With every new hardware order, you receive the following CD-ROM information: v iSeries 400 Installation and Service Library, SK3T-4096-00. This CD-ROM contains PDF manuals needed for installation and system maintenance of an IBM ~ iSeries 400 server. v iSeries 400 Setup and Operations CD-ROM, SK3T-4098-00. This CD-ROM contains IBM iSeries Client Access Express for Windows and the EZ-Setup wizard.
Page 10
viii OS/400 TCP/IP Configuration and Reference V5R1...
United States, you can give the form to the local IBM branch office or IBM representative for postage-paid mailing. v If you prefer to send comments by FAX, use either of the following numbers: –...
Page 12
OS/400 TCP/IP Configuration and Reference V5R1...
(http://publib.boulder.ibm.com/pubs/html/as400/v5r1/ic2924/info/ rzahgictcp2.htm) in the Information Center, refer to the Manuals and Redbooks topic, and select IBM redbook TCP/IP Tutorial and Technical Overview as a resource. For a complete formal description of TCP/IP, you can read the Request for Comments (RFC). Or, refer to any of the TCP/IP references that are listed on the RFC Editor Site (http://www.rfc-editor.org/rfc.html).
If you are in charge of configuring an iSeries server for TCP/IP communications you will, in most cases, include your server in an existing TCP/IP network. Before you are able to start configuring, you will need to collect all of the required information.
7. Familiarize yourself with the Configure TCP/IP Menu: The Configure TCP/IP menu (Figure 2 on page 8) guides you through all the tasks for configuring your server to communicate with other systems in a TCP/IP network. You can reach this menu in two ways: v Select option 1 on the TCPADM menu.
Internet address Line description name Subnet mask Interface MTU Local host name Local domain name Domain name server (Internet address) Default route/next hop (Internet address) IP datagram forwarding (yes or no) Internet address Subnet mask Next hop (Internet address) MTU size...
LP is not installed on your system, continue by following the instructions in this section to perform the installation. Installing TCP/IP on your iSeries server allows you to connect an iSeries to a network. Perform the following steps to install TCP/IP on your server: 1.
Following are descriptions of the menu options. v Option 1. Configure TCP/IP: Displays the Configure TCP/IP menu. Use the options on this menu to configure your local server to communicate with other systems in a TCP/IP network. v Option 2. Configure TCP/IP applications: Displays the Configure TCP/IP Applications menu.
(5769-TC1). This command starts the TCP/IP application server jobs in the QSYSWRK subsystem. v Option 6. End TCP/IP servers: Select this option to issue the End TCP/IP Server (ENDTCPSVR) command. This command is used to end the TCP/IP application servers that are shipped with OS/400 or the TCP/IP licensed program (5769-TC1).
Page 22
Figure 2. Configure TCP/IP Menu Following are descriptions of the Configure TCP/IP menu options. v Option 1. Work with TCP/IP interfaces: Select this option to add TCP/IP interface information to the list of current interfaces or to display, change, print, or remove TCP/IP interface information that you have already added.
Option 12, formerly Change local domain and host names, was renamed to Change TCP/IP domain information. v Option 20. Configure TCP/IP applications: Select this option to configure the TCP/IP applications that are installed on your system. The list of applications varies depending on whether the TCP/IP licensed program is installed on your system.
AUTOSTART *YES. Step 2—Configuring a TCP/IP Interface In an iSeries server, each line that connects to a TCP/IP network must be assigned to at least one Internet address. You do this by configuring, or adding a TCP/IP interface.
Page 25
Line description Contains information describing a communications line that is attached to the iSeries server, as defined previously in “Step 1—Configuring a Line Description” on page 10. To find the names of the currently defined line descriptions, use the Work with Line Descriptions (WRKLIND) command.
If your server is attached to a single network and if there are no IP routers in your network, you do not need to add routes.
Page 27
Your server must also be able to determine the route back to the PC. If the PC and your server are not on the same network, a routing entry must exist on the PC and on your server.
