Keyboard Shortcuts
ctrl + shift + ? :
Show all keyboard shortcuts
ctrl + g :
Navigate to a group
ctrl + shift + f :
Find
ctrl + / :
Quick actions
esc to dismiss
Likes
- X25
- Messages
Search
|
Re: Getting started
If you want to play around with XOT, you could also give? a spin. Am Mi., 24. Mai 2023 um 18:22?Uhr schrieb Alice Wyan <finitud@...>: I see, thanks for your explanations :D |
|
Re: Getting started
I see, thanks for your explanations :D
I don't see myself finding much X.25 hardware (I'm in Spain, "vintage" hardware is usually rare and expensive), but can totally set up a XOT link?once I get my hands on the 1921! Then I can route another ancient protocol over TCP/IP?(already on HECnet and hope to get on HNET eventually as well, so the more networks the merrier), and will apply to join TELEBAHN. Regards Alice |
|
dns updated
Added these entries to DNS because they were new in the Google doc:
471 - Mantas Mikul?nas - x25.nullroute.lt 737 - Andrew Kay - xot.trysteropac.net I also added a note to send a message to this list, because I keep looking there and seeing new entries! I wonder how many people have bounced off because activation was not quick ... :\ Cheers! -- ?strid smith (she/her) =<[ c y b e r ]>= antique telephone collectors association member #4870 |
|
Re: Getting started
Hi Alice, technically, X.25 is pretty similar to IP in that it provides a packet layer that is then used by higher-level protocols to exchange data.? X.25 is connection oriented, however, so you need to establish a connection before you can exchange data.? The reverse charging of X.25 shows that it is coming from a classic Telecommunications background:? In the X.25 world, users would typically be billed by packet or by segment (64 bytes).? By default, the caller would have to pay for the connection, but if the reverse charging request is present in the connection establishment packet, the callee would get to pay (and the callee would get to accept or reject the reverse charged connection by its response to the call establishment packet).? Reverse charging was useful with public dialin PADs that provided telephone access to X.25.? Users would be able to dial in to the PAD using a normal modem and then connect to a host that accepts reverse charging without having to log in to the PAD.? Logging in to the PAD was also possible in many public networks, which would then make the charge go to the PAD user ID (Network User ID, NUI). As I was programming X.25 before I got to learn IP, I was quite amazed that the BSD socket interface does not make the connection establishment packet available to user programs.? With X.25, white listing would happen in the user mode application, i.e. the connection establishment packet would be inspected by the program and only if the program wanted to accept the connection, the network would proceed with the setup (like with a telephone, where you see the number and you can decide whether you pick up or you don't).? If the user mode application does not want to accept the connection, it can tell the network stack to reject it and optionally provide a reason (e.g. "Reverse charging not accepted").? The socket interface does not provide such a mechanism:? If your program wants to deal with incoming connections, the kernel accepts all of them and then gives them to the user program.? Any form of access control by the user program needs to be done when the connection has already been established.? It still feels quite wrong to me today. Here's a story that I like to tell about my experience with this:? Back in the day here in Germany, DATEX-P NUIs were often shared among interested adolescents and many of us were surfing the net using the same NUI.? Network security was not existent in those days, and the telco did not restrict how many users could use the same NUI, they did not monitor NUI usage in real time and NUI passwords could not be changed by users.? This meant that we often enjoyed weeks of online fun using the same NUI until it was closed down.? You would think that if the NUI no longer worked, we'd disconnect from the PAD, but in West Berlin, phone connections were billed per call, not by duration, so hanging up would cost us money.? To save us that, we had what we called Park-NUAs back then:? Systems that were connected to DATEX-P that accepted reverse charging and that did not have a timeout in their login procedure (BTW: NUA == Network User Address, the equivalence of an IP address).? The most dependable of those Park-NUAs was a Prime that announced itself as "Prime Stadt D", but I don't remember whether that was Düsseldorf or Dortmund.? In any case, many Berlin hackers parked there for hours and days in NUI-less periods, with the bill silently being paid by some municipal entity or organization that had no clue (and apparently did not care). Hardware wise, my TELEBAHN setup consists of a cisco 2811 with a WIC-2T card and two CAB-SS-232FC cables.? The two synchronous serial ports are connected to a SPARCstation IPX running SunOS 4.1.4 using the on-board?serial port and a VAX 4000-105A running VMS V5.5-2H4 using a DSW42-AA dual port synchronous serial card.? I needed to build adapters to get from the cisco cable to the Mini-DIN8?and DB50 ports of the Sun and the VAX.? Things just about started to work last weekend, but I plan to finalize the setup in the coming weeks and connect a timer to run the systems on a regular weekly schedule. The cisco acts as my X.25 router and as the gateway to TELEBAHN using XOT. One word of caution:? For the clock generation in the cisco to work properly, CAB-232FC or CAB-SS-232FC cables are needed.? It is not possible to use DTE cables as the cisco decides based on the cable whether it generates the serial clock itself or receives the clock from the DCE (Modem). Sorry for the rambling. Cheers, Hans Am Mi., 24. Mai 2023 um 15:02?Uhr schrieb ?strid smith <astrid@...>: Hi Alice, and welcome to the framestream! |
|
Re: Getting started
Hi Alice, and welcome to the framestream!
