You may be right about MIM being used as the "master" of the HECnet nodes,
even though DECnet phase IV has no such thing. Actually I didn't use MIM
because I notcied it ran RSX-11, not an o/s I'm familiar with. So I looked
at the node databases of the area routers and just included them.
The copy known nodes NCP command is powerful, it also allows you to mess up
a node database pretty fast!
With a little programming, the information in Datatrieve may be converted to
commands that may be run by NCP. A text file filled with commands like:
DEFINE NODE 63.3 NAME TEST3
The last command would then be set known nodes all (IIRC). Of course you
could remove all unwanted entries first.
-----Oorspronkelijk bericht-----
Van: owner-hecnet at Update.UU.SE [mailto:owner-hecnet at Update.UU.SE] Namens
Johnny Billquist
Verzonden: zaterdag, november 2011 12:48
Aan: hecnet at Update.UU.SE
Onderwerp: Re: [HECnet] Integrating with the Italian network.
On 2011-11-26 12.05, H Vlems wrote:
I agree with Johnny. The technical problems that are DECnet related, like
duplicate areas and duplicate nodenames are easily solved.
Possibly a lot of work, e.g. I had to move all my machines to another area
and it takes less than 5 minutes per system. Mandatory reboot included.
Incidentally, I documented the required procedures for several operating
systems (VMS, linux and Windows) and when appropriate for both phase IV
and
phase V.
So a couple of simple agreements is all that is necessary to merge the two
networks. "Ownership" of area 1 may possibly have ego involved though I
doubt that Johnny would care much.
Right. The biggest concern would perhaps be that MIM is used as (I
think) the most central repository of HECnet related information, and as
such, it might be a bit unfortunate to move around. But apart from that,
any area is as good as any other area. Moving means some work, but it is
not complicated.
What I've read about the "enhancements" to the bridge program is yet
another
matter. First off, it ain't called bridge for nothing: like any layer 2
bridge the program moves packets between ports and is transparent to both
the content of the datagrams and the functionality of the protocol.
Including DNS like functionality violates that rule.
I also wanted to keep the complexity and overhead down. Otherwise, yes,
you could change from UDP to TCP, include SSL, and certificates, to make
sure we keep it safe. But that would incur quite some costs both from an
administrative point of view, as well as lots more CPU resources to run
the bridge, and also more problems in porting it to other systems.
In my opinion, if anyone wants a central name repository for DECnet please
upgrade to DECnet phase V.
Well that, or else continue with the "voluntary" system we have in place
now. Which is that I keep a database on MIM, to which all can send in
registrations, and anyone can cope the nodename database from MIM to
their own machine to get the same view as MIM have.
The actual database I have on MIM is stored in Datatrieve, with some
additional information, and then the DECnet nodename database is created
from that Datatrieve source.
Which is my way of saying that I'm not too fond of this "enhancement"...
:-)
Johnny
Hans
-----Oorspronkelijk bericht-----
Van: owner-hecnet at Update.UU.SE [mailto:owner-hecnet at Update.UU.SE] Namens
Johnny Billquist
Verzonden: zaterdag, november 2011 11:36
Aan: hecnet at Update.UU.SE
Onderwerp: Re: [HECnet] Integrating with the Italian network.
On 2011-11-26 08.43, Angela Kahealani wrote:
On Sat, Nov 26, 2011 at 02:35:17AM -0500, Steve Davidson wrote:
Well here's three reasons:
1) they use DECnet area 1 thus area collision
Yes. That was an unfortunate decision of them.
2) they use some of the names we already use thus name space collision
That is not really a big issue. DECnet do not have a requirement for a
coherent nodename database. Every machine can have its own. I keep a
nodename database on MIM, which people are welcome to register in, for
us to be able to copy and keep a synched version, but anyone on HECnet
can really have their own different database if they want to.
3) and from what I remember, they are entirely dynamic DNS based and
thus had to make major changes to the bridge to even exist.
The changes they made work just fine, BTW...
Yes. That was one reason that I remember, now that you mention it.
-Steve
So, then do they not have a superior solution which could be adopted by
the existing HECNET?
Depends on your definition of "superior". They manage dynamic addresses,
at the cost of either exposing to name resolution hiccups, slowness,
name poisoning, and whatnot, or else a potential for security exposure
if they send, and accept traffic from random nodes in some time window.
