When does class start/end?
Class hours may vary, please reach out to contact@ascendientlearning.com if you have any questions.
BMC Mainframe: z/OS Communications Server Part 2 - Implementing TCP/IP under z/OS
This new, four-day course is the second part of the definitive z/OS Communications Server training programme. This course explains in detail how TCP/IP works in a z/OS environment. Installation,...
Read More
$2 USD
Duration
4 days
Course Code
MGRS-ZCS2-2021
Available Formats
Classroom
Overview
This new, four-day course is the second part of the definitive z/OS Communications Server training programme. This course explains in detail how TCP/IP works in a z/OS environment. Installation, profile definition and implementation are all taught in depth. All versions of TCP/IP for z/OS are covered, along with all the servers. Additionally, all the essential and important configuration options are explained and examples are provided.
- Extensive hands-on practical sessions, in which each student has their own system to work on, form the central part of the course. These sessions make up approximately 30% of the whole course. Each segment of the course also contains extensive review questions/exercises - thus ensuring that all students fully grasp each topic before moving on to the next.
Who Can Benefit
System Programmers, Users
Course Details
TCP/IP Review
- What is TCP/IP?
- Why are we interested in TCP/IP?
- What does TCP/IP comprise?
- Internetworking principles
- IPv4 addressing
- IPv4 subnetting
- IPv4 variable subnetting
- Network Address Translation
- One to One NAT
- Network Address Port Translation (NAPT)
- TCP/IP protocol stack
- IPv4 Address Resolution Protocol
- IPv4 Dynamic Host Configuration Protocol
- Why IPv6?
- IPv6 addressing
- IPv6 prefixes and address types
- Global unicast address format
- Anycast address
- Multicast address
- Required host information
- Port numbers
- IPv4 Transport Protocol message formats
- IPv4 Internet Protocol: message format, packet format, header format
- Extension Headers
- IPv6 Routing Header
- IPv6 fragmentation header
- IPv6 options header
- Internet domain names
- Internet domain name hierarchy
- Common user application
- Common system applications
An Overview of TCP/IP on z/OS
- TCP/IP for z/OS
- TCP/IP access to SNA applications
- How the gateway works
- SNA access to TCP/IP applications
- Communications Storage Manager
- Device connectivity and attachments
- Direct vs indirect attachment
- Direct attachment problem
- Virtual IP addressing - the solution
- Sharing attachments across LPARs
- UNIX Systems Services considerations.
TCP/IP for z/OS Installation
- UNIX Systems Services prerequisites
- Security Server prerequisites
- Communications storage manager
- Datasets required
- TCP/IP and TN3270 procedures
- Required host information
- Customising the DATA dataset
- DATA dataset syntax
- Association with the TCP/IP stack
- Specifying the Host Name and Domain Name
- Specifying the name server parameters
- A typical DATA dataset
- RESOLVER: procedure, files, other statements
- CINET GLOBALTCPIPDATA
- TCPIP.DATA search order
- VTAM TRL Major Node
- Servers and devices
- HCD definitions
- Sysplex distributor
- z/OS libraries required
- 'Must Have' reference manuals
- Nice to Have' reference manuals
TCP/IP for z/OS - Command Overview
- Available TCP/IP commands
- The START and STOP commands
- The MODIFY command
- The DISPLAY command
- The VARY command;
- The OBEYFILE command
- The NETSTAT and onetstat commands
- NETSTAT command options
Basic Profile Definitions
- Customising the PROFILE dataset
- PROFILE dataset syntax
- Device interface properties
- Statements that define an interface
- The basic DEVICE statement
- The basic LINK statement
- Defining LCS devices
- Defining CLAW devices
- OSAs, Hipersockets and Channel Attached Routers
- OSA diagnostic device
- QDIO and non-QDIO
- OSA Express CHPID definitions
- Adding an OSA Control Unit and device
- Adding OSAD device
- Hipersockets
- Hipersockets definition
- CHPID Type IQD
- MTU sizes
- Channel Attached Routers and Servers
- Defining MPCPTP devices
- Defining MPCIPA devices
- The HOME statement
- The START statement
- INTERFACE - IPAQENET OSA-Express QDIO interfaces statement
- Syntax for INTERFACE - IPAQENET OSAExpress QDIO
- Syntax for INTERFACE -- IPAQIDIO HiperSockets interfaces statement
- The routing statements
- Subnetting - a reminder
- The GATEWAY statement
- The BEGINROUTES statement
- The BSDROUTINGPARMS statement
- Variable subnets and GATEWAY
- Variable subnets and BEGINROUTES
- Operational statements
VIPAs and Sysplex
- VIPAs
- Static VIPA
- Dynamic VIPA
- Virtual IP addressing - a reminder
- Defining VIPA devices
- Specifying the source IP address
- Syntax for INTERFACE -- VIRTUAL interfaces statement
- Examples of the INTERFACE statement for VIPA
- IP solutions in a sysplex
- Communication paths in a Sysplex
- DynamicXCF transport choices
- IUTSAMEH
- XCF Groups and their usage
- Display XCF groups
- DYNAMICXCF
- DYNAMICXCF & HiperSockets
- Dynamic VIPA - introduction
- Dynamic VIPA takeover
- Stack-managed DVIPA
- Non- disruptive dynamic VIPA takeback
- Application-specific DVIPA
- IOCTL or Command-Activated DVIPA
- Dynamic VIPA statements
- MODDVIPA (EZBXFDVP) utility
- Dynamic VIPA usage
- When does the DVIPA move?
