APAR status
Closed as canceled.
Error description
OS/390 ENETWORK COMMUNICATION SERVER V2R6: IP CONFIGURATION (SC31-8513-01) INFO APAR
Local fix
OS/390 ENETWORK COMMUNICATIONS SERVER VERSION 2 RELEASE 6 IP CONFIGURATION GUIDE, SC31-8513-01 The OS/390 V2R6.0 Planning and Installation bookshelf (E0Z1IN30.BKS) on the 9/98 OS/390 CD Collection Kit points to a downlevel edition of the OS/390 V2R6 eNetwork Communications Server IP Configuration Guide (F1AF7000.BOO instead of F1AF7001.BOO). The latter bookfile (F1AF7001.BOO) is part of the 9/98 OS/390 CD Collection Kit and is correctly referenced from the OS/390 V2R6 eNetwork Communications Server bookshelf (F1A0BK02.BKS). In Chapter 2 (Customization and Administration Overview), table 4 (TCP/IP Cataloged Procedures), page 36 for the OROUTED function, change the search order for the OROUTED profile to: - ROUTED_PROFILE environment variable - /etc/routed.profile - hlq.ROUTED.PROFILE In Chapter 3 (Configuring the TCPIP Address Space), under "Step 2: Specify Configuration Statements in PROFILE.TCPIP", under OROUTED on page 62, change step 3 of the search order for the PROFILE configuration data set or file to: 3. hlq.ROUTED.PROFILE and change step 3 of the search order for the GATEWAYS configuration data set or file to: 3. hlq.ETC.GATEWAYS In chapter 3 (Configuring the TCPIP Address Space), on page 178 under "Usage Notes" for the TRANSLATE Statement, AND in chapter 26 (Using OSPF), under "Configuring OSPF", add the following note: NOTE: Implementations of OSPF that listen for an address other than the 0xc000.0004.0000 at the DLC layer will not be able to communicate with the TCP/IP stack unless they code the following TRANSLATE statement in the TCP profile: TRANSLATE 224.0.0.0 IBMTR FFFFFFFFFFFF linkname In chapter 4 (Operator Commands and System Adminis- tration), add the following information on the DISPLAY TCPIP,,OMPROUTE command: DISPLAY TCPIP,,OMPROUTE: Use the DISPLAY TCPIP,,OMPROUTE command to display OSPF and RIP configuration and state information. For futher information, see "OS/390 eNetwork Communications Server: IP Diagnosis". In chapter 11 (Configuring the Telnet Server), the fol- lowing statement should be added to the section that begins on page 310 entitled "Specifying the TELNETPARMS Statements in the PROFILE Data set": ENCRYPTION AND ENDENCRYPTION STATEMENTS Each of the Telnet fmids supports a specific set of encryption algorithms. The ENCRYPTION/ENDENCRYPTION block allows the selection of a subset of the supported algorithms to use for this port. The ENCRYPTION/ENDENCRYPTION block applies only to SSL V3 clients. <------------< >>--ENCRYPTion----ciphertype----ENDENCRYPTion---------->< Parameters ciphertype The encryption types to use for this port. The order in which the encryption types are specified is not significant. Usage Notes - If this keyword is not coded, the Telnet server sup- ports all encryption methods available for the fmid. - The server specifies the list of encryption types that it supports. The client controls which of the available ciphers will be used for the data encryption by specifying the desired ciphers in order of preference. The actual cipher used is the best match between what the server supports and what the client requests. If the server does not support any of the ciphers the client requests, the SSL handshake will fail and the connection will be closed. - Following are the encryption methods that Telnet sup- ports and the fmids for which the encryption methods are valid: available (y) in SSL V3 HTCP350 JTCP35T JTCP35L JTCP35K cipher type (base) (RC2/4) (DES) (3DES) -------------- -------+-------+-------+--------- SSL_NULL_Null y y y y SSL_NULL_MD5 y y y y SSL_NULL_SHA y y y y SSL_RC4_MD5_EX y y y SSL_RC4_MD5 y SSL_RC4_SHA y SSL_RC2_MD5_EX y y y SSL_DES_SHA y y SSL_3DES_SHA y Examples TELNETPARMS SECUREPORT 501 KEYRING HFS /tmp/tcpcs.kyr ENCRYPT SSL_DES_SHA SSL_3DES_SHA ENDENCRYPT . . . ENDTELNETPARMS In this example, an HFS keyring file is used. All con- nections for this port will use SSL security with either DES or triple DES encryption algorithms. NOTE: The profile update for this port will fail unless either the JTCP35L or JTCP35K feature is installed. If the JTCP35L feature is installed, the profile will give a warning message that SSL_3DES_SHA is not available and all connections will use the SSL_DES_SHA encryption. If the SSL client does not support one of the specified encryption methods, the SSL handshake will fail and the connection will be closed. In chapter 19 (Configuring OS/390 UNIX Sendmail and Popper), on page 587, change the first sentence of the second paragraph to: "Additional information about sendmail can also be found on the OS/390 UNIX supporting applications website, http://www.s390.ibm.com/unix/apps/sendm.html, as well as in documents from the sample directory that