toggle quoted message
Show quoted text
No worries about "sounding clueless", it's a very esoteric subject and really took me a couple of years to wrap my head around. Nobody has written about it since the 90ies because, once you actually get down to nitty-gritty, there's not actually much there? The way I like to think of X.25 is this: Imagine it's 1982, you operate a voice telephone network, and many of your customers use analog modems to communicate across it. You've recently spent a lot of time and money transitioning your network to Digital so this seems a bit silly, and maybe it would even be simpler for you (the phone company) to provide customers with a serial port as their telco interface instead of a voice pair. Then, you can bill them for a full channel and you only have to carry 2400 baud or whatever, which (a) probably they won't be saturating even that anyway and (b) you can multiplex it and a bunch of other data into a 64k timeslot. It's free money! So that's what X.25 et alia are: a series of protocols and interface specifications, such that (assuming access to a conforming network) you can "dial" from any one serial port to another by typing in the number of the remote port. Plus all the multi-carrier network interop and billing stuff that you would expect from a telco. None of these standards specify what the "internal" architecture of a commercial network should look like... that's because X.25 started as a formalization/generalization of the interface already provided by TYMNET, who were the first but definitely not the only provider in the space, and American telcos in that era preferred to specify the customer interface while keeping the switching and transmission as secret-sauce. You'll see a lot of references to PADs, this is a fairly simple device that has a standard async serial port (rs232) on one side and connects to an X.25 network on the other side. The async port speaks a protocol called X.3. It's nominally human-accessible but actually fairly unpleasant to use; I find it even less fun than Hayes AT commands. Cisco routers that speak X.25 have an X.3 PAD built in. You can try to read X.3, X.25, X.28, X.29, etc, at this url n.b.: the way they write is weird, and can be pretty tough to understand until you cultivate the necessary brain-worms. whether you do so or not is up to you ... TELEBAHN per se doesn't really provide anything other than a number-to-IP mapping system and a few common specifications to ease interoperation. As such anything that speaks XOT can connect to it, and (almost*) anything that speaks X.25 can be downstream from that in your network. Good luck finding gear! * I assume there's some combination of window size and acknowledgement settings that would make coexistence difficult, but there aren't too many knobs to twiddle in the core protocol so maybe not? Every Cisco router since the 1990s should be able to speak XOT and X.25 enough to do TELEBAHN; they don't remove stuff. But also they don't fix it unless someone pays - like, IOS XOT doesn't do IPv6 and probably never will. Further hardware is not required but if you find some, that's super cool and I encourage you to figure out how to plug it in :) The cables are weird but not too expensive. All mine is packed away in storage at the moment. I have an 8-port PAD that works almost acceptably .. it requires manual reconfiguration on every powerup to layer2 link-up with anything, for unclear reasons. I think all X.25 gear is probably buggy. I also have a 16-port "switch" (?) that has not meaningfully responded to any stimulus that I've given it on the config async port, but it does seem to exchange layer2 packets on the "uplink" port. But only NAKs. Doesn't like me. This is the sum total of my ebay watched searches for a few years. X.25 stuff is pretty thin on the ground, most electronics recyclers know that there's no money in it. -- ?strid smith (she/her) =<[ c y b e r ]>= antique telephone collectors association member #4870 On 2023-05-24 at 7:28 pm JST, Alice Wyan wrote:
