Sysplex-wide source VIPAs for TCP connections

The TCPSTACKSOURCEVIPA keyword on the IPCONFIG or IPCONFIG6 statements allows users to specify a single VIPA, static or dynamic, to be used as a source IP address for TCP applications that initiate outbound connections on that stack. TCPSTACKSOURCEVIPA is in effect only when SOURCEVIPA is enabled and an application issues a connect() without a bind(). Applications that perform an explicit bind() do not use the TCPSTACKSOURCEVIPA address, such as the following applications:

LPQ
LPR
REXEC as a TSO command
RSH
SMTP when mail is being sent to other servers
TELNET client

In addition, applications that use the Pascal API TcpOpen() call have an explicit bind() performed for them.

Guideline: Because the SRCIP profile statement provides all of the functionality of the TCPSTACKSOURCEVIPA parameter and more granularity, consider use of the SRCIP statement instead of specifying the TCPSTACKSOURCEVIPA parameter. Specifying JOBNAME * in an SRCIP profile statement provides the same result as specifying the TCPSTACKSOURCEVIPA parameter for implicit bind scenarios, and also applies to applications that issue a bind to the IPv4 INADDR_ANY address or to the IPv6 unspecified address (in6addr_any).

Tip: The TCPSTACKSOURCEVIPA parameter overrides the VIPA IP addresses in the HOME list or the SOURCEVIPAINTERFACE specification, but the TCPSTACKSOURCEVIPA parameter can be overridden. For information about the hierarchy of various ways that the source IP address of an outbound connection is determined, see Source IP address selection.

If you specify TCPSTACKSOURCEVIPA and do not specify SOURCEVIPA in a profile, a warning message is issued and TCPSTACKSOURCEVIPA is not enabled. The address that is specified does not need to be active on the stack at profile processing time. For example, a valid TCPSTACKSOURCEVIPA address can be an address that is to be a target address on this stack for sysplex distribution.

If the TCPSTACKSOURCEVIPA address is not an active VIPA on the stack at the time a connect() is issued, the connect() call goes through normal source IP address selection. A warning message is issued no more than once every 5 minutes (to avoid flooding the system console), indicating an attempt to use the address that is specified in TCPSTACKSOURCEVIPA failed.

TCPSTACKSOURCEVIPA can be coded on all target stacks. The target TCPSTACKSOURCEVIPA statements can specify individual unique addresses, or can be duplicates of the addresses that are specified on the distributing stack (a target DVIPA). Specifying the same DVIPA address for TCPSTACKSOURCEVIPA on the distributor and all target stacks creates a sysplex-wide source VIPA and raises the concern for coordination of ephemeral ports across the sysplex.

For information about diagnosing sysplex-wide source VIPAs for TCP connections problems, see z/OS Communications Server: IP Diagnosis Guide.