Macintosh UAR

Macintosh UAR is an AppleTalk Router that can be used on a Macintosh computer that is running Apple's Open Transport networking system. With Open Transport version 1.1, or later, UAR can be used to
o route between any combination of available Ethernet ports o perform simple tunnelling between AppleTalk networks via the Internet o act as an ARNS server for remote AppleTalk access for Internet clients o set up NBP object and type filtering per interface o provide an AppleTalk time service UAR 1.2 can also route via built-in LocalTalk (Printer or Modem) ports. With Open Transport 1.1.1, or later, UAR can route between Ethernet, Fast Ethernet, FDDI or Token Ring (as yet untested) ports. Macintosh UAR is available via anonymous FTP from munnari.OZ.AU as the file mac/macuar.sit.hqx. Please note, however, that it is not distributed as freeware. When used as a multiple-port AppleTalk router, the program will run for 120 minutes at a time in a "demonstration mode". To enable continuous use, you need to obtain a UserKey using the order-form provided at the end of this document. Note, however, that when Macintosh UAR is used only to provide ARNS services via a single external interface, the purchase of a UserKey is not required (some restrictions apply). UAR is shipped both as 68k-only and fat (combined 68k and PowerPC) binaries. It is no longer a requirement to use the 68k binary for LocalTalk routing. Use whichever format suits the host architecture. Refer to the section Known Problems which lists issues due to reported, but unacknowledged and some not-yet-fixed, bugs in Open Transport. This document gives a quick overview of AppleTalk, the operation of AppleTalk Routers and then details the installation and configuration steps required for the Macintosh UAR program.

AppleTalk

AppleTalk is a networking system that is available on all Apple Macintosh Computers and a variety of printer hardware. It is also available on many UNIX systems using various third party freeware and commercial packages. The AppleTalk protocol suite encompasses high level file sharing using AppleShare, LaserWriter printing services and print spoolers along with lower level data streams and simple datagram delivery. The term AppleTalk was originally used for both the protocol and connecting cables, but when it became available on different media, LocalTalk was used to describe the simple shielded twisted pair cable used to connect Macs to other Macs or printers. EtherTalk is AppleTalk over ethernet and TokenTalk is AppleTalk via Token-Ring networks. AppleTalk data can also be carried within different protocols, such as IP over the Internet, this is known as encapsulation or tunnelling.

AppleTalk Addresses

Each unique entity on an AppleTalk network has an AppleTalk address consisting of a node number and a network number. Node numbers can range from 1 to 253 (254 on LocalTalk) and occupy a single byte. Network numbers are two bytes long and can range from 1 to 65535. This can also be written in dotted decimal notation as 0.1 to 255.255. This is exactly the same as writing a four-byte Internet Protocol (IP) address in the form 128.250.1.21. Dotted decimal notation is used by preference in this document and in the provided sample configurations, but either format can be used in the configuration file. On EtherTalk and TokenTalk extended networks, a network range may be assigned to the cable. This simply means that AppleTalk nodes on this cable are free to choose a network number from any of those within the specified range. Network ranges may be zero width (0.5 - 0.5), or larger (0.5 - 0.8). Care should be taken to choose a range with sufficient room for future expansion, without wasting address space that may be necessary when a connection to another AppleTalk internet becomes available. The theoretical maximum number of AppleTalk nodes that can be accommodated on a single extended network cable is 16,580,355 (65535 x 253). LocalTalk networks are non-extended and may be assigned only a single network number. The theoretical upper limit for the number of nodes on a LocalTalk network is 254. In reality there are physical limitations on the length of each type of cable and the number of possible electrical connections to it. For convenience, network load sharing or administrative purposes, network numbers can be grouped together and described by a zone name. Lookups for AppleTalk entities in a specific zone generate (a lot of) traffic, but only on cables that contain those network numbers. An extended network may have up to 255 zones assigned to a single cable, one of these being denoted as the default zone. A Macintosh on a multiple-zone extended-network may choose to live within any one of the available zones (selected by using the AppleTalk Control Panel, or the Network Control Panel on a Macintosh with classic AppleTalk networking). Non-extended networks are limited to a single zone name per cable. Within a single physical node, different programs or services can open AppleTalk sockets. The full network/node/socket tuple is necessary to completely specify the final destination of an AppleTalk packet.