Hi, |
|
Getting started
Hi,
I just came across the TELEBAHN network and don't have much idea of how to start exploring, I've never used X.25 before :) Can any Cisco router do XOT / X.25 routing? Does it require additional hardware? How do I get started / start reading up stuff? :) Apologies if I sound as clueless as I actually am, I just couldn't find as much info online as, say, HECnet or similar networks. Cheers, Alice |
|
Re: Added two virtual hosts
Am Di., 18. Apr. 2023 um 10:11?Uhr schrieb Mantas Mikul?nas <grawity@...>:
I've also resorted to "autocommand telnet": ?no login ?rotary 1 ?autocommand ?telnet 10000 /quiet line vty 9 12 ?no login ?rotary 2 ?autocommand ?telnet 192.168.178.7 /quiet -Hans? |
|
Re: Added two virtual hosts
On Tue, Apr 18, 2023 at 9:15?AM Mantas Mikul?nas <grawity@...> wrote:
I think I figured it out. It was indeed the NAT. (It seems RouterOS fasttrack needs to be bypassed in this specific kind of setup, otherwise the routing-marks only have effect on TCP retransmissions but not on the originals – and I should just have done the NAT the simpler way to begin with, instead of this mess that resulted from me wanting to avoid touching the upstream gateway config...don't ask.) PAD to What do you use to route the calls to 01/02 to the other systems? I've seen mentions of X.25-to-TCP translation in docs, but it's only in the largest images that don't fit my 1760 so I had to settle with "autocommand telnet". Mantas Mikul?nas |
|
Re: Added two virtual hosts
On Tue, Apr 18, 2023 at 8:53?AM Hans Hübner <hans.huebner@...> wrote:
I've noticed this as well; somehow outbound XOT seems to work perfectly fine but not inbound. Maybe it's related to the weird asymmetric NAT that I do for inbound TCP, or maybe it's ancient IOS being ancient IOS. Going to experiment a bit with xotpad. [I'm unable to decide on an area code that won't annoy me, so I have like 5 different "x25 alias"es now lol] -- Mantas Mikul?nas |
|
Added two virtual hosts
I'm still waiting for my hardware to arrive, but in the meantime, I have set up my virtual Cisco C7206VXR so that it routes some incoming X.25 calls to emulated systems that I've set up.? Using , it is now possible to connect to one of those hosts from your local machine using XOT (but the pad command on Ciscos certainly works as well). $ xotpad -g 23000101 ? _____ ? _____ _______ _____ ? ?________ ? __ ?___ ? ___ ?| ?__ \ / ____|__ ? __/ ____| ?/ / ?____| /_ |/ _ \ / _ \ ?| |__) | (___ ? ?| | | (___ ? / /| |__ ? ? | | | | | | | | ?| ?_ ?/ \___ \ ? | | ?\___ \ / / | ?__| ? ?| | | | | | | | ?| | \ \ ____) | ?| | ?____) / / ?| |____ ? | | |_| | |_| | ?|_| ?\_\_____/ ? |_| |_____/_/ ? |______| ?|_|\___(_)___/ Running on an emulated PDP-11/73 Please use PPN 2,1 to log in as guest! RSTS V10.0-L 18-Apr-23 05:40 AM User: I've tried connecting to the same host from Manta's router, but there seems to be some dramatic packet loss somewhere so it does not work well.? Something to debug. Cheers, Hans |
|
Re: TELEBAHN still there
Looks like adding the same "x25 subscribe window-size ..." under "interface Serial0/0" was also needed to make the router stop complaining and start forwarding calls onwards as well (netzhansa->XOT->top->Serial->mid). $ ~/cisco top /show run spawn telnet cisco-top.sym Trying 10.147.18.41... Connected to cisco-top.sym. Escape character is '^]'. % Dunelab:Cisco1760-top (10.147.18.41) <grawity@...