IBM Support

z/OS V2R4 Communication Server New Function APAR Summary

General Page

New function APAR summary for z/OS V2R4 Communications Server

V2R4 header

For more V2R4 new functions, see z/OS V2R4 Communications Server: New Function Summary.

Enhancing security

pin  IBM zERT Network Analyzer passphrase and password management support June 2022

The IBM zERT Network Analyzer with APAR PH43119 for z/OS V2R4 supports the use of passphrases up to 100 characters to connect to the Db2 for z/OS database. The IBM zERT Network Analyzer includes additional enhancements in the Database Settings panel to clear existing database credentials to allow for easier switching to a different database user ID.

pin  Support for SMF compliance evidence May 2022

z/OS® V2R4 Communications Server with APAR PH37372 generates new SMF type 1154 records that provide compliance evidence for the TCP/IP stack (subtype 1), FTP daemon (subtype 2), TN3270E Telnet server (subtype 3), and CSSMTP client (subtype 4).

Restriction:
z/OS APARs OA61443 and OA61444 are required to support the new ENF 86 signal.
Dependencies:
  • The TCP/IP stack must be active to provide the TCP/IP stack compliance evidence SMF record.
  • The FTP daemon must be active to provide the FTP daemon compliance evidence SMF record.
  • The TN3270E Telnet server must be active to provide TN3270E Telnet server compliance evidence SMF records (one per server port).
  • CSSMTP must be active to provide the CSSMTP client compliance evidence record.

 pin FTP server JES access control March 2022

z/OS V2R4 Communications Server, with APAR PH42618, supports a new SAF resource in the SERVAUTH class to control which users are allowed to access FTP JES mode. When the SERVAUTH class is active and a profile is defined for the EZB.FTP.sysname.ftpdaemonname.ACCESS.JES SAF resource, only users with permission to the profile are allowed to access FTP JES mode.

Dependencies:
The SERVAUTH class must be active for the EZB.FTP.sysname.ftpdaemonname.ACCESS.JES SAF resource to provide access controls.

 pin IBM zERT Network Analyzer database administration enhancements May 2020

z/OS Management Facility (z/OSMF) with the IBM zERT Network Analyzer APAR PH24494 for z/OS V2R4, introduces a configurable report timeout and limits to the maximum number of open reports per user. The sample database schema tooling now includes additional templates to change the number of partitions in the partition-by-range query result tables.

pin IBM Health Checker for use of native TLS/SSL support for DCAS March 2020

z/OS® V2R4 Communications Server, with TCP/IP APAR PH16144 and SNA APAR OA58255, provides a new migration health check to use with the IBM Health Checker for z/OS function. The migration health check identifies if DCAS uses native TLS/SSL support.

Dependencies:
You must install TCP/IP APAR PH16144 and SNA APAR OA58255 and start the IBM Health Checker for z/OS to use the new migration health check.

pin IBM Health Checker for use of native TLS/SSL support for the FTP server March 2020

z/OS® V2R4 Communications Server, with TCP/IP APAR PH21573 and SNA APAR OA59022, provides a new migration health check to use with the IBM Health Checker for z/OS function. The migration health check identifies active FTP servers using native TLS/SSL support.

Dependencies:
You must install TCP/IP APAR PH21573 and SNA APAR OA59022 and start the IBM Health Checker for z/OS to use the new migration health check.

pin IBM Health Checker for use of native TLS/SSL support for the TN3270 server March 2020

z/OS® V2R4 Communications Server, with TCP/IP APAR PH16144 and SNA APAR OA58255, provides a new migration health check to use with the IBM Health Checker for z/OS function. The migration health check identifies active TN3270 servers using native TLS/SSL support.

Dependencies:
You must install TCP/IP APAR PH16144 and SNA APAR OA58255 and start the IBM Health Checker for z/OS to use the new migration health check.

pin IBM zERT Network Analyzer database administration enhancements January 2020

z/OS Management Facility (z/OSMF) V2R4 with the IBM zERT Network Analyzer APAR PH16223, provides additional flexibility in IBM zERT Network Analyzer's Db2 for z/OS database schema definitions and reduces the access privileges required by the IBM zERT Network Analyzer's database user ID. The supplied database schema tooling now supports customized values for the database schema name, index names and even table names along with many other operational parameters that were already configurable.

