This is a quick guide to using LAT on Linux systems. I am assuming that you already have the latd package installed and that the latcp command is on root's PATH. All the terminal server examples are for the (very obsolete) DECserver 200 but the syntax is similar for other models (apart from the DECserver 90L+ which has an odd menu-type system but is fairly intuitive for its limited feature set).
latd is the daemon that is running in the background accepting incoming connections and marshalling outgoing ones, latcp is the LAT control program which is the user interface to latd.
The latcp commands are based on those used in Tru64 Unix, so if you are familiar with that then this should all look very familiar to you. However, they are not identical to Tru64 so you should still at least skim this document or the man page for latcp.
The examples here are for latd 1.12. Not all the features are available in earlier versions, later versions might have other features not mentioned here. This document is not an exhaustive list of features, see the man pages for that.
Note that I talk about Linux a lot here. Linux is my main development platform but this LAT software is also known to run on NetBSD, FreeBSD and Darwin (Apple Mac OS/X).
Starting and stopping it
# latcp -s
Starts the daemon
# latcp -h
Stops the daemon
By default (ie if you haven't customised the startup script or change the ./configure options at build time) latd will advertise a service which is the hostname of your Linux system. This means that any users that have terminals connected to a terminal service will be able to connect to your system by typing the appropriate connect command to the terminal server. On a DECserver 200 this would be "CONNECT LINUX" if your machine's host name is "linux". Of course, if the user does not have a username on the system they will not be able to get past the login prompt. When latcp starts the daemon it runs a startup script called /etc/latd.conf which is a conventional shell script. If you want to customise the way LAT works then this is the place to do it. The rest of this document explains the latcp commands that you can use to customise LAT and it is normal to put these commands in the startup script so that they take effect each time the system is rebooted.
By default latd listens on all ethernet interfaces on your system. If you want to restrict this you can specify as many interfaces as you like on the latcp command line eg:
# latcp -s -i eth1 -i eth2.
It is not currently possible to change this in the startup script or after the daemon has started. If an interface goes down, then latd will remove it from its list.
When you stop latd all users are instantly disconnected. They will get no warning and work will not be saved.
latd can advertise many services, not just one for the host name. So (for example) you could add a new service called LINUX on all linux machines running latd and then users can connect to LINUX and they will be attached to the server with the lowest load average.
To add such a service use the command latcp -A -a LINUX. This tells latd to advertise the new service along with the default one using the same rating.
To remove this service use the command latcp -D -a LINUX.
Services have an optional description associated with them which can show up on some terminal servers if the user issues a SHOW SERVICE command. The description is added to the service with the -i switch. eg:
# latcp -A -a LINUX -i "Linux login service"
Note that the description must be enclosed in quotes if it contains spaces. To change the description of an existing service use the following command:
# latcp -i "Linux is wonderful" -a LINUX
Every advertised service has a rating associated with it. This rating is used in the terminal servers' load balancing algorithm to determine which node to connect to when more than one system advertises the same service name. By default, services advertised by latd have dynamic ratings, that is they vary according to the load on the system. The value you specify on the latcp command line is a maximum, this value is divided by the current load average plus one each time the service is advertised on the LAN.
So, if you create a service with rating of 100 using the following command:
# latcp -A -a LINUX -r 100
and the load average is 1.00, then the advertised rating will be 50. If you have several machines advertising the the same service then, to achieve effective load balancing, the rating specified on the command-line should reflect the relative power of the machines offering that service.
In addition, ratings can be static. A static rating does not vary with the system load average. If you create a service with the following command:
# latcp -A -a LINUX -r 100 -s
Then the rating will always be 100 regardless of how busy the system is.
The "normal" use of LAT is to allow a terminal, connected to a terminal server to log into a computer. "Reverse-LAT" goes the other way, the computer makes a connection to a port on the terminal server. This has a number of uses: the most popular are
- Connect a printer to a terminal server port and let computers print to that printer by mapping a device on the computer to the terminal server port
- Connect a computer console to a terminal server so that the computer can be remotely managed from another computer.
