TCP/IP Update - Barnard Software Inc.
Download
Report
Transcript TCP/IP Update - Barnard Software Inc.
IPv6/VSE Update
WAVV 2012
Jeffrey Barnard
Barnard Software, Inc.
© 2012 by Barnard Software, Inc.
Latest IPv6/VSE
Announced at WAVV 2009
GA Build 246 delivered May 2009
GA Build 252 of IPv6/VSE
is now available
Virtually all 3rd party vendors (worldwide)
now have IPv6/VSE support!
News Flash!
IBM licenses IPv6/VSE from BSI
5686-BS1 is IBM IPv6/VSE
Announced April 6, 2010
Available May 28, 2010
IPv6/VSE now provides IPv4 too!
Announced Oct 5, 2010
Available Nov 26, 2010
IPv4 Addresses Remaining
Time is running out
Sept 28, 2010
+240 days is
May 26, 2011
All IPv4 Addresses
allocated!
IPv4 Addresses Remaining
Time is up
Feb 3, 2011
All IPv4 Addresses
allocated!
IPv4 Addresses Remaining
Are You Ready?
Asia is already out of IPv4 addresses
Europe will run out of IPv4 addresses very soon
Are you ready?
How will this affect your busines operations?
How will you communicate with your customers
when they are using IPv6?
IPv6/VSE for z/VSE
Internet Protocol Version 6
- IPng (IP Next Generation)
IPv6 TCP/IP stack (April 2009)
IPv4 TCP/IP stack (May 2000)
IPv4 and IPv6-Enabled Application Suite
SLL support is now available!
IPv6/VSE IPv6 Applications
FTP server, FTP client
TN3270E server and print drivers
NTP server, NTP client
System Logger client
Batch Email client
Batch LPR
Batch Remote Execution Client
Batch PING
GZIP Data Compression
PDF Generation
And more …
IPv6/VSE IPv4 Applications
FTP server, FTP client
TN3270E server and print drivers
NTP server, NTP client
System Logger client
Batch Email client
Batch LPR
Batch Remote Execution Client
Batch PING
GZIP Data Compression
PDF Generation
And more …
IPv6/VSE IPv4 Support
CICS TS Web Services
CICS TS Listener
z/VSE Connector Client and Server
VTAPE
DB2 Client and Server
3rd Party Vendor Applications
And Much More ...
IPv6/VSE Support
IPv4
VSE/ESA 2.1 and higher
z/VSE 3.1 and higher
IPv6
z/VSE 4.2.2 and higher
Large TCP Windows
What is a Large TCP Receive Window?
Standard size is 64K
Larger windows are 'shifted'
Scaled by 2/4/8/16/32/64/etc bits
1MB, 2MB, 4MB, 8MB sizes typical
Why? Far fewer TCP window waits
Large TCP Windows
z/VSE 4.2 or higher
LTWBUF specified
z/VSE 5.1 uses 64-bit storage
SHIFT 4|5|6|7 specified
Application requests large windows
// SETPARM LRGBUF=YES
Both local and remote TCP/IP stack
agree to use large windows
Large TCP Windows
Often referred to as 'Window Scaling'
Supported by z/VM, z/OS
Linux support is automatic
Enlarges Window Size as needed
MS Windows
Automatic if requested by remote host only
set the Tcp1323Opts registry value to 1
SO_RCVBUF setsockopt() controls size
Large TCP Windows
Performance
c application written by IBM
Send() data blocks
Recv() data blocks
Both at the same time
Tests bidirectional throughput
Platform z/VSE <-> zLinux (VSwitch)
500MB transferred in BOTH directions
Large TCP Windows
Large TCP Windows
Considerations
Helps Outbound transfers
Helps Inbound transfers (the most)
Not all applications are helped
Bulk data transfer helped most
Interactive helped least (or not at all)
Can use a lot of storage!
BSTTFTPC (batch FTP), VTAPE,
BSTTFTPS (FTP Server), DB2 UDB etc.
Large TCP Windows
Fewer TCP Window waits is good
Window wait = wait for ACK of data
What is the down side?
TCP retransmission can be very bad
when using large TCP windows
40K vs. 3MB of 'in-flight' data ...
Usually not an issue on local networks
64-Bit Virtual Support
Introduced in z/VSE 5.1
z/OS IARV64 macro used
Storage allocated 'above the bar'
64-bit memory objects
'chunks' are multiples of 1MB in size
64-Bit Virtual Support
64-Bit Virtual Support
Stack allocates 'chunks'
Used for Large TCP Windows
Buffer copy routines modified
Now run in 64-bit mode
Supporting 24, 31 and 64-bit buffers
64-Bit Socket Storage
ASM SOCKET API
EZASMI
What about HLL EZASOKET API?
