20aab50⟧ »EurOpenD3/network/snmp/kip-snmp.91.tar.Z« 
        └─⟦b503a39fe⟧ 
            └─⟦this⟧ »kip/doc/rev0987«

TextFile

09/87 REVISION OF KIP

The September 1987 revision of KIP implements zones and a limited form
of server protection on a zone basis.  Upon startup the gateway gets
the zone configuration from the administrator daemon (atalkad) via a
new packet type (aaZONE).  Three different forms of server protection
are available so that LaserWriters and other resources without password
protection can be restricted from use outside the zone.


ZONE NAME CONFIGURATION

The administrator database table (atalkatab) file keeps the same
organization, however now the zone name strings (on lines beginning
with a net number) are actually used.  Any string (up to 31 bytes) is
valid here, but the zone selection box in the chooser only shows about
the first 16 bytes.  Be sure that all kboxes and nets in the same zone
have the identical zone name spelling, including upper/lower case.

On any UNIX machine running CAP, be sure to edit /etc/atalk.local so
that the zone name field is now the correct value.  You will probably
have to kill off atis, aufs and other CAP servers and restart them so
that they will pickup their proper zone name.

Since atalkatab consists of fields separated by space/tab, a space is
invalid within fields.  However the '_' character in any field will
convert to a space, if for example you need a space within your zone
name.  (To get a '_' in the name, use a double underscore '__').  Note:
since other programs/files (such as CAP's /etc/atalk.local) also use
space delimited fields, it may be unwise at present to choose a zone
name with embedded spaces.

The quoted zone name field in the per gateway configuration information
is no longer used, and is ignored.  You may delete it from your
atalkatab file at your convenience.

If you have Hayes bridges or other bridging devices on the appletalk
cable within a zone, list these net numbers as extra 'K' lines pointing
to the kbox on whose net they are connected.  Don't specify any
'configuration information' for these nets, that information should
only follow the K line that describes the actual kbox.


NBP FILTERING

Name Binding Protocol (NBP) LookupReply's that pass through the gateway
may be optionally filtered to prevent off-zone server access.  Three
different bit flag values may be specified in the 'flags' field of
the kbox config info within atalkatab.  These flags control the filtering
inside that kbox ONLY.  Usually none or only one of the flags will be
specified.

	flagname		hex value
	--------		---------
	(no flags)		0
	conf_stayinzone		1
	conf_laserfilter	2
	conf_tildefilter	4

Conf_stayinzone is the most restrictive flag, if specified, machines in
this zone will only be able to access resources within their own zone.
Access to ANY resource outside this zone will be prevented.

Conf_laserfilter is a more likely to be used flag.  The LaserWriter's
inside this zone will be available to all members of this zone.  However
machines outside this zone will be unable to see any of the LaserWriter's
on this kbox.

Conf_tildefilter is a similar flag.  By default, all NBP names will be
accessable outside the zone.  However if an NBP entity name ends in the
character '~' (e.g. "ourprinter~"), then this name will be unseen by
any machines outside of the zone.


OTHER CHANGES

Atalkrd has an #ifdef SO_BROADCAST to set this flag (on 4.3 BSD
systems) to allow use of the broadcast address.

Atalkad builds the zone name information and passes it to the gateway
when a aaZONE packet is received.  Location of the atalkatab and
atalkalog files are now #defines.  An atalkalog message now indicates
how full the atalkatab database is.   A minor bug is fixed regarding
errno being reset by readtab().

In the gateway itself, the CMU mods are included to avoid replying to
ARPs until the configuration phase is complete.  A minor bug is fixed
regarding N0 routing table entries.

Revision 9/87 was done by Charlie C. Kim, User Services, Columbia
University and Bill Croft, SUMEX.

The 'install' document was revised with latest information.