Newsgroups: comp.dcom.sys.cisco
Path: utzoo!utgpu!cunews!bnrgate!bwdls61!bwdls56!fortinp
From: fortinp@bwdls56.bnr.ca (Pierre Fortin)
Subject: Re: Wide Area ApplTalk
Message-ID: <1991Mar3.235147.6931@bwdls61.bnr.ca>
Sender: usenet@bwdls61.bnr.ca (Use Net)
Organization: Bell-Northern Research, Ottawa, Canada
References: <32816@boulder.Colorado.EDU>
Date: Sun, 3 Mar 1991 23:51:47 GMT

In article <32816@boulder.Colorado.EDU>, strick@SLCS.SLB.COM writes:
> 
>   We have an existing world network supporting DECnet and IP.  Many of
>   our sites have local AppleTalk networks as well.  We are ready to 
>   start connecting these AppleTalk LAN's to support a wide area network
>   of AppleTalk.
> 
>   I'd like to hear from others who have done this.
> 
>     1. What are the methods you use for Wide Area AppleTalk?

We use cisco's ATP1 implementation.

>     2. Do you have a scheme for AppleTalk net numbers?

Yes, ALL must be unique!  So we centrally control these.  We have also
specified recommended naming conventions for the zones (remember the Chooser).

>     3. What services are supported on the WAN?
>        Timbuktu, AppleShare, Printing, Public Folder, X-Windows?

All, though I'm not absolutely certain about Timbuktu (Ben??)

>     4. How do you address security?

User education. We also provide the network applications preconfigured to
turn off server functions (disallow incoming ftp on the telnets, etc.)
 
      5. Would you do it again? (4. was the last of the original questions :^)

NO WAY!  With the advent of MacTCP, HyperFTP, etc., I'd tell the users to 
use TCP/IP protocols only.  We are weaning (winning :^) some of our users
over to HyperFTP using a UNIX box as a meeting point; just HyperFTP a file
from a Mac to a UNIX machine in MacBinary format, then HyperFTP get it at 
another Mac and Voila! a double-clickable file.  Another approach which we
have in "user trial" mode is IPT's uShare: definitely not for the faint of
heart...

      6. Are the users really using the WAN?

Not sure, but I'd sure as heck like to know.  Oh, they're using AppleShare
alright, but I'd be surprised if they are printing over the WAN (better to
get the file and print locally...)

      7. What ATalk routers do you have on your AT internet?

ONLY cisco and KFP4s running K-Star.  If you don't want to turn grey (not
to mention hot shades of red :^), get rid of all other types.  Our goal is 
to migrate all our Macs onto Ethernet and do away with as many KFPs as 
possible.  Ben Schmidt (next office) is more tolerant of ATalk than I am;
but it kills me to see the grief he's gone through to get ATalk to work just
within BNR (about 3000 devices on three continents in 200+ nets/zones).  Now,
there are some in our parent company who want hook their Macs into our Apple
internet.  We have successfully resisted this to date.

      8. How big an AT internet can you build?

That's an easy one:  it must *NEVER* have a diameter (in *any* direction)
which will exceed AT's 15 hop limit.  Remember:  a Mac on LocalTalk to a KFP
on Ethernet to a cisco, over a serial link, another cisco, ethernet to another
KFP to another Mac results in a network diameter of **FIVE** nets... and the 
limit is 15...!

      9. Will Ben ever write a book on this?  

He's certainly got enough material on the subject... :^)  :^)

And now a question for you, Don...
 
It's a quarter to AppeTalk, do *you* know where all your ATalk routers are...?
 :^)  :^)  (quarter is a measurement of time...)

Seriously, the first thing you want to do is have (in great gory detail):
  - a list of *ALL* ATalk routers on the LANs of interest
  - a list of *ALL* ATalk net numbers on these LANs
  - a list of *ALL* the zone names for these nets
  - a list of *ALL* the users who have dial-up devices on your LANs
  - a list of (well you should be getting the idea...)
 
Next, map out how you want to handle the nets/zones
 i.e., will you define all of these, or define ranges, or naming/numbering
       conventions, let the users pick and choose...

The cisco hardware should be at MCI-1.7, SCI-1.1 microcode levels.

The firmware should be the *latest* available from cisco at the time you are
ready to begin.

> 
> Don W Strickland                    Internet:   strick@slcs.slb.com
> Schlumberger Laboratory             Compuserve: 70531,2666
> for Computer Science                Connect:    strick
> Austin, TX, USA                     AppleLink:  N1090

...and lastly, Good Luck, you'll need it...  :^)

Cheers,
Pierre

Cheers,                      
Pierre Fortin       fortinp@bnr.ca         (613)763-2598