- Load balancing and availability
- Sysplex Distributor
- How the Sysplex Distributor works
- Backup capability
- Recovery
- The role of dynamic routing with Sysplex Distributor
- Sysplex Distributor and policy
- Sysplex Distributor and MNLB
- Connection Optimizing DNS
- nformation flow overview
- DNS weights
- DNS/WLM registration
- Starting the DNS server
- Distributed VIPA - introduction
- Distributed VIPA statements
- Single system IP perspective of the sysplex
- TCPSTACKSOURCEVIPA / SYSPLEXPORTS
- CFRM policy example
Other Datasets Needed
- The SITE dataset
- The SERVICES file
Server Customisation
- Configurable servers
- TN3270 server customisation steps
- Updating the TN3270 started task JCL
- TelnetGlobals statement
- Reducing demand for ECSA storage
- The TELNETPARMS statement
- The PORT statement
- The BEGINVTAM statement
- The VTAM application major node
- Defining a USS table
- Identifying the USS table in the PROFILE dataset
- The UNIX Telnet server
- Customising the INETD Server
- Starting INETD and Telnet
- SSHD UNIX file
- SSHD - Using ICSF and
- /dev/random)
- SSHD - Creating configuration files
- SHD - Creating SSHD server keys
- SSHD - Set up SSHD server userids
- SSHD - Create SSHD server started task
- SSHD - TCP configuration
- SSHD - Verify z/OS DNS / Resolver operation
- The FTP server
- FTPS and SFTP
- Pros and cons of FTPS and SFTP
- Customising the FTP.DATA dataset
- Customising the PROFILE & SERVICES datasets
- Starting FTP
- SYSLOGD
- SYSLOGD -/dev/console and /dev/log
- SYSLOGD - create the syslog daemon configuration file
- SYSLOGD - create empty syslog output file
- SYSLOGD - port and services assignments
- SYSLOGD started task JCL
- OMVS startup
- SYSLOGD RACF definitions
- OMPROUTE
- OMPROUTE - configuration file
- OMPROUTE reserve the ports
- OMPROUTE - update the RESOLVER configuration file
- OMPROUTE - started task JCL
- OMPROUTE services port numbers
- OMPROUTE - RACF definitions
- OMPROUTE - SYSLOGD;
- OMPROUTE - static routes
- OMPROUTE - Configure OSPF authentication
- Customising other servers
- Enterprise Extender
- z/OS services for SNA traffic
- PPN parameters in startup options
- Implementation considerations
- TCP/IP implementation
- DYNAMICXCF
- IUTSAMEH
- DYNAMICXCF & HiperSockets;
- Modifications to TCP/IP profile
- Modifications to OSPF interface
- Proof of initialisation of IUTSAMEH
- VTAM implementation
- Defining the XCA HPRIP major node
- Defining model major nodes for EE connections and RTP pipes
- Defining switched PUs for EE connections
TCP/IP Security
- Why secure the TCP/IP network
- Tasks that need protection with SERVAUTH Class
- Policy based networking
- SERVAUTH Resource Class responsibilities
- SERVAUTH Resource Class
- Protecting the TCPIP stack
- Example of protecting the stack
- Protecting your network access
- Application considerations when using NETACCESS
- Using the NETSTAT and PING commands to check protection
- Protecting your network ports
- RACF definitions for protecting network ports
- Using the NETSTAT command to check PORT access
- Protecting the use of socket options
- What are network commands
- Protecting network commands - z/OS TCPIP commands
- Protecting network commands - NETSTAT and ONESTAT commands
- Protecting network commands - EZACMD REXX program
- Protecting FTP access
- Other FTP profiles
- Protecting TN3270 Secure Telnet Port
- Protecting the MODDVIPA command
- Introduction to policy based networking
- The Policy Agent
- RACF and PAGENT
- Other address spaces that will need RACF profiles
- Central policy server
- SERVAUTH authorisation for Policy Client
- Quality of Service
- SNMP overview
- SNMP in operation
- IP filtering
- IP Security
- IKE protocols
- CSFSERV resource class
- Network Address Translation
- Intrusion Detection Services
- Application Transparent Transport Layer Security
- TN3270 security
- Secure FTP
- Note to Auditors
- Next step?
