How Gateway Service for NetWare Works

Gateway Service for NetWare acts as a gateway between the Common Internet File System (CIFS) protocol used on Windows networks and the NetWare Core Protocol (NCP) used on NetWare networks. CIFS, formerly known as SMB, is the native file-sharing protocol in Microsoft Windows 2000. When you enable this gateway, Windows network clients can access NetWare services through the Gateway Service for NetWare gateway located on the Windows 2000 Server.

Figure 12.9 shows multiple Windows client computers accessing NetWare services through a Windows 2000 server acting as a gateway. The CIFS-based protocol traffic is translated to NCP protocol, which is then passed to the NetWare server.

Figure 12.9 Gateway Service for NetWare Access

To give Windows-based clients access to a NetWare volume, the Windows 2000 Server–based computer running Gateway Service for NetWare redirects one of its drives to the NetWare volume and then shares that drive to the Windows-based clients. The Windows 2000 Server gateway uses a NetWare account to create a validated connection to the NetWare server. This connection appears on the computer running Windows 2000 Server as a redirected drive. When you share the redirected drive, it performs like any other shared resource, appearing to users as a Windows 2000 Server resource although it is actually a resource on a NetWare server.

For example, suppose you want to create a gateway from computer A (running Gateway Service for NetWare) to the Data volume on the NetWare bindery-based server B. When activating the gateway, you specify \\B\Data in the Configure Gateway dialog box as the NetWare resource, and then you specify a share name for Windows 2000–based clients, such as Nw Data. Windows clients then refer to this resource as \\A\Nw_Data.

After the gateway connection is established, it is disconnected only if the computer running Windows 2000 Server is turned off, if the administrator disconnects the shared resource or disables the gateway, or if a network problem prevents access to the NetWare server. Logging off the computer running Windows 2000 Server does not, by itself, disconnect the gateway.

Note

Because requests from Windows-based networking clients are processed through a single connection between the Windows 2000 gateway server and the NetWare server, access is slower with Gateway Service for NetWare than direct access from the Windows client to the NetWare network using Client Service for NetWare. Windows clients that require frequent access to NetWare resources should use local client software (such as Client Service for NetWare or Novell Client for Windows 2000) to achieve higher performance. For more information about deciding between Gateway Service for NetWare and Client Service for NetWare, see "Choosing Between Gateway Service and Client Service" earlier in this chapter.

Gateway Service for NetWare Packet Translation

When you use Gateway Service for NetWare to transmit data between the Windows 2000 CIFS protocol and the Novell NCP protocol, conversion occurs within the gateway by means of the Nwrdr.sys redirector.

Figure 12.10 shows how a CIFS packet is translated to an NCP packet and sent to the NetWare server. First, a Windows client sends a CIFS request. A CIFS request can come from a variety of Windows-based networking clients over a variety of network transport protocols. For example, a CIFS request might come from a Windows client dialing into the network using Routing and Remote Access service, or it might come from a Windows client attached directly to the network using TCP/IP, IPX/SPX, or NetBEUI.

When the networking client sends out the CIFS request to the Windows 2000 Server–based computer running Gateway Service for NetWare, it is initially picked up by the Server service (Srv.sys).

Next, if the request is a file manipulation request (a request that requires a file handle to be returned), the Server service passes the share name, file path, and file name enclosed within the packet, to the Windows 2000 I/O manager.

Figure 12.10 Gateway Service for NetWare Packet Translation

Next, the Windows 2000 I/O manager (Io.sys) uses the file object name to call into Nwrdr.sys redirector, passing Nwrdr.sys information on the security token of the object that sent the CIFS request. Based on the security token, Nwrdr.sys determines if the request was from a local account or was a remote request. If the request was a remote request, Nwrdr.sys uses the gateway credentials (established upon gateway entry when sending the file manipulation NCP to the NetWare file server.

Next, Nwrdr.sys returns the file handle to the Windows 2000 I/O manager, which then returns the file handle to Server service. CIFS traffic related to this file manipulation request (for example, if the file manipulation request was to open a file for reading) is sent directly to Nwrdr.sys by the Server service using the file handle.

From Nwrdr.sys, the request is passed to the NetWare server.