AppleTalk Named Objects

To assist humans in finding and distinguishing between different AppleTalk services, an AppleTalk address can be associated with a descriptive name using NBP - the Name Binding Protocol. Each entity or service can register an NBP object name and an object type within a zone. For example, a Laser Printer might register as Gutenberg:LaserWriter@unimelb-CompSci Where Gutenberg is the object name, LaserWriter the object type and unimelb-CompSci is the zone name. Each of the object, type and zone fields are limited to 32 characters in length. A possible network/node/socket AppleTalk address tuple for Gutenberg could be written as 73.194/250/129. That is, the printer process running on node 250 on network 73.194 is listening for printing requests on socket number 129. A Macintosh user normally only ever encounters object and zone names. The Chooser takes care of looking up NBP types and mapping the results to AppleTalk addresses.

AppleTalk Routers

An AppleTalk Router allows AppleTalk services that are visible on one network interface, such as the built-in ethernet port, to be used by other hosts connected to a different interface, perhaps on a LocalTalk cable plugged into the router printer port. Maintaining zone names, looking up NBP names within zones, propagating network routing information and sending packets between different network interfaces is the responsibility of one or more AppleTalk Routers. When multiple routers are connected to the same network, they may all be configured with the same network range and zone name information (they are all seed routers), or a router may start up non-seed and obtain configuration information from other routers that are already running. Once running, there is no practical difference between a seed and a non-seed router. It is particularly important that all routers connected to a cable have the same configuration information for each of the network range, default zone and zone lists. If this is not the case then the network may be unpredictable, certain nodes may not be visible or connections may be lost. Some routers, including UAR, handle this potentially fatal situation by refusing to start up. A non-seed AppleTalk entity that starts up on an extended network initially uses the network number startup range of 255.0 to 255.254 (65280 to 65534). This network range is used until a router is contacted and the real network range is determined. Network ranges on different physical cables may not overlap, therefore routers should not be configured with network numbers in the range 255.0 to 255.254.

DDP Checksums

The basic AppleTalk packet is carried by the DDP (Datagram Delivery Protocol) layer . One of the fields in the DDP packet header is a 16-bit checksum. This is used to protect packets against data corruption in intervening routers and noisy networks. Macintoshes always default to sending DDP packets with the checksum field disabled. It is strongly recommended that routers have checksum code enabled.

Open Transport

Open Transport is a modern networking platform for 68030, 68040 and PowerPC Macintosh Computers. It offers improved support for TCP/IP and AppleTalk networks, including AppleTalk multi-homing - the ability to use multiple AppleTalk interfaces at the same time (more accurately, the ability to write a program that can open multiple AppleTalk interfaces). To use all of the available UAR functionality you must have Open Transport version 1.1.1, or later, the necessary support was not available, or was seriously broken, in earlier Open Transport releases.

Interfaces

Interface names are used to distinguish between physical network ports on a host computer. The names are usually a function of the underlying network hardware and software. Under Open Transport, the interface names are enet0 to enetN for the built-in ethernet port and 'N' ethernet cards in NuBus or PCI slots; and ltlkA, ltlkB or ltlkAB for LocalTalk via the modem port, printer port or the single port available on some machines, respectively. Fast Ethernet, FDDI and Token Ring interfaces have names of the form fenetN, fddiN and toknN.

Macintosh UAR Installation

The Macintosh UAR package is implemented as a Faceless-Background-Application System Extension and thus has no built- in user-interface. It does not appear either in the list of running Applications or in the About This Macintosh dialog box (memory allocated to UAR appears as part of the System Software total). UAR is installed by copying it into the Extensions Folder (or by allowing the Finder to auto-route it by dropping it onto the System Folder). UAR is started only at boot time, it cannot be run by double-clicking on the icon. The only method of stopping UAR is to remove it from the Extensions Folder, or to disable it using the Extensions Manager Control Panel and restart the Macintosh. After UAR starts, the Macintosh Name, in combination with each interface name, is registered as an NBP object with the type "UAR", in the default zone. For example, if the Sharing Setup Macintosh Name is set to "feathers" and the router is configured to use enet1 and the ltlkB LocalTalk port, then UAR registers feathers-enet1:UAR@unimelb-CompSci feathers-ltlkB:UAR@unimelb-CompSci Note: the Macintosh Name will be truncated if it is longer than 25 characters.

