|
The protocol translation software attempts to provide transparent translation between systems running disparate protocols. The software fully supports two-way virtual terminal protocol translation between nodes running X.25, Local Area Transport (LAT), and Telnet, a remote terminal protocol that is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite.
To provide fully transparent protocol conversion, the protocol translator masquerades as two or more hosts on the same network. When a connection is made to the protocol translator, the protocol translator determines which host the connection is for and what protocol that host is using. The protocol translator then establishes a new network connection using the networking protocol required by that host. This network connection is more efficient and allows the protocol translator to act upon greater knowledge of the protocols in use because the protocol translator acts as a network connection rather than a terminal.
This chapter describes the line vty number line configuration command, the translate global configuration command, the x29 access-list command, and the x29 profile command. For protocol translation configuration information and examples, refer to the chapter "Configuring Protocol Translation" earlier in this publication.
To increase the number of protocol translation sessions on a router from the default of 5, enter the line vty number global configuration command. To decrease the number of protocol translation sessions, enter the no form of the command.
line vty numberSyntax Description
number | The number of VTY lines on which you want to run protocol translation. |
The default number of protocol translation sessions is 5.
Global configuration
This command creates the number of VTY lines you specify with the number argument, plus one. That is, VTY lines start with the number 0 (zero), so if you specify line vty 83
, you are enabling the router to support up to 84 protocol translation sessions.
The no form of this command removes all VTY lines and corresponding protocol translation sessions above and including the lines you specify with the number argument.
The following example sets the number of protocol translation sessions to 120 (on VTY lines 0 through 119):
line vty 119
The following example decreases the number of protocol translation sessions to 4. That is, it eliminates protocol translation on VTY lines 4 and above. VTY lines 0 through 3 still support protocol translation:
no line vty 4
translate
To automatically convert incoming LAT, TCP, or X.25 requests for connections to a specified destination address or host name to the specified outgoing connection type, use the translate global configuration command.
translate protocol incoming-address [in-options] protocol outgoing-address [out-options]No default translation parameters
Global configuration
Table 9-1 provides a visual aid for understanding how to use the translate command. As the table illustrates, you define the protocol translation connections--both incoming and outgoing--by choosing a protocol keyword and supplying the appropriate address or service name. The protocol connection information is followed by optional features for that connection, also as appropriate. For example, the binary option is only appropriate with TCP/IP connections. The global options, in general, apply to all the connection types, but there are exceptions. The swap keyword, for example, is for X.25 to TCP translations only. See the examples for more explanations on how to enter this command.
Incoming Protocol | Options | Outgoing Protocol | Options | Global Options | |
---|---|---|---|---|---|
translate | protocol incoming-address | [in-options] | protocol outgoing-address | [out-options] | [global-options] |
lat service-name | unadvertised | lat service-name | node node-name | access-class number | |
port port-name | max-users number | ||||
local | |||||
login | |||||
x25 x.121 address | cud c-u-data | x25 x.121 address | cud c-u-data | quiet | |
profile profile | profile profile | swap | |||
reverse | reverse | ||||
printer | |||||
pvc number | |||||
tcp ip-address | port number | tcp ip-address | port portnumber | ||
binary | |||||
stream | |||||
printer |
The following example illustrates a simple X.25 to TCP translation command. Packets coming in X.25 address 652365123 arrive via PVC 1 and are translated to TCP packets and transmitted out IP address 131.108.1.1.
translate
x25 652365123
pvc 1
tcp 131.108.1.1
incoming
option outgoing
The following example illustrates incoming LAT to outgoing TCP translations. The unadvertised keyword prevents broadcast of service advertisements to other servers. Outgoing translated packets are transmitted out IP address rubble via TCP port 4005.
translate
lat pt-printer1
unadvertised
tcp rubble port 4005
incoming option outgoing option
The following example illustrates a more complex configuration that calls an X.29 profile and swaps the default PAD operation of the protocol translator to that of an X.25 host.
x29 profile fullpackets 2:0 3:0 4:100 7:21
translate
x25 217536124
profile fullpackets
tcp rubble
port 4006
swap
incoming option outgoing option global
The following example illustrates the use of the TCP incoming protocol option printer for an incoming TCP connection.
translate
tcp 160.89.32.250 printer
x25 5678
incoming
option outgoing
The following example illustrates the use of the X.25 incoming protocol option printer for an incoming X.25 connection.
translate
x25 55555 printer
tcp 131.108.1.1
incoming
option outgoing
To limit access to the protocol translator from certain X.25 hosts, use the x29 access-list global configuration command. To delete an entire access list, use the no form of this command.
x29 access-list access-list-number {permit | deny} regular-expressionaccess-list-number | Number of the access list. It can be a value between 1 and 199. |
deny | Denies access and clears call requests immediately. |
permit | Permits access to the protocol translator. |
regular-expression | Usually the X.121 address, with or without regular expression pattern-matching characters, with which to compare for access. |
No default access list is defined.
Global configuration
An access list can contain any number of access list items. The list are processed in the order in which you entered them, with the first match causing the permit or deny condition. If an X.121 address does not match any of the regular expression in the access list, access will be denied.
Access lists take advantage of the message field defined by Recommendation X.29, which describes procedures for exchanging data between two PADs or a PAD and a DTE device.
The UNIX-style regular expression characters allow for pattern matching of characters and character strings in the address. Various pattern-matching constructions are available that will allow many addresses to be matched by a single regular expressions. Refer to the appendix "X.3 PAD Parameters" later in this publication for more information.
The following example permits connections to hosts with addresses beginning with the string 31370:
x29 access-list 2 permit ^31370
To create a PAD profile script for use by the translate command, use the x29 profile global configuration command.
x29 profile name parameter:value [parameter:value]name | Name of the PAD profile script. |
parameter:value | X.3 PAD parameter number and value separated by a colon. You can specify multiple parameter-value pairs. |
No default PAD profile script defined.
Global configuration
When an X.25 connection is established, the protocol translator acts as if an X.29 SET PARAMETER packet had been sent containing the parameters and values set by the x29 profile command and sets the protocol translator accordingly.
The following profile script turns local edit mode on when the connection is made and establishes local echo and line termination upon receipt of a Return. The name "linemode" is used with the translate global configuration command to effect use of this script.
x29 profile linemode 2:1 3:2 15:1
translate
|