- Connect a modem to a terminal server port and allow users to dial in, or dial out.
To do this you first need to create a service on the terminal server. How to do this varies on the model of terminal server you have so consult the documentation for your device. The command for a DECserver 200 is as follows:
# DEFINE SERVICE MYVAX PORT 4
This creates a service called MYVAX which is associated with port 4 on the terminal server. Note, you will probably also have to set the port characteristics to match those of the printer and set the access type to "Remote". Now, assuming you have connected the serial console of your VAX to port 4 of the terminal server and the server is called DS200, you can issue the following command on the linux machine:
# latcp -A -p /dev/lat/myvax -Hds200 -Vmyvax
If you now connect a terminal emulator program (say minicom, seyon or microcom) to /dev/lat/myvax you can log in to the console of the VAX and issue commands as if the terminal was local. If it doesn't work then there are a few things to check:
- The port is set correctly for remote connections, and that the baud rate and flow-control attributes are set correctly.
- That nobody else is connected to that service. On a DECServer 200 the command SHOW USERS will help here.
- That the service has been advertised on the LAN. Services are only broadcast on the LAN every 30 or 60 seconds (depending on the configuration) so you could have to wait that long before the service is seen by latd. Use the command latcp -d -l to see which services are known to latd.
- That the group numbers are set correctly, see later for a description of groups
- That you have correctly specified service name (and perhaps the host name) on the latcp command line.
In the case of a printer that is shared by several machines you will probably want to make it a queued connection. This means that if the printer is busy, any other machine that tries to connect to it will be forced to wait until it is ready. To do this set the port to be queued on the terminal server and specify the reverse-lat port to be queued by adding -Q to the command line as follows:
# latcp -A -p /dev/lat/printer -Hds200 -Vprinter -Q
To allow users other than root to connect to reverse-LAT services you must create a group in /etc/groups called "lat" and add reverse-LAT users to that group. See your distribution's documentation for managing groups. Not that this group does not affect normal, "forward" use for LAT for those users.
To send a BREAK character to the remote node press ^@. Normally this is shifted to you actually have to press Ctrl-Shift-' on a British keyboard for example.
To use "printer" ports on a DECserver 90L+ you must make the port queued because that device does not support reverse LAT. You should also use only the node name (no service name) when creating the port. eg:
# latcp -A -p /dev/lat/printer -Hds90l1 -Q
Note that queued connections are not really "reverse" LAT in the strict sense that the computer contacts the server, it sends a command to the server requesting it to make a connection back to it. The reason this is useful to know is that actual reverse LAT is not very efficient on the ethernet (at least in my implementation!) so if you are bothered by excessive packets then -Q ports are better.
Also note that the -Q flag is the opposite way round from Tru64 Unix®, sorry about that, but it seems more intuitive to me and also I didn't read the man page carefully enough.
An easier way to use reverse LAT for console access is to use llogin (see below), then you don't have to create the /dev/lat ports at all but can connect directly with (eg) llogin -Rport_1 ds90m .
Groups on LAT are a method of restricting the visible services to a manageable subset. They are not a security feature, merely a method of making a large number of services more manageable.
When a service is advertised on the LAN it can have any number of groups associated with it. A group is a number from 0 to 255. By default all services are in group 0. On the terminal server you can restrict the group numbers that it will listen for services on. So, for example, a terminal server in the sales department could have only group 10 enabled, a terminal service in the production department could have only group 20 enabled. The host machines providing these services would advertise sales service in group 10 and production services in group 20. The computer department servers would probably have all the groups enabled so that they could connect to all the services.