UAR Configuration

UAR is configured by editing the configuration file UAR Config (a SimpleText document within the Preferences Folder). If UAR is started without a UAR Config file, it will create a UAR Config Sample file in the Preferences Folder, write a notification error message to alert the user, and then quit. The UAR Config Sample file lists all of the available AppleTalk interfaces on the Macintosh, together with the commands available to configure each of them (note that the configuration data is fictitious). To get UAR to use this sample file, it must be edited to uncomment the required interface setup lines, and to change these to reflect the required network configuration. The file must then be renamed to UAR Config and the machine restarted. The UAR configuration file data takes the form of an interface name followed by the interface configuration information, repeated as many times as there are interfaces to be used. Comment lines begin with the '#' character. Indentation used in the following examples is optional for added clarity. # # UAR config example # interface enet1 node 252 network 64.126 zone "twilight zone" # interface enet2 node 252 networklo 64.127 networkhi 64.127 zone "twilight zone" zonelist "twilight zone" Note that both interface configurations specify essentially identical information, since the enet2 interface has a zero-width network range and a single zone name, it could have been simplified as follows # interface enet2 node 252 network 64.127 zone "twilight zone" An extended network, with a non-zero-width network range and multiple zone names would be represented as # interface enet3 node 234 network 64.129 networklo 64.128 networkhi 64.136 zone "twilight zone" zonelist "twilight zone" zonelist "no parking zone" zonelist "demilitarised zone" In this example, the network range is 64.128 - 64.136 (16512 - 16520) and the router is to use network 64.129 with a suggested node number of 234 (the node number entry is used to initialise the node number of the interface and will be the actual node number chosen unless it is already in use by another entity on the cable). The zone list contains three zone names. with "twilight zone" being the default zone name. To specify a network as non-seed, list only the interface name. # interface enet4 Note that this may cause problems if no other router is available on the network to provide seed configuration information. The UAR Config file can be created using the SimpleText application, or an edited version of the UAR Config Sample file, as indicated above. It should be put into the Preferences Folder inside the System Folder. The following UAR Config global commands are also available, they can be added to any interface configuration list, but affect all of the interfaces. userkey "[key not set]" sets the UserKey to enable continuous operation (see the order form at the end of this documentation). checksum 0 disables the UAR DDP checksum code. By default DDP checksums are always generated in outgoing packets, and checked in incoming packets. fastroute 0 disables UAR Fast Routing, used to speed the delivery of AppleTalk packets between Ethernet interfaces. Should not be necessary in normal circumstances. dumptables 1 causes UAR to dump internal tables when the UAR program quits, for example, when the machine is shutdown or restarted. Note that for large networks the time taken to write the files will add appreciably to the restart time. The files are written into the Preferences Folder and have names of the form UAR AARP Table for each of the AppleTalk protocols AARP (AppleTalk Address Resolution Protocol), NBP (Name Binding Protocol), RTMP (Routing Table Maintenance Protocol) and ZIP (Zone Information Protocol). A file containing router statistics is also created. A sample AARP table might look like UAR AARP Table: net node eaddr 73.196 8 00:40:10:00:28:69 73.195 108 08:00:07:7e:9b:f3 73.196 253 02:60:8c:56:21:27 3 AARP entries where the eaddr column lists the 48-bit ethernet hardware address for each node.

UAR Interface adev

To allow the Macintosh running UAR to participate in local AppleTalk services, you must install the 'UAR Interface adev' into the Extensions Folder (or allow it to be auto-routed by dropping the file onto the System Folder). The popup menu list in the AppleTalk Control Panel will show the available interfaces, including something like "enet0" via UAR or (UAR not running) if UAR has not been installed. To enable the adev to find UAR, you must add a line of the form mac on to ONE of the ethernet-style interface lists in the UAR Config file (not available for the LocalTalk, ARNS or TNNL interfaces). The Macintosh adopts a separate/unique node number on the specified interface, with all traffic being routed via the UAR process. This is the same mechanism used with CAP services under UNIX UAR. If UAR is not installed and running then the UAR Interface adev cannot be selected as default in the AppleTalk Control Panel (no link addresses will be available). Note that since the router does not start until after the normal INIT or Extension startup time. INITs that use AppleTalk may behave abnormally. Similarly, when the Mac is shutdown, the router quits before any mounted volumes are disconnected (this is a MacOS issue), so there will be an added shutdown delay until the connected times-out. You can avoid the delay by disconnecting from AppleShare servers before selecting Shutdown or Restart.

Time Server

UAR can provide an AppleTalk-based current time service to local Macintoshes using the tardis Chooser extension. You can enable timeserving on one or more UAR interfaces (but only one is necessary) by adding a configuration file entry of the form timesrvr "timeServer" to the selected interface. "timeServer" is the name to appear in the Chooser of the client Macintosh. The client Macintosh time is set from the selected server when the Mac is booted, by the user from the Chooser or daily at a specified time. The tardis Chooser document is installed by copying it to the Extensions Folder. You should make every attempt to ensure that the UAR server Macintosh time is reasonably accurate. You can achieve this by using a Network Time Protocol (NTP) Internet client such as the Network Time utility.

