On Mon, Mar 31, 2008 at 3:04 AM, Johnny Billquist <bqt at softjar.se> wrote:
Zane H. Healy wrote:
At 7:02 PM -0700 3/30/08, Bob Armstrong wrote:
Would it also solve his Firewall problem, if he's the one initiating
the connection?
I don't think so - he'll still have to configure his router to accept
incoming UDP packets on port 700 and forward them to his VAX.
Ugh, you're right, I forgot what a nightmare that was with my Firewall.
If it were to use TCP, things would be a lot easier in this regard.
However, with UDP, you need to set things up more explicitly, since the
incoming and outgoing traffic isn't really related from the UDP protocol
point of view. UDP don't have the concept of a connection.
Johnny
Ok, I guess it would be best to use the bridge program. I should be
able to get a port forwarded to my laptop; I'll have to look a little
deeper to see what I need to do to get the laptop to re-forward that
port on to the Alpha (should just be an iptables command, I hope,
which I could add to the current gateway setup script).
Johnny, since nobody else has offerred to be the other end of my
tunnel, I guess I'll be making the hop to Uppsala.
John
--
Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn
Bob Armstrong wrote:
It could be more complicated than that... here's my setup, tell me
what you think:
[Internet]----[router]~~~wireless~~~[laptop]-----[Alpha and VAX]
You'll have to get all those gateways to pass packets on port 700, for sure. I don't think Johnny's program will be any different, though, except for the port number. I could be wrong, though.
Nope. You're absolutely right.
Johnny
Zane H. Healy wrote:
At 7:02 PM -0700 3/30/08, Bob Armstrong wrote:
>Would it also solve his Firewall problem, if he's the one initiating
the connection?
I don't think so - he'll still have to configure his router to accept
incoming UDP packets on port 700 and forward them to his VAX.
Ugh, you're right, I forgot what a nightmare that was with my Firewall.
If it were to use TCP, things would be a lot easier in this regard. However, with UDP, you need to set things up more explicitly, since the incoming and outgoing traffic isn't really related from the UDP protocol point of view. UDP don't have the concept of a connection.
Johnny
John Floren wrote:
On 3/30/08, Bob Armstrong <bob at jfcl.com> wrote:
Would it also solve his Firewall problem, if he's the one initiating
>the connection?
I don't think so - he'll still have to configure his router to accept
incoming UDP packets on port 700 and forward them to his VAX.
Bob
It could be more complicated than that... here's my setup, tell me
what you think:
[Internet]----[router]~~~wireless~~~[laptop]-----[Alpha and VAX]
There's a wireless router downstairs connected to the Internet. My
laptop has a wireless card and is configured to act as a gateway for
the wired LAN in my room, to which the laptop, the Alpha, and the VAX
are all connected.
I don't see any problems with that. In fact, what is beyond your laptop is rather irrelevant. As long as your laptop acts like a router, it isolates your local network from whatever might be used outside.
All that is needed is for packets from the Internet to be able to reach your laptop, which means that either your laptop must have an IP address which is public, or your router must do NAT, and be able to forward packets addressed to a specific UDP port on towards your laptop.
This is for bridges outside to be able to send packets to you. Of course, you will also send packets to them, but most firewalls and routers don't have a problem with allowing and handling outgoing traffic by default.
Johnny
Bob Armstrong wrote:
I am willing to switch to Multinet, I'd just like to know why I
should.
Well, it can do the DECnet over IP tunneling without any additional machines or software.
Using DECnet over TCP/IP instead of my bridge also reduces the bandwith you need.
DECnet isn't extremely bandwith hungry, but doing a bridge means that all broadcasts from all nodes needs to get everywhere. And as the bridged net (and machines on that net) grows, so does the broadcasts...
And all direct traffic between nodes at this moment passes though the same needle eye, which is my bridge, since noone else is acting as a relay between segments...
There probably is an upper limit to what is realistic to bridge together. After that we need to split the bridging up into two (or more) separate ethernet segments.
Johnny
John Floren wrote:
On 3/30/08, Bob Armstrong <bob at jfcl.com> wrote:
Wouldn't it be best to have someone geographically closer for reasons of latency?
I don't think it really matters much anymore and besides, it's not as if HECnet is a high bandwidth application :-)
>I'll be using Johnny's tunnel program.
Then I think you're going to have to connect to his server, regardless of geography.
Ok, then I guess I may end up using one of Johnny's machines after all.
I don't have a big problem with that. It's just a latency issue (as you noted elsewhere).
> open ports on the LAN, something I can't easily do.
AFAIK, you'll have to open ports in either case. Multinet uses UDP port 700; I don't know about Johnny's program.
