TCP/IP Level 520 Preventive Service Planning
(PSP) Bucket
**> Last update: 30 Apr 2009 **> Synch'd w/RETAIN: 04 May 2009 *********************** * SUBSET VM520 * *********************** This SUBSET contains installation information for TCP/IP Level 520 for z/VM Version 5 Release 2.0. ************************************************************************ * C H A N G E S U M M A R Y * ************************************************************************ Date Last Changed Section 1. 2006/11/10 Installation Information 2. 2005/12/16 Documentation Changes 3. 2005/12/16 General Information 4. 2009/04/30 Service Recommendations See 0901RSU 5. yyyy/mm/dd Cross Product Dependencies No Entries Service Recommendation Summary DATE APAR PTF VOLID COMMENTS 1. yyyy/mm/dd xxnnnnn xxnnnnn nnnn N/A ************************************************************************ * SECTION 1. I N S T A L L A T I O N I N F O R M A T I O N * ************************************************************************ This section contains changes relevant to the installation of the product, or to its Program Directory. 7. 2006/11/10 Customers who migrate to z/VM 5.2.0 from a previous level should note that the GATEWAY statement format has changed with level 520. GATEWAY statements defined using the previous format (and, which are syntactically correct) are accepted and used by the 520 level of the TCPIP server module. However, the presence of such statements will cause messages DTCPRS007E and DTCPRS058I to be produced whenever those statements are processed by TCP/IP. 7. 2006/03/28 Certain components of the IPFORMAT command have been supplied with the z/VM 5.2.0 product deliverable at an incorrect code level. APAR PK22191 (currently open) will supply updates to correct this problem. 6. 2005/12/16 When network devices are configured for the TCP/IP (stack) server virtual machine, ensure that any virtual device addresses specified for a device are available for use. (Such virtual addresses are specified as part of DEVICE statements within the TCP/IP server configuration file -- PROFILE TCPIP, or its equivalent.) For example, for a default installation environment, virtual addresses 401, 402 and 405 cannot be used for network devices unless local adjustments are made. These addresses have been reserved and defined within the z/VM system directory for establishing links to MAINT-owned National Language Support (NLS) HELP minidisks, to allow specific help information to be referenced in the appropriate environments. 5. 2005/12/16 It my be possible to address certain z/VM host connectivity problems by including specific ASSORTEDPARMS operands in the TCP/IP server configuration file (PROFILE TCPIP, or its equivalent). The OVERRIDEPRECEDENCE operand may help alleviate general connectivity problems that arise when clients alter TCP/IP Type-of-Service (TOS) values after a connection has been established. Connections that appear to close unexpectedly are symptomatic of a possible need for using the OVERRIDEPRECEDENCE operand. The NORFC1323 operand may help alleviate TN3270 connectivity problems that arise with Telnet connections that are associated with Windows 95 (Win95) hosts. Win95-initiated Telnet connections that appear to "hang" on a regular basis, and with consistent duration, are symptomatic of a possible need for using the NORFC1323 operand. Note: The use of the NORFC1323 operand may impact TCP connection performance for other TCP clients, as this operand prevents the z/VM TCP/IP server from initiating RFC 1323-related performance features (although client requests to enable these facilities are always accepted). 4. 2005/12/16 For customers who plan to use the Secure Socket Layer (SSL) server support, please note the following: To use the Secure Socket Layer (SSL) server, a suitably configured Linux kernel and file system must be installed on your z/VM system. Detailed information about Linux requirements and preparation for use by the SSL server are available at the TCP/IP for z/VM home page on the World Wide Web. The URL for this home page is: http://www.vm.ibm.com/related/tcpip/ Note: If no specific action is taken to configure the SSL server and an attempt is made to initialize this server, the SSL server will report errors similar to those shown here and will fail to initialize: DTCRUN1011I Server started at nn:nn:nn on dd mmm yyyy (day) DTCRUN1011I Running "VMSSL" DTCSSL2428I Port 9999 is used for SSL administration. HCPVMI232E IPL UNIT ERROR; IRB 00404017 00000010 00200018 00800000 HCPGIR450W CP entered; disabled wait PSW 000E0000 00000232 3. 2005/12/16 Customers who plan to use an External Security Manager (ESM) different from the IBM Resource Access Control Facility (RACF), such as VMSECURE from Sterling Software Inc., should review Informational APAR II11256 for additional information about configuring TCP/IP servers in such an environment. 