Corporate.Net
Private Dial-Up Networking Gets a Virtual Workout
Once L2F is enabled on the AS5200, setting up users and call routing based on user name is relatively simple. The AS5200, like U.S. Robotics' Enterprise Network Hub, supports all the common authorization methods, earning a perfect score. We used the device's internal user list facility for our testing. After the modems on the incoming lines are trained and PPP negotiation begins, the AS5200 picks up the user name from the PPP negotiation packets and determines how the call should be handled.
The AS5200 suffered performance problems that were related to the L2F tunneling mechanism. The PPP baseline stayed at a steady 26 seconds during testing, along with the majority of the other devices. But as the number of L2F connections rose, the overall throughput dropped dramatically. Neither Microcom Access Integrator nor Shiva LanRov
er Access Switch suffered similar problems during L2F testing. All three used the same Cisco AS4700 for the home gateway.
After working with product
engineers, we discovered that the PPP Maximum Transmit Unit (MTU, the largest packet, in bytes, that will be exchanged between two nodes) was negotiated at 1,500 bytes. This amount is normal for PPP, since it takes into account the PPP header. However, with the additional L2F information, the packet became larger than the negotiated 1,500 bytes. This longer packet was fragmented on the L2F interface on the home gateway and reassembled on the NAS. Once we dropped the MTU on the AS5200 and the AS4700 was lowered, transfer times dropped into line. However, these times were slightly slower than both Shiva's and Microcom's transfer times.
Shiva Corp. LanRover Access Switch
 Shiva LanRover Access Switch is a joy because it is fairly easy to config
ure and use. This product embodies Shiva's early implementation of L2F, and most of the parameters are entered through the command line or a text-based editor in Shiva's GUI, NetManager. Once the configuration was ironed out, the Access Switch, along with Microcom's Access Integrator, marked the fastest throughput times. Shiva is also implementing PPTP in the same device later this year. The lack of authentication, authorization and accounting (AAA), such as Radius- or TACACS-based call routing, makes the Access Switch more cumbersome to use if you already have an AAA server for remote access. Shiva will add support for RADIUS-based call routing in the second half of 1997.
Setting up the L2F configuration on the Access Switch involves entering a number of parameters into the configuration and rebooting the box. Reconfiguring an existing box to support L2F will require you to disconnect the current users. However, after the Access Switch is properly configured, it runs like a champ.
During the configura
tion of the L2F parameters, we performed some rudimentary connectivity testing on the tunnel from the command shell. In addition to issuing pings to see if the home gateway is alive, you
also can manually open a tunnel to ensure that the Access Switch and the home gateway are authenticating properly. The Access Switch is the only product we tested that has this capability. Additionally, you can run an error log to trace L2F connections, which helped us in troubleshooting.
In our tests, we set up the Access Switch to route calls based on called address, or the number that was dialed by the client. This scenario is analogous to having two rotaries attached to the same trunk. Calls coming into the same Access Switch groups are set up according to different rules. For example, you can set up one rotary with the last four digits as 6666, and another rotary with the last four digits as 5555. In the Access Switch, you set up two different phone groups that are keyed to each number; then you have the different ph
one groups point to different home gateways. When a call comes into the Access Switch, it checks which phone group the number is assigned to and processes the call accordingly.
Microcom Access Integrator
Support for both PPTP and L2F in the Microcom Access Integrator makes it the most robust device in this lineup. It is more flexible in its VDPN offerings. Microcom's strategy is to provide a total remote-access solution to the enterprise. Support for both VDPN protocols means you can maintain a more diverse network environment using the same dial-up pool. Unlike the devices from Cisco and Shiva, Microcom Access Integrator supports only called address routing, which means you have to set up multiple rotaries for routing calls to different destinations and to take advantage of the multi-VDPN protocol feature. Microcom says it will add RADIUS and TACACS+ support later this year.
|
REPORTS
ANALYTICS
Follow 
