[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference netcad::hub_mgnt

Title:	DEChub/HUBwatch/PROBEwatch CONFERENCE
Notice:	Firmware -2, Doc -3, Power -4, HW kits -5, firm load -6&7
Moderator:	NETCAD::COLELLADT

Created:	Wed Nov 13 1991
Last Modified:	Fri Jun 06 1997
Last Successful Update:	Fri Jun 06 1997
Number of topics:	4455
Total number of notes:	16761

1085.0. "DECbridge 900MX Filter question" by HGRNCC::FARADAYCHONG (Faraday Chong@hgo 852-8053590) Wed Jun 08 1994 08:53

***Cross posted to HUB_MGNT and DECNIS notes conference***

A major national account wants to implement the following capbility
in their mission critical network.

This diagram shows a test network they want to setup for pilot now.

       Host#3  Host#4
         |       |
o--+-----+-------+-----+--o LAN#1
   |                   |
   | o-+-----------+-o |
   |2  |3   LAN#2  |2  |3
 +-+---+-+       +-+---+-+
 |brouter|       |brouter|
 |  #1   |       |  #2   |
 +--+----+       +--+----+
    |1              |1
 o--++--O LAN#3  o--++--o LAN#4
     |               |
   Host#1          Host#2

Their objectives are:

(1) All network connections shown in the diagram (ie LAN#1 thru LAN#4)
are Ethernet

(2) Host#1 talks to Host#3 and Host#4 using DECnet Phase IV protocol and
a home-grown data link protocol (a registered Ethernet protocol), traffic
path allowed is Host#1 to LAN#3, via brouter#1(port#1 and port#2) to LAN#1,
no packets are allowed on LAN#2. Similarly, Host#2 to LAN#4, thru brouter#2
(port#1 and port#2) to LAN#1, again no traffic allowed on LAN#2.

(3) Host#1 and Host#2 can talk to each other via LAN#2, and can only speak
IP, no other protocols are allowed on LAN#2.

The rationale behind these requirements are complicated and therefore
not described.

Today this can be implemented using Cisco or Wellfleet brouters with
packet filtering. Our DEClanrouter 900xx under development should be
capable, but it's still a few months out. The customer want to pilot
this now. The only Digital product that we can propose is DECNIS, now
here are questions.

(a) Can we implement this with DECNIS? How?

(b) Can we implement this with DECNIS and a external bridge like
DECbridge 900MX (using DECbridge 900MX address/protocol filter)? The
present of DECNIS is simply for purpose of testing IP routing. A sample
diagram is shown below.

       Host#3  Host#4
         |       |
o--------+---+---+--------o LAN#1
             |3
      +------+-------+
      |DECbridge900MX|
      ++-----------+-+
       |1          |2
 +-----+-+       +-+-----+
 |brouter|       |brouter|
 |  #1   |       |  #2   |
 +--+----+       +--+----+
    |               |
 o--++--O LAN#3  o--++--o LAN#4
     |               |
   Host#1          Host#2

(b1) Port#3 allows all protocols except IP
(b2) Port#1 allows all protocols, except when it is IP it must come from
port#2 or Host#2 or destines to Host#1
(b3) Similar to (b2), Port#2 allows all protocols, except when it is IP
it must come from Port#1 or Host#1 or destines to Host#2

I know DECbridge 900MX can do (b1), how about (b2) and (b3)?

Faraday

T.R	Title	User	Personal Name	Date	Lines