Embed Size (px)
Citation preview
IPv6/VSE UpdateIPv6/VSE Update
WAVV 2012
Jeffrey BarnardBarnard Software, Inc.
© 2012 by Barnard Software, Inc.
Latest IPv6/VSELatest IPv6/VSE
Announced at WAVV 2009 GA Build 246 delivered May 2009
GA Build 252 of IPv6/VSEis now available
Virtually all 3rd party vendors (worldwide)now have IPv6/VSE support!
News Flash!News Flash!
IBM licenses IPv6/VSE from BSI5686-BS1 is IBM IPv6/VSEAnnounced April 6, 2010Available May 28, 2010
IPv6/VSE now provides IPv4 too!Announced Oct 5, 2010Available Nov 26, 2010
IPv4 Addresses RemainingIPv4 Addresses Remaining
Time is running out
Sept 28, 2010+240 days is
May 26, 2011
All IPv4 Addressesallocated!
IPv4 Addresses RemainingIPv4 Addresses Remaining
Time is up
Feb 3, 2011
All IPv4 Addressesallocated!
IPv4 Addresses RemainingIPv4 Addresses Remaining
Are You Ready?Are You Ready?
Asia is already out of IPv4 addresses Europe will run out of IPv4 addresses very soon Are you ready?
How will this affect your busines operations? How will you communicate with your customers
when they are using IPv6?
IPv6/VSE for z/VSE IPv6/VSE for z/VSE
Internet Protocol Version 6- IPng (IP Next Generation)
IPv6 TCP/IP stack (April 2009) IPv4 TCP/IP stack (May 2000) IPv4 and IPv6-Enabled Application Suite
SLL support is now available!
IPv6/VSE IPv6 ApplicationsIPv6/VSE IPv6 Applications FTP server, FTP client
TN3270E server and print driversNTP server, NTP clientSystem Logger clientBatch Email clientBatch LPRBatch Remote Execution ClientBatch PINGGZIP Data CompressionPDF Generation
And more …
IPv6/VSE IPv4 ApplicationsIPv6/VSE IPv4 Applications FTP server, FTP client
TN3270E server and print driversNTP server, NTP clientSystem Logger clientBatch Email clientBatch LPRBatch Remote Execution ClientBatch PINGGZIP Data CompressionPDF Generation
And more …
IPv6/VSE IPv4 SupportIPv6/VSE IPv4 Support
CICS TS Web Services CICS TS Listener z/VSE Connector Client and Server VTAPE DB2 Client and Server 3rd Party Vendor Applications And Much More ...
Many Years of Support (TCP/IP-TOOLS – 1996)
IPv6/VSE SupportIPv6/VSE Support
IPv4 VSE/ESA 2.1 and higher z/VSE 3.1 and higher
IPv6 z/VSE 4.2.2 and higher
Large TCP WindowsLarge TCP Windows
What is a Large TCP Receive Window?Standard size is 64KLarger windows are 'shifted'Scaled by 2/4/8/16/32/64/etc bits
1MB, 2MB, 4MB, 8MB sizes typical
Why? Far fewer TCP window waits
Large TCP WindowsLarge TCP Windows
z/VSE 4.2 or higher LTWBUF specified
z/VSE 5.1 uses 64-bit storage SHIFT 4|5|6|7 specified Application requests large windows
// SETPARM LRGBUF=YES Both local and remote TCP/IP stack
agree to use large windows
Large TCP WindowsLarge TCP Windows Often referred to as 'Window Scaling' Supported by z/VM, z/OS Linux support is automatic
Enlarges Window Size as needed MS Windows
Automatic if requested by remote host only set the Tcp1323Opts registry value to 1 SO_RCVBUF setsockopt() controls size
Large TCP WindowsLarge TCP Windows
Performancec application written by IBM
Send() data blocksRecv() data blocks
Both at the same timeTests bidirectional throughput
Platform z/VSE <-> zLinux (VSwitch)500MB transferred in BOTH directions
Large TCP WindowsLarge TCP Windows
Large TCP WindowsLarge TCP WindowsConsiderations
Helps Outbound transfersHelps Inbound transfers (the most)
Not all applications are helpedBulk data transfer helped mostInteractive helped least (or not at all)
Can use a lot of storage!
BSTTFTPC (batch FTP), VTAPE,BSTTFTPS (FTP Server), DB2 UDB etc.
Large TCP WindowsLarge TCP Windows
Fewer TCP Window waits is good Window wait = wait for ACK of data
What is the down side? TCP retransmission can be very bad
when using large TCP windows 40K vs. 3MB of 'in-flight' data ... Usually not an issue on local networks
64-Bit Virtual Support64-Bit Virtual Support
Introduced in z/VSE 5.1 z/OS IARV64 macro used Storage allocated 'above the bar' 64-bit memory objects
'chunks' are multiples of 1MB in size
64-Bit Virtual Support64-Bit Virtual Support
64-Bit Virtual Support64-Bit Virtual Support
Stack allocates 'chunks' Used for Large TCP Windows Buffer copy routines modified
Now run in 64-bit modeSupporting 24, 31 and 64-bit buffers
64-Bit Socket Storage64-Bit Socket Storage
ASM SOCKET API EZASMI
What about HLL EZASOKET API?No 64-bit compilers available now
Looking at a full 64-bit API (z/OS BPX4 ?)Vendors, what do you need?
