notes on configuring asynchronous transfer mode in a freebsd+cisco+fore environment
consider an example network as shown in the physical layer network diagram below. there are four hosts, all sun sparc systems running freebsd. they are fitted with fore pca-200e oc-3 multimode fiber atm cards. they connect to a forerunner le155 atm switch (SW1) running forethought. finally, there is also a cisco 4500 router (R1) connected to the forerunner, fitted with a cisco np-1a multimode fiber atm adapter.
[physical diagram of atm network]
an atm network may be configured in a number of ways; i chose to configure mine such that each host is connected to the router with a point to point link. this sort of configuration is more or less known as classical ip. logically we end up with a star network: the router at the center switching ip traffic between the four hosts connected to the ATM network themselves, as well as between these hosts and the outside world. a logical network diagram is shown below.
[logical diagram of atm network]
to make this all work, it is necessary to configure the atm switch, the router, and all the hosts themselves. one might as well start with the atm switch, since that is where the actual virtual circuits will be created.
to get started, hook up a console to your forerunner. the default username is "ami" with no password (just hit return). hopefully you will find this to be the case or otherwise have administrator access to your atm switch. i dont assume any prior knowledge of forethought here, but you should be able to at least hook up a terminal and log in.
in running through this example, i will use VPI 0 for all virtual circuits that i create. this avoids having to explicitly bind a different VPI to the ports in question where it will be used, since VPI 0 is by default bound to all ports. if you wish to use VPI numbers besides 0 in forethought 6, you must manually bind the VPI to each port in question where it will be used using commands like the following,
connections path term new -atmif 1A1 -vpi 2
connections path term new -atmif 1B1 -vpi 4
prior versions of forethought do not seem to have an analogous command; perhaps no such thing is required. in any case, for the hobbyist, it is just easier to create all our virtual circuits with VPI 0 and not worry about it.
for this example, consider the configuration to be as so: R1 is connected to port 1A1 on the fore, H1 is connected to 1A2, H2 is connected to 1A3, H3 is connected to 1A4, and H4 is connected to 1B1. these identifiers should make sense when you look at the front panel of the fore; it is all clearly labeled.
so we decide to plan our virtual circuits according to the following table,
  • a virtual circuit exists between R1 and H1 with VPI/VCI 0/70
  • a virtual circuit exists between R1 and H2 with VPI/VCI 0/72
  • a virtual circuit exists between R1 and H3 with VPI/VCI 0/74
  • a virtual circuit exists between R1 and H4 with VPI/VCI 0/76
in forethought 6 we then set up the virtual circuits with the following commands,
set up virtual circuit between R1 and H1
connections channel new -iatmif 1A1 -ivpi 0 -ivci 70 -oatmif -1A2 -ovpi 0 -ovci 70
connections channel new -iatmif 1A2 -ivpi 0 -ivci 70 -oatmif -1A1 -ovpi 0 -ovci 70

set up virtual circuit between R1 and H2
connections channel new -iatmif 1A1 -ivpi 0 -ivci 70 -oatmif -1A3 -ovpi 0 -ovci 72
connections channel new -iatmif 1A3 -ivpi 0 -ivci 70 -oatmif -1A1 -ovpi 0 -ovci 72

set up virtual circuit between R1 and H3
connections channel new -iatmif 1A1 -ivpi 0 -ivci 70 -oatmif -1A4 -ovpi 0 -ovci 74
connections channel new -iatmif 1A4 -ivpi 0 -ivci 70 -oatmif -1A1 -ovpi 0 -ovci 74

set up virtual circuit between R1 and H4
connections channel new -iatmif 1A1 -ivpi 0 -ivci 70 -oatmif -1B1 -ovpi 0 -ovci 76
connections channel new -iatmif 1B1 -ivpi 0 -ivci 70 -oatmif -1A1 -ovpi 0 -ovci 76
in earlier releases of forethought, the syntax for setting up virtual circuits is a little different,
set up virtual circuit between R1 and H1
configuration vcc new 1A1 0 70 1A2 0 70
configuration vcc new 1A2 0 70 1A1 0 70

set up virtual circuit between R1 and H2
configuration vcc new 1A1 0 70 1A3 0 72
configuration vcc new 1A3 0 70 1A1 0 72

set up virtual circuit between R1 and H3
configuration vcc new 1A1 0 70 1A4 0 74
configuration vcc new 1A4 0 70 1A1 0 74

