BinTec IPX Ethernet Switch User Manual

BinTec IPX Ethernet Switch

BinTec IPX Ethernet Switch

BinTec IPX Ethernet Switch

Configuring the BinTec router as an IPX Router

Introduction to IPX

IPX (Internetwork Packet exchange) is a Network Layer protocol, similar to IP in TCP/IP. An IPX network allows DOS/Windows PCs to share networked services and devices. Services are provided by special PCs which are assigned the duties of, for example, a file or print server.

TCP/IP Networks

TCP UDP
IP
Ethernet ISDN

IPX Networks

SPX NCP RIP SAP
IPX
Ethernet ISDN

IPX (Internetwork Packet exchange) is a connectionless service used to transmit data.

SPX (Sequenced Packet Exchange) is a connection-oriented service used to monitor connections between stations (e.g., a connection to a print service).
Using RIP and SAP routing and service information is periodically exchanged between IPX routers and servers on the network using the RIP and SAP (Service Advertising Protocol) packets.

IPX Stations: Servers and Clients

In an IPX network, stations on the network are classified as either a client or server; and have different characteristics.

Servers

  1. Provide special services, (e.g., remote file access, printing, databank access, etc.) to clients.
  2. Have a unique name.
  3. Can communicate with both servers and clients.

Clients

  1. Use the services provided by server stations.
  2. Do NOT have unique names.
  3. Can ONLY communicate with servers.

IPX Networks: Network Numbers and Addresses

In an IPX network, a network address consists of:

  •  4 byte Network Number
  • 6 byte Node Number
  • 2 byte Socket Number

In contrast to IP, where hosts are assigned addresses statically, clients are assigned the Network Number portion of their address dynamically. Servers, on the other hand, have their complete address assigned statically.

Initially, a client asks for its network number by broadcasting a request. A server or router on the network will answer the request with the correct network number. The client then uses the Network Number (received from the server) and its Node Number (normally the MAC address is used), to establish a connection to a server.

Internal Network Numbers

Since IPX uses each stations MAC address for its network address, stations with more than one interface to the network can be reached at different addresses. This can be a problem for a server that advertises services or an IPX router that links multiple IPX LANs.
To get around this problem, servers and IPX routers are assigned Internal Network Numbers. The respective server or router is the only station on this network. By sending RIP packets, routers and servers can inform other stations on the network.
Internal Network Numbers

Configuring IPX Routing

Adding Routes and Services

Routes and services the BinTec router knows of are learned using the RIP and SAP protocols. This information often changes dynamically. Additional routes and services can be set statically, using the ip Static Route Table and ipx Static Serv Table.

Adding Static Routes

To create a static route to a server the you will need to know the server’s internal network number, its name, and the interface the connection should use. The following commands could be used to add a static route to the file server “PHOENIX” which has the internal network number of 0:2:2:2, the route will use the dialer1 interface (if Index 10001).
Adding Static Routes

Symbol Note:

For each ip Static Serv Num, the BinTec router needs to have a route to the server in ip Static Route Num.

The following could be used to add a static service for “PHOENIX” from the previous section.
Adding Static Routes

Learning Routes and Services

Adding static routes and services for IPX network that change often, or have many servers can be demanding. You can allow the Bin Tec router to learn of routes and services using RIP and SAP and then have the Bin Tec router move all learned information to the Static tables. This is done as follows:

  1. Enable RIP/SAP for the PPP interface.
  2. Wait until the desired routes and services appear in the ipx Dest Table and ipx Dest Serv Table.
  3. Set ipx Admin Learn Statics to both.
  4. Disable RIP and SAP for the PPP interface.

The result of this is that all routes and services learned from PPP interfaces are copied appended from ipx Dest Table and ipx Dest Serv Table to the ipx Static Route Table and ipx Static Serv Table.

Symbol Note:

Each time the Bin Tec router is allowed to learn statics, the learned information is appended to the Static tables. This may result in duplicate static entries.

Filtering IPX Packets

An important characteristic of IPX networks is the periodic sending of IPX packets between communicating stations over the network. For LAN traffic this is acceptable, but when connecting IPX LANs over ISDN, the amount of RIP and SAP traffic can lead to long (or often) connection times.
In addition to the spoofing mechanism IPX traffic can be filtered using the ipx Allow Table and ipx Deny Table.

For example, serialization packets could be filtered with the following.
Filtering IPX Packets

This filter would not allow ISDN connections to be opened for Novell serialization packets. If an ISDN connection is already open, serialization packets would be allowed through. By default this filter is automatically added to the ipx Deny Table at boot time, and can be removed.

Filtering of Services in IPX Networks (SAP Filters)

If the number of services in an IPX network is very high, this can lead to various performance problems with WAN links or routers because of the periodic sending of SAP packets. Workstations rarely need to see all the services in a network. So the administrator can now solve these performance problems by configuring SAP filters to reduce the number of services to be learned by the Bin Tec router and to be forwarded to other interfaces.