> User Access Verification Password: Cisco1760-top>enable Password: Cisco1760-top#terminal length 0 Cisco1760-top#show run Building configuration... Current configuration : 2299 bytes ! ! Last configuration change at 10:17:28 UTC Mon Apr 10 2023 ! NVRAM config last updated at 10:17:37 UTC Mon Apr 10 2023 ! version 12.3 service pad to-xot service pad from-xot service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Cisco1760-top ! boot-start-marker boot-end-marker ! logging buffered 16384 informational enable password enable ! no aaa new-model ! resource policy ! ip subnet-zero ip arp proxy disable ! ! no ip dhcp use vrf connected ! ! ip finger ip cef ! ! x25 profile TELEBAHN dxe ?x25 version 1988 ?x25 modulo 128 ?x25 address 603041 ?x25 alias ^147041 ?x25 win 15 ?x25 wout 15 ?x25 ips 1024 ?x25 ops 1024 ?x25 subscribe packetsize permit 128 1024 ?x25 subscribe windowsize permit 2 15 x25 routing xot access-group 10 profile TELEBAHN ! ! ! interface Loopback0 ?ip address 172.20.158.15 255.255.255.255 secondary ?ip address 10.147.1.41 255.255.255.255 ! interface FastEthernet0/0 ?ip address dhcp ?speed auto ! interface Serial0/0 ?description "Connected to Cisco1760-mid Serial0/0" ?no ip address ?encapsulation x25 dce ?x25 address 147041 ?x25 alias ^603041 ?clockrate 64000 ! interface Serial0/1 ?description "Connected to Cisco1760-btm Serial0/1" ?no ip address ?encapsulation x25 dce ?x25 address 147041 ?clockrate 64000 ! router ospf 1 ?log-adjacency-changes ?network 10.147.0.0 0.0.255.255 area 0 ?network 172.20.158.0 0.0.0.31 area 0 ! ip classless ip http server ! ! logging origin-id hostname logging host 10.147.1.4 transport udp port 9514 access-list 10 permit any x25 route ^603042 interface Serial0/0 x25 route ^147042 interface Serial0/0 x25 route ^603043 interface Serial0/1 x25 route ^147043 interface Serial0/1 x25 route ^230 xot dns x25 route ^(...)(...) xot dns \2.\ x25 host Cisco1760-top 147041 x25 host mid 147042 x25 host btm 147043 x25 host hans 230001 ! control-plane ! banner login ^C% Dunelab:Cisco1760-top (10.147.18.41) <grawity@...>^C ! line con 0 line aux 0 ?no exec ?transport input telnet line vty 0 4 ?exec-timeout 0 0 ?password cisco ?login line vty 5 11 ?login line vty 12 15 ?no login ?rotary 18 ?autocommand ?telnet DuneGW.sym ?transport input pad ! sntp server 193.219.181.193 version 3 end Cisco1760-top# (I'm surprised the "sntp server" config is still there. Usually it keeps disappearing on every reload.) On Mon, Apr 10, 2023 at 12:55?PM Hans Hübner <hans.huebner@...> wrote:
-- Mantas Mikul?nas |
|
Re: TELEBAHN still there
Nice!? I've added? ?x25 subscribe packetsize permit 128 4096 ?x25 subscribe windowsize permit 2 15 to my configuration now and can establish in- and outbound connections. Here is my complete configuration for reference: version 12.3 service pad to-xot service pad from-xot service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption hostname netzhansa-router boot-start-marker boot-end-marker enable secret 5 $1$cmGX$ZJnIqCPqDPIVgaM0VTJzS. no aaa new-model ip subnet-zero no ip routing no ip cef ip name-server 192.168.178.2 x25 profile TELEBAHN dxe ?x25 version 1988 ?x25 modulo 128 ?x25 address 230001 ?x25 win 15 ?x25 wout 15 ?x25 ips 1024 ?x25 ops 1024 ?x25 subscribe packetsize permit 128 4096 ?x25 subscribe windowsize permit 2 15 x25 routing xot access-group 10 profile TELEBAHN interface FastEthernet0/0 ?ip address 192.168.178.9 255.255.255.0 ?no ip route-cache ?duplex half ip default-gateway 192.168.178.3 ip classless ip default-network 192.168.178.0 ip route 0.0.0.0 0.0.0.0 192.168.178.2 ip http server access-list 10 permit any x25 route 14704100 xot 193.219.181.219 x25 route ^603 xot 193.219.181.219 x25 route ^(...)(...).. xot dns \2.\ x25 host netzhansa-router 23000100 line con 0 ?stopbits 1 line aux 0 ?stopbits 1 line vty 0 4 ?password cisco ?login end Am Mo., 10. Apr. 2023 um 11:33?Uhr schrieb Mantas Mikul?nas <grawity@...>:
|
|
Re: TELEBAHN still there
On Mon, Apr 10, 2023 at 12:00?PM Hans Hübner <hans.huebner@...> wrote:
I couldn't get it to work locally before either, but strangely now it works without issues between local systems. Actually, I *think* you have to unapply and re-apply the "xot access-group" configuration for it to pick up the new profile parameters (at least in my IOS version). (Looks like "x25 subscribe windowsize permit 2 15" in the profile would allow for dynamic negotiation?) ?
