[HECnet] Integrating with the Italian network.

H Vlems hvlems at zonnet.nl
Sat Nov 26 03:05:30 PST 2011 

I agree with Johnny. The technical problems that are DECnet related, like
duplicate areas and duplicate nodenames are easily solved. 
Possibly a lot of work, e.g. I had to move all my machines to another area
and it takes less than 5 minutes per system. Mandatory reboot included.
Incidentally, I documented the required procedures for several operating
systems (VMS, linux and Windows) and when appropriate for both phase IV and
phase V.
So a couple of simple agreements is all that is necessary to merge the two
networks. "Ownership" of area 1 may possibly have ego involved though I
doubt that Johnny would care much.

What I've read about the "enhancements" to the bridge program is yet another
matter. First off, it ain't called bridge for nothing: like any layer 2
bridge the program moves packets between ports and is transparent to both
the content of the datagrams and the functionality of the protocol.
Including DNS like functionality violates that rule. 
In my opinion, if anyone wants a central name repository for DECnet please
upgrade to DECnet phase V. 
Which is my way of saying that I'm not too fond of this "enhancement"...

Hans
-----Oorspronkelijk bericht-----
Van: owner-hecnet at Update.UU.SE [mailto:owner-hecnet at Update.UU.SE] Namens
Johnny Billquist
Verzonden: zaterdag, november 2011 11:36
Aan: hecnet at Update.UU.SE
Onderwerp: Re: [HECnet] Integrating with the Italian network.

On 2011-11-26 08.43, Angela Kahealani wrote:
On Sat, Nov 26, 2011 at 02:35:17AM -0500, Steve Davidson wrote:
Well here's three reasons:

1) they use DECnet area 1 thus area collision

Yes. That was an unfortunate decision of them.

2) they use some of the names we already use thus name space collision

That is not really a big issue. DECnet do not have a requirement for a 
coherent nodename database. Every machine can have its own. I keep a 
nodename database on MIM, which people are welcome to register in, for 
us to be able to copy and keep a synched version, but anyone on HECnet 
can really have their own different database if they want to.

3) and from what I remember, they are entirely dynamic DNS based and
thus had to make major changes to the bridge to even exist.
      The changes they made work just fine, BTW...

Yes. That was one reason that I remember, now that you mention it.

-Steve

So, then do they not have a superior solution which could be adopted by
the existing HECNET?

Depends on your definition of "superior". They manage dynamic addresses, 
at the cost of either exposing to name resolution hiccups, slowness, 
name poisoning, and whatnot, or else a potential for security exposure 
if they send, and accept traffic from random nodes in some time window.

The latter reasons are why I do not have such a thing in the bridge in 
general. DECnet is not a very secure protocol. Passwords fly through it 
in clear text. I am not fond of the possibility of that traffic going to 
some random address in general, and even less fond of opening up the 
virtual ethernet to any random place to inject traffic.

I'm happy to discuss and explain the problems if people want to, but I 
seriously doubt I'll change my mind. I have given it much thought over 
the years.

	Johnny

More information about the Hecnet-list mailing list