If it's an outbound port, there's no problem; we're talking about your
typical Linksys wireless router sitting on a cable modem. If I need to
open an inbound port, which wouldn't surprise me, I'll talk to the
landlady... she'll probably approve, she knows I work in computing and
for some reason that makes people assume I know what I'm doing ;)
:-)
Yes, you need to open up, and forward packets to/from a specific UDP port through your firewall. Not that magical...
>LOKI:: Alphastation 250 4/266 running OpenVMS 8.3
>FAFNIR:: VAXstation 4000-60 running OpenVMS 7.3
Do you already have TCP/IP on either of these machines? What/which one are you using?
I have UCX on both of them; I use LOKI by far the most.
Quick question--LOKI already has DECnet-Plus installed, that will work
for HECnet, right? As I understand it, DECnet-Plus is backwards
compatible with Phase IV?
It should work fine. I have backed down to plain DECnet on my VMS machines, since DECnet+ just confuse me anyway. Plain DECnet just seems easier to work with. :-)
Johnny
Bob Armstrong skrev:
Wouldn't it be best to have someone geographically closer for reasons of latency?
I don't think it really matters much anymore and besides, it's not as if HECnet is a high bandwidth application :-)
It matters a little, but it's not critical.
I'll be using Johnny's tunnel program.
Then I think you're going to have to connect to his server, regardless of geography.
No, it works fine with any number of "chained" bridges. But I haven't implemented STP, so no loops, please. :-)
open ports on the LAN, something I can't easily do.
AFAIK, you'll have to open ports in either case. Multinet uses UDP port 700; I don't know about Johnny's program.
You'll have to open a port, yes. For the bridge program, it's selectable which port.
Johnny
--
Johnny Billquist || "I'm on a bus
|| on a psychedelic trip
email: bqt at update.uu.se || Reading murder books
pdp is alive! || tryin' to stay hip" - B. Idol
Bob Armstrong skrev:
Johnny Billquist wrote:
Obviously I can, but there might be people a bit closer than Uppsala, Sweden. :-)
John Floren skrev:
Hi everyone
I'm located in the San Francisco, CA area and would like to add my VMS
node to HECnet. I'm looking for someone relatively close that would be
willing to bridge DECnet to me and help walk me through setting up the
configuration on my end.
Thanks
I don't think it matters so much where anybody lives, unless you need some "hands on" help of some kind.
Depend on what you mean by "matters". Sure, in a way it will work the same no matter where we are physically located, but on the other hand, especially with my bridge program, it makes some sense to have a connection to someone who topologically isn't too far away, since it introduces time lags.
So I suggested John should ask if there was someone a bit closer than me that he could connect to. And this is with my bridge program.
Johnny
--
Johnny Billquist || "I'm on a bus
|| on a psychedelic trip
email: bqt at update.uu.se || Reading murder books
pdp is alive! || tryin' to stay hip" - B. Idol
On 3/31/08, Brett Bump <bbump at rsts.org> wrote:
[snip]
Also noticed when it came up all the licenses had expired. What do I need
to do to get the hobby licenses from HP when I get 8.3 running? Thanks.
Brett
You can get hobby licences for the Alpha the same way you do for the
VAX, http://www.openvmshobbyist.com/licenses.php
You'll need some sort of DECUS/Encompass membership, but basic
Encompass membership is free so that's not a problem.
John
--
Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn
On Sun, 30 Mar 2008, Bob Armstrong wrote:
It could be more complicated than that... here's my setup, tell me
what you think:
[Internet]----[router]~~~wireless~~~[laptop]-----[Alpha and VAX]
You'll have to get all those gateways to pass packets on port 700, for
sure. I don't think Johnny's program will be any different, though,
except for the port number. I could be wrong, though.
Bob
The networking isn't that hard, but I don't know if I would trust a laptop
over wireless to handle your traffic. Most of the Linksys wireless setups
also have a 4 line switch that you could plug a cat5 hardline into. I'm
not sure if I understand correctly that he is using a router AND a Linksys
or if he is just using the Linksys as his connection to the internet. I'm
currently using both in my home network and just set the Linksys to router
(instead of gateway) so that I only have to setup the reverse NAT forwards
on my firewall. This works perfectly for my interior network as well as
the IRLP node that I setup for my brother.
Sorry Bob, I still am missing a SCSI cdrom drive (should never toss those)
to get VMS 8.3 installed on my AlphaStations or I would probably be online
already (have the cd, just not the time). It's been a very long time for
me since sitting behind VMS 4.6, I'm sure the help I'll need is the basics
instead of getting on HECnet. I found an old MicroVax 3100 at school, got
it running (it's running VMS 5.4), but for the life of me, I can't think
of what I need to do to add entries into the UAF for new users.
Also noticed when it came up all the licenses had expired. What do I need
to do to get the hobby licenses from HP when I get 8.3 running? Thanks.
Brett
