Re: Curiousity question - Changing the status area
How about changing the CMS Ready message? This exec was posted to the list a while back and simplifies the process: /* This exec changes CMS' READY message by including userid info. +---+ | format: | RDYMSG | +---+ Adapted by: Kris Buelens IBM Belgium; BUELENSC at IECVM 19 Apr 1993 from: David Lybrand Joachim Becela */ parse upper source . . myname mytype . syn . address command /*-+ | Have a RDYMSG with a highlighted 'USERID at NODE'| +-*/ 'ID (LIFO' pull myid . mynode . rdymsg.1 = ' 3' /* rdymsg.2 = '8116 '||'1DE8'x||myid 'at' mynode||'1D60'x||'is ready' */ rdymsg.2 = '8116 Ready'||'1DE8'x||myid 'at' mynode||'1D60'x 'RENAME DMSUME REPOS A RDYMSG REPOS A' ren_rc = rc if rc*(rc28) = 0 then do 'EXECIO 2 DISKW DMSUME REPOS A3 0 F 80 (FINIS STEM RDYMSG.' 'GENMSG DMSUME REPOS A3 DMS (NOLIST MARGIN 63' 'SET LANG (ADD DMS USER' 'ERASE DMSUME TEXT' end if ren_rc = 0 then 'RENAME RDYMSG REPOS A DMSUME REPOS A' Regards, Miguel Delapaz z/VM Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 12/17/2010 10:42:15 AM: Greetings, I have a user who would like to have his userid displayed instead of the system identifier in the status area at the bottom of the screen. Is that possible? He has quite a few 3270 VM/CMS sessions open and would like to quickly identify who is logged on to what screen. Thanks, Mike Horlick CGI Montreal
Re: New messages from TCP/IP after going from z/VM 5.2 to 5.4
Mike, The code is running through the same path in 5.4 that it was in 5.2...the only difference is there's now a message when we hit this case. There is no parameter to turn the message on or off. You need to figure out what interface is sending the offending packet. The message output gives you their MAC address: 04:09:23 DTCARP012IArpSenderHardwareAddr: 000629DC21BE Now, if that MAC address happens to belong to an interface on the stack that is issuing the message, then you should probably open a PMR so we can investigate why that's happening. If the MAC address doesn't belong to an interface on the stack issuing the message, then somebody else on your network is using that IP address...no matter what your telecom guy says :-) Regards, Miguel Delapaz z/VM Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 12/15/2010 10:40:53 AM: Hello Alan, I contacted my telecom guy and he thinks maybe there is a new or changed parameter in a TCP/IP configuration file since 5.2 thats causing this. Do you think that could be the case? Also , I found the DTCARP049I message in the Messages and Codes book but not the others. Thanks, Mike Horlick From: The IBM z/VM Operating System on behalf of Alan Altmark Sent: Tue 14/12/2010 5:03 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: New messages from TCP/IP after going from z/VM 5.2 to 5.4 On Tuesday, 12/14/2010 at 04:19 EST, Horlick, Michael michael.horl...@cgi.com wrote: We went from z/VM 5.2 to 5.4 (and TCP/IP for VM 520 to 540) at the end of November. I didn't notice it at first but I see that I am getting the following type extra messages on the spooled console for each of my TCP/IP stacks that I have: 04:09:23 DTCARP049I An ARP packet was received on link PCN3 with our IP address 142.101.99.196 as the source address. Possible configuration error. I had made no changes to any of my TCP/IP configuration files. On one my stacks these type messages are occurring every so every few minutes. You made quite a leap going from 5.2 to 5.4 and you picked up a lot of new functionality. The z/VM 5.4 TCP/IP Messages and Codes book includes change bars for those DTCARP messages. It's telling you that you've got another host on your LAN that is configured with the same IP address as VM TCP/IP. It didn't used to warn you; now it does. Alan Altmark z/VM and Linux on System z Consultant IBM System Lab Services and Training ibm.com/systems/services/labservices office: 607.429.3323 alan_altm...@us.ibm.com IBM Endicott
Re: No IPL VSWITCH Connectivity
In that case, the guest should still be able to connect to the VSWITCH without an issue. It just won't have access to the physical network. The controller virtual machines have nothing to do with general VSWITCH operation...they are simply there to manage the OSAs that may be attached to the VSWITCH. Regards, Miguel Delapaz z/VM Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 11/02/2010 10:45:33 AM: Ok, they may be defined but try having a z/Linux guest connect to them before DTCVSW* is up! Thank You, Terry Martin Lockheed Martin - Citic z/OS and z/VM Performance Tuning and Operating Systems Support Office - 443 348-2102 Cell - 443 632-4191 From: The IBM z/VM Operating System [mailto:ib...@listserv.uark.edu] On Behalf Of Riedel, Alexander Sent: Tuesday, November 02, 2010 1:33 PM To: IBMVM@LISTSERV.UARK.EDU Subject: AW: No IPL VSWITCH Connectivity Sorry Terry, but i think you are wrong. I define my 4 VSWITCHES all in the SYSTEM CONFIG and it works. At this time the TCPIP or DTCVSW* are definitely not started. Kind regards, Alexander Riedel
Re: Hi everybody
If FTPGEST0 is a z/VM FTP server and your user ID is in the TCP/IP server's OBEY list, you could issue: SMSG FTPGEST0 CLOSECON to close the console. Regards, Miguel Delapaz z/VM Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 02/04/2010 09:21:25 AM: The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU Mario, that's an old version of VM you have running there now (as I am sure you already know...). I don't think it supports the CP SEND CP FTPGEST0 CLOSE CONS command that Scott has suggested. I think the easiest think for you to do is simply log onto the FTPGEST0 virtual machine and issue the CP SPOOL CONS CLOSE command directly on it's console. You can then transfer it to another user id for processing. Hope this helps. On 02/04/2010 11:07 AM, Mario Izaguirre wrote: Hi, thanks for the welcome.. q cplevel VM/ESA Version 2 Release 3.0, service level 9901 Generated at 05/31/99 10:32:22 EST IPL at 12/21/09 11:40:44 EST Ready; T=0.01/0.01 18:07:22 q prt ftpgest0 all ORIGINID FILE CLASS RECORDS CPY HOLD DATE TIME NAME TYPE DIST FTPGEST0 3115 Q CON 00196554 001 NONE OPEN- 0009 FTPCONSO
Re: PATHMTU
Christy / Jonathan, I've attempted to answer your questions/concerns below. If you have any other questions, let me know. From what I can tell, the only place this comes in to play (generally) is for Hipersockets and similar private networks. Any time there is a network with a smaller MTU than yours in between you and your destination, Path MTU Discovery would come into play (assuming you're sending large enough packets). So obviously networks with significantly larger MTUs (like most HiperSockets networks) would it more often. When I asked my network people about it, they said that the function has to be enabled and supported through all the hops in the network This is not true. It improves the accuracy and speed of the Path MTU algorithm if all the hops in the network send valid ICMP fragmentation needed packets, but that can be done without enabling Path MTU Discovery on the intermediate nodes. There are some operating systems that don't send these packets (or send them without a suggested MTU value), but the VM stack will adjust the MTU based on a table of well-known MTU values and continue. that firewalls had to allow the ICMP traffic through. Again, this makes the algorithm faster and more accurate, but it is not a requirement. If we never receive the ICMP packet, the stack will eventually adjust the MTU as above. There is also a rumor floating around that PATHMTU results in the “do not fragment’ bit always being set on. Which seems very scary and wrong. This is not a rumor...but it's also not scary OR wrong. By forcing all fragmentation to be done at the source host you are generally improving the overall performance of the network because routers can spend their cycles doing their primary job (routing traffic) rather than fragmenting packets from a number of hosts. In fact, in IPv6 it is a requirement that ALL fragmentation be done at the source node. Currently we have left it out so it is disabled and apparently defaults to Path MTU Discovery Aging Interval of 10 minutes If Path MTU Discovery is disabled, the aging interval doesn't matter. We don't have a lot of IP traffic - is it OK to let it default to 10 minutes? This is the value recommended by the RFC. Is there a way to determine what a 'good' value would be? In most cases, I don't think it matters too much. If you have a volatile network, you would probably want the value lower in order to pick up MTU increases faster. If you have a workload that sends small bursts of large packets with a fair amount of time between the bursts, you may want the value to be higher since there may be a (very) slight performance impact while the algorithm determines the optimal MTU Is it that important...? It definitely improves overall performance in some environments. If you're in such an environment, then yes. Regards, Miguel Delapaz z/VM Development
Re: FTP z/VM to z/VM
Dave, Use 'TYPE E' and 'MODE B' rather than 'bin' and 'quote site fix 80' Regards, Miguel Delapaz z/VM Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 11/04/2009 10:51:13 AM: Hi all, I have a little knowledge problem here. I'm trying to FTP in binary a fixed reclen 80 file to another z/VM host system. Here's part of the log: bin TYPE i 200 Representation type is IMAGE. Command: quote site fix 80 site fix 80 200 Site command was accepted. Command: put l10200.vmarc SITE VARrecfm= This is supplied by z/VM 200 Site command was accepted. PORT 10,4,23,2,87,217 200 Port request OK. STOR l10200.vmarc As soon as I enter the put command, a SITE VARrecfm command is supplied by z/VM and the file ends up as VARIABLE on the remote side. I'm trying to FTP binary and get FIXED on both sides. If I download to a PC and then FTP back up to the remote z/VM, I don't see this problem because my Windows FTP doesn't invent a SITE VARrecfm command. Your suggestions/input would be appreciated. Thanks, Dave Booher
Re: IFCONFIG to -REMOVE a link
Shimon, Stop the interface with IFCONFIG VSECM DOWN first. It turns out that IFCONFIG doesn't use the actual device status to decide whether an interface is UP or DOWN...it considers a device UP if it has usable routes (i.e. it can actually send traffic). We should probably change that :-) Regards, Miguel Delapaz z/VM Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 08/23/2009 05:01:55 AM: Hi, I tried to use IFCONFIG to remove a link. According to the help file the interface must be inactive first. I assumed that an interface which is DOWN can be considered inactive, but apparently I was wrong: IFCONFIG VSECM VSECM INET ADDR: 10.1.5.2 P-T-P: 10.1.6.2 MASK: 255.0.0.0 DOWN BROADCAST MULTICAST POINTOPOINT MTU: 32760 VDEV: 0902 TYPE: CTC PORTNUMBER: 1 CPU: 0 FORWARDING: ENABLED RX BYTES: 0 TX BYTES: 1524 READY; T=0.13/0.14 14:51:26 IFCONFIG -SHOW VSECM -REMOVE DTCIFC2668E -REMOVE CANNOT BE SPECIFIED FOR AN ACTIVE INTERFACE READY(8); T=0.11/0.12 14:51:35 Can someone explain what else I need to do to remove this interface? Thanks, Shimon
Re: IFCONFIG to -REMOVE a link
IFCONFIG doesn't display information about VSWITCHes or their controllers...so I'm not sure what you're referring to. Could you clarify? Regards, Miguel Delapaz z/VM Development Dean, David (I/S) david_d...@bcbst.com Yep, and if you have two controllers for failover to two OSA’s this is a problem … am I up or am I down?