NBP Filtering

A filter may be installed on each interface to either prevent AppleTalk entities on that interface from accessing AppleTalk services that are visible on the remaining interfaces (restrict mode), or to prevent nodes on other interfaces from seeing services registered on nodes connected to that interface (protect mode). Filter configuration file entries are of the form protect "object" restrict "object:type" restrict "object:type@zone" Each of "object", "type" or "zone" may be replaced by "=" to match anything, or prepended with a ! character to invert the test (NBP partial matching is not available). For example, to stop users connected to interface enet1 from accessing AppleShare servers in the zone "no parking zone", seeing anything at all in the zone "demilitarised zone" and anything other than Timelord servers in the zone "the white zone is for loading"; and to prevent IP address assignment from outside interface enet1, insert entries into the UAR Config file as follows: # interface enet1 node 252 network 64.126 zone "twilight zone" restrict "=:=@demilitarised zone" restrict "=:AFPServer@no parking zone" restrict "=:!Timelord@the white zone is for loading" protect "=:IPGATEWAY" Note that the NBP filter searches filter entries in reverse order to that listed in the UAR Config file. This may result in unexpected behaviour if multiple filter entries affect the same NBP object.

Tunnelling

UAR supports a simple method for tunnelling AppleTalk packets over an IP internet using UDP/IP. That is, isolated AppleTalk networks may be joined seamlessly by running UAR on hosts that are connected together via the Internet and to each of the individual networks. In this scheme, the Internet can be viewed as a pseudo cable connecting all of the different routers. The only restriction is that network numbers at each location must be unique across the extended AppleTalk network. i.e.: network number remapping is not supported. A Macintosh using the IPTnnl adev (a Network Control Panel client) can also be connected to a UAR tunnel, or used to connect to other IPTnnl equipped Macintoshes. For more details, refer to the IPTnnl userDoc file which is available via anonymous FTP from munnari.OZ.AU as part of the file mac/iptnnladev.1.0.sit.hqx.Z. Note that the IPTnnl adev is not currently compatible with Macintoshes running Open Transport. IP tunnelling is specified as an additional non-extended pseudo interface in the configuration file of each participating UAR router. An example tnnl interface entry may be written as follows # interface tnnl node 253 network 83.3 zone unimelb-CompSci peer "253 @ 128.250.97.86" peer "252 @ 128.250.73.40" Each UAR host or IPTnnl Macintosh participating in IP tunnelling must contain identical network, zone and peer entries and each must have a unique node number. A UAR tunnel, since it is effectively a single network, must be assigned a separate network number (that is, a network number that is unused on any of the tunnelled networks). The peer entries are used to map node numbers to IP addresses, thus identifying the Internet location of each of the nodes. Note: It is more efficient to group tunnels by node number. For example, given two tunnels, it is better to make them nodes 123 and 124 than having one on node 1 and one on node 253. For security reasons, remote UAR/IPTnnl clients are not permitted to participate in tunnelling unless their IP address is explicitly listed as a peer in the local configuration file or in the IPTnnl configuration dialog. On UAR UNIX hosts that have multiple ethernet interfaces, and thus multiple IP addresses, an explicit peer entry for the local node number (253 in the above example) is used to specify which interface address value is to be used for outgoing traffic. The default UDP/IP port used for tunnelling is 9115. To change this on a UNIX host, add entries to the /etc/services file for all participating hosts: tnnl 9115/udp # UAR tunnelling port tnnl 9115/tcp # UAR tunnelling port With Macintosh UAR, you can use a UAR Config file entry of the form tnnludpport 9115 In the special case where Macintosh UAR is being used to connect Macintoshes on LocalTalk or EtherTalk ports, via a slow SL/IP or PPP IP tunnel to a larger network, NBP traffic can saturate the link, resulting in the Chooser only sporadically displaying services, or none at all. If this is a problem, the traffic can be minimised by specifying tnnltraffic 1 in the UAR Config file. Setting tnnltraffic will have no noticeable benefit when UAR is used to connect two or more larger AppleTalk internets.

ARNS & IPRemote

Since 1992, the University of Melbourne ARNS packages ("A Remote Network Server") have been providing the ability to connect to remote AppleTalk services by creating personal AppleTalk tunnels over the IP Internet. Macintosh UAR 1.1 can support remote connections by ARNS clients. These clients may be Macs using Async AppleTalk, ARA or PPP AT/IP and connected via a serial line to a UNIX host or Macs with IPRemote using MacTCP or Open Transport via Ethernet, SL/IP or PPP. For more information, see the ARNS web pages at http://www.cs.mu.OZ.AU/appletalk/atalk.html

ARNS Security Issues

Allowing any user to provide access to local AppleTalk services via the Internet is a potential nightmare for the network administrator. The ARNS packages attempt to address this problem in the following ways. use of an IANA assigned port number (384) for UDP/TCP connections. Traffic to this port may be blocked by a firewall router. a UNIX ARNS Server which must be started by the UNIX superuser Macintosh ARNS Servers which can be controlled by both single zone and network wide authentication systems, including that used by ARA.

