*BSD News Article 41640


Return to BSD News archive

Xref: sserve comp.os.linux.development:22883 comp.os.386bsd.development:3081
Newsgroups: comp.os.linux.development,comp.os.386bsd.development
Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!bunyip.cc.uq.oz.au!munnari.oz.au!hpg30a.csc.cuhk.hk!news.hk.net!howland.reston.ans.net!news.sprintlink.net!cs.utexas.edu!news.cs.utah.edu!news.provo.novell.com!park.uvsc.edu!news
From: Terry Lambert <terry@cs.weber.edu>
Subject: Re: SAMBA and NETWARE mounting
Organization: Utah Valley State College, Orem, Utah
Date: Wed, 25 Jan 1995 18:39:03 GMT
Message-ID: <D2z554.K4F@park.uvsc.edu>
X-Nntp-Posting-Host: hecate.artisoft.com
References: <3eo2j1$l5o@uqcspe.cs.uq.oz.au> <D267uw.Grq@park.uvsc.edu> <D2JnoD.1DD@pe1chl.ampr.org> <D2KG6E.CMp@park.uvsc.edu> <D2LH48.3IF@pe1chl.ampr.org> <D2qACr.A46@park.uvsc.edu> <D2s16r.428@pe1chl.ampr.org> <D2vrE0.D8M@park.uvsc.edu> <D2x440.1J1@pe1chl.ampr.org>
Sender: news@park.uvsc.edu (System Account)
Lines: 86

rob@pe1chl.ampr.org (Rob Janssen) wrote:
]
] In <D2vrE0.D8M@park.uvsc.edu> Terry Lambert <terry@cs.weber.edu> writes:
] >The MAIN advantage of IP is universality.
] >
] >The MAIN advantage of IPX is "well, we already bought into it".
] 
] Here you are just proving my point.  You are quoting an advantage of
] IP, and for IPX you quote something that could just as well be called
] a disadvantage.
] Why can't you just approach the issue from a neutral standpoint?

OK, neutrally speaking, what would you point to as the main
advantage of IPX?

Please be sure to include NetWare/IP (NCP over IP instead of IPX)
in your analysis before you answer.


] Say, you want a network filesystem for your department, and it needs
] to serve a number of DOS/Windows and similar workstations.  It needs
] some security (not against sniffers, but against accessing confidential
] data at will), and it should perform reasonably well.  Some memory
] should be left in the PC after it has been loaded.

Stuff and nonsense!  NCP is a protocol that HAPPENS to be on top of
IPX, and NFS is a protocol that HAPPENS to be on IP, and the point
of view you are defending relies LARGELY on a circumstantial
relationship between the file sharing protocols and the transport
protocols they happen to be using.  This is *NOT* a causal
relationship, and you should quit portraying it as such.

You want a technical attack on IPX?  OK, how about the lack of
packet checksums?  How about the misimplementation of the 802.3
protocol encapsulation header?

That the NCP implementation you have runs over IPX is not a
supporting argument for IPX, unless you are taking me up on the
definition of IPX as a legacy system.

] Also, there is a MODEM pool which is to be accessed from the PCs, and
] of course there are some printers.

Much of the NetWare print model is a joke.  The lpr protocol at
least does not use timeouts to indicate end-of-job!

Any idiot with half a brain can (and has) implemented an INT 14
redirector as a client of a modem pool server; the line protocol
used between the redirector and the modem pool server is the issue
in this configuration, and the transport protocol is irrelevent.

The first one of these I ever wrote was in 1987, and I'm not idiot
enought to believe I was the first.

] Access to other applications via the network is nice, but not the primary
] reason for deploying the network.
] 
] What are you going to select?  NFS clients on a UNIX server???  Come on...

How about NCP clients over an IP transport to NetWare for UNIX?

That buys me both the ability to throw away all of the IPX issues
and concentrate on a single network transport protocol framework.

Admittedly the self-tunneled IPX in the NetWare/IP product is a
kludge, but it's less of a kludge than replacing all of the Cisco
and Kalpana boxes on the planet with Novell Servers running the
multiprotocol router NLM.

This assumes that you are willing to make the latency trade off
inherent in NCP's request/response architecture for your security
issues, which boil down to you either improperly firewalling your
network or you allowing untrustworthy individuals inside your
secure zone.  Both of these are administrative failures.

Oh, apparently you are also unaware of key-based NFS authentication
and the concept of leases, both of which are available in Sun's NFS
implementation -- they simply have to be enabled by a knowledgable
administrator.

                                        Terry Lambert
                                        terry@cs.weber.edu
---
Any opinions in this posting are my own and not those of my present
or previous employers.