Re: Using Multiple Processors for TCP/IP and/or SFS
Mike, TCP/IP can be configured to dispatch device driver work on non-base CPUs by coding the CPU num option on the DEVICE statement in PROFILE TCPIP. Other than that it won't do anything with multiple processors. Regards, Miguel Delapaz z/VM Development | | From: | | --| |Michael Coffin michaelcof...@mccci.com | --| | | To:| | --| |IBMVM@LISTSERV.UARK.EDU | --| | | Date: | | --| |08/20/2009 11:42 AM | --| | | Subject: | | --| |Using Multiple Processors for TCP/IP and/or SFS | --| | | Sent by: | | --| |The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU | --| Hi Folks, Following up on our earlier discussion of multiple virtual CPU's for Linux, will TCP/IP and/or SFS servers use multiple processors? Here's my situation, I have 1 general purpose CP (about 421 MIPS) and 2 IFLs (about 500 MIPS each). We have excess capacity on the IFL side of the house (ear-marked for future Linux use), and would love to use some of those MIPS for TCP/IP and/or some of our SFS servers, both of whom can be a bit piggy at times. If I define one CP as BASE and 1 IFL as CPU 01, will TCP/IP and/or SFS use both processors? I can then manage their relative use with SET SHARE. -Mike
Re: Message DTCSTM025I
Richard, The telnet server tried to send something out of connection 100, but the connection was not in a state that was valid for sending data. Based on the DTCSTM126I message, I would assume the connection was in the process of closing when the telnet server tried the send. Determining what was causing the connection to close would require some tracing either on the client side or on the TCP/IP stack (MORETRACE TCP would probably be the most enlightening from the stack point of view). Regards, Miguel Delapaz z/VM Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 07/28/2009 12:02:13 PM: We have been getting the messages 17:16:49 DTCSTM025I Telnet server: Conn 100: SendOutData (StMaster) calls StKillConn in otherwise clause. 17:16:49 DTCSTM028I Cannot send data 17:16:49 DTCSTM126I Telnet server: Conn 100: StKillConn- TcpClose failed: No such connection They appear to be associated, it is difficult to tell whether it is before the fact or after it, with terminal sessions being dropped with a lightning bolt 510 or just an x-clock. Unfortunately, the messages appear to be among those whose meaning is self-evident; perhaps they are to the TCP/IP developers, but not to me. How do I find out what is happening and how to avoid it? Regards, Richard Schuh
Re: REXX SOCKET statement question
Steve, According to the doc, the default is 10,000 bytes. Regards, Miguel Delapaz z/VM Development
Re: Was I confused? L2 Guest LAN, z/VM 5.4
Adam, What does NETSTAT DEV say? Regards, Miguel Delapaz z/VM Development NETSTAT HOME shows the right information (ETH1 is the L2 LAN; ETH0 a Layer 3 QDIO LAN, HSI0 is L3 Hypersockets, and CTC0 is a point-to- point CTC TCPIP link): netstat home VM TCP/IP Netstat Level 540 TCP/IP Server Name: TCPIP IPv4 Home address entries: Address Subnet Mask Link VSWITCH --- --- ----- 192.168.104.1 none CTC0 none 192.168.129.1 255.255.255.0ETH0 none 192.168.130.1 255.255.255.0HSI0 none 192.168.131.1 255.255.255.0ETH1 none So, did I just have a senior moment, or *should* this work? Adam
Re: Was I confused? L2 Guest LAN, z/VM 5.4
Adam, Transport Type: IP This says your NIC is defined as Layer 3. 14:55:58 DTCOSD355E OSD device ETH1: Possible LAN transport misconfiguration detected during OSD device initialization. This says you tried to attach a Layer 3 NIC to a Layer 2 LAN (or vice-versa) Regards, Miguel Delapaz z/VM Development
Re: Was I confused? L2 Guest LAN, z/VM 5.4
I defined it to TCPIP with DIRM NICDEF and I don't see any way to specify whether I mean Layer 2 or Layer 3. I just defined it as QDIO. I think my cough syrup is failing me. How do I tell DIRMAINT, no, really, QDIO *ETHERNET* ? Huh...that appears to be an interesting oversight on our part. I've forwarded your note off to the dirmaint developer for verification, but it doesn't look like it's possible at this point. Regards, Miguel Delapaz z/VM Development
Re: Was I confused? L2 Guest LAN, z/VM 5.4
*Sigh*...yeah it's Friday...you tell the TCP/IP stack that this is a Layer 2 device by specifying the ETHERNET option on the LINK statement in PROFILE TCPIP Regards, Miguel Delapaz z/VM Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 05/15/2009 01:33:27 PM: Adam, You don’t specify layer 2 or 3 on the NICDEF. You specify it on your DEFINE LAN or DEFINE VSWITCH statement. Yeah, but I DID that: Here's the L3 LAN: LAN SYSTEM GLAN1Type: QDIOConnected: 1Maxconn: INFINITE PERSISTENT UNRESTRICTED IPAccounting: OFF Here's the L2 LAN: LAN SYSTEM L2LANType: QDIOConnected: 2Maxconn: INFINITE PERSISTENT UNRESTRICTED ETHERNET Accounting: OFF I'm *pretty* sure (but not positive) that the lan definitions predated adding the NICs to TCPIP Adam
Re: Was I confused? L2 Guest LAN, z/VM 5.4
OK, so, look, surely I'm not the first person to want to do this. With the ETHERNET option on the QDIOETHERNET LINK statement (in case you missed my other note) Regards, Miguel Delapaz z/VM Development
Re: How can I make my TCPIP run?