Page 28
You must define routes for any TCP/IP network, including subnetworks, with which you want to communicate. You do not need to define routes for the TCP/IP network that your server is directly attached to when you are using an iSeries adapter.
Page 29
Figure 6. Add TCP/IP Routes Display Note: Any changes that you make to the routing information take effect immediately. Figure 7. Work with TCP/IP Routes Display Multiple Default Routes Default routes are used to route data that is being addressed to a remote destination and that does not have a specific route defined.
Step 4—Configuring TCP/IP attributes To configure the TCP/IP attributes, type option 3 on the Configure TCP/IP menu. The Change TCP/IP Attributes (CHGTCPA) display is shown (Figure 8). Figure 8. Change TCP/IP Attributes Display For information about the various parameters for this command, see the online help.
Page 31
Figure 9. Work with Remote System (X.25) Information Type option 1 (Add) at the input-capable top list entry to go to the Add TCP/IP Remote System (ADDTCPRSI) display, as shown in Figure 10. Figure 10. Add Remote System (X.25) Information The network controller used by iSeries TCP/IP does not allow you to specify X.25 user facilities.
Whenever possible, a DNS server should be used as a replacement for, or in addition to, the local host table. The DNS server is a single source for host names, which is one reason that it is often preferred over host tables, especially for larger networks.
To add an entry to your local host table, type option 10 on the Configure TCP/IP menu. The Work with TCP/IP Host Table Entries display is shown in Figure 11. Figure 11. Work with TCP/IP Host Table Entries Display Note: Just as iSeries TCP/IP automatically creates a LOOPBACK interface, it also automatically adds an entry to your local host table to associate the IP address 127.0.0.1 with the host names LOOPBACK and LOCALHOST.
Page 34
(CHGTCPHTE) command. If the LOOPBACK or LOCALHOST name is changed or removed from the host table, the name is not valid, unless the domain name server has a LOOPBACK entry that specifies this value as a host name. You can define up to four names for each Internet address. If the TCP/IP host is in your local domain, then it is not necessary to qualify the host with the domain name.
Page 35
Note: The fully qualified host name is used when sending mail between two TCP/IP hosts. Notice in the example that the name of server SYSNAM890 is in the host table too. There are several reasons to put your host name in the host table: v You may want to use your host name when using FTP, TELNET, or PING to test your own system’s configuration.
A domain name consists of labels that are separated by periods, for example, SYSNAM890.ROCHESTER.IBM.COM. For hosts, the first label in a domain name is the name of a host that belongs in the domain identified by the other labels. In this example, host SYSNAM890 belongs to the domain ROCHESTER.IBM.COM.
You can configure your server to use both a DNS server and your local host table, but they are not mutually exclusive. You can also specify whether the domain name server or your local host table is searched first.
RouteD, REXEC, and SNMP. The STRTCP command starts the server jobs for an application if the automatic start attribute for that server is equal to *YES. To change the autostart attribute for an application, do either of the following: v Select option 2 from the TCP/IP Administration menu...
Using the Start TCP/IP Server (STRTCPSVR) command starts the servers individually or together. You can monitor the jobs with option 20 (Work with TCP/IP jobs in QSYSWRK subsystem) from the TCP/IP Administration menu. If you want TCP/IP processing and any related TCP/IP servers to start automatically at the initial program load (IPL), add STRTCP to the QSTRUP CL program.
TCP/IP Administration menu. To display this menu, enter command line. Step 9—Verifying the TCP/IP Connection To verify the TCP/IP connection from your server to the network, use the PING (VFYTCPCNN) function. 1. To test the TCP/IP code without sending anything out of the token-ring adapter, specify the special host name LOOPBACK as follows: 2.
Using the LOOPBACK default host name provides an ability to test TCP/IP applications without actually connecting to a physical network. The server defines LOOPBACK as the default host name by automatically creating an entry in the local host table. Verifying Additional TCP/IP Connections Once TCP/IP is configured on the iSeries, and the initial connection is verified, you will probably want to add more systems to your network.