The latter reasons are why I do not have such a thing in the bridge in
general. DECnet is not a very secure protocol. Passwords fly through it
in clear text. I am not fond of the possibility of that traffic going to
some random address in general, and even less fond of opening up the
virtual ethernet to any random place to inject traffic.
I'm happy to discuss and explain the problems if people want to, but I
seriously doubt I'll change my mind. I have given it much thought over
the years.
Johnny
On 2011-11-26 12.48, Johnny Billquist wrote:
On 2011-11-26 12.05, H Vlems wrote:
What I've read about the "enhancements" to the bridge program is yet
another
matter. First off, it ain't called bridge for nothing: like any layer 2
bridge the program moves packets between ports and is transparent to both
the content of the datagrams and the functionality of the protocol.
Including DNS like functionality violates that rule.
I also wanted to keep the complexity and overhead down. Otherwise, yes,
you could change from UDP to TCP, include SSL, and certificates, to make
sure we keep it safe. But that would incur quite some costs both from an
administrative point of view, as well as lots more CPU resources to run
the bridge, and also more problems in porting it to other systems.
To expand, perhaps, a little here.
If we switched to TCP, any change in IP addresses would be detected "immediately", since the TCP connection would be lost at an IP change.
At that point, the bridge would need to re-resolve the address, and try to establish a connection again. That would have to be repeated regularly until a connection comes up. Since this is very blocking, we'd have to change the bridge to be threaded, so that you have one thread per connection. And then queue packets inside the bridge, with throwing away when queues become to large, in order to prevent other connections from becoming affected.
In addition, this would affect the complexity of things like config reloads. Everything is, as usual, doable, but the work involved is not trivial. And then, of course, we have all the certificate issues, and all the code to deal with them.
And then, also, TCP can introduce unwanted network delays and burstiness. It really don't fit well with what the bridge do. It provides services not really needed.
And I really like simple solutions... :-)
Johnny
On 2011-11-26 12.05, H Vlems wrote:
I agree with Johnny. The technical problems that are DECnet related, like
duplicate areas and duplicate nodenames are easily solved.
Possibly a lot of work, e.g. I had to move all my machines to another area
and it takes less than 5 minutes per system. Mandatory reboot included.
Incidentally, I documented the required procedures for several operating
systems (VMS, linux and Windows) and when appropriate for both phase IV and
phase V.
So a couple of simple agreements is all that is necessary to merge the two
networks. "Ownership" of area 1 may possibly have ego involved though I
doubt that Johnny would care much.
Right. The biggest concern would perhaps be that MIM is used as (I think) the most central repository of HECnet related information, and as such, it might be a bit unfortunate to move around. But apart from that, any area is as good as any other area. Moving means some work, but it is not complicated.
What I've read about the "enhancements" to the bridge program is yet another
matter. First off, it ain't called bridge for nothing: like any layer 2
bridge the program moves packets between ports and is transparent to both
the content of the datagrams and the functionality of the protocol.
Including DNS like functionality violates that rule.
I also wanted to keep the complexity and overhead down. Otherwise, yes, you could change from UDP to TCP, include SSL, and certificates, to make sure we keep it safe. But that would incur quite some costs both from an administrative point of view, as well as lots more CPU resources to run the bridge, and also more problems in porting it to other systems.
In my opinion, if anyone wants a central name repository for DECnet please
upgrade to DECnet phase V.
Well that, or else continue with the "voluntary" system we have in place now. Which is that I keep a database on MIM, to which all can send in registrations, and anyone can cope the nodename database from MIM to their own machine to get the same view as MIM have.
The actual database I have on MIM is stored in Datatrieve, with some additional information, and then the DECnet nodename database is created from that Datatrieve source.
Which is my way of saying that I'm not too fond of this "enhancement"...
:-)
Johnny
Hans
-----Oorspronkelijk bericht-----
Van: owner-hecnet at Update.UU.SE [mailto:owner-hecnet at Update.UU.SE] Namens
Johnny Billquist
Verzonden: zaterdag, november 2011 11:36
Aan: hecnet at Update.UU.SE
Onderwerp: Re: [HECnet] Integrating with the Italian network.