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 05/01/2009 09:13:17 AM: It is running Now! I spent two weeks troubleshooting. :) I think IPWZARD help me create those TCPIP stack lines? Ah...IPWIZARD is meant to be used only with real network devices, not virtual NICs. I just looked through the Guide for Automated Installation and Service and that fact doesn't seem to be made clear at all. We'll need to get that taken care of. Could you tell me what is the best place to put VSWITCH Grant command? Some document said is system config ? TCPIP configuration file? Which one is the better and simple way if lots of Linux guests run on it? The GRANT command needs to go in SYSTEM CONFIG. Regards, Miguel Delapaz z/VM Development
Re: routing via vswitch
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 04/07/2009 03:58:47 PM: IFCONFIG Z530 DOWN DTCIFC2610E The POINTOPOINT operand is required, but has not been specified Ready(8); T=0.08/0.10 16:02:58 ***(I did NOT understand that error at all!) Uhh, yup. That looks like a bug. Feel free to open a PMR. FWIW, this was fixed in z/VM 5.4.0 Regards, Miguel Delapaz z/VM Development
Re: Find contents of any RSU
Alan, The links in the RSU Content column, take you to a list of all APARs on the releases' RSUs, along with the RSU they were included on. Regards, Miguel Delapaz z/VM Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 04/02/2009 09:32:28 AM: I just went to that site. It does not appear to show the contents of ANY RSU, just the initial ones that came with the product. (A part of that page is below, in plain test. Sorry it is so ugly.) I am looking for the contents of RSU 0801 for z/VM 5.3.0. How do I find that? VM Product LevelRSU NumberStacked Product RSU (Find RSU level for serviced products)RSU Content (service that is included, e.g. APARs, PTFs) z/VM V5.3UM97530V5.3 Stacked RSU ZVM530 TCP/IP FL 530UM97530 TCPIP530 PERFTK FL 530UM97530 VMPTK530 VMHCD 520UM97530 HCD520 OSA/SF 4.4.0UM97530 VMOSASF440 RACF 5.3.0UM97530 RACFVM530
Re: Sendfile UFT error
Tom, See APAR PK49558 Regards, Miguel Delapaz z/VM Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 03/27/2009 10:05:14 AM: Hi all, I am getting this error when I am attempting to receive a file that was sent via SENDFILE (UFTASYNC I can send files from my system, but cannot receive them.. Anyone ever seen this before? I can't find any explaination other than the pipe error. v/VM 5.3 UFTD UFTD: CONNECTION FROM KNCVMT01 UFTD FPLRVR235E VARIABLE NAME IS NOT VALID: X CRY UFTD FPLMSG004I ... ISSUED FROM STAGE 6 OF PIPELINE 1 NAME QUERYVIRTUAL UFTD FPLMSG001I ... RUNNING VARLOAD Thanks Tom
Re: SSL Encryption For TN3270
Mike, Does TN3270 support explicit/implicit SSL/TLS the same way? For example, if I set up an explicit connection by using the TLSLABEL and SECURECONNECTION ALLOWED statements in the INTERNALCLIENTPARMS will the TN3270 client negotiate SSL much the same way FTP does with AUTH TLS? When configuring for explicit do I also need to use the SECURE parm on the PORT? TN3270 behaves the same way as FTP. If the clients are going to negotiate security, there is no need for the SECURE option on the port statement. I'm asking this because what I'm seeing in my tests has me a bit confused. Config 1: TLSLABEL and SECURECONNECTION ALLOWED in INTERNALCLIENTPARMS. PORT does not have SECURE parm.In this configuration we see the Secure connections are ALLOWED and TLSLABEL is messages in the TCPIP startup log, but SSL-enable clients cannot connect. Non- SSL clients can connect OK. What client(s) are you using? Regards, Miguel Delapaz z/VM Development
Re: TCP/IP VM default gate
NETSTAT GATE is what's going to show the stack's routing table. If you have a DEFAULTNET route specified on your GATEWAY statement and you don't see a default route in the NETSTAT output, check the TCP/IP server's console for error messages. Regards, Miguel Delapaz z/VM Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 02/25/2009 10:47:31 AM: Version 5.4 – need to see active routes; With the netstat command I do Not see my DEFAULTNET - Default route address Is there another query command I should try? CMD: netstat gate Regards
Re: non-routing OSA
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 02/16/2009 08:02:37 AM: From: Alan Altmark/Endicott/i...@ibmus 2) And, OTOH, will a non-routing OSA pass through traffic aimed at an IP address which IS one of the HOME addresses of a stack connected to the OSA, even if that address is NOT an address on the OSA itself, but on some other defined interface? If the IP host registers all of its home addresses in the OSA, yes. (VM TCP/IP does.) As of z/VM 5.3, the TCP/IP stack no longer registers all of it's HOME addresses in the OSA. We now only register IP addresses assigned to the OSA, IP addresses which the OSA has assumed responsibility for due to an outage (IP Takeover), and VIPA addresses. Regards, Miguel Delapaz z/VM Development
Re: FTPEXIT Question
Mike, Could you open a PMR for this? It seems our FTP server is misbehaving here. We should not be sending back the 503 in this case. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 11/19/2008 10:42:25 AM: Well DRAT! Here is my problem. We have no control over the various FTPS clients out there and what they THINK they should send in explicit SSL mode. Two Windows clients I am testing always insist on sending PBSZ 0 and PROT P at the start of EVERY command sent to the server, even though the channel was already secured with PROT P at the start of the session. The redundant PROT P's get RC 503 BAD COMMAND SEQUENCE and terminate on that error (and these particular clients can't be configured to ignore errors, they stop on ANY error).
Re: TCPIP autolog retry
Steve, This is controlled by the MAXRESTART statement in PROFILE TCPIP. The default is 5. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 11/20/2008 10:40:51 AM: In PROFILE.TCPIP, I have a TCPIP server (we’ll call it server_a) listed in the AUTOLOG directive. When server_a terminates, abends, etc, it gets autolog’d and comes back up. However, there seems to be a fixed number of times TCPIP does the autolog and then stops trying. Can the number of times autolog’d be changed? I looked through the TCPIP P and C but found nothing obvious. Thanks, Steve
Re: FTPEXIT Question
Mike, The return string is used to send a message back to the client when the exit rejects a command (and only if you set the return code to 4 or 12). It will reject the command with a 502 return string. There is no mechanism for modifying the command that gets sent to the server. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 11/19/2008 10:24:42 AM: snip I know this code is executing because I see my FTPEXIT: RetMsg on the console, but the FTP Server is ignoring my RETSTRING (NOOP) and still attempting to execute PROT P. What am I doing wrong here? Should I be using a RETURN_CODE other than 0 to indicate that FTP should evaluate my RETSTRING? I'm confused.. :( -Mike
Re: Problem with TCPIP and HIPERSOCKET in secondlevel VM
Do you have the PTF for PK69986 applied? Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 10/09/2008 06:20:19 AM: Can anyone give me a hint whats wrong ?
Re: HiperSockets Question
Packet fragmentation is done in the TCP/IP stack. The stack will chunk the packet up into smaller packets before sending it over the HiperSockets device. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 08/20/2008 12:40:47 PM: [image removed] HiperSockets Question Martin, Terry R. (CMS/CTR) (CTR) to: IBMVM 08/20/2008 12:43 PM Sent by: The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU Please respond to The IBM z/VM Operating System Hi If I am using HiperSockets and my MTU size is 1500 and a pass a packet size of 2000 will the data in the packet be truncated since it is bigger than 1500? I thought I read that since HiperSockets is memory transfers that the MTU can not be split like it would over a normal transmission pipe, meaning that for a 3K packet size over a MTU 1500 link would not be split into 2 transmissions. Am I correct in the assumption? Thank You, Terry Martin Lockheed Martin - Information Technology z/OS z/VM Systems - Performance and Tuning Cell - 443 632-4191 Work - 410 786-0386 [EMAIL PROTECTED]
Re: HiperSockets Question
If you wanted to get nitpicky, it would actually need 3 fragments to account for the extra IP header(s). :-) Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 08/20/2008 01:38:48 PM: Yes and no. :-) It won't be truncated, but it will be fragmented. The MTU is the Guardian of the Gate. It prevents the IP layer from sending a packet too large for the underlying interface to handle. So a 3K packet over an MTU 1500 link will result in two fragments, each 1500 bytes. Alan Altmark z/VM Development IBM Endicott
Re: DOS attack details in
Mike, Smurf attacks are malformed ICMP echo packets. They aren't directed to a particular port. You've got all the information there is :-) Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 07/31/2008 07:40:23 AM: [image removed] Re: DOS attack details in Mike Walter to: IBMVM 07/31/2008 07:42 AM Sent by: The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU Please respond to The IBM z/VM Operating System Dunno, I'm not an IP (or networking) Wizard, either. Not sure what else might be able to be gathered, but at least TCPIP knows what port was being attacked. Great minds will think of more. Perhaps information for that IP address obtained from NETSTAT CONN? Wizards will think of more. Anything else it could provide could be useful in tracking down the offending attacker, and preparing them for a public hanging. ;-) Mike Walter Hewitt Associates Any opinions expressed herein are mine alone and do not necessarily represent the opinions or policies of Hewitt Associates. Hughes, Jim [EMAIL PROTECTED] Sent by: The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU 07/31/2008 09:31 AM Please respond to The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU To IBMVM@LISTSERV.UARK.EDU cc Subject Re: DOS attack details in I used the IP address to track down the offending MAC system. What other information would be available? Just curious. Jim Hughes 603-271-5586 Its kind of fun to do the impossible. (Walt Disney) =-Original Message- =From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On =Behalf Of Mike Walter =Sent: Thursday, July 31, 2008 10:25 AM =To: IBMVM@LISTSERV.UARK.EDU =Subject: Re: DOS attack details in = =Thanks, Jim, = =The source of this one-time attack is less important than getting clear =documentation about _who/what_ is doing the attack _when_ it happens. =I have no problem writing automation to gather the details no matter how =many hoops I have to jump through - until I have to jump through what I =then deem as too many, at which point I'll whine about needing to =improve the diagnostic process flow! :-)~ = =But getting the details when they are available (we have the luxury of =IPLing each Sunday night - and DO), and getting them to the right people =nearer to the attack time: now IMHO, that's a worthy goal. = =Mike Walter =Hewitt Associates =Any opinions expressed herein are mine alone and do not necessarily =represent the opinions or policies of Hewitt Associates. = = = =Hughes, Jim [EMAIL PROTECTED] = =Sent by: The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU =07/31/2008 09:05 AM =Please respond to =The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU = = = =To =IBMVM@LISTSERV.UARK.EDU =cc = =Subject =Re: DOS attack details in = = = = = = =We had this DOS attack and tracked it back to a MAC computer on the =network. It was doing some sort of broadcast network thing. I can supply =the details if it's important to anyone. Not being a network wizard, I =tend to forget the details. = = =Jim Hughes =603-271-5586 =Its kind of fun to do the impossible. (Walt Disney) = ==-Original Message- ==From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] =On ==Behalf Of Mike Walter ==Sent: Thursday, July 31, 2008 9:28 AM ==To: IBMVM@LISTSERV.UARK.EDU ==Subject: DOS attack details in == ==Back on July 15, we experienced our first known Denial of Service =attack ==(more likely a problem server). ==I reported it to our Internet Security group including: == ==From the nearly anonymous/invisible TCPIPMESSAGE file in ==TCPMAINT's reader: ==---snip ==DTCUTI001E Serious problem encountered: 15:38:55 07/15/08 ==DTCUTI002E A denial-of-service attack has been detected ==---snip--- == ==Issued after the nearly anonymous/invisible TCPIPMESSAGE =file in ==TCPMAINT's reader was accidentally discovered: ==---snip--- ==netstat dos ==VM TCP/IP Netstat Level 510 == ==Maximum Number of Half Open Connections: 512 == ==Denial of service attacks: == Attacks Elapsed ==Attack ==Attack IP Address Detected Time ==Duration == --- - - ==- ==Smurf-IC 10.64.103.250 1 2:27:08 ==0:00:00 ==Ready; T=0.02/0.02 18:13:13 ==---snip--- == ==So I asked our Internet Security team who might be the offending ==10.64.103.250. In turn they asked me for the port number being used =for ==this attack, and the mac address of the attacking machine. =Unfortunately, ==none of that is available after the attack (which was admirably and ==automatically quashed by the z/VM TCPIP stack). == ==Would
Re: Performance Tool Kit
I believe this means PERFSVM doesn't have permission to bind to whatever port it's trying to use. Make sure you have an entry in the PORT statement of the TCP/IP server's configuration file. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 07/11/2008 02:13:05 PM: Hi I take that back I seem to be getting my MONITOR information. It will still be interesting to know what it really meant. The error message does not offer a whole lot of information. Thank You, Terry Martin Lockheed Martin - Information Technology z/OS z/VM Systems - Performance and Tuning Cell - 443 632-4191 Work - 410 786-0386 [EMAIL PROTECTED] From: Martin, Terry R. (CMS/CTR) (CTR) Sent: Friday, July 11, 2008 5:08 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Performance Tool Kit Hi I am starting up the PERFSVM Machine and I am receiving the following error: FCXTCP576E Error number 13 for BIND call Does anyone know what this means. It is obviously causing me not to see most of the DATA fields in the MONITOR!