ARNS Configuration

Macintosh UAR does not require the purchase of a UserKey to offer ARNS services, provided that UAR is configured with one unseeded external interface and one seeded internal arns interface ONLY. An example file using the enet0 interface to connect to the outside world would be as follows: # # unseeded external interface # interface enet0 # # seeded internal ARNS interface # interface arns node 253 network 83.2 zone "unimelb-CompSci" zonepasswd "wallace" netwpasswd "gromit" password "sean" maxusers 10 nouserval 1 verbose 1 In this mode, UAR will silently limit access to 5 users. Also, the zone name specified in the zone entry for the arns interface must be identical to the default zone name externally configured on the enet0 interface (note that this assumes that you have another AppleTalk router to seed network information to the external interface). If these limits are a problem then you should purchase a UserKey in order to operate UAR as a full featured AppleTalk router and ARNS Server. The network number assigned to the arns interface on each UAR host must be unique on the local AppleTalk internet. IE: the arns network is "internal" to each UAR router and this network number may not appear elsewhere on the network. The optional password entry specifies the ARNS server password that must be entered by the client before they can connect. If nouserval is set, only the server password can be used, otherwise any user name and password listed in the UAR User Passwords file will allow server access. zonepasswd is required if the network administrator has set up a network wide security zone name of the form SecurityZone_2434CD8C26056DEF or SecurityARNS_2434CD8C26056DEF. netwpasswd is required if the local network administrator has set up ARNSAdmin security in the local zone (see below). maxusers sets the maximum number of remote clients that can connect to the ARNS server (default is 20). verbose sets the level of ARNS logging information written to the UAR Log file.

ARNS Server Control

If the AppleTalk network administrator has configured an AppleTalk router to advertise a security zone with a name of the form SecurityZone_2434CD8C26056DEF (where the last 16 hex digits contain an encoded password), then the ARNS server administrator is required to enter the correct password before the server will run. This is the same behaviour as the Apple Remote Access package so that security controls already in place for ARA will continue to be effective. The network administrator can also implement an alternate zone of the form SecurityARNS_2434CD8C26056DEF This allows ARNS and ARA services to be controlled independantly. The administrator for a particular zone can exercise additional control by running a UNIX/CAP or Macintosh based ARNSAdmin package (only one can be run in any given zone). If ARNSAdmin security is in use then the ARNS Server will require that the ARNS Server administrator enter the specified ARNSAdmin password before the ARNS Server will run. If neither a security zone or an ARNSAdmin server are found on the AppleTalk network, then the ARNS Server will allow access to the entire AppleTalk network, but will enforce user access controls via server or user passwords. The "*" access mode in the IP filter file will also be disabled (see below). To assist in locating ARNS Servers running on your AppleTalk network, the Macintosh ARNS Server registers a Name Binding Protocol entity of the form (macintosh name):ARNServer@(zone) The ARNS Admin program registers the NBP entity ARNSAdmin:ARNSAdmin@(zone)

ARNS User Access Control

The ARNS Server administrator can control client access by means of server or user passwords and an optional IP address filter. The file UAR IP Filter specifies the IP address and access mode for clients connecting to the ARNS server. The file is expected to live in the Preferences Folder. A sample file follows # # A Remote Network Server for AppleTalk # IP Address Access Filter List # # The filter list consists of a single character mode, an IP mask and # optional IP address. If the latter is included, the mask is applied # to the incoming IP address and tested against the provided address. # Otherwise the incoming IP address must be unchanged by the mask. # # Modes: # # * IP_MASK [ IP_ADDR ] permit access, no password required # + IP_MASK [ IP_ADDR ] permit access, demand password # - IP_MASK [ IP_ADDR ] deny access # # # localhost + 127.0.0.1 # any mac on a specific subnet + 255.255.255.0 192.43.207.0 # no password required for connections from ariel * 128.250.255.255 128.250.20.3 # anybody else on campus, they need a password + 128.250.255.255 # nobody else - 255.255.255.255 Note that you should always include a final line of the form "- 255.255.255.255" to block access to addresses not explicitly permitted. The UAR User Passwords file in the Preferences Folder contains user names and passwords, one pair per line. User names can be up to 31 characters long, passwords to 8 characters. Use double quotes if either contain spaces. For example: mac "whocares" djh somejunk When UAR starts up, or re-reads the file, it will be rewritten, sorted by user name with the passwords encoded, as in "djh" "25DD916BC35B32C5" "mac" "D12F36384D759B69" The password and IP filter files can be edited at any time. Changes should be noticed by UAR within 60 seconds of the file being modified.

