1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Author" content="Christine Caulfield">
<title>DECnet for Linux - LAT</title>
</head>
<body text="#000000" bgcolor="#ffffff" link="#0000ef" vlink="#51188e" alink="#ff0000">
<table cols="2" width="100%" nosave="">
<tbody>
<tr nosave="">
<td width="100" nosave=""><img src="tramp-penguin.jpg" height="200" width="100" ALT="tramp"></td>
<td nosave=""><b><font size="+3">DECnet for Linux</font></b>
<p><font size="+3">A project to provide DECnet phase IV connectivity
for Linux</font><br>
</p>
<p><b><font color="#cc0000"><font size="+3">LAT</font></font></b><br>
</p>
</td>
</tr>
</tbody>
</table>
<h1>LAT</h1>
This is a quick guide to using LAT on Linux and *BSD systems. I am assuming that
you already have the latd package installed and that the latcp command is
on root's PATH. All the terminal server examples are for the (very
obsolete) DECserver 200 but the syntax is similar for other models (apart
from the DECserver 90L+ which has an odd menu-type system but which is
fairly intuitive for its limited feature set).
<p>In this document I refer to <b>latd</b> as the daemon that is running in
the background accepting incoming connections and marshalling outgoing ones,
<b>latcp</b> is the LAT control program which is the user interface to latd.
</p>
<p>The latcp commands are based on those used in HP Tru64 Unix, so if
you are familiar with that then this should all look very familiar to you.
However, they are <i>not</i> identical to Tru64 so you should still at least
skim this document or the man page for latcp.</p>
<p>The examples here are for latd 1.12. Not all the features are available
in earlier versions. </p>
<p></p>
<h1>Starting and stopping it</h1>
<tt><b>latcp -s</b></tt> starts the lat daemon.<br>
<tt><b>latcp -h</b></tt> stops the daemon.
<p>By default (ie if you haven't customised the startup script) latd will
advertise a service which is the hostname of your system. This means
that any users that have terminals connected to a terminal service will be
able to connect to your system by typing the appropriate connect command
to the terminal server. On a DECserver 200 this would be "CONNECT ZAPHOD"
if your machine's host name is "zaphod". Of course, if the user does not have
a username on the system they will not be able to get past the login prompt.
When latcp starts the daemon it runs a <i>startup script</i> called <tt><b>
/etc/latd.conf</b></tt> which is a conventional shell script. If you want
to customise the way LAT works then this is the place to do it. The rest
of this document explains the latcp commands that you can use to customise
LAT and it is normal to put these commands in the startup script so that
they take effect each time the system is rebooted.</p>
By default latd listens on all ethernet interfaces on your system. If you
want to restrict this you can specify as many interfaces as you like on the
latcp command line eg: <samp><b>latcp -s -i eth1 -i eth2</b></samp>. It is
not currently possible to change this in the startup script.<br>
<p>When you stop latd all users are instantly disconnected. They will get
no warning and work will not be saved.</p>
<p></p>
<h1>Service names</h1>
latd can advertise many services, not just one for the host name. So (for
example) you could add a new service called LINUX on all linux machines running
latd and then users can connect to LINUX and they will be attached to the
server with the lowest load average.
<p>To add such a service use the command <tt><b>latcp -A -a LINUX</b></tt>.
This tells latd to advertise the new service along with the default one
using the same rating.</p>
<p>To remove this service use the command <tt><b>latcp -D -a LINUX</b></tt>.
</p>
<p>Services have an optional description associated with them which can show
up on some terminal servers if the user issues a SHOW SERVICE command. The
description is added to the service with the -i switch. eg:<tt><b>latcp
-A -a LINUX -i "Linux login service"</b></tt><br>
Note that the description must be enclosed in quotes if it contains spaces.
To change the description of an existing service use the following command:<br>
<tt><b>latcp -i "Linux is wonderful" -a LINUX</b></tt><br>
</p>
<p></p>
<h1>Service ratings</h1>
Every advertised service has a <i>rating</i> associated with it. This rating
is used in the terminal servers' load balancing algorithm to determine which
node to connect to when more than one system advertises the same service
name. By default, services advertised by latd have <i>dynamic</i> ratings,
that is they vary according to the load on the system. The value you specify
on the latcp command line is a maximum, this value is divided by the current
load average plus one each time the service is advertised on the LAN.