-- Mantas Mikul?nas |
|
Re: TELEBAHN still there
Hi Mantas, this is a bit puzzling:? If I make an outbound connection to?14704100 (on?193.219.181.219), the connection is established with the default parameters: *Apr 10 10:54:10.993: [193.219.181.219,1998/,64238]: XOT O P2 Call (22) 8 lci 1024 *Apr 10 10:54:10.993: ? From (6): 230001 To (8): 14704100 *Apr 10 10:54:10.997: ? Facilities: (6) *Apr 10 10:54:10.997: ? ? Packet sizes: 128 128 *Apr 10 10:54:10.997: ? ? Window sizes: 2 2 *Apr 10 10:54:10.997: ? Call User Data (4): 0x01000000 (pad) *Apr 10 10:54:11.077: [193.219.181.219,1998/,64238]: XOT I P2 Call Confirm (11) 8 lci 1024 *Apr 10 10:54:11.077: ? From (0): ?To (0): *Apr 10 10:54:11.077: ? Facilities: (6) *Apr 10 10:54:11.077: ? ? Packet sizes: 128 128 *Apr 10 10:54:11.077: ? ? Window sizes: 2 2 If I add the TELEBAHN profile to xot, however, the connection is refused: *Apr 10 10:52:20.957: [193.219.181.219,1998/,35675]: XOT O P2 Call (22) 128 lci 1024 *Apr 10 10:52:20.957: ? From (6): 230001 To (8): 14704100 *Apr 10 10:52:20.957: ? Facilities: (6) *Apr 10 10:52:20.957: ? ? Packet sizes: 1024 1024 *Apr 10 10:52:20.957: ? ? Window sizes: 15 15 *Apr 10 10:52:20.957: ? Call User Data (4): 0x01000000 (pad) *Apr 10 10:52:21.045: [193.219.181.219,1998/,35675]: XOT I P2 Call Confirm (11) 128 lci 1024 *Apr 10 10:52:21.045: ? From (0): ?To (0): *Apr 10 10:52:21.045: ? Facilities: (6) *Apr 10 10:52:21.045: ? ? Packet sizes: 1024 1024 *Apr 10 10:52:21.045: ? ? Window sizes: 15 15 *Apr 10 10:52:21.045: XOT Call Confirm packet, Bad value for facility, Window size is not within permitted range *Apr 10 10:52:21.045: [193.219.181.219,1998/,35675]: XOT O P2 Clear (5) 128 lci 1024 *Apr 10 10:52:21.045: ? Cause 3, Diag 66 (Invalid facility request/Facility parameter not allowed) It seems that the xot listener on?192.168.178.9 is not using the TELEBAHN profile, but I'm not sure as I'm still very new to this. I'm wondering why it was decided to have non-standard packet and window sizes in the first place?? I understand that they improve performance, but that's not really the point of TELEBAHN or is it? :) Am Mo., 10. Apr. 2023 um 10:18?Uhr schrieb Mantas Mikul?nas <grawity@...>:
|
|
Re: TELEBAHN still there
On Mon, Apr 10, 2023 at 10:59?AM Hans Hübner <hans.huebner@...> wrote:
When I try calling 230001 from 147041 / 603041 (with the TELEBAHN XOT profile), I get the same – regarding window size specifically: Apr 10 07:59:03.050: X.25 host name sent for DNS lookup is "" Apr 10 07:59:03.062: DNS got X.25 host mapping for "" via network Apr 10 07:59:03.146: [62.156.3.51,1998/,18420]: XOT O P2 Call (21) 128 lci 1024 Apr 10 07:59:03.146: ? From (6): 603041 To (6): 230001 Apr 10 07:59:03.146: ? Facilities: (6) Apr 10 07:59:03.146: ? ? Packet sizes: 1024 1024 Apr 10 07:59:03.146: ? ? Window sizes: 15 15 Apr 10 07:59:03.150: ? Call User Data (4): 0x01000000 (pad) Apr 10 07:59:03.222: [62.156.3.51,1998/,18420]: XOT I P2 Call Confirm (11) 128 