Page 42
Internet address and waits for a response. The user command to perform this verification is called PING (Packet InterNet Groper) on non-iSeries servers. On an iSeries server, use either the PING command or the VFYTCPCNN command. To verify TCP/IP connections, perform the three steps below in the order in which they are listed: 1.
Verifying TCP/IP Connections with Host Name—Example In this example, sending five packets of 256 bytes each verifies the connection to the remote system . The local system waits 1 second for a response to each packet that is sent. sysnam36.sysnam123.ibm.com *VERBOSE *COMP *ANY *NORMAL *DFT Chapter 1.
To save your TCP/IP configuration files, use the following command: The associated line descriptions are not saved with this command. Configuration objects are saved with the system. To maintain consistency, save all TCP/IP configuration files together. OS/400 TCP/IP Configuration and Reference V5R1 SYSNAM36.SYSNAM123.IBM.COM *VERBOSE *COMP *ANY *NORMAL...
Page 45
Note: You do not have to end TCP/IP in order to save the configuration files. However, you should end TCP/IP before any TCP/IP configuration files are restored. Chapter 1. Configuring TCP/IP...
Page 46
OS/400 TCP/IP Configuration and Reference V5R1...
Center: Supplemental Manuals. Network Status The network status function on the server allows you to get information about the status of TCP/IP network interfaces, routes, and connections on your local system. This function also allows you to end TCP/IP connections and to start or end TCP/IP interfaces.
Figure 24. Work with TCP/IP Network Status Work with TCP/IP Interface Status The Work with TCP/IP Interface Status display, as shown in Figure 25, provides the most current summary of interface activity. This display allows you to view TCP/IP interface information for selected interfaces and to start or end TCP/IP interfaces.
FSIOP) network server description, a considerable amount of time may pass before the interface becomes active. This is because TCP/IP activation includes starting the network server. The amount of time that is required Chapter 2. TCP/IP: Operation, Management, and Advanced Topics...
Route-to-Interface Binding: Interfaces define direct paths to networks or subnetworks to which an iSeries server is directly attached. Routes define indirect paths. A route identifies the first hop on the path to a network or subnetwork to which an iSeries is not directly attached.
v The network ID of the interface must be equal to the logical AND of the next hop for the route and the subnet mask for the interface. Notes: 1. If the next hop of a route is identical to an interface’s IP address, that route will never be bound to another interface.
F11 (see Figure 30 on page 39 and Figure 31 on page 40). To display port numbers instead of port service names, press F14. In Figure 29 on page 39, the connections indicate that the FTP server, SMTP server, and TELNET server are active and ready to receive connection attempts. Because...
Page 53
contain an asterisk (*). When an application requests a connection to a listening socket, a new connection is created. The remote Internet address and remote port are shown for the new connection. The listening socket always remains in the list of connections.
Figure 31. Work with TCP/IP Connection Status, Display 3 of 3 Ending TCP/IP Connections TCP/IP connections and User Datagram Protocol (UDP) sockets can be ended from the Work with TCP/IP Connection Status display. To do so: 1. Type 4 in the option field for the lines containing the connections that you want to end.
Figure 32. Confirm End of TCP/IP Connections To end the TCP/IP connections, press the Enter key from the Confirm End of TCP/IP Connections display. If you decide not to end a TCP/IP connection or if you want to change your choices, press F12 (Cancel).
Figure 33. Work with Configuration Status Displaying TCP/IP Network Status Information In addition to working with network status functions, the Work with TCP/IP Network Status menu allows you to display current information about your TCP/IP network, including multicast groups, TCP/IP interfaces, and associated routes, to name a few.
Figure 34. Display Multicast Host Groups Displaying TCP/IP Interfaces To display more detailed information about the TCP/IP interface status for specific interfaces: 1. On the Work with TCP/IP Interface Status display, type 5 in the option field for each interface about which you want more information. 2.
Figure 35. Display TCP/IP Interface Status for a Token-Ring Interface Displaying Associated Routes To display information about the routes associated with a specific interface: 1. On the Work with TCP/IP Interface Status display, type 8 in the option field for each interface for which you want to see the associated routes information.