<p>So, if you create a service with rating of 100 using the following command:<br>
<tt><b>latcp -A -a LINUX -r 100</b></tt><br>
and the load average is 1.00, then the advertised rating will be 50. If
you have several machines advertising the the same service then, to achieve
effective load balancing, the rating specified on the command-line should
reflect the relative power of the machines offering that service.</p>
<p>In addition, ratings can be <i>static</i>. A static rating does not vary
with the system load average. If you create a service with the following
command:<br>
<tt><b>latcp -A -a LINUX -r 100 -s</b></tt><br>
Then the rating will always be 100 regardless of how busy the system is.</p>
<p></p>
<h1>Reverse LAT</h1>
The "normal" use of LAT is to allow a terminal, connected to a terminal
server to log into a computer. "Reverse-LAT" goes the other way, the computer
makes a connection to a port on the terminal server. This has a number of
uses: the most popular are<br>
<ul>
<li>Connect a printer to a terminal server port and let computers print
to that printer by mappinga device on the computer to the terminal server
port and</li>
<li>Connect a computer console to a terminal server so that the computer
can be remotelymanaged from another computer.</li>
<li>Connect a modem to a terminal server port and allow users to dial in,
or dial out.</li>
</ul>
To do this you first need to create a service on the terminal server. How
to do this varies on the model of terminal server you have so consult the
documentation for your device. The command for a DECserver 200 is as follows:<br>
<tt><b>DEFINE SERVICE MYVAX PORT 4</b></tt><br>
This creates a service called MYVAX which is associated with port 4 on the
terminal server. Note,you may also have to set the port characteristics to
match those of the printer and set the access type to "Remote". Now, assuming
you have connected the serial console of your VAX to port 4 of the terminal
server and the server is called DS200, you can issue the following command:<br>
<tt><b>latcp -A -p /dev/lat/myvax -Hds200 -Vmyvax</b></tt><br>
If you now connect a terminal emulator program (say minicom, seyon or microcom)
to /dev/lat/myvax you can log in to the console of the VAX and issue commands
as if the terminal was local. If it doesn't work then there are a few things
to check:<br>
<ul>
<li>The port is set correctly for remote connections, and that the baud
rate and flow-control attributes are set correctly.</li>
<li>That nobody else is connected to that service. On a DECServer 200 the
command SHOW USERS will help here.</li>
<li>That the service has been advertised on the LAN. Services are only broadcast
on the LAN every 30 or 60 seconds (depending on the configuration) so you
may have to wait that long before the service is seen by latd. Use the command
<tt><b>latcp -d -l</b></tt> to see which services are known to latd.</li>
<li>That the group numbers are set correctly, see later for a description
of groups</li>
<li>That you have correctly specified service name (and perhaps the host
name) on the latcp command line.<br>
</li>
</ul>
<p>In the case of a printer that is shared by several machines you may want
to make it a queued connection. This means that if the printer is busy,
any other machine that tries to connect to it will be forced to wait until
it is ready. To do this set the port to be queued on the terminal server
and specify the reverse-lat port to be queued by adding -Q to the command
line as follows:<br>
<tt><b>latcp -A -p /dev/lat/printer -Hds200 -Vprinter -Q</b></tt><br>
</p>
<p>To allow users other than root to connect to reverse-LAT services you must
create a group in /etc/groups called "lat" and add reverse-LAT users to that
group. See your distribution's documentation for managing groups. Not that
this group does not affect normal, "forward" use for LAT for those users.</p>
<p>To send a BREAK character to the remote node press ^@. Normally this is
shifted to you actually have to press Ctrl-Shift-' on a British keyboard
for example.</p>
<p>To use "printer" ports on a DECserver 90L+ you must make the port queued
because that device does not support reverse LAT. You should also use
<i>only</i> the node name (no service name) when creating the port. eg: <br>
<tt><b>latcp -A -p /dev/lat/printer -Hds90l1 -Q</b></tt><br>
<p>Note that queued connections are not really "reverse" LAT in the strict sense
that the computer contacts the server, it sends a command to the server requesting
it to make a connection back to it. The reason this is useful to know is that
actual reverse LAT is not very efficient on the ethernet (tcpdump it!) so
if you are bothered by excessive packets then -Q ports are better.<BR>
Also note that the -Q flag is the opposite way round from Tru64 Unix(R),
sorry about that, but it seems more intuitive to me and also I didn't read the
man page carefully enough.
<h1>Groups</h1>
Groups on LAT are a method of restricting the visible services to a manageable
subset. They are<i>not</i> a security feature, merely a method of making
a large number of services more manageable.