Re: TCPIP
IFCONFIG linkname UP or NETSTAT OBEY START devicename Issue either command from a user ID in the TCP/IP server's OBEY list Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 07/10/2008 11:23:26 AM: Hi I found out that there was an issue with this 10.17xxx which has been corrected. I have another question, is there a way to START a TCP/IP DEVICE outside of the TCPIP PROFILE? Thank You, Terry Martin Lockheed Martin - Information Technology z/OS z/VM Systems - Performance and Tuning Cell - 443 632-4191 Work - 410 786-0386 [EMAIL PROTECTED]
Re: TCPIP
MAINT should be fine. You don't need to use OBEYFILE if all you're trying to do is start a device (which is what I thought your question asked). The commands I mentioned will do that just fine. If you need to configure a device, IFCONFIG can take care of that as well and IMO tends to be significantly more straightforward than OBEYFILE. See TCP/IP Planning and Customization or HELP TCPIP IFCONFIG for command options. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 07/10/2008 12:25:03 PM: For instance I can issue one of these commands from the MAINT USERID? Do I need to add this to a OBEY profile and then do a OBEYFILE PROFILE X From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Miguel Delapaz Sent: Thursday, July 10, 2008 2:50 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: TCPIP IFCONFIG linkname UP or NETSTAT OBEY START devicename Issue either command from a user ID in the TCP/IP server's OBEY list Regards, Miguel Delapaz z/VM TCP/IP Development
Re: TCPIP
Whitespace isn't terribly interesting in CMS NAMES files (which SYSTEM DTCPARMS is). Your statement could look as follows and work just fine: :nick.TCPIP:type.server :class.stack :ATTACH.8304-8306, 8900-8902, 9300-9302, EA00-EA02, EB00-EB02 Continue as needed :-) Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 07/10/2008 03:56:01 PM: [image removed] Re: TCPIP Martin, Terry R. (CMS/CTR) (CTR) to: IBMVM 07/10/2008 03:56 PM Sent by: The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU Please respond to The IBM z/VM Operating System Hi What I have works. I am going to have to add more and I need to continue the statement on another line. Do you know the proper syntax to continue the ATTACH on another line? Thank You, Terry Martin Lockheed Martin - Information Technology z/OS z/VM Systems - Performance and Tuning Cell - 443 632-4191 Work - 410 786-0386 [EMAIL PROTECTED] Does anyone know the proper syntax for continuing the :ATTACH statement in the TCP/IP PROFILE? My SYSTEM DTCPARMS follows: .** .* SYSTEM DTCPARMS created by DTCIPWIZ EXEC on 6 May 2008 .* Configuration program run by MAINT at 09:36:31 .** :nick.TCPIP:type.server :class.stack :ATTACH.8304-8306,8900-8902,9300-9302,EA00-EA02,EB00-EB02 Thank You, Terry Martin Lockheed Martin - Information Technology z/OS z/VM Systems - Performance and Tuning Cell - 443 632-4191 Work - 410 786-0386 [EMAIL PROTECTED]
Re: pipe question
How about: 'PIPE', '| STEM x', '| APPEND FILE NAME A', '| OUT FILE A' Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 04/15/2008 12:43:51 PM: I am trying to build a pipe to do the following: 1. copy records from a stem into a file 2. append an existing file after the above file
Re: A different VM FTP Question
The control port has to be secure before you can use PRIVATE to secure the data port. You can issue CPROTECT to secure the control connection on the fly. Alternately, use the SECURE option on the FTP command, or take a look at the SECURECONTROL and SECUREDATA statements in the FTP DATA file. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 02/05/2008 01:20:06 PM: I have SineNomine's SSLSERV installed on my z/VM 5.3 system and I can establish secure telnet sessions. I tried to configure FTP to take advantage of SSL as well. In SRVRFTP CONFIG, I specified TLSLABEL Y2KVM07, the certificate in the SSLSERV database, SECURECONTROL ALLOWED and SECUREDATA ALLOWED. Is that all that is required or do I need a different FTP service machine? Will the IBM FTPSERVE establish a secure connection. If so, how do I tell it to do so? I entered PRIVATE after an FTP session had been established between a couple of test systems, both of which have SSLSERV installed but got back the following message. This is what I got when I issued PRIVATE on the client end of an FTP session: /Command: private Control connection is not secure / Do I need to specify a control port for FTPSERVE with the SECURE keyword and the certificate name? Jim -- Jim Bohnsack Cornell University (607) 255-1760 [EMAIL PROTECTED]
Re: A different VM FTP Question
In order to use self-signed certificates, you must specify the CERTNOCHECK as well Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 02/05/2008 02:05:36 PM: On Feb 5, 2008, at 3:55 PM, Miguel Delapaz wrote: The control port has to be secure before you can use PRIVATE to secure the data port. You can issue CPROTECT to secure the control connection on the fly. Alternately, use the SECURE option on the FTP command, or take a look at the SECURECONTROL and SECUREDATA statements in the FTP DATA file. ftp localhost (secure VM TCP/IP FTP Level 530 Connecting to LOCALHOST 127.0.0.1, port 21 220-FTPSERVE IBM VM Level 530 at SNAVM3, 18:09:07 EDT TUESDAY 2008-02-05 220 Connection will close if idle for more than 5 minutes. AUTH TLS 234 Security data exchange complete Unable to secure control connection: (2001) Certificate error checking is not va lid for self-signed certificates Well, poo! Adam
Re: TCPIP troubleshooting
*ahem* Using NETSTAT OBEY wouldn't fix ifconfig. It would eliminate the need for the minidisk password while severely limiting the amount of data we can send to the stack. While this wouldn't be an issue for starting/stopping interfaces, creating/modifying interfaces is an entirely other story. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 11/20/2007 02:12:31 PM: On Tuesday, 11/20/2007 at 02:40 EST, Dave Keeton [EMAIL PROTECTED] wrote: Thank you, Alan. Using ifconfig, I see that the interface is listed as DOWN: GBE200 inet addr: 10.254.145.64 mask: 255.255.255.0 DOWN MTU: 8992 vdev: 2912 rdev: 2912 type: QDIO ETHERNET portname: DEV2900 ipv4 router type: NONROUTER ipv6: DISABLED cpu: 0 forwarding: ENABLED RX bytes: 1080326 TX bytes: 1719553 When I try to bring it up with ifconfig gbe200 up, it says: DTCIFC2654E TCPIP is unable to link to your 191 minidisk which is DTCIFC2654E currently accessed as file mode A and the interface says down. I've tried it as TCPMAINT and as MAINT (linking to TCPMAINT's 592 disk). ifconfig gbe200 up -mdiskpw password You have to provide the password for your A-disk. Alternately, NETSTAT DEV to get the device name associated with link GBE200 and NETSTAT OBEY START device name. If Miguel *really* cared about us, he'd fix ifconfig to use NETSTAT OBEY instead of OBEYFILE. ;-) Alan Altmark z/VM Development IBM Endicott
Re: Changing TCIP Configuration on the fly
Suleiman, Like Kris said, OBEYFILE is what you want for making dynamic changes to the TCP/IP configuration. It's documented in the back of the TCP/IP Server Configuration chapter of Planning and Customization. However, you cannot increase the databuffer pool size (or the size of any of the other pools) dynamically. The values specified in the PROFILE TCPIP are initial allocations only. If the TCP/IP server runs low on a particular control block, it will dynamically allocate more automatically (and send a note to the INFORM list). Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 11/05/2007 09:31:28 AM: Greetings, Where can I find info to change the TCPIP configuration on the flY? Like increasing the databuffer pool size? Thanks. Suleiman Shahin Windows Live Hotmail and Microsoft Office Outlook – together at last. Get it now!
