Re: ways to seperate IP and IPX traffic? [7:42855]
That's exactly what I was looking for, but can you tag IPX. I kept thinking that you could only tag IP. Now that I think of it, tagging is L2, so I could tag it, couldn't I? Chuck wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... in the old days of vlan switching, there was serious discussion of using vlans to separate traffic by protocol. set up ports 1,3 and 5 as IP and ports 2,4, and 6 as IPX. More importantly, put all those renegade AppleTalk users on their own VLAN so their traffic doesn't bother people with real work to do ( ;- ) I don't know if there is serious talk of this any more. Is this kinda what you had in mind? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What are some good ways to separate IP and IPX traffic on a LAN? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42881t=42855 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ways to seperate IP and IPX traffic? [7:42855]
This is how I used to setup 3com 3500's. They could not do wire speed ip/ipx if they were on the same interface. so for every layer 3 network, you would actualy have two interfaces. Both of which would go back to the same vlan on the core switch. of course, at layer two, all the frames are still traversing the same equipment, so unless you are using older gear (such as the 3500) it's kinda silly to set things up that way. Unless you just want to compare port utilization for ip/ipx...? And sniffer pro does that quite nicely... :) my $.02 -Patrick Chuck 04/29/02 09:06PM in the old days of vlan switching, there was serious discussion of using vlans to separate traffic by protocol. set up ports 1,3 and 5 as IP and ports 2,4, and 6 as IPX. More importantly, put all those renegade AppleTalk users on their own VLAN so their traffic doesn't bother people with real work to do ( ;- ) I don't know if there is serious talk of this any more. Is this kinda what you had in mind? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What are some good ways to separate IP and IPX traffic on a LAN? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42886t=42855 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ways to seperate IP and IPX traffic? [7:42855]
Sounds like your novell admins just use compaq smart start and leave things at defaults. (novell WILL destroy a network if not configured properly) The tree is constantly updated. (putting your novell network on it's own l3 net also helps out a lot! And across WAN links? Forget it! If you have servers at remote sites, updates to the tree should be done at off peak times. (but don't think MS and active directory is going to fix any problems. It's worse across WAN links than novell! constantly pushing and pulling garbage! And let's not even go there with SMS... Ever take a trace of a poorly configured sms install? woowee... I see an average of a 2% traffic increase when migrating to active directory over a standard nt domain. (and 2% of 100mb is nothing and on a lan is not bad at allbut take that same percentage and bounce it across your wan links and you start to bog down!) (and I don't push novell or microsoft...if I push anything, it's linux/unix :) ) I just don't believe there is one best answer... all the nos's have their flaws and their strong points. -Patrick long live netbeui Michael L. Williams 04/29/02 11:17PM Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... AppleTalk traffic doesn't bother other people. AppleTalk devices don't broadcast; they multicast, and they don't do that very often. AppleTalk routers and servers don't ever broadcast (or multicast) service announcements like they do in an IPX environment. And the Chooser doesn't broadcast either. A Mac sends a unicast packet to a router when the user pulls up the Chooser. The router figures out which networks are in the zone and forwards the unicast. The recipient routers then multicast. And, no, this doesn't repeat forever at short intervals. Since Mac OX 7.0 (1989) the Mac has backed off on the unicasts it sends to start the process. Okay...at the risk of facing the wrath of Priscilla, here goes. =) Just off the top of my head, why would multicasting be any better than broadcasting in fact, wouldn't that be worst as broadcasts (L2 or L3) are stopped at the router whereas multicast could traverse your entire network, even through routers...? You gotta give me this tho: AppleTalk picks a layer three address at random, then checks to see if it's in use and repeats until it finds one it can use. How lame is that? I was digging thru my CCNA notes from 2+ years ago and read a comment I wrote saying (about it choosing an L3 