lci 1024 Apr 10 07:59:03.222: ? From (0): ?To (0): Apr 10 07:59:03.222: ? Facilities: (6) Apr 10 07:59:03.222: ? ? Packet sizes: 1024 1024 Apr 10 07:59:03.222: ? ? Window sizes: 15 15 Apr 10 07:59:03.226: XOT Call Confirm packet, Bad value for facility, Window size is not within permitted range Apr 10 07:59:03.226: [62.156.3.51,1998/,18420]: XOT O P2 Clear (5) 128 lci 1024 Apr 10 07:59:03.226: ? Cause 3, Diag 66 (Invalid facility request/Facility parameter not allowed) Apr 10 07:59:03.230: [62.156.3.51,1998/,18420]: XOT I P6 Data (5) Q 128 lci 1024 PS 0 PR 0 Apr 10 07:59:03.234: [62.156.3.51,1998/,18420]: XOT I P6 Data (46) 128 lci 1024 PS 1 PR 0 Apr 10 07:59:03.298: [62.156.3.51,1998/,18420]: XOT I P6 Clear Confirm (3) 128 lci 1024 From 147043 / 603043 (which has an outbound XOT route but without the profile), I could successfully dial 230001 and get at the IOS password prompt. Don't forget to actually define "access-list 10 permit any", as having an "xot access-group" set will implicitly reject XOT connections that don't match any of the access groups. ?
-- Mantas Mikul?nas |
|
Re: TELEBAHN still there
Hi Mantas, thank you for the description of the xot configuration parameters.? With?that, I have been able to set up my virtual C7206 successfully and make an outbound connection to your router.? Back from your router to mine, I currently see *Apr 10 09:55:42.353: [193.219.181.240,56402/,1998]: XOT I P/Inactive Call (21) 128 lci 1 *Apr 10 09:55:42.353: ? From (6): 603041 To (6): 230001 *Apr 10 09:55:42.353: ? Facilities: (6) *Apr 10 09:55:42.353: ? ? Packet sizes: 1024 1024 *Apr 10 09:55:42.353: ? ? Window sizes: 15 15 *Apr 10 09:55:42.353: ? Call User Data (4): 0x01000000 (pad) *Apr 10 09:55:42.357: [193.219.181.240,56402/,1998]: XOT O P3 Call Confirm (11) 128 lci 1 *Apr 10 09:55:42.357: ? From (0): ?To (0): *Apr 10 09:55:42.357: ? Facilities: (6) *Apr 10 09:55:42.357: ? ? Packet sizes: 1024 1024 *Apr 10 09:55:42.357: ? ? Window sizes: 15 15 *Apr 10 09:55:42.421: [193.219.181.240,56402/,1998]: XOT I P4 Clear (5) 128 lci 1 *Apr 10 09:55:42.425: ? Cause 3, Diag 66 (Invalid facility request/Facility parameter not allowed) This is probably because I have not managed to apply the TELEBAHN profile to my inbound listener yet.? Still testing. -Hans Am So., 9. Apr. 2023 um 21:31?Uhr schrieb Mantas Mikul?nas <grawity@...>: On Sun, Apr 09, 2023 at 01:00:23PM +0300, Mantas Mikul?nas wrote: |
|
Re: dns updated, also hello new people!
On Mon, Apr 10, 2023 at 12:57?AM ?strid smith <astrid@...> wrote: hi everyone! Was worth a try :D Old habits die hard, the IP network has been 10.147/16 for a long time. Let's do 603 then. ?
I was actually looking into setting up socat or some other kind of proxy to reach 801 from my old routers... they are behind like two layers of weird NAT when it comes to v4, and the v6-capable IOS images don't even fit in them at all :( -- Mantas Mikul?nas |
|
dns updated, also hello new people!
hi everyone!