2. 2005/12/16 Missing interrupt conditions for I/O operations involving devices dedicated to the TCPIP virtual machine should be detected, but *not* dealt with. For z/VM, the default MIH setting of OFF will accomplish this. (This default is in effect when MIH is not specified on the user directory OPTION statement or the SET MIH command is not issued within a virtual machine). However, when MIH OFF is in effect, CP issues HCPMHT2150I messages to the operator, to indicate that an I/O operation was started but the MIH interval expired before the device sent an interrupt. In some instances, these messages may flood the OPERATOR console. Use of the 'OFF' parameter of a related command, CP SET MITIME, can prevent excessive HCPMHT2150I messages related to TCPIP from appearing on the OPERATOR console. This command controls the time interval at which a specified device is checked for missing interrupts. To reduce occurrences of HCPMHT2150I messages, use the following command. Note that only the device(s) dedicated to the TCPIP server should be specified with this command. CP SET MITIME rdev1-rdev2 OFF The CP SET MITIME command should be issued within an "exit" exec, identified by an ":Exit." tag that is defined for the TCPIP server entry in a locally created DTCPARMS file. 1. 2005/12/16 Prior to installing TCP/IP for z/VM, you may find it useful to review the content of the following ITSO Redbooks if you're not familiar with TCP/IP protocols, functions and networking principles: * "TCP/IP Tutorial and Technical Overview", (GG24-3376) * "IP Network Design Guide", (SG24-2580) * "TCP/IP Solutions for VM/ESA", (SG24-5459) * "IBM Communications Server for OS/390 V2R10 TCP/IP Implementation Guide, Volume 1: Configuration and Routing", (SG24-5227) Additional textbook references that may be useful are: * "TCP/IP Illustrated, Volume 1: The Protocols," Richard W. Stevens, Addison-Wesley, Reading, Massachusetts, 1994. ISBN: 0-201-63346-9 (SR28-5586-00) * "Internetworking with TCP/IP Volume I:Principles, Protocols, and Architecture," Douglas E. Comer, Prentice Hall, Englewood Cliffs, New Jersey, 1991. ISBN: 0-13-216987-8 (SC31-6144-00) * "DNS and BIND in a Nutshell," Paul Albitz & Cricket Liu, O'Reilly & Associates, Sebastopol, California, 1992. ISBN: 1-56592-010-4 (SR28-4970-00) ************************************************************************ * SECTION 2. D O C U M E N T A T I O N C H A N G E S * ************************************************************************ This section provides corrections for significant errors in TCP/IP Level 520 documentation. 1. 2005/12/16 A typographical error exists in the following informal publication: "Program Directory for TCP/IP for z/VM - Level 520" (GI11-2853-00) In section 5.2.4.11, "NETSTAT Command", the first subheading that follows (5.2.4.11.1, "Changes Introduced in TCP/IP Level 510") should instead cite "Changes Introduced in TCP/IP Level 520". ************************************************************************ * SECTION 3. G E N E R A L I N F O R M A T I O N * ************************************************************************ This section contains general information, i.e., hints/tips. 6. 2005/12/16 Prior to z/VM 5.1.0, the PING and TRACERTE commands have been implemented as Pascal-based programs, and have provided only IPv4 support. As of z/VM 5.1.0, the PING and TRACERTE commands were enhanced to include IPv6 support, which has required the use of current C programming socket libraries. Because of this requirement, the Pascal-based PING and TRACERTE commands have been replaced with C-based implementations. However, in addition to gaining IPv6 capability through use of the C language, the PING and TRACERTE also inherit a known peculiarity of running C programs on z/VM - the inability to use the CMS 'HX' (Halt execution) "immediate" command to terminate a running C-based program. Whether this situation is viewed as being a limitation or a restriction, the use of an HX command to terminate a C program is not reliable and may potentially result in an abend into a CP READ state, which then requires a re-IPL of CMS. To reduce the potential for users of the PING and TRACERTE commands to experience this behavior, these commands implement logic that intercepts an 'HX' command and acquires all input provided at the subsequent 'VM READ' (treating such input as if a 'CP BEGIN' command had been entered). Thus, all data provided at a 'VM READ' under such circumstance is ignored, and one is returned to a CMS 'Ready' prompt as quickly as possible. While this behavior deviates from that seen when the HX command is used in a more conventional setting, this was deemed necessary, since the PING and TRACERTE commands are frequently used TCP/IP diagnostic aides. 5. 