addr at random) imagine if that were used on the internet... it could take days/weeks to get an IP address.. =) You knew you would push one of my buttons, didn't you? ;-) As far as IPX traffic, it's not really that bad either, but the SAP broadcasts can get excessive. There are many ways to keep them contained, if that's what the poster had in mind. I think he better give us more info on what he's trying to accomplish. I have to disagree here... IPX traffic is horrible (admittedly due to Novell, not as a protocol itself per se. also as you pointed out, in all fairness, a large %-age is SAP broadcasts and admittedly, the people whom I inherited the network from didn't do squat to limit any kind of SAP traffic). If you pick a random switchport out of the 28000+ switchports on our network and do a sniffer capture, you'll find probably 75% of it is IPX related... and we use IP for probably 90% of our apps (and web/internet access). that's not acceptable. we cannot wait to get rid of IPX altogether (which will happen when our migration from Netware to 2000 is complete). I'm not a Microsoft zombie, by any means, and I won't even claim that Win2K and Active Directory is any better than Novell NDS, but getting rid of IPX is a godsend no matter if it means running Microslop Win2K that's how much we hate dealing with IPX =) Hopefully he didn't just buy into the BS that IPX is chatty (the same BS that you hear about AppleTalk. ;-) You want chatty, watch a Windows machine running NetBIOS and SMB boot! Sounds like sour grapes. LOL (just kidding =) Hey I've seen your website with you @ your I-SCHMAC laptop so it doesn't surprise me to see you defending AppleSquawk... =) Mike W. Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply
Re: ways to seperate IP and IPX traffic? [7:42855]
One more thing, if I can tag IP and IPX, how do I route between the 2 vlans if one is IP and the other IPX? Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... That's exactly what I was looking for, but can you tag IPX. I kept thinking that you could only tag IP. Now that I think of it, tagging is L2, so I could tag it, couldn't I? Chuck wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... in the old days of vlan switching, there was serious discussion of using vlans to separate traffic by protocol. set up ports 1,3 and 5 as IP and ports 2,4, and 6 as IPX. More importantly, put all those renegade AppleTalk users on their own VLAN so their traffic doesn't bother people with real work to do ( ;- ) I don't know if there is serious talk of this any more. Is this kinda what you had in mind? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What are some good ways to separate IP and IPX traffic on a LAN? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42906t=42855 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ways to seperate IP and IPX traffic? [7:42855]
what? Now you've compeltely lost me! do you want to tunnel ipx and route to various vlans? I mean... If you have ipx on 1 interface and ip on the other, and they are on the same vlan, then you're done. But they won't route between the two because they are two different protocols. If you want them on two separate vlans and want to route between them, then you're back to square 1 and you have to place ipx and ip on on interfaces. -Patrick Steven A. Ridder 04/30/02 01:20PM One more thing, if I can tag IP and IPX, how do I route between the 2 vlans if one is IP and the other IPX? Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... That's exactly what I was looking for, but can you tag IPX. I kept thinking that you could only tag IP. Now that I think of it, tagging is L2, so I could tag it, couldn't I? Chuck wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... in the old days of vlan switching, there was serious discussion of using vlans to separate traffic by protocol. set up ports 1,3 and 5 as IP and ports 2,4, and 6 as IPX. More importantly, put all those renegade AppleTalk users on their own VLAN so their traffic doesn't bother people with real work to do ( ;- ) I don't know if there is serious talk of this any more. Is this kinda what you had in mind? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What are some good ways to separate IP and IPX traffic on a LAN? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42910t=42855 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ways to seperate IP and IPX traffic? [7:42855]