Command Summary

The following commands are valid in the UAR Config file. userkey Enter the UserKey string for continuous operation. interface The interface name used for the following commands. node Suggested node number for this interface (optional hint only). network AppleTalk network number for the interface, or the network number for UAR to use when a network range is specified. networklo The start of the network range for an extended network. networkhi The end of the network range for an extended network. zone The zone name for a non-extended network or the default zone name for an extended network. zonelist One entry for each of multiple zones on an extended network. mac Allow the local Mac to attach to the specified interface (on/off). checksum Enable or disable the use of DDP checksums (globally, 0 or 1). restrict Prevent the specified NBP name being visible on the interface. protect Prevent the NBP name from being visible on other interfaces. timesrvr Register the specified name as a 'Timelord' time server. dumptables Dump internal AARP, NBP, RTMP, ZIP and stats tables (0 or 1). peer Specifies the IP address of a peer connected via a tnnl interface. tnnludpport Specifies the UDP/IP port number for the tnnl interface (9115). tnnltraffic Reduce NBP traffic sent across a slow tnnl link (see above). zonepasswd Enter the SecurityZone or SecurityARNS password, if reqired. netwpasswd Enter the local zone ARNSAdmin password, if required. password Specifies the ARNS Server password required for client access. maxusers The maximum number of concurrent users (default 20). nouserval Ignore the UAR User Passwords file (say, temporarily, 0 or 1). verbose Set logging level for ARNS services (0 or 1). Some of these commands are optional. The network entry is not required if both networklo and networkhi are provided and you don't care which network number the router uses (defaults to networklo). zonelist entries are not required for single zone extended networks, and are illegal for non-extended networks.

Determining your network number and zone list

You can use the Open Transport AppleTalk Control Panel to find out most of the necessary configuration information for each of your AppleTalk network ports. Carry out this step before you install UAR. With the AppleTalk Control Panel open, go to the Edit menu and select User Mode ... Then check the Advanced box in the User Mode dialog and click on OK. Ensure that the AppleTalk Control Panel User defined box is unchecked. In AppleTalk you will see a pop-up menu that lists all of the available AppleTalk interfaces: Ethernet Slot 2 Ethernet Slot 3 Modem Port Printer Port (with only a single ethernet card, the ethernet port is marked simply Ethernet). If you select each of these in turn, the Macintosh will report the network number and zones already in use on the interface (that have been created by another router on the network). A network number of zero on the LocalTalk ports - or one from the startup range on Ethernet ports - indicates that no other router exists. In this case the Current zone: field will also display the string [no zones available]. Note that the node number is that chosen by the Macintosh inbuilt AppleTalk stack, it is of no use to us. If no other router exists on the port, then you are free to choose your own network number and zone information. Be aware, however, that most organisations have a central authority for assigning this information and they are likely to be particularly upset if you manage to choose a network number that is already in use somewhere else on your network. Network numbers must be unique to each cable connected to the same AppleTalk internet (careful readers will note some repetition here). Write down the network number or network range (ignoring the network range 0 - 65534 listed for the LocalTalk ports) and the Current zone: name, or the multiple zonelist names if this field is a popup-menu. The UAR Config file enetN interface names map directly to the "Ethernet Slot N" strings so enet1 is "Ethernet Slot 2", enet2 is "Ethernet Slot 3" and so on. For LocalTalk ports, ltlkA is the Modem Port and ltlkB is the Printer Port. Use this information to create the UAR Config file. The only information that this method does not provide is the default zone name for a multiple zone extended network. You should be able to get this information from your network administrator. In any case, you should be courteous and inform her of your intention to run an AppleTalk Router on your Macintosh.

