SAP Router Help.......

SAP ROUTER Information................

Check out the links below and also the sample routtab file:

http://service.sap.com/saprouter

http://help.sap.com/saphelp_nw04/helpdata/en/4f/992ce8446d11d189700000e8322d00/frameset.htm

===========================================
http://help.sap.com/saphelp_erp2005vp/helpdata/en/26/95563cda79d734e10000000a11402f/frameset.htm
============================================

Cust SAP Server -- SAP router (SNC) ---Internet--- SAP SAProuter (SNC) -- SAP

SAP use SNC (Secure Network Communication) to support their customer. You have to set your SAProuter to be SNC-ready before SAP can help you if you have serious problem on your SAP server.

I suggest not installing SAP router on the same server. Install SAP router on your site using different box. You can place SAP router (with SNC configuration) on DMZ of your internal network.

=======================================

SAP Network Interface Router
---------------------------------------
start router : saprouter -r
stop router : saprouter -s
soft shutdown: saprouter -p
router info : saprouter -l (-L)
new routtab : saprouter -n
toggle trace : saprouter -t
cancel route : saprouter -c id
dump buffers : saprouter -d
flush " : saprouter -f
start router with third-party library: saprouter -a library

additional options
--------------------------
-R routtab : name of route-permission-file (default ./saprouttab)
-G logfile : name of log file (default no logging)
-T tracefile : name of trace file (default dev_rout)
-V tracelev : trace level to run with (default 1)
-H hostname : of running saprouter (default localhost)
-S service : service-name / number (default 3299)
-P infopass : password for info requests
-C clients : maximum no of clients (default 800)
-E servers : maximum no of servers to start (default 1)
-K [myname] : activate SNC; if given, use 'myname' as own sec-id
-A initstring: initialization options for third-party library

expert options
------------------------------
-B quelength : max. no. of queued packets per client (default 1)
-Q queuesize : max. total size for all queues (default 20000000 bytes)
-W waittime : timeout for blocking net-calls (default 5000 millisec)
-M min.max : portrange for outgoing connects, like -M 1.1023
-U abs_path : absolute path for Unix Domain Sockets,
default is "/tmp/.sapstream%d"

# this is a sample routtab : -----------------------------------------
D host1 host2 serviceX
D host3
P * * serviceX
P 155.56.*.* 155.56
P 155.57.1011xxxx.*
P host4 host5 * xxx
P host6 localhost 3299
P host7 host8 telnet
S host9
P0,* host10
KP sncname1 * *
KS * host11 *
KD "sncname "abc" * *
KT sncname3 host11 *

# deny routes from host1 to host2 serviceX
# deny all routes from host3
# permit routes from anywhere to any host using serviceX
# permit all routes from/to addresses matching 155.56
# permit ... with 3rd byte matching 1011xxxx
# permit routes from host4 to host5 if password xxx supplied
# permit information requests from host6
# permit native-protocol-routes to non-SAP-server telnet
# permit ... excluding native-protocol-routes (SAP-servers only)
# permit ... if number of preceding/succeeding hops (saprouters) <= 0/*
# permit SNC-connection with partnerid = 'sncname1' to any host
# permit all SAP-SAP SNC-connections to host11
# deny all SNC-connections with partnerid = 'sncname "abc'
# open connects to host11 with SNC enabled and partnerid = 'sncname3'

# first match [host/sncname host service] is used
# permission is denied if no entry matches
# service wildcard (*) does not apply to native-protocol-routes
# --------------------------------------------------------------------