Because latd is both a client and a server it has two sets of group codes. One set (that manipulated by the -G and -g switches) determines the group numbers that the advertised services use. So, if we execute the following latcp commands:
# latcp -G 10 # latcp -A -a LINUX -i "Linux login service"
Then the service LINUX will be advertised in groups 0 and 10 (group 0 is always on by default). You could remove it from group 0 with the following command:
# latcp -g 0
Set up like this, only terminal services listening for services in group 10 would see the LINUX service.
The other group set (that manipulated by the -U and -u switches) determines which services can be used by the reverse-LAT ports. So, if you issue the following commands:
# latcp -u 0 # latcp -U 20
Then you would only be able to connect reverse LAT ports to services that were advertised in group 20 (ie you could not connect to the LINUX service!).
The default for a service configured with the latcp -A -a command is the login application but you can define almost any sort of application you like. To give an illustration this is how the default login service looks like with defaults spelled out:
# latcp -A -a LINUX -C /bin/login -u root
You can specify any command you like for -C and any valid user for -u so forcing users into a specific application straight from the terminal server, of course you will probably want to do some authentication too! latd will set the following environment variables which you might find useful:
Note that the normal login application removes any environment variables before starting the login shell. If you want the LAT information to be available to the user process you might have to add the "-p" switch to login as follows:
# latcp -A -a linux -C "/bin/login -p"
If you want to replace the normal login service with this, then use the two commands:
# latcp -D -a `uname -n` # latcp -A -a `uname -n` -C "/bin/login -p"
The reason this is not the default is that I have found that some Linux distributions use different login programs and they differ slightly, so please read the man page for login on your system before trying this. Of course the above commands can also be used in the latd.conf configuration file.
Other things you can fiddle with
Most of the operational parameters of latd can be configured with latcp. I recommend you leave these alone unless you know what you are doing though.
- Multicast timer(latcp -m). This timer specifies how often latd advertises its services on the LAN. It is specified in seconds and the default is 60.
- Keepalive Timer(latcp -k). This timer specifies how often latd will send a "keepalive packet" to a remote connection to see if it is still responding. This timer is restarted each time a valid packet is received. If <retransmit limit> keepalive packets are sent with no response then the connection is terminated. It is specified in seconds and the default is 20.
- Retransmit Limit(latcp -r). This is the number of keepalive packets sent before terminating a connection on the assumption that it is dead. The default is 20.
- Service responder(latcp -J or -j). Enables (-J) or disables (-j) service responder mode. This is needed if you have terminal servers on your network which don't collect advertised services but expect other machines to do it for them.
Starting with lat 1.02 a user program llogin is included. Like latcp this is based on the command of the same name from Tru64 Unix but with a few extras. It's purpose is to allow users to log into remote LAT services. These services must be made available to latd using the groups feature mentioned above. In its most basic form you can connect to an advertised LAT service with the command:
$ llogin trillian
This command will connect you to the/a machine that advertises the service trillian and prompt you to log in. You can also specify a particular node or port number to connect to using command-line switches (see the man page for more details). One useful feature is the ability to connect to queued services by supplying the -Q switch to the command eg:
$ llogin ds200 -Rport_6 -Q
Will connect to a queued port on a DECserver. Note that the service name, port name (and node name if supplied) will be converted to uppercase.
Unlike using reverse-LAT ports you don't need to press enter (or any other key) to activate the connection. If the service is a login service then you will see the login prompt quite soon after entering the command.
What's happening with the server?