i added Hans Hübner's record for network 230! i didn't add Mantas Mikul?nas's record for network 147 because it starts with a 1. pick a different number maybe? also sorry about not responding on the list to the earlier discussions, i'm currently moving house and it's taking up almost all my time. my net 752 will be offline for quite a while, months at least. i look forward to having a home lab again someday. for now, i'll be using the shadytel tdm lab (network 801), whenever i manage to have time to setup/unfuck its X.25 situation. :) [it's v6 only at the moment, which is awkward because cisco IOS XOT doesn't do v6 at all, hahaha...] -- ?strid smith (she/her) =<[ c y b e r ]>= |
|
Re: TELEBAHN still there
On Sun, Apr 09, 2023 at 10:17:48AM +0200, Hans Hübner wrote:
Am Fr., 7. Apr. 2023 um 07:36?Uhr schrieb Mantas Mikul?nas <grawity@...>:As far as I could figure out (IOS documentation is *really* scattered): - "x25 routing" implicitly enables inbound XOT connections in general (starts listening on TCP port 1998). However, if you define a profile and associate it with "xot access-group...", then only connections matching one of the access-lists will be allowed, so make sure the access-list in question has "permit any". - "service pad from-xot" is required to allow the router itself to accept PAD calls via XOT (the default is only to route calls onward), but the router still needs to be told what its X.121 address is. (Without an address it won't know what calls are "local".) - For physical X.25 interfaces, like Serial0/0, "x25 address" can be set per-interface to define the router's own X.121 address, though of course not for XOT since there's no interface. interface Serial0/0 x25 address 147041 (It's enough to dial "pad 147041", not necessarily 14704100.) - If you have an "x25 profile TELEBAHN dxe" associated to XOT, you can define the local X.121 address as "x25 address" under that profile: x25 profile TELEBAHN dxe x25 address 147041 access-list 10 permit any xot access-group 10 profile TELEBAHN So instead of e.g. incoming calls via Serial0/0 being matched against that interface's address, you have incoming calls from 'any' IP being matched against the profile's address. - Finally, if there is *no* matching XOT profile (or no "x25 address" on the inbound Serial interface), then the local address seems to be determined by *resolving the router's own hostname*, either by looking for 'X25' records in DNS or an "x25 host" config (which is pretty much the IOS equivalent of /etc/hosts): hostname Cisco1470-top [...] x25 host Cisco1470-top 147041 If an XOT "x25 profile" is defined, then it seems the address *must* be set on that profile, and the host lookup is not used. (Yes, you can have X.25 addresses in DNS and use them in the IOS CLI, e.g. "pad cisco2.symlink.lt" will dial 147042, similar for static "x25 host" entries.) - This also defines the router's "calling" or "source" address it'll indicate for outbound calls (when they're routed via that interface or via XOT). Use "debug x25 all" (and "terminal monitor" to see debug via Telnet) to see a bit of what's happening when the router receives a PAD call. You could try to make a "pad" call from 147041 back to your own system, but I'll need to know the XOT hostname and add a route if it's not set up under x25.org yet. PAD logins use the same 'line vty' pool as Telnet logins: - Make sure your lines are not restricted to 'transport input telnet'. - One way to define custom "sub-addresses" (the trailing part after the router's own X.121 address, zero-padded by default) is to define "rotary <subaddress>" for a vty line. This grabs calls to 14704118 and routes them to somewhere boring: line vty 12 15 no login rotary 18 transport input pad autocommand telnet DuneGW.sym ! the username is 'guest' -- Mantas Mikul?nas |
|
Re: TELEBAHN still there
On Sun, Apr 09, 2023 at 01:00:23PM +0300, Mantas Mikul?nas wrote:
On Sun, Apr 09, 2023 at 10:17:48AM +0200, Hans Hübner wrote:Oh right, and if you have an "x25 profile" associated with Serial0/0,Am Fr., 7. Apr. 2023 um 07:36?Uhr schrieb Mantas Mikul?nas <grawity@...>:As far as I could figure out (IOS documentation is *really* scattered): then you can probably define the "x25 address" under that profile as well, just like for XOT. The "lab" has a stack of three Cisco1760's connected via serial, I have not done anything special to make PAD calls between them -- just define the routers' local addresses as above, and add "x25 route" entries via Serial0/0 or whatever is appropriate. (From what I remember, things *stopped* working once I tried to apply the TELEBAHN profile...) interface Serial0/0 description "Connected to Cisco1760-mid Serial0/0" encapsulation x25 dce clockrate 64000 no ip address x25 address 147041 x25 route ^147042 interface Serial0/0 x25 route ^147043 interface Serial0/1 x25 route ^(...)(...) xot dns \2.\1.x25.org ! local host entry x25 host Cisco1760-top 147041 ! address book for 'pad' command x25 host mid 147042 x25 host btm 147043 -- Mantas Mikul?nas |
to navigate to use esc to dismiss