Figure 36. Associated Route Information, Display 1 of 2 Press F11 to show the display that includes the type of service (TOS), maximum transmission unit (MTU), type, and source. Displaying Route Details Option To display detailed information about the route: 1.
Figure 37. Display TCP/IP Route Details, Display 1 of 2 Figure 38. Display TCP/IP Route Details, Display 2 of 2 Displaying TCP/IP Route Information To display TCP/IP route information: 1. On the Work with TCP/IP Network Status menu, type 2 on the command line or enter the command.
Page 61
Figure 39. Display TCP/IP Route Information, Display 1 of 2 To view the second Display TCP/IP Route Information display, press F11 (Display route type). The route information is presented in Figure 40. To return to the first display, press F11 (Display next hop). Figure 40.
Displaying TCP/IP Connections You can request more detailed information about TCP/IP connections shown on the Work with TCP/IP Connection Status display. This information includes timing information and transmission statistics for the connection displayed. To display more information about the listed TCP/IP connections: 1.
Figure 42. Display TCP/IP Connection Status, Display 2 of 3 Figure 43. Display TCP/IP Connection Status, Display 3 of 3 Displaying Connection Totals To display a summary of TCP and UDP counts, press F10 on the Work with TCP/IP Connection Status display. The counts provided are a cumulative summary of all TCP and UDP activity since the last time the STRTCP (Start TCP) command was issued.
Successful TCP/IP host table maintenance also includes periodically evaluating whether or not to use a DNS server to manage your network. The DNS server is often the preferred alternative to host tables for the purpose of managing IP addresses and host names, particularly in large network environments.
The *NIC format is often used by hosts in the public domain. A record in a *NIC file has the following format: This entry describes one host (at address 128.12.19.1) with two names (Host2.lan.ibm.com) and (Host2). The host is an IBM Personal Computer AT computer running MS-DOS and supporting TCP/IP. Meaning Indicates the beginning of a comment.
2. These entries are not merged into the server host table. Host Table Information with *AS400 Files The *AS400 file format is the format of the local server host table file used by iSeries TCP/IP directly. The name of the file is QATOCHOST with member HOSTS in library QUSRSYS.
CFGTCP (Configure TCP/IP) command. The changes take affect the next time a TCP/IP application accesses the host table. Select option 11 to merge an imported host table with the local server host table. You can also use the Merge TCP/IP Host Table (MRGTCPHT) command from any command line.
When TCP/IP is restarted, this process is repeated. In Figure 46 on page 55, host A1 in network 2 is an iSeries server that sends a message to host A2 in network 3. The routing table in host A1 indicates that the first hop to host A2 is through gateway G1, which connects networks 1 and 2.
Figure 46. Example of ICMP Redirect To see routing changes due to ICMP redirect messages, select NETSTAT menu 2 or NETSTAT *RTE and then press PF11. Comparing the next hop in this display with the next hop present in the routing table, you can verify whether a route has been dynamically changed.
The iSeries TCP/IP implementation supports multihoming. This allows you to specify either a single interface or multiple interfaces for a line description. You can have your server appear as any one or combination of the following scenarios: v A single host on a network over a communications line...
Example: A Single Host on a Network over a Communications Line Your server uses one adapter for TCP/IP to attach to a LAN or WAN network. You add one TCP/IP interface. This TCP/IP interface includes the Internet address of your server. With this single Internet address, your server is part of a single TCP/IP network (Figure 47).
Example: Multiple Hosts on Different Networks over the Same Communications Line Your server uses one adapter for TCP/IP to attach to a LAN or WAN network. You add multiple TCP/IP interfaces. Each of these TCP/IP interfaces includes an Internet address of different TCP/IP networks. With these multiple Internet addresses, you participate in different TCP/IP networks (Figure 50).
Assume servers SYSNAM02 and SYSNAM03 are connected with a public or private X.25 network. The Internet address of this network is 9.4.73.64. In this example, the server SYSNAM03 connects with a service provider by using TCP/IP and the same X.25 network attachment (Figure 52). The Internet address assigned by the service provider for the server is 223.1.1.17.
