The ability to use a standard server and a network operating system to link local area networks or provide wide area connectivity in lieu of a traditional hardware router is becoming a priority for many customers in today’s marketplace. By using standard servers rather than dedicated routers, customers can save money by avoiding purchase of separate routers. Features to look for in network operating system-based routing solutions include routable protocol support, LAN and WAN media support, multicast support, routing protocol support, management tools, and network address translation capabilities. In general, the more capabilities a routing solution has, the better the quality will be compared with a traditional router.
Solaris 7 Implementation Details
Routing is a standard component of the Solaris operating system. Solaris 7 supports multi-protocol routing services through a variety of command-line tools. The only components of routing or network configuration that can be configured through a graphical tool are default routers and network connection configuration settings. These tasks are handled through the Default Router Modification and the Network Connection Configuration administration wizards respectively.
Solaris supports a wide variety of industry-standard LAN and WAN cards. Though this list is not very extensive, physical media support is available for all major network architectures. For LANs, Solaris supports Ethernet, Fast Ethernet, Gigabit Ethernet and FDDI. For WANs, Solaris supports Frame Relay, ISDN, and X.25. Solaris also features native support for ATM.
Routing is supported for both TCP/IP and IPX/SPX. While Solaris 7 does support IPX/SPX filtering, TCP/IP filtering is only available through add-ons such as SunScreen Secure Net. Both distance vector and link state routing protocols are supported. For distance vector support, the RIP protocol is provided for IPX and TCP/IP. For link state routing protocols, OSPF is provided for the TCP/IP protocol suite. Unlike Windows 2000, Solaris 7 doesn’t support IGMP for multicasting but does provide support for IPv4 and IPv6 multicasting. Other features included with Solaris 7 routing include support for routing APIs, multi-link PPP, and SNMP monitoring.
Windows NT Server 4.0 Implementation Details
Multi-protocol routing services for Windows NT Server 4.0 are provided as part of the Routing and Remote Access (RRAS) upgrade, available through a Web download to Windows NT Server 4.0 customers. RRAS provides a complete routing solution for Windows NT 4.0 that is fully integrated with Windows NT Server 4.0 networking support. An unlimited port license is included with this upgrade.
Windows NT Server routing can use all industry-standard LAN and WAN cards. Consequently, physical media support includes all major LAN networks such as Ethernet, Fast Ethernet, FDDI, and ARCnet. All major WAN connectivity options are supported including Frame Relay, ISDN, and X.25. All support is offered natively without requiring the installation and configuration of special modules for WAN connectivity.
Routing is supported for both the TCP/IP and the IPX/SPX protocols. Both distance vector and link state routing protocols are supported. For distance vector support, the RIP protocol is provided for IPX and RIP v2 for TCP/IP. For link state routing protocols, OSPF is provided for the TCP/IP protocol.
Other features included with Windows NT routing include support for on-demand links, packet filtering, routing APIs, multi-link PPP, and DHCP relay support. TCP/IP multicast support and bandwidth allocation are not provided by this version.
On-demand routing provides interfaces that will automatically dial and maintain connections only when needed. When there is no traffic, they remain disconnected. This provides a considerable benefit to customers, as it has the potential to greatly reduce telecommunications surcharges by not having to keep a link active all of the time.
Full packet-filtering support is provided for both the TCP/IP and IPX protocols. Filtering options for TCP/IP allow restriction of traffic based on TCP Port, UDP Port, IP protocol ID, ICMP type, ICMP code, source address, destination address, and TCP establishment status. IPX filtering options include restrictions based on source address, source node, source socket, destination address, destination node, destination socket, and packet type. Windows NT Server packet filters are configured on an exception basis. Filters can be configured to pass only packets from routes specified by the network manager, or they can be configured to pass everything except packets from specified routes.
Microsoft offers a complete software developer kit (SDK) for independent vendors wishing to develop solutions around Windows NT Server-based routing. The SDK provides complete documentation on the extensible application programming interfaces (APIs) included with Windows NT Server-based routing. The benefit to customers is a wider variety of solutions available for Windows NT Server and investment protection.
When using PPP connections to provide WAN connectivity, such as modems or ISDN devices, a new feature entitled multi-link PPP provides the ability to greatly enhance performance and available bandwidth at a reasonable cost. Specifically, low cost PPP links can be combined to create one larger, aggregate pipe over which routing can be enabled. For example, two 28.8 Kbps PPP dialup links could be combined to create an aggregate pipe of 56 Kbps in bandwidth.