UAR Error Messages

Since UAR has no user interface, error messages are displayed using the Macintosh Notification Manager. They may also appear in a file called UAR Log in the Preferences Folder. "Open Transport is not installed." - somewhat self-explanatory. "The application UAR could not be opened because OTClientLib could not be found." - an informative MacOS message meaning "Open Transport is not installed". "UAR requires Open Transport version 1.1 or later." - not an appropriate version of Open Transport. "UAR could not install AppleEvent handlers." - an internal error, may indicate a low memory situation. "UAR could not initialise Open Transport" - an internal error, may indicate Open Transport not properly installed. "UAR could not initialise the LocalTalk handler" - an internal error. Reinstall UAR. "Memory is dangerously low, adjust UAR application size and reboot." - use 'ResEdit' utility to increase the Size value in the SIZE (ID=-1) resource. "The configuration file (UAR Config) could not be found (or is already open)." - the config file does not exist or is already open for writing by an application. "Could not open specified AppleTalk interfaces. See "UAR Config Sample" in the Preferences Folder." - One or more of the listed interfaces is not valid for the host machine. "No interfaces were specified in the "UAR Config" file" - one or more interface names must be specified. "PANIC: network-range configuration mismatch on interface 'enet1', giving up." - the networklo/hi numbers configured for enet1 don't agree with reality (as defined by another router on the network). "PANIC: default-zone configuration mismatch on interface 'enet1', giving up." - the configured default zone for enet1 does not agree with another router. ""UAR Config" has a missing or invalid 'UserKey', running in demo. mode for 120 minutes. Refer to "http://www.cs.mu.OZ.AU/appletalk/atalk.html" for information on how to obtain a UserKey." - a key must be purchased to run Macintosh UAR as a full-time router. "The arns interface "zone" name in "UAR Config" must be the same as the default zone for the enet0 interface (unimelb-CompSci)." - running without a UserKey, must use same zone name as external network. "The network administrator requires an ARA or ARNS security zone password. Please enter the password into the "zonepasswd" entry in the "UAR Config" file and then reboot." - external zone security is in operation, requires a password. "The ARA/ARNS security zone password is not correct. Please edit the "UAR Config" file and enter the correct string into "zonepasswd", then reboot." - and it must be the right one! "The local zone administrator requires an ARNSAdmin password before you may provide ARNS services. Please enter the password into the "netwpasswd" entry in the "UAR Config" file and reboot." - local zone ARNSAdmin password required. "The local zone ARNSAdmin password is not correct. Please edit the "UAR Config" file and enter the correct string into "netwpasswd", then reboot." - provided ARNSAdmin password not correct. "No security zone name or ARNSAdmin server has been found. To provide ARNS services you must supply a non-empty server "password" or a "UAR User Passwords" file." - must have a non-null access password if no external security. "Sorry, there is an outdated version of the "ARNS Admin" Control Panel running on your zone. Update it to version 1.0.1 or later, then reboot." - must update to the enclosed version of ARNSAdmin. "Couldn't open the "enet2" interface" - the specified interface is not available at this time (some OT Error). "I don't understand "phase 2" in configuration file "UAR Config"" - an illegal/unknown command was used in the configuration file. "enet2: Bogus network range (lo > hi)" - the enet2 interface networklo field was larger than the networkhi field. "ltlkB: Network range illegal for Non-Extended/Phase 1" - a networklo/networkhi pair was specified for a non-extended LocalTalk net. "enet1: Net number not within lo/hi range." - the network field specified a network not covered in the networklo/hi range. "enet3: Configuration data incomplete." - an interface config specified network without zone or zone without network. "ltlkA: Zonelist entries illegal for Non-Extended/Phase 1." - a zonelist entry was specified for a non-extended LocalTalk network.

Known Problems

If you use the AppleTalk Control Panel to attempt to select a LocalTalk port that is already in use by UAR, you will receive the error message "An error occurred attempting to use Printer Port. Make sure your network connections are correct". It would be more useful if the error message indicated that the port was already in use but with Open Transport this is not possible. DDP MultiNode writes to LocalTalk ports produce short DDP packets with an incorrect LAP source address (OT 1.1). Routing via LocalTalk ports is thus unavailable when UAR is used with this version of Open Transport. This was fixed in Open Transport version 1.1.1. Choosing a default ethernet port in the AppleTalk Control Panel - that is also being used for UAR routing - eventually results in Open Transport running out of memory (OT 1.1b16). The symptoms of this problem include all network services becoming "deaf", repeated -3211 memory errors in the UAR Log file and various error dialogs when trying to open the AppleTalk or TCP/IP Control Panels. This problem has been reported to Apple since early betas of OT 1.1 but still occurs in OT 1.1.2. The workaround for this limitation is to use the "UAR Interface adev", available with UAR version 1.2 and set the AppleTalk Control Panel to the specified interface, for example, '"enet0" via UAR'. Because of the startup sequence, using UAR with the UAR Interface adev means that INITs using AppleTalk cannot see the external network at boot time (but they will believe that there is a network present). Similarly, you should unmount any AppleShare volumes before restarting the Mac running UAR. If you do not unmount volumes, there will be an extra delay incurred in shutting down since UAR is forced to quit before the system attempts to disconnect from the server. This is a MacOS issue. Using a SONIC Systems Inc. "NuBus A Series" ethernet card to route between multiple ethernet interfaces on a 680X0 Macintosh can result in random system crashes. This problem was known to exist with OT 1.1b11c3 on a Macintosh IIcx and did not occur when the SONIC card was replaced with an Apple NuBus ethernet card.

