---------------------------------------------

NOTE: This article is an archived copy for portfolio purposes only, and may refer to obsolete products or technologies. Old articles are not maintained for continued relevance and accuracy.
July 21, 1997

FTP Software's Internet Gateway for NetWare 2.0

Despite the mad dash to migrate every system on every network to TCP/IP, many networks still consist of scores of print servers hooked to NetWare servers. For administrators who wish to postpone migrating to TCP/IP but still want to provide access to the Internet and IP-based local hosts, FTP Software's Internet Gateway for NetWare 2.0 delivers the strongest IP-over-IPX gateway on the market. The gateway incorporates some niceties unmatched by products such as Novell's Internet Access Server and Microsoft's Proxy Server, included with BackOffice.

Most significant is the optional, extra-cost suite of Windows applications that FTP Software bundles with the gateway, providing a comprehensive, one-stop source for NetWare administrators seeking to IP-enable their IPX clients. FTP Software has seamlessly integrated the Windows client support into the gateway's server component; the product automatically downloads the necessary WINSOCK.DLL and drivers during the installation process. The gateway also supports Macintosh clients that have MacIPX drivers installed, although only for the monolithic MacTCP drivers, not for Open Transport-based systems.

Internet Gateway does have some drawbacks. Unlike the competing products, it uses a proprietary and incompatible IP stack on the NetWare server. It also lacks support for Novell Directory Services (NDS) container objects, as well as direct support for the RFC 1918 public address standard, IP address translation, Dynamic Host Configuration Protocol (DHCP), and other IP address-management services.

IP address allocation

An IPX-to-IP protocol conversion gateway that provides IP transport connectivity services to local PCs, Internet Gateway uses the IPX protocols already available on the local network. It lets you avoid IP-related issues such as file-system support and authentication security.

Internet Gateway offers superlative, fine-grained control over the IP address-allocation mechanisms that it supports. Its default configuration allows any NetWare user to run WinSock-based applications using the server's IP address.

In addition, you can create pools of explicit addresses that you can assign to users or groups, either uniquely or shared among them.

The gateway achieves this multi-personality functionality by binding multiple IP addresses to a proprietary TCP/IP stack that runs on the NetWare server. This allows the server to respond to Address Resolution Protocol requests on behalf of the IPX clients regardless of the number of IP addresses in use.

Such a feature is required in cases where users need to have specific IP addresses, such as when they run local FTP or HTTP servers or run X servers on their desktops. Internet Gateway is unique in this capability within its market segment, although unfortunately this structure also dictates that the gateway can't use Novell's native IP stack, which does not support multiple IP addresses on a single adapter.

This can present problems for companies that are deploying IP services on the same NetWare server as the gateway, because these customers will need to maintain multiple network adapters in order to run both IP stacks at the same time. Because FTP Software's IP stack is incompatible with Novell's, you cannot run IP services written for one on the other.

This incompatibility also presents problems if you don't want to install another network adapter simply for the FTP Software gateway or set up another NetWare server for the address-translation capabilities.

Graphical system management

Internet Gateway handles system management through a pair of highly graphical windows applications. The management tool allows administrators to easily define system defaults, create address pools, assign rights to users and groups, and define basic firewall-type filters. A separate monitoring tool affords a graphical view of the heaviest users, protocols, sites, and servers.

Figure 1
Figure 1

I would prefer to be able to configure the gateway services and users from within NWAdmin, although FTP Software gears Internet Gateway more toward networks running NetWare 3.x. (IntranetWare provides a usable—although much less configurable—IP-over-IPX gateway in the box.) The configuration tool reads only user and group objects from NDS and does not provide access restrictions to container objects. In order to enable support for a department, I first had to create a group containing all of the users in that department's container organizational unit—a tiresome process.

Although the product offers exceptional IP-over-IPX address-translation options, it lacks support for IP-centric address management, making it a dead end for administrators seeking a migration path from IPX to IP. Support for DHCP, RFC 1918 private-address standard, and IP-to-IP address-translation services would help administrators along this path, especially considering that the competitive offerings mentioned above provide these features.

Despite these caveats, Internet Gateway is still a superior IP-over-IPX gateway. For customers who are happy with IPX, it presents a great solution to a troubling problem. NetWare administrators looking to migrate completely to IP-based solutions by way of their NetWare installation, however, may find its lack of integration with Novell's native TCP/IP stack, NDS containers, and native IP a significant roadblock.

Providing extensive IP-over-IPX gateway services, this suite lets hundreds of users share the server's IP address and provides optional, highly integrated Windows client applications.

-- 30 --
Copyright © 2010-2011 Eric A. Hall.
Portions copyright © 1997 InfoWorld Media Group, Inc. Used with permission.
---------------------------------------------