2005/12/16 As of z/VM 5.1.0, host/domain name resolution is performed for various TCP/IP functions through the use of IBM Language Environment (LE) sockets. To ensure that adequate virtual storage is available to allow for such resolution, virtual machines that use TCP/IP functions should be defined with a minimum of 16M of virtual storage. 4. 2005/12/16 Several TCP/IP for z/VM functions are Pascal-based, and use VMCF communications to communicate with the TCPIP server. Therefore, these functions cannot be reliably used in conjunction with other applications that also use VMCF communications (such as the CMS Utility, WAKEUP); doing so may produce intermittent hangs during processing or other unpredictable results. The TCP/IP Pascal-base functions for which such problems may arise are: FTP HOMETEST LPQ LPR LPRM NETSTAT OBEYFILE PING REXEC TELNET TESTSITE TFTP See CMS Utilities APAR VM58540 for more information about problems when using FTP in conjunction with WAKEUP. See TCP/IP for z/VM APAR PQ87840 for more information about problems when using REXEC in conjunction with WAKEUP. 3. 2005/12/16 With RSCS Version 3 Release 1 (V3 R1), enhanced configuration features, such as embedded files, new configuration statements (such as LINKDEFINE), and the ability to use additional comment delimiters ('/*' and '*/') are available for configuring RSCS. For example: IMBED fn ft /* RSCS V3 R1 style comments */ The TCP/IP for z/VM program, SMTPRSCS, uses the RSCS CONFIG file to build an RSCS host table file (SMTPRSCS HOSTINFO). SMTPRSCS can process RSCS V3 R1 embedded files, its new configuration definitions, and the additional comment delimiters. However, if "generic routing" is used in your environment (as from using a "ROUTE *" statement), you still need to identify -- with respect to SMTPRSCS -- any additional RSCS host names that are relevant to your RSCS network, which are not in the RSCS CONFIG configuration file. To do this, you can create a separate file to be used as input for the SMTPRSCS program. For example, a file named TCP-RSCS CONFIG, that contains: IMBED RSCS CONFIG ROUTE nodeid1 ROUTE nodeid2 : where each ROUTE statement must have two tokens -- "ROUTE" and a nodeid name of an additional RSCS node to be identified for use by the SMTP server. 2. 2005/12/16 APAR VM63863, through its associated PTF, UM97520, is used as the ordering mechanism for the current level of the TCP/IP Function Level 520 RSU. This APAR/PTF will be updated during every RSU cycle to indicate the RSU level that is currently available through ISMD service. The RSU can be ordered upon request by contacting the Level 2 support group, or through the SRD (Service Request & Delivery) function of IBMLink. Please see the text of APAR VM63863 for more information, if necessary. Note: TCP/IP RSU maintenance is provided only as part of the z/VM 5.2.0 "stacked" RSU. 1. 2005/12/16 When appropriate, the support center will open informational APARs covering various aspects of TCP/IP for z/VM. These APARs will cover installation and maintenance specific information, information on using the product, and other information that will often assist the customer. Customers can search for these APARs by using The product component ID (5735FAL00) and the keyword TCPIPINFO. It's recommended that customers using TCP/IP for z/VM review these APARs for information specific to their needs. ************************************************************************ * SECTION 4. S E R V I C E R E C O M M E N D A T I O N S * ************************************************************************ 1. 2009/04/30 Refer to 0901RSU for service recommendations. ************************************************************************ * SECTION 5. C R O S S P R O D U C T D E P E N D E N C I E S * ************************************************************************ This section contains information that is dependent upon another product other than this subset ID. It also contains information dealing with migration and product coexistence. This item contains no records. 1. yyyy/mm/dd Interdependent Product: Problem: Users Affected: Recommendation: Install xxxxxxx on Volid xxxx ************************************************************************ * I N F O R M A T I O N A L / D O C U M E N T A T I O N * * APARs Follow (If Any) * ************************************************************************ ------------------------------------------------------------------------ PTF Include List: This item contains no records. ------------------------------------------------------------------------ PTF Exclude List: This item contains no records. ------------------------------------------------------------------------ PE APAR List: This item contains no records. ------------------------------------------------------------------------ Pending PE APAR List: This item contains no records.