were received during the port of sendmail 8.8.7 from the http://www.sendmail.org website." In chapter 23 (Configuring the Remote Print Server (LPD)), in the section "Step 4: Create a Banner Page", in the sample JCL that starts on page 768, the INCLUDE card from AEZAMOD1 for the copyright should be: INCLUDE AEZAMOD1(EZBOECPR) Therefore, in the same link step, the ORDER card for the CMCOPYR should be changed to: ORDER EZBOECPR In chapter 24 (Configuring the OROUTED Server), on page 807 under "Configuring a Passive Route", change the last sentence of the first paragraph to: "This problem is inherent to the RIP protocol and cannot be prevented." In chapter 24 (Configuring the OROUTED Server), on page 809 under "Configuring an Active Gateway", change the first sentence after the four steps to: "Define active gateways for the remote routers in the OROUTED gateways file or data set:" In chapter 25 (Configuring OMPROUTE), in "OMPROUTE Param- eters" on page 826, add the following note: NOTE: The -tn parameter affects OMPROUTE performance and might require an increase in the Dead_Router_Interval on OSPF interfaces to keep neighbor adjacencies from col- lapsing. In chapter 27 (Configuring the NCPROUTE Server), on page 893 change figure 52 to the following: 155.80.20 155.80.10 | .2 .1 .2 .1 |------- Router1 Host1 ============ ncp1 -----------| .3 |------- Router2 | LAN In appendix F (Description of Syslog Daemon (syslogd)), under "Description" on page 997, change: syslogd stores it process id in file: /etc/syslog.pid so it may be used to terminate or re-configure the daemon. To: syslogd stores it process id in file: /etc/syslog.pid so it may be used to terminate or re-configure the daemon. To successfully create this file, the syslogd userid must be defined as UID 0. In Chapter 24, Configuring the OE RouteD Server, in "Step 4: Update the OROUTED Cataloged Procedure (optional)", add the following note: Note: STDOUT and STDERR cannot be directed to any SYSOUT clas they must be directed to an HFS file. In Chapter 3, "Configuring the TCPIP Address Space", add the fol as a usage note under the TRANSLATE statement: - Some token ring hardware does not recognize the RFC 1469 mandated functional MAC address for multicast. The TRANSLAT statement can be used to configure a token ring link to broadcast multicast datagrams as an alternative to using the functional MAC address. Use the reserved class D address 224.0.0.0 with one of the following special physical address - FFFFFFFFFFFF for all rings broadcast. - C00000040000 to reset back to the default functional add The following are examples of how to specify each method: - All rings: TRANSLATE 224.0.0.0 IBMTR FFFFFFFFFFFF linkname - Assigned functional address: TRANSLATE 224.0.0.0 IBMTR C00000040000 linkname The TRANSLATE statement is effective on a per link basis. You do not have to code a TRANSLATE statement if you want th assigned functional address, as it is the default method. In chapter 2, "Customization and Administration Overview", in the section on "Considerations for Multiple Instances of TCP/IP", the second sentence of the last paragraph should read: In particular, read the section on "Setting Up for Common INET Sockets" in "OS/390 UNIX System Services Planning". In Chapter 11, "Configuring the Telnet Server", in the section on "Specifying the TELNETPARMS Statements in the PROFILE Data set", add: SINGLEATTN Statement The TELNETPARMS SINGLEATTN statement causes Telnet to check the data for a PA1 and ATTENTION key combination, x'6CFFEFFFF3', in the data stream sent from the client. If found, Telnet only sends the ATTENTION on to the SNA application x'FFF3'; it discards the PA1. The default is to send both the PA1 and the ATTENTION. Syntax >>---|------------|---------------------------->< |-SINGLEATTN-| Parameters: None Examples: The SINGLEATTN statement must be between the TELNETPARMS and ENDTELNETPARMS statements. TELNETPARMS SINGLEATTN . . . ENDTELNETPARMS In Chapter 3, "Configuring the TCPIP Address Spaced", under the "Usage Notes" for the "BSDROUTINGPARMS Statement", add: - If running enterprise extender with OROUTED, you must update the BSDROUTINGPARMS with the following: TOVTAM DEFAULTSIZE 0 255.255.255.0 0 Not having this route defined will cause broadcasts to 0.0.0.0.
Problem summary
Problem conclusion
Temporary fix
Comments
APAR Information
APAR number
II11402
Reported component name
PA LIB INFO ITE
Reported component ID
INFOPALIB
Reported release
001
Status
CLOSED CAN
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
1998-09-09
Closed date
1999-03-08
Last modified date
1999-03-08
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Applicable component levels
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Platform":[{"code":"PF054","label":"z\/OS"}],"Version":"001"}]
Document Information
Modified date:
09 September 2020