Figure 53. Work with TCP/IP Interfaces Display, Multihoming Type of Service (TOS) Type of Service (TOS) is a parameter defined to indicate a quality of the service desired by an application program. It is specified within a single octet of the IP datagram header, and it is used to select Internet service.
The following table shows which type of services your server uses for some of the TCP/IP applications: Table 6. AS/400 TCP/IP applications and Type of Services Protocol or Application TELNET FTP (control connection) FTP (data connection) SMTP (command phase) SMTP (data phase)
a specific route defined. The system allows up to eight default routes, but each route must have a unique next hop value. An example of a multiple route table can be found in Figure 54. Figure 54. Work with TCP/IP Routes Display TCP/IP Port Restriction TCP and UDP protocols use ports to identify a unique origin or destination of communication with an application.
Note: For an installation in which user-written programs use ports other than the well-known ports, you can consider restricting the use of the well-known ports to the user profiles running the server application. As an example, for File Transfer Protocol (FTP), this would be user profile QTCP.
Page 78
Figure 56. Add TCP/IP Port Restriction Display Let us assume we have an application that uses Port 1060 in the TCP layer and we want to restrict its use to user profile GERRY. Type the information as shown in Figure 56. Figure 57 shows what the display looks like after you enter port information for both user profiles PAOLO and GERRY.
Network table The host table contains a list of host names and corresponding Internet addresses. Socket applications requesting host data obtain it either from the server host database file or from the domain name server. The service table contains a list of services and the specific port and protocol a services uses.
Page 80
The services table stores the mapping of services to ports or ports to services as shown in Figure 59. The mapping information is usually accessed with the getservbyname() and getservbyport() socket functions. Figure 59. Work with Service Table Entry Display The protocol table stores the mapping of protocol names to protocol numbers and protocol numbers to protocol names.
Figure 61. Work with Network Table Entry Display The protocols and services tables that are shipped contain standard information. The network tables do not contain any information. The network IBM information has been added in Figure 61, as an example.
For more information about IP multicasting, refer to RFC 1112, Host Extensions for IP Multicasting in the RFC Editor Site (http://www.rfc- editor.org/rfc.html). Note: The server cannot act as a multicast-capable router. Multicast Application Programming Information An application program can send or receive multicast datagrams by using the Sockets API and connectionless, SOCK_DGRAM type sockets.
Page 83
supported on multi-access nonbroadcast networks. IP multicast is also not currently supported on Frame Relay, FDDI/SDDI, or ATM networks. To determine whether an interface supports multicast, enter option 14 on the Work with TCP/IP Interface Status display. If the interface supports multicast, there will be at least one Host Group entry for the All Hosts group 224.0.0.1.
Page 84
OS/400 TCP/IP Configuration and Reference V5R1...
4000 KB of storage. You can use the WRKSYSSTS to view and change pool sizes on the server. Pool 2 is the base pool. Another alternative is to change the pool in which the TCP/IP jobs run.
Page 86
v Checksum calculation of outgoing TCP and UPD datagrams (prior to V4R4) v Checksum verification of incoming TCP and UPD datagrams (prior to V4R4) v Outbound batching of TCP and UDP datagrams. v Fragmentation of TCP and UDP datagrams into segments that match the MTU size.
You can use the following data to help you plan for and anticipate performance when merging host tables. The data represents averages of measurements that are taken. The actual time required on your server will be different. Three cases were measured: v Small merge—merge a 250-record file into the local host table that currently has...
Page 88
If you have one of these configurations, you can use the TCPONLY parameter when you create or change your Ethernet line descriptions. Setting TCPONLY to *YES in other hardware configurations has no effect on the line. OS/400 TCP/IP Configuration and Reference V5R1...
Description (Network) (CHGCTLNET) and Change Device Description (Network) (CHGDEVNET) commands. For more information on changing controller or device descriptions, see Control Languages (http://publib.boulder.ibm.com/pubs/html/as400/v5r1/ic2924/info/rbam6/ rbam6clmain.htm) in the Information Center. If you are using the Supplemental Manuals CD, then switch to the iSeries Information Center CD to access this information.
