IWQ support for IPSec
z/OS® V2R3 Communications Server, with TCP/IP APAR PI77649, is enhanced to support inbound workload queueing for IPSec workloads for OSA-Express® in QDIO mode.
Inbound workload queueing uses multiple input queues for each QDIO data device (subchannel device) to improve TCP/IP stack scalability and general network optimization. To implement the performance improvements for IPSec workloads, enable inbound workload queueing to process IPSec, EE, sysplex distributor, and streaming bulk data traffic all concurrently with other types of inbound QDIO traffic. When you enable these improvements for a QDIO interface, inbound IPSec, EE, sysplex distributor, and streaming bulk data traffic are each processed on their own ancillary input queue (AIQ). All other inbound traffic is processed on the primary input queue.
- This function is limited to OSA-Express6S Ethernet features or later in QDIO mode running on IBM z14™. For more information about the QDIO inbound workload queueing function and the OSA-Express features that support it, see QDIO inbound workload queueing in z/OS Communications Server: IP Configuration Guide. See the 3906DEVICE or 3907DEVICE Preventive Service Planning (PSP) bucket for more information.
- This function is supported only for interfaces that are configured to use a virtual MAC (VMAC) address.
| Task | Reference |
|---|---|
|
Enable inbound workload queueing for a specific QDIO interface by specifying the WORKLOADQ parameter on the IPAQENET or IPAQENET6 INTERFACE statement (if not already configured). |
|
| Display whether inbound workload queueing is in effect for the QDIO interface by issuing the Netstat DEvlinks/-d command. | Netstat DEvlinks/-d report in z/OS Communications Server: IP System Administrator's Commands |
| Display whether inbound workload queueing is in effect for the QDIO interface and display the workload queueing functions and queue IDs for that interface by issuing the DISPLAY NET,ID=trle command or the DISPLAY NET,TRL,TRLE=trle command. | See the following topics in z/OS Communications Server: SNA Operation: |
| Monitor whether inbound traffic is using inbound workload queueing and display statistics for each queue by initiating VTAM® tuning statistics for the QDIO interface. | MODIFY TNSTAT command in z/OS Communications Server: SNA Operation |
| Monitor whether inbound traffic is using inbound workload queueing and display statistics for each queue by using the TCP/IP callable NMI GetIfStatsExtended request. | TCP/IP callable NMI (EZBNMIFR) in z/OS Communications Server: IP Programmer's Guide and Reference |
| Determine the QID on which a specific packet was received, and the associated workload queueing function, from a packet trace. | Formatting packet traces using IPCS in z/OS Communications Server: IP Diagnosis Guide |
| Determine the QID on which a specific packet was received from an OSAENTA trace. | Formatting OSA traces using IPCS in z/OS Communications Server: IP Diagnosis Guide |
To find all related topics about IWQ support for IPSec, see Table 2.
| Book name | Topics |
|---|---|
| IP Configuration Guide | |
| IP Configuration Reference | |
| IP Programmer's Guide and Reference | |
| IP Diagnosis Guide | |
| IP System Administrator's Commands | |
| SNA Operations | |
| SNA Messages |