On 2011-11-26 08.43, Angela Kahealani wrote:
On Sat, Nov 26, 2011 at 02:35:17AM -0500, Steve Davidson wrote:
Well here's three reasons:
1) they use DECnet area 1 thus area collision
Yes. That was an unfortunate decision of them.
2) they use some of the names we already use thus name space collision
That is not really a big issue. DECnet do not have a requirement for a
coherent nodename database. Every machine can have its own. I keep a
nodename database on MIM, which people are welcome to register in, for
us to be able to copy and keep a synched version, but anyone on HECnet
can really have their own different database if they want to.
3) and from what I remember, they are entirely dynamic DNS based and
thus had to make major changes to the bridge to even exist.
The changes they made work just fine, BTW...
Yes. That was one reason that I remember, now that you mention it.
-Steve
So, then do they not have a superior solution which could be adopted by
the existing HECNET?
Depends on your definition of "superior". They manage dynamic addresses,
at the cost of either exposing to name resolution hiccups, slowness,
name poisoning, and whatnot, or else a potential for security exposure
if they send, and accept traffic from random nodes in some time window.
The latter reasons are why I do not have such a thing in the bridge in
general. DECnet is not a very secure protocol. Passwords fly through it
in clear text. I am not fond of the possibility of that traffic going to
some random address in general, and even less fond of opening up the
virtual ethernet to any random place to inject traffic.
I'm happy to discuss and explain the problems if people want to, but I
seriously doubt I'll change my mind. I have given it much thought over
the years.
Johnny
I agree with Johnny. The technical problems that are DECnet related, like
duplicate areas and duplicate nodenames are easily solved.
Possibly a lot of work, e.g. I had to move all my machines to another area
and it takes less than 5 minutes per system. Mandatory reboot included.
Incidentally, I documented the required procedures for several operating
systems (VMS, linux and Windows) and when appropriate for both phase IV and
phase V.
So a couple of simple agreements is all that is necessary to merge the two
networks. "Ownership" of area 1 may possibly have ego involved though I
doubt that Johnny would care much.
What I've read about the "enhancements" to the bridge program is yet another
matter. First off, it ain't called bridge for nothing: like any layer 2
bridge the program moves packets between ports and is transparent to both
the content of the datagrams and the functionality of the protocol.
Including DNS like functionality violates that rule.
In my opinion, if anyone wants a central name repository for DECnet please
upgrade to DECnet phase V.
Which is my way of saying that I'm not too fond of this "enhancement"...
Hans
-----Oorspronkelijk bericht-----
Van: owner-hecnet at Update.UU.SE [mailto:owner-hecnet at Update.UU.SE] Namens
Johnny Billquist
Verzonden: zaterdag, november 2011 11:36
Aan: hecnet at Update.UU.SE
Onderwerp: Re: [HECnet] Integrating with the Italian network.
On 2011-11-26 08.43, Angela Kahealani wrote:
On Sat, Nov 26, 2011 at 02:35:17AM -0500, Steve Davidson wrote:
Well here's three reasons:
1) they use DECnet area 1 thus area collision
Yes. That was an unfortunate decision of them.
2) they use some of the names we already use thus name space collision
That is not really a big issue. DECnet do not have a requirement for a
coherent nodename database. Every machine can have its own. I keep a
nodename database on MIM, which people are welcome to register in, for
us to be able to copy and keep a synched version, but anyone on HECnet
can really have their own different database if they want to.
3) and from what I remember, they are entirely dynamic DNS based and
thus had to make major changes to the bridge to even exist.
The changes they made work just fine, BTW...
Yes. That was one reason that I remember, now that you mention it.
-Steve
So, then do they not have a superior solution which could be adopted by
the existing HECNET?
Depends on your definition of "superior". They manage dynamic addresses,
at the cost of either exposing to name resolution hiccups, slowness,
name poisoning, and whatnot, or else a potential for security exposure
if they send, and accept traffic from random nodes in some time window.
The latter reasons are why I do not have such a thing in the bridge in
general. DECnet is not a very secure protocol. Passwords fly through it
in clear text. I am not fond of the possibility of that traffic going to
some random address in general, and even less fond of opening up the
virtual ethernet to any random place to inject traffic.
I'm happy to discuss and explain the problems if people want to, but I
seriously doubt I'll change my mind. I have given it much thought over
the years.