If the Ethernet standard prompt is TCP/IP data in Ethernet Version 2 frames. You do not need to configure any additional SSAPs for TCP/IP. Setting the Maximum Transmission Unit The maximum transmission unit (MTU) parameter that you can enter on the Add TCP/IP Interface (ADDTCPIFC) command, Add TCP/IP Route (ADDTCPRTE) command, Change TCP/IP Interface (CHGTCPIFC) command, or Change TCP/IP Route (CHGTCPRTE) command depends on the type of line that you use.
Page 92
OS/400 TCP/IP Configuration and Reference V5R1...
Note: If using Distributed Data Management (DDM), see the DDMACC parameter on CHGNETACMD in Control Languages (http://publib.boulder.ibm.com/pubs/html/as400/v5r1/ic2924/info/rbam6/ rbam6clmain.htm) for more information. If you are using the Supplemental Manuals CD, then switch to the iSeries Information Center CD to access this information.
Exit Point Note: The same interface format is used for request validation for the FTP client, FTP server, REXEC server, and TFTP server. This allows the use of one exit program for request validation of any combination of these applications.
Step 1. Select your exit point Type next to the exit point to which you want to add an exit program. For example, to associate a program with the WSG server sign-on validation exit point, type an next to this exit point, as shown.
Changes do not affect client sessions that are already running. 4. When you add FTP server exit programs, end and restart the FTP servers to ensure that all servers are using the exit programs.
The WSG server checks for the exit program dynamically. When you add REXEC server exit programs, you do not need to end and restart the REXEC server. The REXEC server checks for the exit programs dynamically.
When an exit program is added to the exit point, it is called by the TCP/IP application to validate the requested action specified by the operation identifier and other input parameters in the required parameter group.
Page 100
INPUT; CHAR(*) The Internet Protocol (IP) address of the remote host system. This string is in dotted decimal format, left justified. The remote host may be a client or a server based on the setting of the application identifier parameter. Length of remote IP address INPUT;...
QIBM_QTMF_CLIENT_REQ is used to validate requests processed by the FTP client program. Exit point QIBM_QTMF_SERVER_REQ is used to validate requests processed by the FTP server program. If desired, the same exit program can be used to validate requests from both of these exit points.
Page 102
Notes: 1. The exit program is called with this operation identifier each time the FTP server receives a connection request. 2. For the MGET and MPUT subcommands, the exit program is called once for each file that is sent or retrieved.
Exit Point Format Name: RXCS0100 Note: Character data passes to the exit program in the coded character set identifier (CCSID) of the job. If the job CCSID is 65535, the server uses the default CCSID of the job. Required Parameter Group User profile INPUT;...
(API) to call QShell as a child job. Spawn path name The server treats the command name as a path name and passes it to the spawn() application program interface (API), which runs as a child job.
Page 105
“Qshell interpreter not installed”. v When you set the Command processor identifier parameter to – The server maps the REXEC stdin, stderr, and stdout streams to file descriptors 0, 1, and 2, respectively. – The server sets the QIBM_USE_DESCRIPTOR_STDIO environment variable to Any other environment variables that the exit program sets are inherited by the child job.
Page 106
OS/400 TCP/IP Configuration and Reference V5R1...
Programming Interface Information This publication is intended to help you to use the TCP/IP function with the IBM iSeries server. This publication documents General-Use Programming Interface and Associated Guidance Information provided by TCP/IP Connectivity Utilities for iSeries licensed program and the OS/400 licensed program.
Page 109
AS/400e C/400 CICS/400 Client Access Distributed Relational Database Architecture DRDA e (Stylized) IBM Global Network Integrated Language Environment Intelligent Printer Data Stream IPDS iSeries iSeries 400 Netfinity Network Station OfficeVision OfficeVision/400 Operating System/400 OS/2 OS/400 Print Services Facility Proprinter RISC System/6000...
Page 110
OS/400 TCP/IP Configuration and Reference V5R1...