<p>When a service is advertised on the LAN it can have any number of groups
associated with it. A group is a number from 0 to 255. By default all services
are in group 0. On the terminal server you can restrict the group numbers
that it will listen for services on. So, for example, a terminal server inthe
sales department could have only group 10 enabled, a terminal service in
the production department could have only group 20 enabled. The host machines
providing these services would advertise sales service in group 10 and production
services in group 20. The computer department servers would probably have
all the groups enabled so that they could connect to all the services.</p>
<p>Because latd is both a client and a server it has two sets of group codes.
One set (that manipulated by the -G and -g switches) determines the group
numbers that the advertised services use. So, if we execute the following
latcp commands:<br>
<tt><b>latcp -G 10<br>
latcp -A -a LINUX -i "Linux login service"</b></tt><br>
Then the service LINUX will be advertised in groups 0 and 10 (group 0 is
always on by default). You could remove it from group 0 with the following
command:<br>
<tt><b>latcp -g 0</b></tt><br>
Set up like this, only terminal services listening for services in group
10 would see the LINUX service.</p>
<p>The other group set (that manipulated by the -U and -u switches) determines
which services can be used by the reverse-LAT ports. So, if you issue the
following commands:<br>
<tt><b>latcp -u 0<br>
latcp -U 20</b></tt><br>
Then you would only be able to connect reverse LAT ports to services that
were advertised in group 20 (ie you could not connect to the LINUX service!).
</p>
<h1>Application services</h1>
The default for a service configured with the latcp -A -a command is the
login application but you can define almost any sort of application you like.
To give an illustration this is how the default login service looks like with
defaults spelled out:
<tt><br><b> latcp -A -a LINUX -C /bin/login -u root</b><br></tt>
You can specify any command you like for -C and any valid user for -u so
forcing users into a specific application straight from the terminal server,
of course you may also have to do some authentication too! latd will set the
following environment variables which you may find useful:<br>
LAT_LOCAL_SERVICE<BR>
LAT_REMOTE_NODE<BR>
LAT_REMOTE_PORT<BR>
<p></p>
<h1>Other things you can fiddle with</h1>
Most of the operational parameters of latd can be configured with latcp.
I recommend you leave these alone unless you know what you are doing though.
<ul>
<li>Multicast timer(latcp -m). This timer specifies how often latd advertises
its services on the LAN. It is specified in seconds and the default is 60.</li>
<li>Keepalive Timer(latcp -k). This timer specifies how often latd will
send a "keepalive packet" to a remote connection to see if it is still alive.
This timer is restarted each time a valid packet is received. If <retransmit
limit> keepalive packets are sent with no response then the connection
is terminated. It is specified in seconds and the default is 20.</li>
<li>Retransmit Limit(latcp -r). This is the number of keepalive packets
sent before terminating a connection on the assumption that it is dead.
The default is 20.</li>
<li>Service responder(latcp -J or -j). Enables (-J) or disables (-j) service
responder mode. This is needed if you have terminal servers on your network
which don't collect advertised services but expect other machines to do
it for them</li>
</ul>
<h1>llogin</h1>
Starting with lat 1.02 a user program <i>llogin</i> is included. Like latcp
this is based on the command of the same name from Tru64 Unix but with a
few extras. It's purpose is to allow users to log into remote LAT services.
These services must be made available to latd using the groups feature mentioned
above. In its most basic form you can connect to an advertised LAT service
with the command:<br>
<pre><b>$ llogin trillian</b></pre>
This command will connect you to the/a machine that advertises the service
trillian and prompt you to log in. You can also specify a particular node
or port number to connect to using command-line switches (see the man page
for more details). One useful feature is the ability to connect to queued
services by supplying the -Q switch to the command eg:<br>
<pre><b>$ llogin ds200 -Rport_6 -Q</b></pre>
Will connect to a queued port on a DECserver. Note that the service name,
port name (and node name if supplied) will be converted to uppercase.<br>
<br>
Unlike using reverse-LAT ports you don't need to press enter (or any other
key) to activate the connection. If the service is a login service then you