64-BIT ASM SOCKET Storage64-BIT ASM SOCKET Storage
64-Bit virtual storage socket buffers Supported only for
SOCKET SEND,TCP SOCKET RECEIVE,TCP
High bit of buffer address X'80' is address of 64-bit buffer
address Max SEND length is 2GB-1 bytes
Max RECEIVE length is 8MB
64-BIT ASM SOCKET Storage64-BIT ASM SOCKET Storage
64-Bit EZASMI Socket Storage64-Bit EZASMI Socket Storage
64-Bit virtual storage socket buffers Supported only for
SEND, SENDTO, WRITE RECV, RECVFROM, READ
64-Bit address is 2 fullwords ALET= specifies high word BUF= specifies low word
64-Bit EZASMI Socket Storage64-Bit EZASMI Socket Storage
Layer 2 SupportLayer 2 Support
Requires z/VSE 5.1Available for IPv4 and IPv6
DEVICE statement specifies 'LAYER2' Optional user defined MAC address
Layer 2 required for z/VM IPv6 VswitchLayer 2 required for z/VM IPv6 VLAN
VLAN SupportVLAN Support Requires z/VSE 5.1
Available for IPv4 and IPv6Both Layer 2 and Layer 3 supported
VLAN SupportVLAN Support
DEVICE Specifies LAYER2 for z/VM IPv6 VSwitch
LINK Specifies VLAN ID and Priority GLOBAL parameter is special
feature of OSA Expressand Hipersockets interfaces
EZA Extension – OCEXIT SupportEZA Extension – OCEXIT Support OCEXIT (Console MSG) has no HLL support Needed for servers to initiate shutdown EZA extension provides support using SELECT logic As simple as opening up an additional READ socket A MSG command issued from the console presents a
read-ready condition WRITEs display data upon the console (WTO) Can also be used by non-IP programs but requires an
active stack partition to satisfy the INITAPI requirements Available via EZASOKET, EZASMI, LE/C and REXX
EZA Extension OCEXIT SupportEZA Extension OCEXIT Support SOCKET
MOVE EZA-UNIX TO EZA-AF CONNECT
MOVE EZA-UNIX to EZA-NAMEUX-FAMILY MOVE 'OPERATOR:MSG' TO EZA-NAMEUX-
PATH SELECT for READ Restrictions:
Same as OCEXIT macro: Batch, main-task only
Statement of DirectionStatement of DirectionGSE Oct 2011GSE Oct 2011
BSI plans to add support forBSI plans to add support forSSL and IPSec SSL and IPSec
in a future Build of IPv6/VSEin a future Build of IPv6/VSE
IPv6/VSE SSL SupportIPv6/VSE SSL Support
Available in GA Build 252 GSK API provided EZASMI, EZASOKET, LE/C support BSTTPRXY SSL Proxy Server
IPv6/VSE SSL SupportIPv6/VSE SSL Support
Based on IJBSSL from IBM Port of OpenSSL 1.0.0
IJBSSL introduced with z/VSE 5.1 C/VSE application Will run on any version of z/VSE
Provides software SSL Supports CPACF and Crypto Express
IPv6/VSE SSL RestrictionsIPv6/VSE SSL Restrictions
IJBSSL API currently uses LE/C Requires application be LE
Only batch LE applications can use GSK() API. CICS not supported.
These restrictions will be removed All applications are supported by the
BSTTPRXY SSL Proxy Server
SSL Proxy ServerSSL Proxy Server
BSTTPRXY z/VSE Proxy Server Accepts clear text, SSL connections
IPv4 or IPv6 Proxy to clear text, SSL connection
IPv4 or IPv6
SSL Proxy server 6to4 and 4to6 Proxy server
BSI PreviewBSI Preview
BSI PreviewBSI Preview
IPsec Manual definitions, Pre-Shared Keys IPSEC QUERY
IPSEC CONFIG|START|STOP What about automatic configuration?
BSI PreviewBSI Preview
IPsec-tools port to z/VSE Racoon IKE
Commonly used by Linux systems ESP packets NATT packets
ESP packets embedded in UDP Helps with firewall traversal
IPv6/VSE UpdateIPv6/VSE Update
Barnard Software, Inc.http://www.bsiopti.com
The Barnard Software, Inc. Blog ...Thoughts, hints and tips for using BSI products and z/VSE.http://bsiopti.blogspot.com
BSI BlogBSI Blog
Win an iPad (G3)Win an iPad (G3)
Come to our booth!Fill out a raffle ticket
Drawing on Monday Time 2:30 PM
Must be present to win!!
IPv6/VSE UpdateIPv6/VSE Update
Thank you!
WAVV 2012
Jeffrey BarnardBarnard Software, Inc.
© 2012 by Barnard Software, Inc.