Believe me, I've confused myself. What I have is a customer that has a mixed IP/IPX network. ALL machines are dual IP/IPX, so those two protocols will be on one switchport. He is going to add some servers to the network, but dosen't want IPX on that new network at all. And he only wants selective IP machines talking to the servers. What I think I'll do is just create 2 Vlans, 1 for the dual IP/IPX machines and 1 for the IP servers. If a dual IP/IPX machine wishes to speak to an IP server, they'll have to use IP and be routed over via a L3 device. I just want to make sure that the IPX traffic/babble dosen't leak onto the IP only network somehow just because they're on same switch. I think with VLANS, it will be solved, as broadcasts and other babble will never get there. But I just want to be sure. Is my solution the way to go? From: Patrick Ramsey To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: ways to seperate IP and IPX traffic? [7:42855] Date: Tue, 30 Apr 2002 13:49:36 -0400 MIME-Version: 1.0 Received: from [63.103.193.207] by hotmail.com (3.2) with ESMTP id MHotMailBE98247F0068400431E23F67C1CF05480; Tue, 30 Apr 2002 10:50:57 -0700 Received: from 192.168.250.16 by appsrvnt92 with SMTP (SMTP Relay (MMS v5.0)); Tue, 30 Apr 2002 13:56:47 -0400 Received: from WSC-Message_Server by wellstar.org with Novell_GroupWise; Tue, 30 Apr 2002 13:49:51 -0400 From [EMAIL PROTECTED] Tue, 30 Apr 2002 10:51:08 -0700 X-Server-Uuid: 8CD06C93-AB11-4E1C-95FC-A727A4B65BA7 Message-ID: X-Mailer: Novell GroupWise Internet Agent 5.5.6.1 X-WSS-ID: 10D0055528979-01-01 what? Now you've compeltely lost me! do you want to tunnel ipx and route to various vlans? I mean... If you have ipx on 1 interface and ip on the other, and they are on the same vlan, then you're done. But they won't route between the two because they are two different protocols. If you want them on two separate vlans and want to route between them, then you're back to square 1 and you have to place ipx and ip on on interfaces. -Patrick Steven A. Ridder 04/30/02 01:20PM One more thing, if I can tag IP and IPX, how do I route between the 2 vlans if one is IP and the other IPX? Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... That's exactly what I was looking for, but can you tag IPX. I kept thinking that you could only tag IP. Now that I think of it, tagging is L2, so I could tag it, couldn't I? Chuck wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... in the old days of vlan switching, there was serious discussion of using vlans to separate traffic by protocol. set up ports 1,3 and 5 as IP and ports 2,4, and 6 as IPX. More importantly, put all those renegade AppleTalk users on their own VLAN so their traffic doesn't bother people with real work to do ( ;- ) I don't know if there is serious talk of this any more. Is this kinda what you had in mind? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What are some good ways to separate IP and IPX traffic on a LAN? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. _ Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42911t=42855 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ways to seperate IP and IPX traffic? [7:42855]
At 01:50 PM 4/30/02, Patrick Ramsey wrote: what? Steven, what problem are you trying to solve?? Where are you trying to separate this traffic? I think we may need to see a logical topology of sorts. Also, I don't want to sound like a broken record, but I'm still wondering if you are trying to isolate IPX traffic rather than fixing the IPX network. Believe it or not, fixing it might be easier. In addition to the advice in other messages, here's one other thing to check for with IPX: A lot of implementations default to using all four frame types. I have seen both PCs and printers send broadcasts using Ethernet II, 802.3, 802.2, and SNAP! That's something to check for when trying to reduce IPX traffic. There's probably other things you can do too. Priscilla Now you've compeltely lost me! do you want to tunnel ipx and route to various vlans? I mean... If you have ipx on 1 interface and ip on the other, and they are on the same vlan, then you're done. But they won't route between the two because they are two different protocols. If you want them on two separate vlans and want to route between them, then you're back to square 1 and you have to place ipx and ip on on interfaces. -Patrick Steven A. Ridder 04/30/02 01:20PM One more thing, if I can tag IP and IPX, how do I route between the 2 vlans if one is IP and the other IPX? Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... That's exactly what I was looking for, but can you tag IPX. I kept thinking that you could only tag IP. Now that I think of it, tagging is L2, so I could tag it, couldn't I? Chuck wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... in the old days of vlan switching, there was serious discussion of using vlans to separate traffic by protocol. set up ports 1,3 and 5 as IP and ports 2,4, and 6 as IPX. More importantly, put all those renegade AppleTalk users on their own VLAN so their traffic doesn't bother people with real work to do ( ;- ) I don't know if there is serious talk of this any more. Is this kinda what you had in mind? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What are some good ways to separate IP and IPX traffic on a LAN? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42915t=42855 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ways to seperate IP and IPX traffic? [7:42855]