Problem Determination Considerations
- Problem determination tools
- The PING and OPING commands
- The TRACERTE and the OTRACERT commands
- TCP/IP SYSLOG output
- TCP/IP packet trace overview
- Starting a packet trace
- The external writer procedure
- Stopping a packet trace
- Analysing a packet trace with IPCS
- Non-z/OS packet traces
- TCP/IP component trace overview
- Starting and stopping a component trace
- Analysing a component trace via IPCS
- Analysing a component trace
- Other available traces
- Packet trace
Sample Definitions
- Sample TCPIP.PROFILE dataset
- Sample TCPIP.DATA dataset
- Sample TCPIP.SERVICES dataset
- Sample Inted Configuration file
- Sample FTP Configuration file
- Sample ROUTED Configuration file
- Sample SMPT Configuration file
Schedule
FAQ
Does the course schedule include a Lunchbreak?
Classes typically include a 1-hour lunch break around midday. However, the exact break times and duration can vary depending on the specific class. Your instructor will provide detailed information at the start of the course.
What languages are used to deliver training?
Most courses are conducted in English, unless otherwise specified. Some courses will have the word "FRENCH" marked in red beside the scheduled date(s) indicating the language of instruction.
What does GTR stand for?
GTR stands for Guaranteed to Run; if you see a course with this status, it means this event is confirmed to run. View our GTR page to see our full list of Guaranteed to Run courses.
How do I find an Ascendient Learning training location?
We have training locations across the United States and Canada - View a complete list of classroom training locations.
Which delivery formats are available?
At Ascendient Learning, we offer training that is Instructor-Led, Online, Virtual, and Self-Paced.
Does Ascendient Learning deliver group training?
Yes, we provide training for groups, individuals and private on sites. View our group training page for more information.
What does vendor-authorized training mean?
As a vendor-authorized training partner, we offer a curriculum that our partners have vetted. We use the same course materials and facilitate the same labs as our vendor-delivered training. These courses are considered the gold standard and, as such, are priced accordingly.
Is the training too basic, or will you go deep into technology?
It depends on your requirements, your role in your company, and your depth of knowledge. The good news about many of our learning paths, you can start from the fundamentals to highly specialized training.
How up-to-date are your courses and support materials?
We continuously work with our vendors to evaluate and refresh course material to reflect the latest training courses and best practices.
Are your instructors seasoned trainers who have deep knowledge of the training topic?
Ascendient Learning instructors have an average of 27 years of practical IT experience and have also served as consultants for an average of 15 years. To stay current, instructors spend at least 25 percent of their time learning new, emerging technologies and courses.
Do you provide hands-on training and exercises in an actual lab environment?
Lab access is dependent on the vendor and the type of training you sign up for. However, many of our top vendors will provide lab access to students to test and practice. The course description will specify lab access.
Will you customize the training for our company’s specific needs and goals?
We will work with you to identify training needs and areas of growth. We offer a variety of training methods, such as private group training, on-site of your choice, and virtually. We provide courses and certifications that are aligned with your business goals.
How do I get started with certification?
Getting started on a certification pathway depends on your goals and the vendor you choose to get certified in. Many vendors offer entry-level IT certification to advanced IT certification that can boost your career. To get access to certification vouchers and discounts, please contact info@ascendientlearning.com.
Will I get access to content after I complete a course?
You will get access to the PDF of course books and guides, but access to the recording and slides will depend on the vendor and type of training you receive.
How do I request a W9 for Ascendient Learning?
View our filing status and how to request a W9.
Reviews
The instructor was thorough and they also provided hands-on demonstrations with labs.
Great class I learned a great deal from the material. There would seem to a large amount that I need to learn about.
I liked the pace of the course. I like that I have more than instance to use the lab.
Overall ExitCertified is a great training provider and the remote learning is as effective as in person.
Although there seemed to be too many links for the course, everything worked smoothly.