No 64-bit compilers available now
Looking at a full 64-bit API (z/OS BPX4 ?)
Vendors, what do you need?
64-BIT ASM SOCKET Storage
64-Bit virtual storage socket buffers
Supported only for
SOCKET SEND,TCP
SOCKET RECEIVE,TCP
High bit of buffer address
X'80' is address of 64-bit buffer
address
Max SEND length is 2GB-1 bytes
Max RECEIVE length is 8MB
64-BIT ASM SOCKET Storage
64-Bit EZASMI Socket Storage
64-Bit virtual storage socket buffers
Supported only for
SEND, SENDTO, WRITE
RECV, RECVFROM, READ
64-Bit address is 2 fullwords
ALET= specifies high word
BUF= specifies low word
64-Bit EZASMI Socket Storage
Layer 2 Support
Requires z/VSE 5.1
Available for IPv4 and IPv6
DEVICE statement specifies 'LAYER2'
Optional user defined MAC address
Layer 2 required for z/VM IPv6 Vswitch
Layer 2 required for z/VM IPv6 VLAN
VLAN Support
Requires z/VSE 5.1
Available for IPv4 and IPv6
Both Layer 2 and Layer 3 supported
VLAN Support
DEVICE
Specifies LAYER2 for z/VM IPv6 VSwitch
LINK
Specifies VLAN ID and Priority
GLOBAL parameter is special
feature of OSA Express
and Hipersockets interfaces
EZA Extension – OCEXIT Support
OCEXIT (Console MSG) has no HLL support
Needed for servers to initiate shutdown
EZA extension provides support using SELECT logic
As simple as opening up an additional READ socket
A MSG command issued from the console presents a
read-ready condition
WRITEs display data upon the console (WTO)
Can also be used by non-IP programs but requires an
active stack partition to satisfy the INITAPI requirements
Available via EZASOKET, EZASMI, LE/C and REXX
EZA Extension OCEXIT Support
SOCKET
MOVE EZA-UNIX TO EZA-AF
CONNECT
MOVE EZA-UNIX to EZA-NAMEUX-FAMILY
MOVE 'OPERATOR:MSG' TO EZA-NAMEUXPATH
SELECT for READ
Restrictions:
Same as OCEXIT macro: Batch, main-task
only
Statement of Direction
GSE Oct 2011
BSI plans to add support for
SSL and IPSec
in a future Build of IPv6/VSE
IPv6/VSE SSL Support
Available in GA Build 252
GSK API provided
EZASMI, EZASOKET, LE/C support
BSTTPRXY SSL Proxy Server
IPv6/VSE SSL Support
Based on IJBSSL from IBM
Port of OpenSSL 1.0.0
IJBSSL introduced with z/VSE 5.1
C/VSE application
Will run on any version of z/VSE
Provides software SSL
Supports CPACF and Crypto Express
IPv6/VSE SSL Restrictions
IJBSSL API currently uses LE/C
Only batch LE applications can use
GSK() API. CICS not supported.
Requires application be LE
These restrictions will be removed
All applications are supported by the
BSTTPRXY SSL Proxy Server
SSL Proxy Server
BSTTPRXY z/VSE Proxy Server
Accepts clear text, SSL connections
IPv4 or IPv6
Proxy to clear text, SSL connection
IPv4 or IPv6
SSL Proxy server
6to4 and 4to6 Proxy server
BSI Preview
BSI Preview
IPsec Manual definitions, Pre-Shared Keys
IPSEC QUERY
IPSEC CONFIG|START|STOP
What about automatic configuration?
BSI Preview
IPsec-tools port to z/VSE
Racoon IKE
Commonly used by Linux systems
ESP packets
NATT packets
ESP packets embedded in UDP
Helps with firewall traversal
IPv6/VSE Update
Barnard Software, Inc.
http://www.bsiopti.com
The Barnard Software, Inc. Blog ...
Thoughts, hints and tips for using BSI
products and z/VSE.
http://bsiopti.blogspot.com
BSI Blog
Win an iPad (G3)
Come to our booth!
Fill out a raffle ticket
Drawing on Monday
Time 2:30 PM
Must be present to win!!
IPv6/VSE Update
Thank you!
WAVV 2012
Jeffrey Barnard
Barnard Software, Inc.
© 2012 by Barnard Software, Inc.