Re: VSWITCH initial startup
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 09/20/2007 11:24:22 AM: On Thursday, 09/20/2007 at 01:19 EDT, [EMAIL PROTECTED] wrote: ... ... (a bunch of other CTCAs deleted here) :vCTC.C02 SP2TEST 0C03 :vCTC.C03 SP2TEST 0C02 :vCTC.D08 SP4 0675 :vCTC.D09 SP4 0674 :authlog.AUTHLOG FILE A ... is my VSWCTRL1 trying to COUPLE to SP4? but then, why isn't trying to COUPLE to SP2TEST as well? If a :vctc. fails, the whole process comes to a stop. Actually, that's not the reason it doesn't try to couple to SP2TEST. We only process one :vctc. tag (the last one specified). If you want multiple CTC devices (which is kind of essential), they need to be specified as: :vCTC.C02 SP2TEST 0C03, C03 SP2TEST 0C02, D08 SP4 0675, D09 SP4 0674 Regards, Miguel Delapaz z/VM TCP/IP Development
Re: VSWITCH initial startup
The DTCPARMS file is discussed in TCP/IP Planning and Customization Chapter 5. General TCP/IP Server Configuration Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 09/20/2007 12:31:42 PM: Alan, thanks for spotting that. I inherited this system, so I am still sorting out what is where. is there a manual that explains how to code DTCPARMS ? prg Phillip Gramly Systems Programmer Communications Data Group Champaign, IL There's your error. You copied the stack class definition to your SYSTEM DTCPARMS and changed it. Don't do that. When you alter a class definition, it applies to ALL instances of :class.stack. VSWITCH controllers are :class.stack. 1. Move those :vctc tags to your :nick.TCPIP :type.server definition. 2. Remove the :nick.stack :type.class definition from SYSTEM DTCPARMS. is my VSWCTRL1 trying to COUPLE to SP4? but then, why isn't trying to COUPLE to SP2TEST as well? If a :vctc. fails, the whole process comes to a stop. can i have a separate DCTPARMS just for my VSWITCH controllers ? You can, but there's no need. Alan Altmark z/VM Development IBM Endicott
Re: TCPIP config changes in z/VM 5.2
Berry, This issue was addressed in APAR PK42210 Regards, Miguel Delapaz z/VM TCP/IP Development Now I noticed the default was presented as a default gateway (flags UGS) in the old VM and the new one is a host (flags UGHS). Other than that I think the netstat gate output is the same in both systems. Any ideas on how to fix this? TIA, Berry.
Re: Secure FTP On z/VM 5.3
Mike, Secure FTP was possible prior to z/VM 5.3. You had to specify SECURE on the PORT statement for the FTP server and the client had to initiate a secure connection to the port. In z/VM 5.3 we've added the ability for the client and server to negotiate security options based on RFC 4217 (Securing FTP with TLS). Configuration of the FTP server to support TLS is discussed in TCP/IP Planning and Customization, Chapter 8. Configuring the FTP Server (specifically Step 6: Configure Secure FTP Connections). Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 08/08/2007 06:35:34 AM: Hi Folks, I thought that with the introduction of SSL on z/VM 5.3 we'd be able to do secure FTP in/out of VM. I'm in the process of installing and configuring z/VM 5.3 second level right now (and getting the required Linux guest set up for SSL support) - but I don't see anything which suggests secure FTP is supported. Is secure FTP possible with z/VM 5.3's TCPIP (inbound, outbound, or both)? If it is, can someone point me to the doc discussing this (I've read all of the z/VM 5.3 TCPIP manuals and the Program Directory, and I just don't see this ...)? -TIA -Mike
Re: Secure FTP On z/VM 5.3
The CMS FTP client was also updated to support TLS. Configuration and usage is discussed in the TCP/IP User's Guide, Chapter 2. Transferring Files Using FTP under the heading Transferring Files Using Secure FTP Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 08/08/2007 07:03:54 AM: Thanks Miguel. This will provide the ability to do S-FTP INBOUND to z/VM's FTPSERVE from the looks of it, but will CMS users be able to S-FTP OUTBOUND to other S-FTP servers (local z/VM FTPSERVE or on remote systems)? -Mike
Re: [OT] How to determine if running as a multitasking CMS app
I think Atlantic Standard Time would make more sense...but still...why bother to log in? :-) Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 07/10/2007 07:06:19 AM: On Monday, 07/09/2007 at 10:30 AST, Rick Troth [EMAIL PROTECTED] wrote: ... Alan Altmark z/VM Development IBM Endicott 10:30 AST? Alaska Standard Time? You're in Alaska, Alan? If so, why bother to log in?
Re: Z/VM, FTP, Server not responding
Jim, The timeout values are configured in the FTP DATA file. There are a few knobs in there that you may need to twist depending on what's causing the timeout - CCONNTIME, DATACTTIME, DCONNTIME, INACTTIME MYOPENTIME Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 06/26/2007 11:57:29 AM: Where would I increase the timeout value for a timeout to occur between the Z/VM FTP Client and a windows server? I have been seeing a few: DTCFTC0334E In SendToTcp: Server not responding, closing connection. error in SendToTcp Abnormal inter-VM communication condition The manual says it's a timeout. Where is the knob I twist to increase the timeout setting? Jim Hughes 603-271-5586 There's no sense in being precise when you don't even know what you're talking about. John von Neumann
Re: TCP/IP Message
Berry, No, there's no logic in the TCP/IP stack to reduce the size of the buffers once they've been expanded. It would be nice though... Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 06/22/2007 03:40:44 PM: Hello Alan, That would get me to a question, are buffers that are dynamically extended automatically reduced once they're no longer needed? As you state, more buffers could have impact for other users. So suppose we would have a sudden need for larger buffers to perform some action. If the action is finished and the larger buffer still remains it too would have an impact on the available storage. Regards, Berry.
Re: Destination Z
I think it brings up too many thoughts of Final Destination to use as a movie title...'cause those movies definitely were not blockbusters and were very far from cool :-) Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 06/25/2007 02:50:58 PM: On Monday, 06/25/2007 at 11:30 ZE2, Rob van der Heij [EMAIL PROTECTED] wrote: PS Somehow my gmail client shows me all advertising for vacation in Mexico or Seychelles with all posts about IBM's new service... :-) I admit that Destination Z is not a luxurious vacation spot (but would probably make a cool summer blockbuster movie!). It is, however, a nice portal to access more of the Why z? information we have been asked to provide, focusing more on business rather than technology. Alan Altmark z/VM Development IBM Endicott
Re: DTCPRS058I Line 431: GATEWAY format deprecated, consult documentation
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 03/29/2007 08:09:37 AM: Perhaps I'm the only one who finds that message to be not very helpful. Perhaps so. It's only an Information-level message. Deprecated isn't really a new term in my experience. I've seen it used in various places (although mostly by IBM, and therein mostly by Alan/Chuckie) to describe use of facilities that have been improved, while in most cases still permitting the use of the old format. That seems to be the situation here, too. Is it wrong to relish the fact that Alan gets blamed for stuff that's not his fault? :-) Regards, Miguel Delapaz z/VM TCP/IP Development
Re: [EMAIL PROTECTED]
Registrant: DXI Networks Ltd Lower Ground Floor, 24 Chiswell Street London, EC1Y 4TYUK Domain Name: VM01.COM Administrative Contact , Technical Contact : DXI Networks Ltd [EMAIL PROTECTED] Lower Ground Floor, 24 Chiswell Street London, EC1Y 4TY UK Phone: +44 20 7579 8100Fax: 123 123 1234 Record expires on 08-Sep-2009 Record created on 20-Feb-2007 Database last updated on 20-Feb-2007 I'm gonna go with no Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 03/14/2007 10:00:07 AM: Our spam filters just filtered out mail from the subject email address. Is it legit? Regards, Richard Schuh
Re: OSA question
Without getting into too much detail (mostly because I can't remember the history), the z/VM TCP/IP stack sends ALL of the IP addresses in its HOME list down to any OSA that it is attached to. Changes have been made to the OSA driver in z/VM 5.3.0 such that this no longer occurs. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 03/09/2007 02:33:33 AM: Why is the home address for the ESC1 link placed in the OSA for device DEVGEF11 that is connected to another network
Re: Layer 2 VSWITCH
Raymond, q lan vlinux1 details VSWITCH SYSTEM VLINUX1 Type: VSWITCH Connected: 0Maxconn: INFINITE PERSISTENT RESTRICTEDETHERNET Accounting: OFF VLAN Unaware State: Disconnected QueueStorage: 8 Portname: OSADXVM1 RDEV: F912 Controller: NONE Error: No Layer 2 Portname: OSADXVM2 RDEV: FD12 Controller: NONE Error: No Layer 2 Ready; The No Layer 2 in the Error: field means the devices you're trying to use do not support layer 2 mode. Regards, Miguel Delapaz z/VM TCP/IP Development
Re: z/VM 5.2 conversion IP problem (solved)
This is why the OSPF configuration in z/VM 5.2 no longer allows a mask of 255.255.255.255. I'm not saying z/OS is necessarily correct, I'm just pointing it out to avoid further confusion. (Yeah, right. Sure.) Bug, IMHO. Valid route, should be valid syntax. The fact you *can* shoot yourself in the head is not the tool's problem. Your gun, your foot. We're not talking about a route here. We're talking about the subnet mask on the interface configuration. Host routes are handled just fine. I agree, allowing customers to shoot them selves in various parts of their anatomy is *not* the tool's problem. However, it does become our problem when the shot is taken, they call us and their overall user experience is less than favorable. I think having the tool unload the gun is preferable. Regards, Miguel Delapaz z/VM TCP/IP Development
Re: z/VM 5.2 conversion IP problem
I believe Alan brought this up yesterday, but I'll mention it again...the IP address on you VM system (in your HOME statement) *MUST* be different from the IP address on your linux system (i.e. the IP address on the HOST GATEWAY route): HOME 192.168.099.227 255.255.255.000 LLINUX27 GATEWAY ; Network Subnet First Link MTU ; Address MaskHop Name Size ; - --- --- - 192.168.099.227 HOST= LLINUX27 9216 Regards, Miguel Delapaz z/VM TCP/IP Development
Re: z/VM 5.2 conversion IP problem