Johnny
On 2011-11-26 08.43, Angela Kahealani wrote:
On Sat, Nov 26, 2011 at 02:35:17AM -0500, Steve Davidson wrote:
Well here's three reasons:
1) they use DECnet area 1 thus area collision
Yes. That was an unfortunate decision of them.
2) they use some of the names we already use thus name space collision
That is not really a big issue. DECnet do not have a requirement for a coherent nodename database. Every machine can have its own. I keep a nodename database on MIM, which people are welcome to register in, for us to be able to copy and keep a synched version, but anyone on HECnet can really have their own different database if they want to.
3) and from what I remember, they are entirely dynamic DNS based and
thus had to make major changes to the bridge to even exist.
The changes they made work just fine, BTW...
Yes. That was one reason that I remember, now that you mention it.
-Steve
So, then do they not have a superior solution which could be adopted by
the existing HECNET?
Depends on your definition of "superior". They manage dynamic addresses, at the cost of either exposing to name resolution hiccups, slowness, name poisoning, and whatnot, or else a potential for security exposure if they send, and accept traffic from random nodes in some time window.
The latter reasons are why I do not have such a thing in the bridge in general. DECnet is not a very secure protocol. Passwords fly through it in clear text. I am not fond of the possibility of that traffic going to some random address in general, and even less fond of opening up the virtual ethernet to any random place to inject traffic.
I'm happy to discuss and explain the problems if people want to, but I seriously doubt I'll change my mind. I have given it much thought over the years.
Johnny
On Sat, Nov 26, 2011 at 02:35:17AM -0500, Steve Davidson wrote:
Well here's three reasons:
1) they use DECnet area 1 thus area collision
2) they use some of the names we already use thus name space collision
3) and from what I remember, they are entirely dynamic DNS based and
thus had to make major changes to the bridge to even exist.
The changes they made work just fine, BTW...
-Steve
So, then do they not have a superior solution which could be adopted by
the existing HECNET?
--
Aloha, SL: Celeste Python; InWorldz: Celestial Angela; RL: Angela Kahealani
(I'll) Be Seeing You... All information and transactions are private between
the parties, and are non negotiable. All rights reserve without prejudice by
Angela Kahealani http://www.kahealani.com/kahealani/angela_kahealani.html
Well here's three reasons:
1) they use DECnet area 1 thus area collision
2) they use some of the names we already use thus name space collision
3) and from what I remember, they are entirely dynamic DNS based and
thus had to make major changes to the bridge to even exist.
The changes they made work just fine, BTW...
-Steve
-----Original Message-----
From: owner-hecnet at Update.UU.SE [mailto:owner-hecnet at Update.UU.SE] On
Behalf Of Johnny Billquist
Sent: Friday, November 25, 2011 9:25 PM
To: hecnet at Update.UU.SE
Subject: Re: [HECnet] Integrating with the Italian network.
On 2011-11-26 03.02, Sampsa Laine wrote:
I've been thinking that it's a bit silly to have two separate hobby
DECNETs, so I figured we should get connected to the Italian net as
well.
Any ideas?
Sure. They are welcome to join anytime. They know it. I've been talking
with them since before they came online, since they asked me for help as
well as permission to use by bridge program (which I think they've also
modified slightly).
Unless I remember wrong, one or two of them are also subscribed here.
I no longer remember the reason they didn't connect from the start, but
I'm pretty sure they had a reason.
Johnny
On 2011-11-26 03.02, Sampsa Laine wrote:
I've been thinking that it's a bit silly to have two separate hobby DECNETs, so I figured we should get connected to the Italian net as well.
Any ideas?
Sure. They are welcome to join anytime. They know it. I've been talking with them since before they came online, since they asked me for help as well as permission to use by bridge program (which I think they've also modified slightly).
Unless I remember wrong, one or two of them are also subscribed here.
I no longer remember the reason they didn't connect from the start, but I'm pretty sure they had a reason.
Johnny
I've been thinking that it's a bit silly to have two separate hobby DECNETs, so I figured we should get connected to the Italian net as well.
Any ideas?
Sampsa
On Tue, 22 Nov 2011, Saku Set l wrote:
Do the 90 and 90A have same PSU?
Nope, they have different part numbers on the power supply and they do not fit (and are not interchangeable). Trust me, I tried. :)
Fred