The DHCP Relay Agent feature included with Windows NT Server allows DHCP services to function over remote network links. By default, DHCP servers can only issue TCP/IP addresses and configuration information to machines on the local network. With the DHCP Relay Agent, DHCP assignments can be made across routed networks regardless of whether the connection is made via LAN or WAN links. The benefit to system administrators is tremendous, as it allows fewer DHCP servers and less administrative overhead.
Management of Windows NT Server routing is provided through its own GUI-based administration tools and the Network application in Control Panel. Because it uses tools that look similar to other components, administration and setup is easy and familiar to the Windows NT administrator. Wizards are provided to help configure Windows NT routing for novice administrators. The RouteMon command-line scripting utility eases the configuration of interfaces, routing protocols, filters, and routes for routers running the service. It also displays the current configuration and allows batch processing and execution. Finally, SNMP management support is provided, allowing Windows NT Server routing services to be managed via popular SNMP packages such as HP OpenView.
Windows 2000 Server improves on the routing implementation in Windows NT Server 4.0on. New features for the routing services suite includes IGMP version 2 support, DNS proxy support, network address translation (NAT), an MMC-based interface, and dynamic bandwidth allocation.
New for Windows 2000 Server is native ATM connectivity. With ATM support built directly into the operating system, Windows 2000 Server provides connectivity over ATM in addition to all of the other types of WAN links supported by Windows NT Server 4.0.
IGMP, or the Internet Group Management Protocol, is used to register TCP/IP clients within multicast communication sessions. IGMP version 2 is fully supported by Windows 2000 Server. This allows subnets to use Windows 2000 Server for multicast routing, and it provides for multiple clients to share a common multicast session, improving performance and reducing costs in branch office networks.
The DNS Proxy support feature forwards DNS name queries from client computers on a private IP network to an Internet-based DNS server. This enhances security through network hiding while simultaneously supporting interoperable IETF standards for name resolution.
The Network Address Translator (NAT) provides TCP/IP address translation services between a private and a public network by rewriting packets to physically translate the TCP/IP addresses. NAT services provide many benefits to the system administrator. Most important is the reduced risk of denial of service attacks against internal systems when all internal network structures are hidden. Additionally, IP address registration costs less because customers use unregistered IP addresses internally, with translation to a small number of registered IP addresses externally.
Dynamic bandwidth allocation is offered in Windows 2000 Server in the form of the Admission Control Service (ACS). With ACS, system administrators can control the amount of bandwidth that applications can reserve. The limits are imposed via policies configured in Active Directory. This prevents any one application from overrunning the network or WAN connection, ensuring that all traffic can get through.
Finally, all GUI management tools have been upgraded to use the Microsoft Management Console (MMC). This provides a consistent user interface, making it easier for system administrators to navigate and control networking services. It reduces administrative costs and simplifies the management of networking services.
Routing and Wide Area Network Summary
Solaris 7, Windows NT Server 4.0 Routing and Remote Access Services, and Windows 2000 Server Routing and Remote Access Services are all provide a similarly strong set of routing features. All three can route the TCP/IP protocol and IPX using either the RIP or OSPF protocols. All three can route over all popular network media and WAN connections. All three offer GUI, command line, and SNMP management options.
However, Windows 2000 Server Routing and Remote Access service offers an easy-to-use and full-featured multi-protocol routing implementation. It includes network address translation, dynamic bandwidth allocation, a DNS proxy, and IGMP/multicast support. All these features provide significant administrative benefits, making Windows 2000 the best overall option.
Windows NT Server 4.0 Routing and Remote Access Service is a good mid-range entry. It contains a full range of network medium and routing protocol supports. And it offers an excellent set of management tools. However, its lack of native ATM support, which is found in both the Solaris 7 and Windows 2000 Server solution, makes it a poor choice for customers using that technology.
Solaris 7 represents the most feature-poor entry of the three. It does not feature DHCP relay services, nor on-demand connection support. These features are present in both Windows-based implementations. Additionally, its filtering capabilities are not nearly as sophisticated as those in either of the Windows-based solutions. It also lacks an extensible, published API set, so it does not have the support of the third party, independent software vendor community.