set up virtual circuit between R1 and H4
configuration vcc new 1A1 0 70 1B1 0 76
configuration vcc new 1B1 0 70 1A1 0 76
regardless of the version, the big thing to note here is the idea that we have to establish the virtual circuit in "both directions", for example, from port 1A1 to 1A2, and then from port 1A2 to 1A1 on circuit 0/70.
typing those commands should have been everything that was necessary to establish the virtual circuits on the atm switch. the switch saves any changes made to the configuration immediately, so no command is required to save the changes.
now we turn to configuring our cisco router. for the purposes of this excercise, we consider that the cisco has a np-1a atm card connecting to the atm network, and a connection to the outside internet is a np-1fe. everything gets configured as follows.
!
! our fictional network has the block 192.168.0.0/24 to themselves and a default router
! to the internet at large at 192.168.0.254. our atm aggregator router sits on the
! ethernet with address 192.168.0.1 and terminates four atm connections as shown
! below.
!
interface ATM0
no ip address
no ip redirects
ip route-cache flow
no atm ilmi-keepalive

interface ATM0.70 point-to-point
!
! it is important to set the mtu to 9180 to match the freebsd default. cisco wants to default
! to a mtu of 4470 or something like that, which will confuse tcp greatly
!
mtu 9180
ip unnumbered FastEthernet0
no ip redirects
pvc 0/70
protocol ip 192.168.0.2 broadcast
ubr
encapsulation aal5snap

interface ATM0.72 point-to-point
mtu 9180
ip unnumbered FastEthernet0
no ip redirects
pvc 0/72
protocol ip 192.168.0.3 broadcast
ubr
encapsulation aal5snap

interface ATM0.74 point-to-point
mtu 9180
ip unnumbered FastEthernet0
no ip redirects
pvc 0/74
protocol ip 192.168.0.4 broadcast
ubr
encapsulation aal5snap

interface ATM0.76 point-to-point
mtu 9180
ip unnumbered FastEthernet0
no ip redirects
pvc 0/76
protocol ip 192.168.0.5 broadcast
ubr
encapsulation aal5snap

interface FastEthernet0
ip address 192.168.0.1 255.255.255.0
ip route-cache flow

! default route to internet over fast ethernet network
ip route 0.0.0.0 0.0.0.0 192.168.0.254
ip default-route 192.168.0.254

! route all packets to H1...H4 over their respective ATM virtual circuits
ip route 192.168.0.2 255.255.255.255 atm0.70
ip route 192.168.0.3 255.255.255.255 atm0.72
ip route 192.168.0.4 255.255.255.255 atm0.74
ip route 192.168.0.5 255.255.255.255 atm0.76
that should do it as far as setting up the cisco goes. now, we have to set up all our host systems. this should be all valid on freebsd 6.1 which is the most modern that you can get at the time of this writing. it even works on sparc64 with no endianness or 64 bit cleanliness issues in the fatm driver! to start, it is necessary to add pca-200e driver support to the kernel, since it does not come compiled into the GENERIC kernel. to do this, insert the following lines in your kernel configuration file,
options NATM
device atm
device fatm
device utopia
and build a new kernel. then, it is just a matter of modifying your rc.conf file to bring up the interface. i also made a modified /etc/rc.d/routing file that works better for my assumptions that the atm is the primary and only network connection. you will probably want to use it if you are configuring your atm network in the manner described in this document. as far as the rc.conf file goes, you must add the following lines -- below is the configuration for host H1 as an example,
network_interfaces="fatm0"
ifconfig_fatm0="192.168.0.2 netmask 255.255.255.0 up"
natm_static_routes="cisco"
route_cisco="192.168.0.1 fatm0 0 70 llc/snap ubr"
static_routes="default"
route_default="-net 0.0.0.0 192.168.0.1"
delete_routes="localsub"
localsub="192.168.0.0/24"
and as far as the modified /etc/rc.d/routing file goes, you can download it here. basically, two changes have been made. first, i switched the order in which natm static routes and ip static routes are added, so the system will be sure to have a virtual circuit up before trying to create an ip default route over it,
# Setup ATM static routes
#
if [ -n "${natm_static_routes}" ]; then
for i in ${natm_static_routes}; do
eval route_args=\$route_${i}
atmconfig natm add ${route_args}
done
fi

# Setup static routes. This should be done before router discovery.
#
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
and second, i have added another function to the routing script, delete_routes, that gets rid of an erroneous network route that gets added when we bring the interface up specifying a netmask. we want all packets to go through the point to point link to the cisco; routing to the local subnet on the wire doesnt mean anything on a point to point atm network.
if [ -n "${delete_routes}" ]; then
for i in ${delete_routes}; do
eval route_args=\$route_${i}
route delete ${route_args}
done
fi
once you have configured your freebsd system, give it a reboot and make sure that the network interface comes up properly as configured. at this point, everything should be working as planned.
note that as of freebsd 7.1-release, ATM support is no longer included in the kernel. if you want to use ATM these days, you will need to use linux, for which i have developed an equivalent procedure.
home