Defining a NETSRV

When a NETSRV device is started, an address space is created to interface with JES2 and TCP/IP. The address space name is jesxSnnn where jesx is the name of the owning JES2 address space and nnn is the subscript on the NETSRV(nnn) statement. For example, NETSRV(1) in subsystem “JESA” results in an address space named JESAS001. This address space uses z/OS® UNIX systems services to communicate with TCP/IP. Therefore, the userid that is associated with the address space needs to have an OMVS segment defined in RACF®. Here is an example:

Define or alter a UserID with an OMVS segment:
- Add a new UserID
```
ADDUSER started-userid NAME('netsrv address space') DFLTGRP(sys1) OMVS(UID(0))
```
- Alter an existing UserID
```
ALTUSER started-userid OMVS(UID(0))
```
Note: NETSRV requires one z/OS UNIX process on which to listen for inbound connection requests. NETSRV creates one process for each connection that is started. Consideration should be given to the z/OS UNIX resources, defined via attributes such as PROCUSERMAX and FILEPROCMAX under the respective OMVS user segment, to ensure that ample resources are available for an installation to establish the necessary number of connections. Failure to ensure the availability of adequate z/OS UNIX resources might result in the inability to establish new connections.
Complete the following items through SETROPTS if they are not already done:
- Use RACLIST for the STARTED class.
- Activate the STARTED class.
- Enable generic processing for the STARTED class to the GENERIC and GENCMD resource class.
Define The STARTED Profile for NETSRV:
```
RDEFINE STARTED jesas001.* STDATA(USER(started-userid))
```
Be sure to refresh the STARTED class after the RDEFINE.
Note: The prior example uses UID(0). NETSRV does not require UID(0). If non-UID(0) is used, after performing the prior three steps, perform the following two steps. Your security administrator should determine the actual values to use for your environment. For more information, see z/OS Security Server RACF Security Administrator's Guide and z/OS UNIX System Services Planning.
Ensure that the NETSRV UserID has access to the TCP/IP Ports that are used by NETSRV:
- For information about PORT statement (SAF option) and TCPCONFIG statement (RESTRICTLOWPORTS parameter), see topic TCP/IP profile in z/OS V2R2.0 Communications Server: IP Configuration Reference.
- If SAF is used to protect the port, RACLIST and activate the SERVAUTH class. If generic profiles are used, add SERVAUTH to GENERIC and GENCMD resource classes. For more information, see z/OS Security Server RACF Security Administrator's Guide.
Ensure that the NETSRV UserID has access to the following BPX resource:
```
FACILITY BPX.CONSOLE (Read)
```

Finally, you also need to consider adjusting the service class that is assigned to the address space. The address space uses separate subtasks for each connection. If it is supporting a large number of connections, the address space can use as much CPU resource as the system allows it to transmit and receive data. If its priority is too high, it could lock out other work in the system.