Return to BSD News archive
Xref: sserve comp.os.linux.development:22939 comp.os.386bsd.development:3098 Newsgroups: comp.os.linux.development,comp.os.386bsd.development Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!bunyip.cc.uq.oz.au!munnari.oz.au!spool.mu.edu!howland.reston.ans.net!news.sprintlink.net!EU.net!sun4nl!rnzll3!sys3.pe1chl!rob From: rob@pe1chl.ampr.org (Rob Janssen) Subject: Re: SAMBA and NETWARE mounting Reply-To: pe1chl@wab-tis.rabobank.nl Organization: PE1CHL Message-ID: <D351G6.2qo@pe1chl.ampr.org> References: <3eo2j1$l5o@uqcspe.cs.uq.oz.au> <D267uw.Grq@park.uvsc.edu> <D2JnoD.1DD@pe1chl.ampr.org> <D2KG6E.CMp@park.uvsc.edu> <D2LH48.3IF@pe1chl.ampr.org> <D2qACr.A46@park.uvsc.edu> <D2s16r.428@pe1chl.ampr.org> <D2vrE0.D8M@park.uvsc.edu> <D2x440.1J1@pe1chl.ampr.org> <D2z554.K4F@park.uvsc.edu> Date: Sat, 28 Jan 1995 23:04:53 GMT Lines: 113 In <D2z554.K4F@park.uvsc.edu> Terry Lambert <terry@cs.weber.edu> writes: >OK, neutrally speaking, what would you point to as the main >advantage of IPX? As others have also written in the meantime: large addressing space, easy configuration, small size in memory. >Please be sure to include NetWare/IP (NCP over IP instead of IPX) >in your analysis before you answer. Why? It is not an established product, costs a lot. >] Say, you want a network filesystem for your department, and it needs >] to serve a number of DOS/Windows and similar workstations. It needs >] some security (not against sniffers, but against accessing confidential >] data at will), and it should perform reasonably well. Some memory >] should be left in the PC after it has been loaded. >Stuff and nonsense! NCP is a protocol that HAPPENS to be on top of >IPX, and NFS is a protocol that HAPPENS to be on IP, and the point >of view you are defending relies LARGELY on a circumstantial >relationship between the file sharing protocols and the transport >protocols they happen to be using. This is *NOT* a causal >relationship, and you should quit portraying it as such. That is only a purely theoretical argument, which is worth very little in the real world. My main point in this discussion is "people select Netware because it has the facilities they need and IP-based products don't". >You want a technical attack on IPX? OK, how about the lack of >packet checksums? How about the misimplementation of the 802.3 >protocol encapsulation header? Packet checksums are an option in IPX. You are not forced to use 802.3 (we use Ethernet-II here and it works fine) >That the NCP implementation you have runs over IPX is not a >supporting argument for IPX, unless you are taking me up on the >definition of IPX as a legacy system. >] Also, there is a MODEM pool which is to be accessed from the PCs, and >] of course there are some printers. >Much of the NetWare print model is a joke. The lpr protocol at >least does not use timeouts to indicate end-of-job! >Any idiot with half a brain can (and has) implemented an INT 14 >redirector as a client of a modem pool server; the line protocol >used between the redirector and the modem pool server is the issue >in this configuration, and the transport protocol is irrelevent. >The first one of these I ever wrote was in 1987, and I'm not idiot >enought to believe I was the first. On all these points the answer is the same: what the customer needs is something that works out of the box, not something you ever wrote in 1987 and stuck in the closet. The underlying technical details are less important than the availability and support. This is how companies like Novell and Microsoft have taken the market while the UNIX people and IP technicians were sleeping. >] Access to other applications via the network is nice, but not the primary >] reason for deploying the network. >] >] What are you going to select? NFS clients on a UNIX server??? Come on... >How about NCP clients over an IP transport to NetWare for UNIX? >That buys me both the ability to throw away all of the IPX issues >and concentrate on a single network transport protocol framework. But it is slower and requires more memory. It also is less stable. >Admittedly the self-tunneled IPX in the NetWare/IP product is a >kludge, but it's less of a kludge than replacing all of the Cisco >and Kalpana boxes on the planet with Novell Servers running the >multiprotocol router NLM. That is not required, cisco routers route IPX or you can tunnel it in IP at the servers. >This assumes that you are willing to make the latency trade off >inherent in NCP's request/response architecture for your security >issues, PC implementations of NFS (or SMB for that matter) are not better than that. >which boil down to you either improperly firewalling your >network or you allowing untrustworthy individuals inside your >secure zone. Both of these are administrative failures. As I explained, I am not referring to security on the local network. Compare the filesystem access rights of a Netware server with that of a UNIX system (usually used as an NFS server), and your eyes will open. Having only owner/group/world read/write/execute permissions is kind of limited. >Oh, apparently you are also unaware of key-based NFS authentication >and the concept of leases, both of which are available in Sun's NFS >implementation -- they simply have to be enabled by a knowledgable >administrator. We have no SUN. We have PCs running DOS/Windows and file servers. Rob -- +------------------------------------+--------------------------------------+ | Rob Janssen rob@knoware.nl | AMPRnet: rob@pe1chl.ampr.org | | e-mail: pe1chl@wab-tis.rabobank.nl | AX.25 BBS: PE1CHL@PI8UTR.#UTR.NLD.EU | +------------------------------------+--------------------------------------+