Dependencies:
No new dependencies are introduced. The IBM zERT Network Analyzer requires z/OSMF to be installed and a type 4 JDBC connection to Db2 for z/OS 11 or higher.

pin Sysplex Automonics for IPsec December 2019

z/OS V2R4 Communications Server, with APAR PH12788, enhances the sysplex autonomics function to monitor IPsec infrastructure. You can request that sysplex autonomics delay a TCP/IP stack from joining a sysplex group until the IPsec infrastructure is active. You can also request that sysplex autonomics monitor the IPsec infrastructure after the stack has joined the sysplex group. If monitoring the IPsec infrastructure is enabled, you are alerted with new messages when the IPsec infrastructure is not operational. You can optionally configure the TCP/IP stack to also take a recovery action and leave the sysplex when it detects that the IPsec infrastructure is not active. This allows a backup TCP/IP stack to take over DVIPAs from the system that left the sysplex.

With PH16303, you can configure this function in Network Configuration Assistant (NCA).

Restrictions:

  • The monitoring of the IPsec infrastructure can only be enabled for a TCP/IP stack that is using sysplex-wide security sessions (SWSA) and has the DVIPSEC parameter configured on the IPSEC statement in the TCP/IP profile.
  • While the EZBDVIPA coupling facility structure is required for IPsec sysplex-wide security associations (SWSA), the ability of the TCP/IP stack to connect to or access the EZBDVIPA structure is not monitored by sysplex autonomics for IPsec. A failure related to the EZBDVIPA structure would typically be sysplex-wide. It would not be beneficial for a TCP/IP stack to leave the sysplex for a sysplex-wide failure.
  • In IPsec configurations where both a primary and backup NSSD are configured for certificate services, no monitoring of the IKED connection to NSSD is done after the TCP/IP stack joins the sysplex. See the IP Configuration Guide “Sysplex Autonomics for IPsec infrastructure” for additional information.
Incompatibilities:
  • If your IPsec infrastructure includes the Network Security Services daemon (NSSD), and the IKED to NSSD connection uses a DVIPA as the source or destination IP address, the sysplex autonomics IPsec infrastructure monitoring function should not be enabled.
  • If you use a centralized Policy Agent server for IPsec or AT-TLS policy, and the connection from the policy client to the policy server uses a DVIPA as the source or destination IP address, the sysplex autonomics IPsec infrastructure monitoring function should not be enabled.

Simplification

pin Communications Server exploitation of the IBM Function Registry for z/OS Dec 2022

z/OS® V2R4 Communications Server, with SNA APAR OA63555, is enhanced to register VTAM general information with the IBM Function Registry for z/OS. This information allows you to understand the extent of SNA application activity in your network.

pin IBM Health Checker for the removal of VTAM LSA Architecture Dec 2021

z/OS V2R5 Communications Server, with SNA APAR OA62208, provides a new migration health check to use with the IBM Health Checker for z/OS function. The migration health check identifies if VTAM Link Station Architecture (LSA) devices are in use. These devices are configured with MEDIUM=CSMACD in the XCA major node PORT statement.
Support for VTAM Link Station Architecture (LSA) devices will be withdrawn in a future release of the IBM z/OS Communications Server.

Dependencies:
To use the IBM Health Checker for the removal of VTAM LSA Architecture, perform the following steps:
  • Apply the appropriate PTF for SNA APAR OA62208
  • Start the IBM Health Checker for z/OS

pin IBM Health Checker for the removal of DEVICE, LINK, and HOME for OSA Express connectivity December 2021

z/OS V2R5 Communications Server, with SNA APAR OA62208 and TCP/IP APAR PH40875, provides a new migration health check to use with the IBM Health Checker for z/OS function. The migration health check identifies if TCP/IP profile statements DEVICE, LINK, and HOME for OSA-Express connectivity are in use.
Support for DEVICE/LINK/HOME TCP/IP profile statements for OSA-Express connectivity will be withdrawn in a future release of IBM z/OS Communications Server.

Dependencies:
To use the IBM Health Checker for the removal of DEVICE, LINK, and HOME for OSA-Express connectivity, perform the following steps:
  • Apply the appropriate PTF for SNA APAR OA62208
  • Apply the appropriate PTF for TCP/IP APAR PH40875
  • Start the IBM Health Checker for z/OS

Hardware support

 pin OSA-Express Enhanced Inbound Blocking June 2022

z/OS® V2R4 Communications Server, with TCP/IP APAR PH44281 and SNA APAR OA62831, OSA-Express
Enhanced Inbound Blocking (EIB) is a QDIO performance enhancement that might be beneficial for OSA interfaces with
a high volume of inbound network bulk or streaming traffic.

