NOVELL TECHNICAL INFORMATION DOCUMENT TITLE: DSFILTER.NLM and PINGFILT.NLM README FOR: DSFLT1.EXE NOVELL PRODUCTS and VERSIONS: NLMs 4.1 ABSTRACT: This file contains two NLMs that are designed to allow network administrators the flexibility to configure how often NDS communicates between servers. This allows DS communication to be configured for "Call-on-Demand" links, only allowing DS communication to bring the links up when necessary. These NLM work with NetWare 4.1x only. ----------------------------------------------------------------- DISCLAIMER THE ORIGIN OF THIS INFORMATION MAY BE INTERNAL OR EXTERNAL TO NOVELL. NOVELL MAKES EVERY EFFORT WITHIN ITS MEANS TO VERIFY THIS INFORMATION. HOWEVER, THE INFORMATION PROVIDED IN THIS DOCUMENT IS FOR YOUR INFORMATION ONLY. NOVELL MAKES NO EXPLICIT OR IMPLIED CLAIMS TO THE VALIDITY OF THIS INFORMATION. ----------------------------------------------------------------- ISSUE: BACKGROUND ========== Telephone lines are relatively inexpensive in the U.S., and wide area networks tend to be linked by dedicated leased lines. In other countries dedicated lines are prohibitively expensive, and ISDN or X.25 lines which use "Call-on-Demand" links are more common. Such Call-on-Demand links remain cost-effective by establishing network connections only when necessary. Administrators reduce costs by paying for connection time only when they need it. Two functions of NetWare 4 can cause excessive traffic across Call-on-Demand links and trigger frequent non-essential connections: NetWare Directory Services and the TIMESYNC NLM (NetWare Loadable Module). While NetWare Directory Services does not send large packets over networks, it sends them often (e.g. every user login triggers a change to the local directory services database and any replicas of that database across the network). In a small network or one connected with dedicated links, this light chatter is insignificant and unnoticed. However, in a network with a Call-on-Demand link, frequent NDS packets cause the link to open too often or remain continuously open resulting in high connection costs. The TIMESYNC.NLM allows the NetWare 4 server to compare, and when appropriate, alter its time signature relative to other servers in the network. This is essential to confirm that the distributed Directory Services database remains accurate. This utility solves the problem by allowing the administrator to configure the frequency and times of NDS packet delivery. NOTE: SAP And RIP Traffic ========================= Though not directly related to NetWare 4, NDS, or TIMESYNC, excessive SAP (Service Advertising Protocol) and RIP (Routing Information Protocol) traffic over a Call-on-Demand link can also cause the link to remain continuously active. This problem can be mitigated through good network design and by configuring the NetWare MultiProtocol Router for ISDN to restrict SAP and RIP traffic across WAN links. For more information, consult the NetWare MultiProtocol Router documentation. This does not filter Auditing traffic. FIXES AND OTHER KNOWN ISSUES =================== 1. PINGFILT.NLM v1.02 now works correctly with DS.NLM versions 5.0x 2. If the DS.NLM is unloaded before the PINGFILT.NLM is unloaded the server will abend. Self-Extracting File Name: dsflt1.exe Files Included Size Date Time ..\ DSFLT1.TXT (This file) DSFILTER.NLM 11320 10-19-95 1:13:44 am DSFLT1.TXT 6492 11-5-96 7:36:04 pm FILTREAD.TXT 4817 11-5-96 5:29:26 pm PINGFILT.NLM 9378 7-15-96 4:07:10 pm Installation Instructions: THE UTILITY =========== This utility is comprised of two NLMs: PINGFILT.NLM 7/15/96 09:07 9,378 DSFILTER.NLM 10/18/95 08:13 11,320 PINGFILT.NLM filters the bulk of NDS packets to prevent unnecessary traffic according to time restrictions established by the network administrator. Note: PINGFILT permits essential NDS packets to pass through the Call-on-Demand link regardless of restrictions imposed by the administrator. DSFILTER.NLM provides the network administrator with an interface to configure the times and frequency of NDS packet delivery. The utility is similar in design and function to the user Default Time Restrictions interface found in the NetWare 3 SYSCON utility and the NetWare 4 NWADMIN tool. INSTALLATION 1. Copy PINGFILT.NLM and DSFILTER.NLM to the server's SYSTEM directory. Confirm that version numbers and dates match this documentation. 2. At the system console, type LOAD DSFILTER 3. The DSFilter Utility will appear on the console. Choose "Filter Pass Through Times." At the filter screen, use "_" and "X" to designate times when NetWare Directory Services packets should be filtered (i.e. restricted from passing through On Demand links). Press to save the configuration. 4. Choose "List Filter Addresses" from the DSFilter Utility screen. Press to choose the server(s) that you want the time filter to apply to. The utility automatically provides the network address associated with the server. Each filter address uses about 230 bytes of server memory. By default, the DSFilter Utility restricts NDS packet delivery only to those servers specifically designated by the administrator. If you do not identify a server as a filtered address, NDS packets will be delivered without any time restriction. Note: Connection time restrictions for each server identified as a Filtered Address are set by a single .DAT file. You cannot set separate time restrictions for different servers. 5. Press and choose "Yes" to save the filter list. 6. Press and choose "Yes" to exit the DSFilter utility. 7. Type LOAD PINGFILT Note: PINGFILT will not load unless the DSFILTER.DAT file has been created in the System subdirectory. Create the file manually or by running the DSFILTER utility. 8. Unload DSFilter. ----------------------------------------------------------------- Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information. -----------------------------------------------------------------