definately that is a sound solution... What I have here is this: novell network - ipx/ip nt network - ip unix network- ip various user networks - ipx/ip the novell tree can communicate on it's own vlan and not bother anyone else. The nt domain can communicate on it's on vlan and not bother anyone else. the unix network is obviously on a separate network just because there's no since in messing up a good thing... :) the few nt servers that handle nds for nt are actually on the novell vlan w/ ipx and ip bound. we then filter all saps that are not needed from remote sites and the novell vlan so they are not offered to the user vlans. -Patrick Steven Ridder 04/30/02 01:59PM Believe me, I've confused myself. What I have is a customer that has a mixed IP/IPX network. ALL machines are dual IP/IPX, so those two protocols will be on one switchport. He is going to add some servers to the network, but dosen't want IPX on that new network at all. And he only wants selective IP machines talking to the servers. What I think I'll do is just create 2 Vlans, 1 for the dual IP/IPX machines and 1 for the IP servers. If a dual IP/IPX machine wishes to speak to an IP server, they'll have to use IP and be routed over via a L3 device. I just want to make sure that the IPX traffic/babble dosen't leak onto the IP only network somehow just because they're on same switch. I think with VLANS, it will be solved, as broadcasts and other babble will never get there. But I just want to be sure. Is my solution the way to go? From: Patrick Ramsey To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: ways to seperate IP and IPX traffic? [7:42855] Date: Tue, 30 Apr 2002 13:49:36 -0400 MIME-Version: 1.0 Received: from [63.103.193.207] by hotmail.com (3.2) with ESMTP id MHotMailBE98247F0068400431E23F67C1CF05480; Tue, 30 Apr 2002 10:50:57 -0700 Received: from 192.168.250.16 by appsrvnt92 with SMTP (SMTP Relay (MMS v5.0)); Tue, 30 Apr 2002 13:56:47 -0400 Received: from WSC-Message_Server by wellstar.org with Novell_GroupWise; Tue, 30 Apr 2002 13:49:51 -0400 From [EMAIL PROTECTED] Tue, 30 Apr 2002 10:51:08 -0700 X-Server-Uuid: 8CD06C93-AB11-4E1C-95FC-A727A4B65BA7 Message-ID: X-Mailer: Novell GroupWise Internet Agent 5.5.6.1 X-WSS-ID: 10D0055528979-01-01 what? Now you've compeltely lost me! do you want to tunnel ipx and route to various vlans? I mean... If you have ipx on 1 interface and ip on the other, and they are on the same vlan, then you're done. But they won't route between the two because they are two different protocols. If you want them on two separate vlans and want to route between them, then you're back to square 1 and you have to place ipx and ip on on interfaces. -Patrick Steven A. Ridder 04/30/02 01:20PM One more thing, if I can tag IP and IPX, how do I route between the 2 vlans if one is IP and the other IPX? Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... That's exactly what I was looking for, but can you tag IPX. I kept thinking that you could only tag IP. Now that I think of it, tagging is L2, so I could tag it, couldn't I? Chuck wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... in the old days of vlan switching, there was serious discussion of using vlans to separate traffic by protocol. set up ports 1,3 and 5 as IP and ports 2,4, and 6 as IPX. More importantly, put all those renegade AppleTalk users on their own VLAN so their traffic doesn't bother people with real work to do ( ;- ) I don't know if there is serious talk of this any more. Is this kinda what you had in mind? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What are some good ways to separate IP and IPX traffic on a LAN? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Confidentiality Disclaimer Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/re
Re: ways to seperate IP and IPX traffic? [7:42855]
