AppleTalk "chatty?" AirPort secure?

On 12/22/06 18:02, "auramac" <chellessaol.com> wrote:

> Our network manager and the Tech Dept. boss (I am the Mac Support guy in a
> cross-platform school district) are concerned- no, panicking, that AppleTalk
> is too chatty and interfering with the network. We have Cisco VOIP installed,
> and I've seen no problems- but the Novell network manager mentioned a minor
> (latency?) issue that got blown out of proportion. We are printing from OS X,
> OS 9, and Classic mostly to USB printers but also Appletalk networked ones.
>
> The other big concern is that the AirPorts in the Elementary Schools are not
> secured as they are in say, the high school or any other high- risk area. Are
> these legitimate concerns that need to be addressed (get rid of AppleTalk,
> secure AirPorts) or are they overblown and unnecessary?

God no, I thought this one was finally dead.

So first, "AppleTalk" is a bag of cats. It's a collection of various
protocols that do different things.

From the OS 9 side, the big "chatty" part is NBP, or the Name Binding
Protocol, and in a "pure", i.e. non-IP AppleTalk network, that's where most
of your "chatty" comes from. However, it's just not that noisy, and to the
person who insists it is, ask him for comparisons between NetBEUI and
AppleTalk. The difference is minor.

From a test done a few years ago (almost pre-os x) by one of the AppleSeed
folks at UCLA:

"To get some measurements on AppleTalk, I did an experiment
yesterday. I measured the network traffic coming into and
out of an otherwise idle Mac. This should represent some
kind of "overhead" associated with AppleTalk. The network
was itself closed to the outside world, and had 16 Macs
running on it, 4 of them very intensively running a parallel
job using the TCP/IP protocol during the entire time of the
test. Most of the other Macs were desktop machines being
used in their normal way by their owners. All the Macs
were located in the same AppleTalk Zone. We are using
100 Mbit/sec Fast Ethernet.

   In a 25 hour period, I found that this idle test Mac
received 193 packets which averaged 100 bytes in length
(and no packets with more than 255 bytes). It also transmitted
7084 packets averaging 60 bytes in length. It was not
possible to determine whether the packets were TCP/IP or
AppleTalk, since both protocols were running, but these numbers
represent an upper bound on the AppleTalk overhead.

   Some of the transmitted packets are replies to queries
by other machines. Part of this occurs when another
Mac is booting, and needs to determine an available network
address. (This is not so different from an ARP request
to determine what the ethernet address corresponding to
an IP address is.) Others occur when users are scanning
the network for machines. For example, when a user wishes
to mount a remote Mac, the Chooser will scan the network
to determine who is out there in order to present a list
to the user. The idle Mac will respond to such requests.
This is part of the user-friendliness of the Mac.

   Probably most of the packets are due to "Are you there?"
queries originated by the idle Mac which has not heard from
some of the other 15 Macs in some time, and wishes to update
its address list. Rough calculations show this corresponds
to no more than 1 query to each Mac every 3 minutes.

   Overall, this overhead represents about 0.00004% percent
of the available bandwidth to that node. In comparison,
each of the 4 calculating nodes transmitted 0.1 Terabytes
during that time period, using about 10% of the available
bandwidth. Thus AppleTalk does not seem to me to be
excessively "chatty." What do you think? How chatty is
your average Internet browser?"

If you're talking about a more modern version, this is from one of the Apple
AFP engineers:

" On Bandwidth:
An idle connection to an AppleShare server (via IP) sends 2 tickle
packets of about 64 bytes in size every 30 seconds (call it 4 bytes/second
or 0.00024% of a 10 Mega Bit [10 Base-T] connection <I may be off by a
factorof 10 either way, its early>). When transferring files, AFP is just as
efficient as any other well implemented IP protocol, a single client
can, under ideal conditions fill the pipe with minimal overhead.
For a 16k read/write we have 28 bytes of AFP/DSI protocol info on top
of 780 bytes of TCP/IP protocol info for a payload efficiency of about
91% (it takes 12 packets to move 16k of data)."

and that's still talking about, IIRC, pre AFP 3.X.

If they want to insist that AppleTalk is chatty, ask for proof that
AppleTalk is *noticeably* more chatty than any other similar protocol, i.e.
NetBEUI, SMB, CIFS, etc.

That's just ignorance you're seeing there.

--
John C. Welch Writer/Analyst
Bynkii.com Mac and other opinions
jwelchbynkii.com

On 23/12/06 1:02, "auramac" <chellessaol.com> wrote:

> Our network manager and the Tech Dept. boss (I am the Mac Support guy in a
> cross-platform school district) are concerned- no, panicking, that AppleTalk
> is too chatty and interfering with the network. We have Cisco VOIP installed,
> and I've seen no problems- but the Novell network manager mentioned a minor
> (latency?) issue that got blown out of proportion. We are printing from OS X,
> OS 9, and Classic mostly to USB printers but also Appletalk networked ones.

I'm not familiar with AppleTalk (I started working in the late 90s and
legacy desktop protocols like AppleTalk and IPX were all but extinct in the
companies I worked for). But however chatty the protocol may be, since you
mention VoIP, you should have a QoS policy implemented which would
prioritize voice packets. So unless there's severe congestion in your
network (in that case, it's time to upgrade links!), voice shouldn't be
affected. Unless there's no Qos implemented, of course, which is often the
case...

> The other big concern is that the AirPorts in the Elementary Schools are not
> secured as they are in say, the high school or any other high- risk area. Are
> these legitimate concerns that need to be addressed (get rid of AppleTalk,
> secure AirPorts) or are they overblown and unnecessary?

I'm not familiar with Apple APs (aka Airports), only Cisco ones, but
protocols are universal (the beauty of networking, although there are also
ton of proprietary protocols, of course, but I digress :), and I suppose
Airports support everything listed below.

Security depends on what authentication and encryption method(s) you use,
from less to more secure: open, WEP, WPA 1/TKIP, WPA 2 (802.11i)/shared key,
WPA 2/Enterprise (802.1x). (It's slightly more complicated when you add the
choice of EAP method to the mix, so I left it out...)

-Thomas