Of course this throws things off even more as on the z/VM 5.1 system, I only had the single HOME entry (for 205.235.227.74) and I had (working correctly) about 3 dozen other interfaces. Attached is the old config file for z/VM 5.1. I agree that I may have gotten away with things that now, the newer code won't let me. And that may be a great part of my confusion. Looking at the config file, and the IFCONFIG output you've added, I see what you're trying to do. If this *exact* same configuration worked on z/VM 5.1, I'm not sure that we've *explicitly* changed anything to prevent it from working now. That's not to say we haven't made changes that cause it not to work because we very well may have. Note that you're really running (or trying to run) with an invalid configuration, and this is why it's important to have pictures of the network and a decent understanding of what all of the information on your network picture corresponds to. Below, I'll draw a basic diagram of what I understand your network to look like based on what you've told us and explain why your configuration doesn't make sense. -- | Linux | | Guest | -- o - Linux Guest's IUCV interface (IP address: 192.168.99.227) | | | | | o - VM System's IUCV interface (IP address: ???) -- | VM| | System | -- o - VM System's QDIO interface (IP address: 205.235.227.74) | | | | --- | Outside Network| --- So...based on this picture, 192.168.99.227 has no *real* direct connection to 205.235.227.74. It may be possible (depending on how strict the IP stack's implementation is) to trick this configuration into working. But relying on such a trick to continue working in the future is probably not a great idea. The only way to truly ensure connectivity is to assign an IP address to the VM System's IUCV interface(s). 1. Do I need a HOME statement for each interface? It seems that on z/VM 5.2, if I don't have one, I can't connect to the adjecent host. To really be a *valid* configuration, yes you do. 2. If I need a HOME statement for each interface, can the IP address for that interface be any unused IP address? One that is on the same class C network (such as 192.168.99.1xx for the 2xx hosts)? Or do I need to spread out the HOST addresses out so that a .252 subnet can address a unique network along with a single unique host (that is, instead of consequitive IP addresses for hosts, every 4th IP address)? It depends. If you're running a dynamic router (MPRoute) on VM, you're most likely going to have to resort to the .252 subnets (a good reason to think about ditching the point to point links and start implementing guest LANs). If you're not running a dynamic router, you can go with a less drastic trick and, like you said, use 192.168.99.1xx IP address on your VM system. If you do this, you should probably NOT put a subnet mask on the HOME statement for the IUCV links. Since they aren't really on the same subnet (physically), you don't want a subnet route for them. Simply add the appropriate HOST routes to your GATEWAY statement. 3. Then on the GATEWAY side. What I got use to (or got away with) on z/VM 5.1, was the first parm being the IP address of the HOST I was going to. The manual says that this isn't an IP address, but rather as subnet address. Getting those confused is part of my mistake. But it worked. Why? Is this a case of the code being tighten? However, as I now reread the manual, the first parm is the IP address of the host that is on the destination network and HOST is used to specify a host entry. So I would seem that my GATEWAY entry: 192.168.099.227 HOST= LLINUX27 9216 is correct. Yes, this is correct. If you read further in the description of the first operand the doc says: Alternatively, ipv4_dest can be specified as the IP address, in dotted-decimal form, of any host that is on the destination network. Which is really what applies in this case. Regards, Miguel Delapaz z/VM TCP/IP Development
Re: z/VM 5.2 conversion IP problem
My other post goes into more detail on the answers to these...but I'll reiterate here 1. I do need a HOME statement for each interface, 30 some odd HOME statementsright? Essentially, yes. 2. The IP statement on the HOME statement: a. Cannot duplicate any other IP address in the network True b. Must be in the same subnet as the IP address for the host (Linux27) True c. Each link, will have its own subnet which contains the IP address of the link and the IP address of the host. True if you're running a dynamic router...otherwise, not necessarily d. I can't have sequential IP addresses (incremented by 1) for my Linux hosts. True if you're running a dynamic router...otherwise, not necessarily e. The subnet address associates the IP address on the link with the IP address for the guest. True 3. My GATEWAY statement seems to be correct Yes Regards, Miguel Delapaz z/VM TCP/IP Development
Re: z/VM 5.2 conversion IP problem
You don't *have* to have the HOST entry if you have the subnet route. It doesn't hurt, and will make some things more clear. For example, the P-t-P address on the IFCONFIG output is taken from the HOST routing entry. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 01/16/2007 07:00:31 AM: On Tuesday, 01/16/2007 at 08:22 CST, Tom Duerbusch [EMAIL PROTECTED] wrote: OK, so I took out the statements in the HOME area. When I did that, VSE (via VCTCA, or the sole Linux image that is still using IUCV) wouldn't connect anymore. Sorry for not being clearer: - You must have a HOME entry for each interface - You may not duplicate any IP address in the HOME list. Each must be unique. - You should put each VM--VSE connection in its own .252 subnet. To the extent you are using host routes - You must have a HOST entry in the GATEWAY for each p2p peer. (Hmmm...Miguel: Do you still have to do that if you use a .252 subnet?) Alan Altmark z/VM Development IBM Endicott
Re: z/VM 5.2 sl 0602, OSA/IP problem
Tom, You have one network device on your system (QDIO1 - 192.168.193.3). Your routing table states that you have a direct connection throught that device to 205.235.227.0/24 which is not on your network. So, you're not on the same network as the default gateway you have configured, which would explain why you cannot PING 205.235.227.41, 205.235.227.74 and 192.168.3.21. As to why you can't PING 192.168.194.1, I'm not sure, is that host up? Is that host actually attached to the same network as QDIO1? Regards, Miguel Delapaz z/VM TCP/IP Development
Re: IBM sues PSI
Second, I'm with Richard Schuh. I can't get the URL to work either. And yes, I noticed that it wrapped. Even pasting the two bits together doesn't yield a working URL for me. Perhaps someone who got it to work could send the last part (starting with ArticleID=). articleID=196601550 Regards, Miguel Delapaz z/VM TCP/IP Development
Re: VM web site
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 12/01/2006 10:44:21 AM: Note that my email ends similarly, but at least not self-contradictorily. I beg to differ... This message (including any attachments) contains confidential information intended for a specific individual and purpose, and its content is protected by law. If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this transmission, or taking any action based on it, is strictly prohibited. If I delete this message are I not, by definition, taking any action based on it? Regards, Miguel Delapaz z/VM TCP/IP Development
Re: IPWIZARD z/VM 5.2
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 11/22/2006 12:01:17 PM: Anyway, am I correct in that the IPWIZARD doesn't handle a supernet? Tom, It seems you're correct. This is a bug. Please contact the support center to have them open an APAR. Regards, Miguel Delapaz z/VM TCP/IP Development
Re: Another PIPE how to
I don't believe there is an option to do what you're asking. The STEM stage isn't stripping off the leading 0. It's starting at TABLE.1 and working its way up to TABLE.(0+TABLE.0). Is there any reason your code needs to specify the leading zeroes when setting the fields in TABLE.? Or perhaps some more information about how the indexes into TABLE relate to the data or display would be helpful. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 11/08/2006 09:16:27 AM: Hi Plummers, I have a little PIPE question. I have an exec where I build a stem as follows. field1 = HELLO field2 = GOODBY . . field99 = THE END TABLE.0101 = field1 TABLE.0202 = field2 . . . TABLE.2480 = field99 SAY TABLE.0101 will say 'HELLO' SAY TABLE.0202 will say 'GOODBY' When I try to use a pipe like. pipe stem TABLE. | console I don't get any entries that start with 0xxx ie 0001 thru 0999. Is there a way for pipes to NOT strip off the leading 0? Thanks Tom __ ella for Spam Control has removed VSE-List messages and set aside VM-List for me You can use it too - and it's FREE! http://www.ellaforspam.com
Re: Another PIPE how to
Okay. If you don't mind massaging the indicies a bit I've got something that *should* work: /* TEST EXEC Created by MIGUELD at 12:22:08 (EST) on 11/08/06 */ TABLE. = /* Initialize the TABLE stem to nulls */ TABLE.0 = 12480 /* Assuming there are 2480 indicies you actually care about (-2480) */ field1 = HELLO field2 = GOODBY field99 = THE END TABLE.10101 = field1 /* Add 1 to all of the indicies to alleviate the leading zero problem */ TABLE.10202 = field2 /* */ TABLE.12480 = field99 /* */ 'PIPE', '| STEM TABLE. FROM 10001', /* The FROM says to start reading the data at 10001 and go up to TABLE.0 (12480) */ '| LOCATE', /* Get rid of any values that haven't been set (still null) */ '| CONS' You may have to doctor it a bit to suit your needs. Hope this helps. Regards, Miguel Delapaz z/VM TCP/IP Development
Re: runaway exec
HX (Halt eXecution) Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 11/07/2006 08:55:06 AM: How do I make a runaway exec quit? It is spewing out error messsages in a loop. I've been pressing [CLEAR] for hours now. Isn't there a way to interrupt it or cancel it?
Re: SMTP question
Specify SUPPRESSNOTIFICATION in your SMTP CONFIG file I believe that support was added in z/VM 4.4.0 If you're on z/VM 5.1.0 or later, you can specify RECEIVED, DELIVERED, or ALL after SUPPRESSNOTIFICATION to have a bit more control over which messages you suppress Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 10/27/2006 12:23:03 PM: Hello. When I send an email from the mainframe via SMTP, I eventually get a message back from SMTP saying that the mail has been delivered to whomever I originally sent the email. Is there a way I can suppress this message? Thanks, Steve G.