You can show the status of the server with the latcp -d command which produces output something like this:
Node Name: TYKE LAT Protocol Version: 5.2 Node State: On LATD Version: 1.01 Node Ident: A Linux box Service Responder : Disabled Interfaces : eth1 eth0 Circuit Timer (msec): 80 Keepalive Timer (sec): 20 Retransmit Limit: 20 Multicast Timer (sec): 30 User Groups: 0 Service Groups: 0 Service Name Status Rating Identification TYKE Enabled 12 D LINUX Enabled 100 D Port Node Service Remote Port Queued /dev/lat/marsinta DS200 PORT_8 Yes /dev/lat/trillian DS200 PORT_7 Yes /dev/lat/zaphod DS200 PORT_3 Yes /dev/lat/roosta DS200 PORT_2 Yes /dev/lat/loginmarsha MARSHA No /dev/lat/ddcmp DS200 PORT_6 Yes 8
The services shown are the services advertised by this machine. If you want to see a list of services that are on the network that have been seen by this machine(remember groups!) then use the command latcp -d -l which gives output like this:
BACON Available Welcome to VAX/VMS V5.5 BALTI Available Compaq Tru64 UNIX V5.0A LAT SERVICE DS200 Available LAT_VT_GTWY Available LAT/VT Gateway LINUX Available Linux 2.2.18 MARSHA Available VAX node MARSHA TRISHA Available TYKE Available Linux 2.2.18
If you really want the full lowdown on the services that latd has seen then the command latcp -d -l -v will tell you everything you wanted to know!
The startup script
The above commands show you how to configure LAT, these commands will very likely be the same every time you boot the system or restart LAT so it makes sense to have some system of executing a series of commands every time you issue the latcp -s command and so there is.
Put your commands into a file called /etc/latd.conf and it will be run every time you start LAT. The only change you should make is to replace the latcp command with the string $LATCP so that the script can find the latcp program regardless of whether it is on the PATH or not.
The reason you should use /etc/latd.conf rather than writing your own script to start LAT and then set the parameters is that latd does not actually advertise any services or accept any network connections until the startup script has completed. This means you can configure all the parameters and make sure that nothing happens with the defaults in place. Here is an example startup script that sets up the services shown in the above example output:
# /etc/latd.conf # This is a sample configuration file for latd # it is run as s shell script from latcp -s with a minimal # environment and PATH (though latcp will be available as $LATCP) # # You can fiddle with all the latd parameters you like in here, the first # service announcement will not be made until this script completes. # # # Set the multicast timeout to 30 seconds $LATCP -m 30 # Add another login service $LATCP -A -a LINUX -r 100 # Add a queued reverse LAT service to consoles $LATCP -A -p /dev/lat/marsinta -Vds200 -RPORT_8 -Q $LATCP -A -p /dev/lat/trillian -Vds200 -RPORT_7 -Q $LATCP -A -p /dev/lat/zaphod -Vds200 -RPORT_3 -Q $LATCP -A -p /dev/lat/roosta -Vds200 -RPORT_2 -Q # LAT to VAX $LATCP -A -p /dev/lat/loginmarsha -Vmarsha # DDCMP on Marsha $LATCP -A -p /dev/lat/ddcmp -Vds200 -RPORT_6 -Q -8 exit
Managing terminal servers
latd also comes with a utility to help you manage your terminal servers, it is called moprc and it behaves in a similar manner to the "NCP CONNECT NODE" or "SET HOST/MOP" commands on VMS, in that it connects you to the management port of a DEC terminal server so you can issue commands for changing ports and assigning services. You will need to be root to use moprc and be careful only to run one copy at a time.
Put the names and ethernet addresses of your terminal servers in the file /etc/ethers (see ethers(5) for the format of this file) and you can connect to the servers by name:
# moprc DS200
On most terminal servers (that I have used) this will bring up a
prompt at which you need to type ACCESS and press return. this will not be echoed. After that you will be able to use the terminal server largely as if you were sat at a local port.
If your Linux machine has more than one ethernet adaptor you might need to tell moprc which card to use using the -i switch, it defaults to eth0.
This implementation of LAT is a reverse-engineering project. I do not have access to the LAT specifications. As a result there are things that might not work, or behave as you expected. One thing that seems to work quite badly is sustained data transfer over LAT. Please feel free to report bugs or feature requests to the linux-decnet-users mailing list but I can't guarantee anything. Even if I have the time to implement something, I might not know how to do it!
HP and Tru64 Unix are trademarks of Hewlett-Packard Company and DECserver probably is too.