Filtering of services can be done by:

  • interface index
  • direction (incoming / outgoing / both)
  • service type
  • service’s network number
  • service’s network node
  • service’s socket
  • service´s name

It is up to you to decide which criteria to employ by setting the value of the above variables to either verify or dont_verify (see below). The procedure is similiar to configuring IPX packet filters.

The Variables, Values and their Meanings

Here are the variables, values and meanings of the Sap Deny Table. Besides the central difference of permission or denial to learn or propagate services, the variables and meanings of the Sap Allow Table are identical to the variables and meanings of the Sap Deny Table.

ip Deny If Index Mode

The interface index to be verified or not. Possible values: verify, dont_verify, delete Default: dont_verify

sap Deny If Index

This rule is applied to services originating from or (see sap Deny Direction) destined for the interface with this index number. If, in the case of a service known to the Bin Tec router and where the service name is entered, the If Index is set to 0 and a direction is set to either incoming or outgoing, all interfaces are affected by the rule. If, however, the service name is used and the If Index is set to 0, but NO direction is given, the entry will assume the interface over which that service was learned and the direction will be set to incoming.

sap Deny Direction

The direction that is to be subject to the rule. Possible values: incoming, outgoing, both, dont_ verify.

sap Deny Type Mode

The SAP service type to be checked or not. Possible values: verify, dont_ verify.

sap Deny Type

The various SAP service types to be checked. For example: 4: file server, 7: print server.

sap Deny Net Mode

The network number to be checked or not. Possible values: verify, dont_ verify.

sap Deny Net

The service´s network number to be checked.

sap Deny Node Mode

The node number to be checked or not. Possible values: verify, dont_ verify.

sap Deny Node

The service´s node number to be checked.

sap Deny Sock Mode

The socket number to be checked or not. Possible values: verify, dont_ verify.

sap DenyS ock

The service´s socket number to be checked.

sap Deny Name

Instead of entering Type/Net/ Node/Socket directly, you need only fill in the service name here, provided the service has been learned by the Bin Tec router IPX. The values of the Type/Net/Node/Socket fields contained in the ipx Dest Serv Table will then be copied to the sap Deny Table.

Examples

In order to create SAP filters for the services of a file server, entries must be made in the sap Deny Table and/or in the sap Allow Table: in the first, to specify the services to be prevented from being learned or propagated; and in the second, to specify those to be allowed to be learned or propagated.

To block or allow a single service the administrator has to look up type, net, node and socket in the Ipx Dest Serv Table or at the server’s console. Then these values can be used to create an entry in the sap Deny Table or sap Allow Table.
A service x is allowed to enter or leave the Bin Tec router if:

  1. it matches an entry in the sap Allow Table and there is no matching entry in the sap Deny Table,
  2. there is no entry in the sap Allow Table and no matching entry in the sap Deny Table,
  3. there is no entry in either table.

A service y is denied entry to or exit from the Bin Tec router if:

  1. it matches an entry in the sap Deny Table, there is no entry in the sap Deny Table and no matching entry in the sap Allow Table. Let´s have a look at some of the various configuration scenarios:
  • You could specify only those services you wish to allow the BRICK to propagate over one particular interface; all other services are prevented from being propagated over that interface. This would be done by making outgoing entries in the sap Allow Table over the interface 10001, for example:
    The Variables, Values and their Meanings
  • You could, of course, specify only those services you wish to prohibit the BRICK to propagate; all others are propagated. This would be done by making outgoing entries in the sap Deny Table. In this case, as the service is known to the BRICK, it is sufficient to merely enter the name of the service, the direction and the interface, the rest (Type/Net/Node/Socket) will be read from the ipx Dest Serv Table. In the following example where the BRICK has already learned the service and the service name is being used and index=0 and direction=outgoing, all interfaces are affected:
    The Variables, Values and their Meanings
  • Alternatively, you could specify those services you wish to prohibit from being learned by the BRICK; all other services are learned and propagated. This would be done by making incoming entries in the sap Deny Table.
  • You could specify only those services you wish to allow the BRICK to learn; all others are denied access. This would be done by making incoming entries in the sap Allow Table.
  • Finally, it is possible to make entries in both tables. In this case, you would explicitly specify which services are to be denied and which are to be allowed. This would involve either incoming or outgoing entries in both tables.

Logo

Documents / Resources

PDF thumbnailIPX Ethernet Switch
User Manual · IPX Ethernet Switch, IPX, Ethernet Switch, Switch

References

Published: June 9, 2026
Updated: June 10, 2026

Ask a Question

Use this section to ask about setup, compatibility, troubleshooting, or anything missing from this manual.

Ask a Question

Ask about setup, compatibility, troubleshooting, or anything missing from this manual. Name and email are optional.

BinTec System Software Owner’s Manual
June 9, 2026
BinTec Release 5.2.1 System Software User Manual
June 9, 2026
BinTec CAPI Software System Owner’s Manual
June 9, 2026
BinTec R4300 Multiprotocol ISDN Router Owner’s Manual
June 9, 2026