Re: OSPF problem
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 10/23/2006 08:29:30 AM: Below is my configuration for MPROUTE : Area Area_Number=1.9.6.6 Authentication_Type=Password; Comparison=Type2 OSPF_Interface IP_Address=10.27.186.199 Name=LIL1_O2 Subnet_Mask=255.255.255.192 Destination_Addr=10.27.186.200 Attaches_To_Area=1.9.6.6 Authentication_Key= MTU=1200 Router_Priority=0 Cost0=50; ; RouterID=10.27.186.199 ; OSPF_Interface IP_Address=10.22.61.19 Name=VLIL1_2 Subnet_Mask=255.255.255.192 Attaches_To_Area=1.9.6.6 Cost0=100; ; AS_Boundary_Routing Import_Static_Routes=Yes Import_Direct_Routes=Yes Import_Subnet_Routes=Yes; MPRoute is picky. You have to define all of your interfaces in MPROUTE CONFIG. If you don't want to run OSPF over a particular interface, use the INTERFACE statement rather than OSPF_INTERFACE. Regards, Miguel Delapaz z/VM TCP/IP Development
Re: TCP ports and SMTP clients
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 10/23/2006 09:54:21 AM: Are you saying that any VM user can open a connection to port 25 of the VM IP Stack, or do you mean external (to VM) users? Regards, Richard Schuh Provided you have not specified FREELOWPORTS in your ASSORTEDPARMS statement, the only users who may have a TCP Listen on PORT 25 are those that are specified with that privlidge on the PORT statement. If someone does have such a listen (the SMTP server, for example would), then any user can connect to that port to initiate a dialog with the server. The port that is used for this connection on the client's TCP/IP stack (which may or may not be the same as the server's), will generally be an ephemeral port (http://en.wikipedia.org/wiki/Ephemeral_port). Regards, Miguel Delapaz z/VM TCP/IP Development
Re: A more elegant pipe?
Building off Jim's approach: userid = 'AAA' 'PIPE', '| MY LISTING A', /* Read in datafile */ '| FRTARGET FIND 0' || userid, /* Start at first record for user */ '| NLOCATE 1-6 /1REPT:/', /* Strip headers */ '| NLOCATE 1-6 /DATE:/', /* */ '| NLOCATE 1-6 /TIME:/', /* */ '| NLOCATE 1-9 //', /* */ '| NLOCATE 1-7 /0USERID/', /* */ '| JOINCONT LEADING / / /!/', /* Put all user info together */ '| FIND 0' || userid, /* Get info for target user */ '| SPLIT BEFORE /!/', /* Get back to multiple lines */ '| CHANGE /!/ /', /* Revert our continuation character */ '| CONS' /* Display output */ This should also be a bit more tolerant than your initial solution when it comes to intervening records (e.g. throw an 0AAAFULL02 after the second header, and your pipes will give you a lot of extra junk). Regards, Miguel Delapaz z/VM TCP/IP Development
Re: A more elegant pipe?
Hmmm...nevermind my whole Building off Jim's solution thing...the first time I tried yours it didn't give me what I was expecting...But, I tried it again and it produces just what was asked for. Plus it's cleaner :-) Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 10/23/2006 01:44:52 PM: This maybe a good place to start. You could add LOOKUP to find a list of userids. /* */ PIPE (endchar ?) test data a |, strip trailing | pad 2 |, joincont leading / / /!/ |, nfind 1| , locate w 1 /EEE/ |, the answer a Return ___ Jim Hughes 603-271-5586 Action is the solitary ingredient that separates planning from delusion.
Re: SMTP Verify Client Exit
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 10/19/2006 01:59:47 PM: ... After SMTP is up and running, we have successfully sent several e- mails to outside recipients. Nothing shows up on the SMTP console. We have tried changing the say to a 'CP MSG userid ... to no avail; we also tried call diag 8, 'MSG ... - no messages were received. What does it take to get this to work? ... Regards, Richard Schuh Richard, From the z/VM TCP/IP Programmer's Reference: Note: The client verification exit is called for each HELO or EHLO command processed for each mail item received from the network. Client verification is not performed for mail items received from the SMTP virtual reader. How are you sending the mail, and from where? Something like sendfile test test a [EMAIL PROTECTED] (smtp will not result in the exit being called. If you add TRACE DEBUG to your SMTP CONFIG file you will see the following message on your SMTP console when a HELO or EHLO command is processed: #N Client verification results: data Where N is the connection number and data is a string describing the results. In my example (and I imagine in your case) data is Batch. If the exit was executed, the value would be something else (Success, Failed etc.). Regards, Miguel Delapaz z/VM TCP/IP Development
Re: SMTP Verify Client Exit
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 10/19/2006 03:28:44 PM: ... Originally, we were told that it was e-mail. Today, we got firewall monitors to check the message meaning, and the word from Cisco that it is a generic packet that has no specific connection in the firewall unit's connection table, not specifically e-mail. This appears to be a monthly occurrence, but there is no pattern connecting it with a day of month, day of week, or time of day. Not being a TCPIP guy, I am now stumped as to what we can do. Any suggestions. Regards, Richard Schuh Well, before I go making suggestions, I'd like to ask a couple of questions: 1) When did this start? 2) What changes to the network, firewall configuration and/or z/VM TCP/IP configuration/service/applications were made in the month or so before this started? 3) Do the firewall monitors have packet trace data for the packets which are flooding the firewall? The answers to these should provide at least some clues as to where to begin digging. Since the problem is not predictible (from a timeframe point of view), turning on tracing on VM is not going to be terribly helpful, so getting the packet data from the firewall is probably the easiest way to know *what* the packets are (and where the originated). Regards, Miguel Delapaz z/VM TCP/IP Development
Re: SMTP Verify Client Exit
Well, we should probably stop doing anything until #1 is resolved :-), but I'll give you some follow-ups anyway... 1. It apparently started in June or July. We were not made aware of it until this month. I say apparently because we have not been getting the full story. Ah! Herein lies the crux of the problem. If they want you to fix something, they *need* to give you the full story, otherwise you're spinning your wheels, wasting your time and theirs when complete information could significantly speed up the process. Once you get the full story (and a semi-solid start date) getting the information about what changed in the month preceding the start date would be helpful. And no matter what everyone tells you, *something* changed...I suppose it's left as an exercise for the user to figure out who is lyi...err...being forgetful. :-) 2. There were no changes that we were made aware of, we usually don't know about changes to the network until something breaks, until we installed z/VM 5.2 in August, after at least 2 occurrences. Here's where you have to go to whomever administers the network and firewall and get the information from them. Did you move from 5.1 to 5.2? or were you on some other release? Have the symptoms gotten better or worse since the 5.2 install (again, check with whomever is seeing the problem)? 3. They do not. The ones monitoring the logs are InfoSec people, not network folks. The firewall logs don't have the packet data in them? If not, talk to firewall folks and see if they can do something about having the firewall gather packet data the next time this problem occurs. Anyway, I'd say you're still several answers short of a good place to start digging. Hopefully getting decent information from the other parties involved won't be *too* painful. Regards, Miguel Delapaz z/VM TCP/IP Development
Re: SMTP on VM
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 10/17/2006 11:13:33 AM: Is SMTP that comes with our TCP/IP on 5.2.0 RFC2821 and RFC2822 compliant? Inquiring minds wanna know... Marcy Cortes I don't belive any work was specifically done to update the server to be RFC 2821 and 2822 compliant; and I imagine that wouldn't happen unless we got a requirement to do that. In fact, I imagine a requirement that begins: The SMTP server should support the following aspects of RFCS 2821 and 2822... (with business impacts etc) would be more likely to be accepted than a requirement that simply says: The SMTP server should be compliant with RFCs 2821 and 2822. That being said, are there aspects of those RFCs that you need supported that our current implementation does not support? Regards, Miguel Delapaz z/VM TCP/IP Development
Re: SMTP on VM
The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 10/17/2006 11:41:24 AM: Hi Miguel. I have this from the powers that be: Certified systems, at a bare minimum, are required to fulfill the minimal functionality requirements described in Section 4.5 of RFC 2821, the address-handling requirements described in Section 5 of RFC 2821, and the problem detection and handling requirements described in Section 6 of RFC 2821. The links for those are: http://www.ietf.org/rfc/rfc2821.txt http://www.ietf.org/rfc/rfc2822.txt That's the short version of the description - I have a long version in word doc format that I could send to you off list. Marcy Cortes Marcy, I've forwarded this information to our SMTP developer and asked him to take a look at whether or not our server fulfills these requirements. If not, we'll have to get a requirement opened for you. You can send the word doc off list if you like, I can forward that to him as well. digression BTW: I find the IETF tools website (http://tools.ietf.org) makes RFC reading much more palatable :-) See: http://tools.ietf.org/html/rfc2821 Coupled with Firefox the Document Map extension (https://addons.mozilla.org/firefox/475/), it's very powerful. /digression Regards, Miguel Delapaz z/VM TCP/IP Development
Fw: SMTP on VM
Marcy, Here is the response from our SMTP developer. Also, posting to the listserv for anyone else who is/was interested. If you have any more questions/concerns please let us know! Regards, Miguel Delapaz z/VM TCP/IP Development - Forwarded by Miguel Delapaz/Endicott/IBM on 10/17/2006 01:42 PM - Miguel, I looked at sections 4.5, 5.0 and 6.0 of RFC 2821 and our SMTP server certainly meets those requirements. As far as being compliant with RFC 2821 and RFC 2822, you are correct when you state that we did not specifically update SMTP for those RFC's. The original server was designed to meet RFC 821 and 822, but we have added additional support over the years. Our SMTP server also works nicely with our IMAP server (which provides an IMAP mailstore using SFS filespace on z/VM), in case they are interested. Joe
Re: I know it's dumb, but.......