to add to Priscilla's comment; locking down frame types is absolutely a must! And remember if you have two frame types bound to any interface, in order to route, you must have both frame types on the router interface. Otherwise only the original frame type will get out. (which in some scenarios is done on purpose) And if you do have a reason to use multiple frame types, remember you double the saps and double the load on your router. Even if two devices are on the same layer 2 segment, they will not be able to communicate with one another without sending every packet to the router. (only to have it sent right back down the same pipe to the dest. device) -Patrick Priscilla Oppenheimer 04/30/02 02:57PM At 01:50 PM 4/30/02, Patrick Ramsey wrote: what? Steven, what problem are you trying to solve?? Where are you trying to separate this traffic? I think we may need to see a logical topology of sorts. Also, I don't want to sound like a broken record, but I'm still wondering if you are trying to isolate IPX traffic rather than fixing the IPX network. Believe it or not, fixing it might be easier. In addition to the advice in other messages, here's one other thing to check for with IPX: A lot of implementations default to using all four frame types. I have seen both PCs and printers send broadcasts using Ethernet II, 802.3, 802.2, and SNAP! That's something to check for when trying to reduce IPX traffic. There's probably other things you can do too. Priscilla Now you've compeltely lost me! do you want to tunnel ipx and route to various vlans? I mean... If you have ipx on 1 interface and ip on the other, and they are on the same vlan, then you're done. But they won't route between the two because they are two different protocols. If you want them on two separate vlans and want to route between them, then you're back to square 1 and you have to place ipx and ip on on interfaces. -Patrick Steven A. Ridder 04/30/02 01:20PM One more thing, if I can tag IP and IPX, how do I route between the 2 vlans if one is IP and the other IPX? Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... That's exactly what I was looking for, but can you tag IPX. I kept thinking that you could only tag IP. Now that I think of it, tagging is L2, so I could tag it, couldn't I? Chuck wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... in the old days of vlan switching, there was serious discussion of using vlans to separate traffic by protocol. set up ports 1,3 and 5 as IP and ports 2,4, and 6 as IPX. More importantly, put all those renegade AppleTalk users on their own VLAN so their traffic doesn't bother people with real work to do ( ;- ) I don't know if there is serious talk of this any more. Is this kinda what you had in mind? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What are some good ways to separate IP and IPX traffic on a LAN? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Priscilla Oppenheimer http://www.priscilla.com Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at:
RE: ways to seperate IP and IPX traffic? [7:42855]
That is exactly the way I would do it. In fact, it's probably the only way to accomplish your goal. One additional thing to consider is assisting your client with a migration to 100% IP. Netware has supported native IP (not IPX in IP) for some time now, and this is a logical next step. (though not a trivial one) Regards, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steven Ridder Sent: Tuesday, April 30, 2002 10:59 AM To: [EMAIL PROTECTED] Subject: Re: ways to seperate IP and IPX traffic? [7:42855] Believe me, I've confused myself. What I have is a customer that has a mixed IP/IPX network. ALL machines are dual IP/IPX, so those two protocols will be on one switchport. He is going to add some servers to the network, but dosen't want IPX on that new network at all. And he only wants selective IP machines talking to the servers. What I think I'll do is just create 2 Vlans, 1 for the dual IP/IPX machines and 1 for the IP servers. If a dual IP/IPX machine wishes to speak to an IP server, they'll have to use IP and be routed over via a L3 device. I just want to make sure that the IPX traffic/babble dosen't leak onto the IP only network somehow just because they're on same switch. I think with VLANS, it will be solved, as broadcasts and other babble will never get there. But I just want to be sure. Is my solution the way to go? From: Patrick Ramsey To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: ways to seperate IP and IPX traffic? [7:42855] Date: Tue, 30 Apr 2002 13:49:36 -0400 MIME-Version: 1.0 Received: from [63.103.193.207] by hotmail.com (3.2) with ESMTP id MHotMailBE98247F0068400431E23F67C1CF05480; Tue, 30 Apr 2002 10:50:57 -0700 Received: from 192.168.250.16 by appsrvnt92 with SMTP (SMTP Relay (MMS v5.0)); Tue, 30 Apr 2002 13:56:47 -0400 Received: from WSC-Message_Server by wellstar.org with Novell_GroupWise; Tue, 30 Apr 2002 13:49:51 -0400 From [EMAIL PROTECTED] Tue, 30 Apr 2002 10:51:08 -0700 X-Server-Uuid: 8CD06C93-AB11-4E1C-95FC-A727A4B65BA7 Message-ID: X-Mailer: Novell GroupWise Internet Agent 5.5.6.1 X-WSS-ID: 10D0055528979-01-01 what? Now you've compeltely lost me! do you want to tunnel ipx and route to various vlans? I mean... If you have ipx on 1 interface and ip on the other, and they are on the same vlan, then you're done. But they won't route between the two because they are two different protocols. If you want them on two separate vlans and want to route between them, then you're back to square 1 and you have to place ipx and ip on on interfaces. -Patrick Steven A. Ridder 04/30/02 01:20PM One more thing, if I can tag IP and IPX, how do I route between the 2 vlans if one is IP and the other IPX? Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... That's exactly what I was looking for, but can you tag IPX. I kept thinking that you could only tag IP. Now that I think of it, tagging is L2, so I could tag it, couldn't I? Chuck wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... in the old days of vlan switching, there was serious discussion of using vlans to separate traffic by protocol. set up ports 1,3 and 5 as IP and ports 2,4, and 6 as IPX. More importantly, put all those renegade AppleTalk users on their own VLAN so their traffic doesn't bother people with real work to do ( ;- ) I don't know if there is serious talk of this any more. Is this kinda what you had in mind? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What are some good ways to separate IP and IPX traffic on a LAN? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. _ Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42922t=42855 -- FAQ, list archives, and
Re: ways to seperate IP and IPX traffic? [7:42855]
How do you mean separate? You could use a router to separate the IP /IPX traffic (being that IP/IPX are Layer 3, only a layer 3 device would be able to separate them) =) Mike W. Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What are some good ways to separate IP and IPX traffic on a LAN? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42859t=42855 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ways to seperate IP and IPX traffic? [7:42855]
in the old days of vlan switching, there was serious discussion of using vlans to separate traffic by protocol. set up ports 1,3 and 5 as IP and ports 2,4, and 6 as IPX. More importantly, put all those renegade AppleTalk users on their own VLAN so their traffic doesn't bother people with real work to do ( ;- ) I don't know if there is serious talk of this any more. Is this kinda what you had in mind? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What are some good ways to separate IP and IPX traffic on a LAN? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42860t=42855 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ways to seperate IP and IPX traffic? [7:42855]
At 09:06 PM 4/29/02, Chuck wrote: in the old days of vlan switching, there was serious discussion of using vlans to separate traffic by protocol. set up ports 1,3 and 5 as IP and ports 2,4, and 6 as IPX. More importantly, put all those renegade AppleTalk users on their own VLAN so their traffic doesn't bother people with real work to do ( ;- ) AppleTalk traffic doesn't bother other people. AppleTalk devices don't broadcast; they multicast, and they don't do that very often. AppleTalk routers and servers don't ever broadcast (or multicast) service announcements like they do in an IPX environment. And the Chooser doesn't broadcast either. A Mac sends a unicast packet to a router when the user pulls up the Chooser. The router figures out which networks are in the zone and forwards the unicast. The recipient routers then multicast. And, no, this doesn't repeat forever at short intervals. Since Mac OX 7.0 (1989) the Mac has backed off on the unicasts it sends to start the process. You knew you would push one of my buttons, didn't you? ;-) As far as IPX traffic, it's not really that bad either, but the SAP broadcasts can get excessive. There are many ways to keep them contained, if that's what the poster had in mind. I think he better give us more info on what he's trying to accomplish. Hopefully he didn't just buy into the BS that IPX is chatty (the same BS that you hear about AppleTalk. ;-) You want chatty, watch a Windows machine running NetBIOS and SMB boot! Priscilla I don't know if there is serious talk of this any more. Is this kinda what you had in mind? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What are some good ways to separate IP and IPX traffic on a LAN? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42869t=42855 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ways to seperate IP and IPX traffic? [7:42855]