Restrictions:
QDIO Enhanced Inbound Blocking is supported on OSA-Express7s on z15® or later systems (with supporting MCL) and
subsequent systems only.

pin  Communications Server support for RoCE Express3 April 2022

z/OS V2R3 Communications Server, with TCP/IP APAR PH34117 and SNA APAR OA60855, extends the Shared Memory Communications over Remote Direct Memory Access (SMC-R) function to support the next generation IBM RoCE Express3 feature. The IBM RoCE Express3 feature allows TCP/IP stacks on different LPARs within the same central processor complex (CPC) to leverage the power of these state-of-the-art adapters to optimize network connectivity for mission critical workloads by using Shared Memory Communications technology.

Incompatibilities:
This function does not support IPAQENET interfaces that are defined by using the DEVICE, LINK, and HOME statements. Convert your IPAQENET definitions to use the INTERFACE statement to enable this support.

Dependencies:
This function requires the IBM® or later systems. To enable the z/OS Communications Server support for RoCE Express3 features, complete the appropriate tasks in the following table.

pin Shared Memory Communications - Direct multiple IP subnet support (SMC-Dv2) September 2020

z/OS V2R4 Communications Server, with TCP/IP APAR PH22695 and SNA APAR OA59152, Shared Memory Communication - Direct Memory Access (SMC-D) is enhanced to remove the same subnet restriction by exploiting SMC-Dv2.

Dependencies:
  • SMC-Dv2 is enabled with new IBM Z capability provided by the IBM Z Internal Shared Memory (ISM) function. The new ISMv2 capability is available on IBM z15. For IBM z15 T01, refer to the MCL number P46601.067 driver D41C. The ISMv2 support is in the base of the IBM z15 T02.
  • The PTF for z/OS IOS PCIe Services APAR OA59235 is required. Failure to apply that PTF will result in activation failures.

Scalability and performance

 pin IBM zERT aggregation recording interval June 2020

z/OS V2R4 Communications Server, with APAR PH25049, introduces the INTVAL/SYNCVAL sub-parameters. The interval at which the SMF 119 subtype 12 records are created will be determined by the ZERT AGGregation sub-parameter INTVAL. To resolve a display issue related to ZERT AGGregation, install APAR PH26550.

pin Inbound Workload Queueing (IWQ) support for IBM z/OS Container Extentions December 2019

z/OS V2R4 Communications Server, with VTAM APAR OA58300 and TCP/IP APAR PH16581, is enhanced to support inbound workload queueing for IBM z/OS Container Extensions (zCX) workloads for OSA-Express® in QDIO mode.

Incompatibilities: This function does not support IPAQENET interfaces that are defined by using the DEVICE, LINK, and HOME statements. Convert your IPAQENET definitions to use the INTERFACE statement to enable this support.
Dependencies:
  • This function is limited to OSA-Express6S Ethernet features or later in QDIO mode running on IBM z14.
  • This function is supported only for interfaces that are configured to use a virtual MAC (VMAC) address.

Application development

pin SMTPD compatibility enhancements for CSSMTP December 2019

z/OS V2R4 Communications Server with APAR PH18237, enhances the Communications Server SMTP (CSSMTP)application with three new configuration parameters to provide better compatibility with SMTPD for your migrationfrom SMTPD to CSSMTP.

pin OSIMGMT Health Checker July 2019

z/OS V2R4 Communications Server with APAR OA57753, provides a new OSIMGMT Health Checker, ZOSMIGV2R4_Next_CS_OSIMGMT, to check whether the VTAM OSIMGMT functions are in use on this system. z/OS V2R4 is planned to be the last release to support the VTAM Common Management Information Protocol (CMIP). CMIP services is an API that enables a management application program to gather various types of SNA topology data from a CMIP application called the topology agent that runs within VTAM. IBM recommends using the SNA network management interface (NMI) to monitor SNA Enterprise Extender and High Performance Routing data.

 
If you have any comments or questions about New Function APAR Summary, send an email to comsvrcf@us.ibm.com.

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSSN3L","label":"z\/OS Communications Server"},"Component":"","Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"V2R4","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]

Document Information

Modified date:
05 July 2023

UID

ibm10959247

Page Feedback