Handy Hints

If you wish to use an editor other than SimpleText to look at the UAR Log or tables then use your editor to create the initial UAR Config file. UAR will then create new files with the same file creator (and of type 'TEXT'). You can cause UAR to quit by mounting the personal AppleShare server of the UAR host on another machine (eg: via LocalTalk or other interface not used by UAR), then selecting Shutdown. When asked when to disconnect the users, hit cancel. Running applications will have been terminated. If you don't wish to use the "UAR Interface adev" then don't forget to set your AppleTalk Control Panel to Dummy, or an unused LocalTalk port before running UAR. This will prevent Open Transport from running out of memory.

UAR Support

If you have any problems with Macintosh UAR, you can send an electronic mail message to the internet address uar@cs.mu.OZ.AU Please include useful information such as the version numbers of Open Transport, UAR and the Macintosh System Software, the type of Macintosh hardware and as much detail as possible about your AppleTalk network and the problem you are experiencing. It may be necessary to include a debugging session from running UAR on your network. Details on how to do this will be provided when necessary. You can send non-electronic mail to the address Macintosh AppleTalk Router Department of Computer Science The University of Melbourne 221 Bouverie Street Carlton 3053 Victoria Australia We are not currently able to offer telephone support.

UNIX UAR

The UAR package is also available to run on SUN SunOS/Solaris, DEC Ultrix/Alpha, SGI IRIX, Sony NEWS 4.2, HP-UX 8/9, IBM RS6000 AIX, Linux 1.1.74, BSDI BSD/386 1.1, NetBSD 1.0 and FreeBSD 2.0 workstations. For more information, refer to the WWW page at http://www.cs.mu.OZ.AU/appletalk/atalk.html or download the freeware version of UNIX UAR from ftp://munnari.OZ.AU/mac/uar.tar.Z

Licensing

Any of the Macintosh or UNIX UAR packages may be licensed for redistribution or resale. Contact us using either of the above addresses.

Notice

Copyright ©1996-1997, The University of Melbourne. All Rights Reserved. UAR may not be publicly redistributed (for example via anonymous FTP), sold, or the UAR source used for any other purpose without the permission in writing of the copyright owners.

Apple, the Apple logo, Power Macintosh, and Macintosh are registered trademarks, and Mac, Mac OS, and PowerMac are trademarks of Apple Computer, Inc. UNIX is a registered trademark in the United States and other countries. PowerPC is a trademark of the International Business Machines Corporation. NuBus is a trademark of Texas Instruments. All other brand names mentioned are registered trademarks or trademarks of their respective holders, and are hereby acknowledged.

Ordering a UAR UserKey

Mail this form together with your credit card details or a non-personal cheque or International Money Order payable to the "Department of Computer Science" in the amount of US$50.00 (Australian sites send AUD$50, New Zealand sites NZD$50) to Macintosh AppleTalk Router Department of Computer Science The University of Melbourne 221 Bouverie Street Carlton 3053 Victoria Australia Credit card orders may also be faxed directly to +61 3 9348 1063 Note: We are not yet able to accept credit card orders via electronic mail or phone. A UserKey will be returned via email if a reachable email address is provided below. ------------------------------------------------------------------------- Please send me one or more UserKeys for Macintosh UAR. I have enclosed a cheque for the amount shown or debit my credit card for an equivalent amount in Australian Dollars using the details provided below. I prefer that you send me the UserKey using email/fax/snail_mail. Name: ___________________________________ Date: ___________ Organisation: ___________________________________________________ Postal Address: _________________________________________________ _________________________________________________________________ _________________________________________________________________ Fax Number: _____________________________________________________ Email Address: _____________@____________________________________ Number of keys: __________ Amount (USD/AUD/NZD) $___________ Credit Card Details: Expiry Date (mm/yy): _ _ / _ _ Cardholder Number: _ _ _ _ | _ _ _ _ | _ _ _ _ | _ _ _ _ Card Type (Mastercard/Visa only): _______________________________ Cardholder Name: ________________________________________________ Signature: ______________________________________________________ I undertake to use each UserKey with UAR only on a single Macintosh Computer.

Dec	FEB	Apr
	15
1999	2001	2002