Some Wikipedia articles relevant to this conversation: SI Prefixes: http://en.wikipedia.org/wiki/SI_prefix Non-SI Prefixes: http://en.wikipedia.org/wiki/Non-SI_unit_prefix Regards, Miguel Delapaz z/VM TCP/IP Development
Re: I know it's dumb, but.......
Well, right depends on your perspective. I was speaking of right in terms of the general SI prefix standards. 1024^n was/is used to simplify our lives because we (computers) deal with powers of 2. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 10/06/2006 02:45:57 PM: I always thought that 1024^n was right (powers of two and all that) and that hard drive manufactures choose 1000^n to make their wares look that much larger... Tom Rae
Re: New z/VM 5.2.0 Manuals May 2006
Alan, Does anyone have a list of the new manuals (and their filenames)? See: http://www.vm.ibm.com/pubs/ Did the existence of these new manuals ever get announced anywhere? Yes, it was in the announcement letter for the post-5.2.0 PTFs (IBM z/VM V5.2 New function added in support of IBM Systemz9). See: http://www-306.ibm.com/common/ssi/fcgi-bin/ssialias?subtype=cainfotype=anappname=iSourcesupplier=897letternum=ENUS206-084 Regards, Miguel Delapaz z/VM TCP/IP Development
Re: Updated Community VM Redbook outline posted
David, FYI...Works fine for me on Windows with firefox. I tried it with IE and I get the error everyone else is seeing. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 08/04/2006 12:57:55 PM: Huh. Looks fine on Linux. I pulled it over to a Windows box and regenerated the file using only pure and genuine MS and Adobe products. Try the file ending in -windows and let me know if it's still horked. David Boyes Sine Nomine Associates I had the same issue, with IE 6, Acrobat Reader 6, and Windows XP. Dennis
Re: VM TCP/IP Routing Question
Dennis, When more than one path to a destination exists, and they have the same cost (as defined by the routing protocol), z/VM TCP/IP will round robin packets to that destination through the available paths. For static routing, this behavior is controlled by the EQUALCOSTMULTIPATH parameter on the ASSORTEDPARMS statement. For dynamic routing (MPRoute), this behavior is always enabled. z/VM TCP/IP only does this on a per-packet basis (we are looking other options for the future). A hack you can use to get around this, in your case, is to modify the COST0 parameter on one your OSPF_INTERFACE statements. By forcing the links to have different costs, MPRoute will only use the path with the lowest total cost, and will no longer round-robin the packets. In the event of adapter failure, MPRoute would fail-over to using the higher cost path. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 08/02/2006 10:26:34 AM: Hi, Our network folks noticed that one of our zLinux systems is driving a lot of packet retransmissions, caused mainly because packets are being received out-of-sequence, outside the target workstation's response window (I hope I'm getting the terminology correct here). Going one step further, the network folks say this is happening because the zLinux system (actually, this is probably VM TCP/IP, as I'll explain in a moment) is transmitting packets sort of round-robin across both of our OSA interfaces, rather than picking one interface and transmitting all packets across that interface. They've asked if we can tweak our configuration to send packets across a single adapter in order to reduce retransmissions. VM TCP/IP is involved because the zLinux system is connected to a guest lan which is connected to VM's TCP/IP stack. The zLinux system has just one logical ethernet interface but VM TCPIP is connected to both OSA interfaces, via separate VSWITCH connections. Each of the VSWITCH/OSAs is attached to a separate IP subnet. Does anyone know if there's a TCP/IP or MPROUTE configuration parameter which can affect this behavior? Would this be more easily controlled using a zLinux TCP/IP stack? We've experimented with connecting a zLinux system to the VSWITCHs directly and using Zebra/OSPF in zLinux but didn't feel our traffic volume justified the increased management and automation requirements. But, maybe this would make it worthwhile? Thanks in advance for any help you can provide. Dennis Schaffer Mutual of Omaha
Re: Secondary FTP Server Help
Adam, Interesting. That little example is wrong (and it's still wrong in the 5.2.0 doc). See the information on the SRVRFTP CONFIG file in the chapter on configuring the FTP server. The PORT specification goes in there. Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 08/02/2006 04:17:19 PM: So, I've set up ftpserv2, which I want to listen on port 990 of my secondary stack, which is TCPIP2. z/VM 4.4. In his SNAVM5 DTCPARMS file (this is on node SNAVM5, natch), I've got :Nick.FTPSERV2 :Type.server :Class.ftp :Parms.port 990 Which seems to be what I want, according to p. 41 of my TCPIP Planning and Customization for z/VM 4.4. DTCRUN1011I Server started at 15:18:29 on 2 Aug 2006 (Wednesday) DTCRUN1011I Running SRVRFTP PORT 990 DTCFTS0018I VM TCP/IP Server-FTP Level 440 15:18:29 EDT WEDNESDAY 2006-08-02 DTCFTS0002I Using translate table STANDARD TCPXLBIN. DTCFTS0310I Unable to find input file: PORT 990 * So clearly it's seeing the SNAVM5 DTCPARMS, but then it thinks that :parms.port 990 means it's supposed to read that as a file name, not just use port 990. What am I doing wrong? Adam
Re: How to diagnose a gateway problem in TCP/IP?
Tom, NETSTAT OBEY was added in z/VM 4.3 Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 07/27/2006 11:08:01 AM: -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Tom Cluster Sent: Thursday, July 27, 2006 1:58 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: How to diagnose a gateway problem in TCP/IP? Alan, I have z/VM 4.2. It appears that NETSTAT OBEY isn't supported at my level: netstat obey stop ctc1 DTCNET103E Invalid parameter: OBEY I'm issuing the command from a user (MAINT) who's in the OBEY list. Is that true? - Tom.
Re: z/VM v5.2 - Common Criteria - Order Questions
It isn't a matter of grammar. It's a quote from the Highlander (http://imdb.com/title/tt0091203/) Regards, Miguel Delapaz z/VM TCP/IP Development There can only be one. (sigh) There can be only one. Alan Now that reminds me of Mr Gilmore's postings on the Assembler list. Please explain the difference for the gramatically challenged? Thanks, Shimon
Re: VM/TCPIP - TESTSITE question
In z/VM TCP/IP Planning and Customization, the chapter on Configuring the Local Host Files states the hostname in a HOSTS LOCAL file can be a maximum of 24 characters Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 07/13/2006 07:40:46 AM: To list: I recently created a HOSTS LOCAL file and did a MAKESITE for a few DNS names. Seems to work fine with one exception. When I do the TESTSITE command, it looks like one of the DNS names gets truncated. Following is the o/p from the command: us-wat-as01.internal.jltservices.com US-WAT-AS01.INTERNAL.JLT: Host address: 10.5.4.50 No gateway named 'us-wat-as01.internal.jltservices.com' No net named 'us-wat-as01.internal.jltservices.com' Name: Is there a limit on the length of the name I can specify? Thks, Bill J. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: VM/TCPIP - TESTSITE question
I should also mention that if you are on z/VM 5.1.0 or later you should consider using ETC HOSTS rather than HOSTS LOCAL (it's documented in the same chapter). The hostname limit in ETC HOSTS is 128 characters. Regards, Miguel Delapaz z/VM TCP/IP Development - Forwarded by Miguel Delapaz/Endicott/IBM on 07/13/2006 09:03 AM - Miguel Delapaz/Endicott/IBM wrote on 07/13/2006 07:54:39 AM: In z/VM TCP/IP Planning and Customization, the chapter on Configuring the Local Host Files states the hostname in a HOSTS LOCAL file can be a maximum of 24 characters Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 07/13/2006 07:40:46 AM: To list: I recently created a HOSTS LOCAL file and did a MAKESITE for a few DNS names. Seems to work fine with one exception. When I do the TESTSITE command, it looks like one of the DNS names gets truncated. Following is the o/p from the command: us-wat-as01.internal.jltservices.com US-WAT-AS01.INTERNAL.JLT: Host address: 10.5.4.50 No gateway named 'us-wat-as01.internal.jltservices.com' No net named 'us-wat-as01.internal.jltservices.com' Name: Is there a limit on the length of the name I can specify? Thks, Bill J. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: OT: And now, a note from our moderator regarding Acronym Silliness
Apparently, you're not alone :-) http://dsc.discovery.com/news/2006/06/23/immature_hum.html?category=humanguid=20060623110030 Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 06/27/2006 01:48:11 PM: Good company, indeed. I live my life by the credo that One can only be young once, but one can be immature forever. Mike Walter Hewitt Associates The opinions expressed herein are mine alone, not my employer's.
Re: OT: And now, a note from our moderator regarding Acronym Silliness
It was posted on Slashdot a couple of days ago; and about 2 or 3 minutes :-) Regards, Miguel Delapaz z/VM TCP/IP Development The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 06/27/2006 02:32:22 PM: One must wonder WHY you knew about that site, and how much time you spent looking for it at work! ;-)~ Mike Walter Information Systems Hewitt Associates [EMAIL PROTECTED] Direct: +(847) 771-9233 Main: +(847) 295-5000 http://www.hewitt.com