will see the login prompt quite soon after entering the command.<br>
<br>
<br>
<h1>What's happening with the server?</h1>
You can show the status of the server with the <tt><b>latcp -d</b></tt>
command which produces output something like this:<br>
<pre><br>Node Name: TYKE LAT Protocol Version: 5.2<br>Node State: On LATD Version: 1.01<br>Node Ident: A Linux box<br><br>Service Responder : Disabled<br>Interfaces : eth1 eth0 <br><br>Circuit Timer (msec): 80 Keepalive Timer (sec): 20<br>Retransmit Limit: 20<br>Multicast Timer (sec): 30<br><br>User Groups: 0<br>Service Groups: 0<br><br>Service Name Status Rating Identification<br>TYKE Enabled 12 D <br>LINUX Enabled 100 D <br><br>Port Node Service Remote Port Queued<br>/dev/lat/marsinta DS200 PORT_8 Yes <br>/dev/lat/trillian DS200 PORT_7 Yes <br>/dev/lat/zaphod DS200 PORT_3 Yes <br>/dev/lat/roosta DS200 PORT_2 Yes <br>/dev/lat/loginmarsha MARSHA No <br>/dev/lat/ddcmp DS200 PORT_6 Yes 8<br></pre>
The services shown are the services advertised by this machine. If you want
to see a list of services that are on the network that have been seen
by this machine(remember groups!) then use the command <tt><b>latcp
-d -l</b></tt> which gives output like this: <pre>BACON Available Welcome to VAX/VMS V5.5 <br>BALTI Available Compaq Tru64 UNIX V5.0A LAT SERVICE<br>DS200 Available <br>LAT_VT_GTWY Available LAT/VT Gateway<br>LINUX Available Linux 2.2.18<br>MARSHA Available VAX node MARSHA<br>TRISHA Available <br>TYKE Available Linux 2.2.18<br><br></pre>
If you really want the full lowdown on the services that latd has seen then
the command <tt><b>latcp -d -l -v</b></tt> will tell you everything you
wanted to know!
<p></p>
<h1>The startup script</h1>
The above commands show you how to configure LAT, these commands will very
likely be the same every time you boot the system or restart LAT so it makes
sense to have some system of executing a series of commands every time you
issue the <tt><b>latcp -s</b></tt> command and so there is.
<p>Put your commands into a file called /etc/latd.conf and it will be run
every time you start LAT. The only change you should make is to replace the
latcp command with the string $LATCP so that the script can find the latcp
program regardless of whether it is on the PATH or not.</p>
<p>The reason you should use /etc/latd.conf rather than writing your own script
to start LAT and then set the parameters is that latd does not actually advertise
any services or accept any networkconnections until the startup script has
completed. This means you can configure all the parameters and make sure
that nothing happens with the defaults in place. Here is an example startup
script that sets up the services shown in the above example output:</p>
<p><pre># /etc/latd.conf<br># This is a sample configuration file for latd<br># it is run as s shell script from latcp -s with a minimal<br># environment and PATH (though latcp will be available as $LATCP)<br>#<br># You can fiddle with all the latd parameters you like in here, the first<br># service announcement will not be made until this script completes.<br>#<br>#<br><br># Set the multicast timeout to 30 seconds<br>$LATCP -m 30 <br><br># Add another login service<br>$LATCP -A -a LINUX -r 100<br><br># Add a queued reverse LAT service to consoles<br>$LATCP -A -p /dev/lat/marsinta -Vds200 -RPORT_8 -Q<br>$LATCP -A -p /dev/lat/trillian -Vds200 -RPORT_7 -Q <br>$LATCP -A -p /dev/lat/zaphod -Vds200 -RPORT_3 -Q <br>$LATCP -A -p /dev/lat/roosta -Vds200 -RPORT_2 -Q <br><br># LAT to VAX<br>$LATCP -A -p /dev/lat/loginmarsha -Vmarsha <br><br># DDCMP on Marsha<br>$LATCP -A -p /dev/lat/ddcmp -Vds200 -RPORT_6 -Q -8<br><br>exit<br></pre>
</p>
<h1>Managing terminal servers</h1>
latd also comes with a utility to help you manage your terminal servers, it
is called <b>moprc</b> and it behaves in a similar manner to the
"NCP CONNECT NODE" or "SET HOST/MOP" commands on VMS in that it connects you
to the management port of a DEC terminal server so you can issue commands
for changing ports and assigning services. <p>
Put the names and ethernet addresses of your terminal servers in the file
/etc/ethers (see ethers(5) for the format of this file) and you can connect
to the servers by name:<br>
<tt><b># moprc DS200 </b></tt><br>
If your machine has more than one ethernet adaptor you may need to tell
moprc which card to use - it defaults to the first adaptor on the system. Note
that the BPF interface supports only one interface at a time, Linux supports as
many as you like..
<br>
<p></p>
<hr width="100%"><br>
<i>HP</i> and <i>Tru64 Unix</i> are trademarks of HP Inc
and <i>DECserver</i> probably is too.<br>
<br>
Go back to the <a href="index.html">DECnet for Linux Home Page</a>
</body>
</html>
|