I guess you could do a setup like that However, anymore, virtually any device speaking IPX will also speak IP (i.e. all of our Novell servers run dual stacks IP and IPX as well as all PCs run both IPX and IP and all of our networked printers do both as well) kinda silly, but that's the way most places that run IPX are (they run both)... having said that, it would be nearly impossible (if not impossible) to separate the IP and IPX traffic without the use of a router since a Layer 2 switch would be useless to help do this. Does that sound right? Makes good sense to me, but right now I think anything would. I'm outta Cisco-land for tonght... gotta stop those dreams of troubleshooting frame and firewall problems geez Mike W. Chuck wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... in the old days of vlan switching, there was serious discussion of using vlans to separate traffic by protocol. set up ports 1,3 and 5 as IP and ports 2,4, and 6 as IPX. More importantly, put all those renegade AppleTalk users on their own VLAN so their traffic doesn't bother people with real work to do ( ;- ) I don't know if there is serious talk of this any more. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42871t=42855 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ways to seperate IP and IPX traffic? [7:42855]
Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... AppleTalk traffic doesn't bother other people. AppleTalk devices don't broadcast; they multicast, and they don't do that very often. AppleTalk routers and servers don't ever broadcast (or multicast) service announcements like they do in an IPX environment. And the Chooser doesn't broadcast either. A Mac sends a unicast packet to a router when the user pulls up the Chooser. The router figures out which networks are in the zone and forwards the unicast. The recipient routers then multicast. And, no, this doesn't repeat forever at short intervals. Since Mac OX 7.0 (1989) the Mac has backed off on the unicasts it sends to start the process. Okay...at the risk of facing the wrath of Priscilla, here goes. =) Just off the top of my head, why would multicasting be any better than broadcasting in fact, wouldn't that be worst as broadcasts (L2 or L3) are stopped at the router whereas multicast could traverse your entire network, even through routers...? You gotta give me this tho: AppleTalk picks a layer three address at random, then checks to see if it's in use and repeats until it finds one it can use. How lame is that? I was digging thru my CCNA notes from 2+ years ago and read a comment I wrote saying (about it choosing an L3 addr at random) imagine if that were used on the internet... it could take days/weeks to get an IP address.. =) You knew you would push one of my buttons, didn't you? ;-) As far as IPX traffic, it's not really that bad either, but the SAP broadcasts can get excessive. There are many ways to keep them contained, if that's what the poster had in mind. I think he better give us more info on what he's trying to accomplish. I have to disagree here... IPX traffic is horrible (admittedly due to Novell, not as a protocol itself per se. also as you pointed out, in all fairness, a large %-age is SAP broadcasts and admittedly, the people whom I inherited the network from didn't do squat to limit any kind of SAP traffic). If you pick a random switchport out of the 28000+ switchports on our network and do a sniffer capture, you'll find probably 75% of it is IPX related... and we use IP for probably 90% of our apps (and web/internet access). that's not acceptable. we cannot wait to get rid of IPX altogether (which will happen when our migration from Netware to 2000 is complete). I'm not a Microsoft zombie, by any means, and I won't even claim that Win2K and Active Directory is any better than Novell NDS, but getting rid of IPX is a godsend no matter if it means running Microslop Win2K that's how much we hate dealing with IPX =) Hopefully he didn't just buy into the BS that IPX is chatty (the same BS that you hear about AppleTalk. ;-) You want chatty, watch a Windows machine running NetBIOS and SMB boot! Sounds like sour grapes. LOL (just kidding =) Hey I've seen your website with you @ your I-SCHMAC laptop so it doesn't surprise me to see you defending AppleSquawk... =) Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42873t=42855 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]