Networking with z/OS - Boot Camp

What you will learn

On successful completion of this course you will be able to:

• list the characteristics of APPC communication
• identify the major SNA components and their role within the architecture
• identify and use the various address structures used in SNA
• describe the purpose and data flow characteristics of each session type
• explain how chaining, bracketing and pacing operate
• identify the major SNA commands and command flows
• characterise SNA requests and responses
• interpret SNA message structures at each level
• describe the operation of path control and its components
• list the characteristics of APPC communication
• define and configure the Enterprize Extender
• describe the importance and use of APPC verbs
• identify the APPN node types and explain their function
• explain the principles of APPN routing and addressing
• define startup and session establishment procedures to VTAM
• reinforce understanding of SNA architecture implementation
• define network resources (major/minor nodes) to VTAM
• avoid the most common mistakes made by new users
• identify and code routing requirements for a VTAM network
• code the definitions to support cross-domain communication
• understand uses of VTAM console commands
• describe various backup/recovery facilities
• understand the use of VTAM generics and Multi Node Persistent sessions in a Parallel Sysplex
• define these components in a Parallel Sysplex
• describe the main objectives of the TCP/IP protocols
• explain the structure and use of IP addresses
• distinguish between an application and a protocol
• identify TCP/IP message formats
• explain what port numbers are and why some are well known
• explain how IP routing operates and how messages are delivered to the right node
• understand the function, purpose, and use of subnetting, and be able to specify suitable subnet masks for given implementations
• describe how the FTP application operates and how it can be used
• explain how the Telnet and TN3270 applications operate and how they can be used
• explain how the world wide web application operates
• describe how TCP operates and how connections are established, used, and terminated
• explain retransmission, sliding windows, and out of band data
• describe how UDP operates
• explain fragmentation and reassembly
• explain the purpose of CIDR and describe how it operates
• describe the purpose and function of the ICMP protocols and give examples of their use
• describe the purpose and function of the ARP protocol and state why it is required
• describe the purpose and use of the RARP protocol and its relationship to the BootP and DHCP protocols
• explain how a TCP/IP network can be installed, configured, tested, and managed
• explain how public/private key encryption techniques work
• describe the contents and use of a Digital Certificate
• state the purpose of the Secure Sockets Layer
• describe the principles of Firewalls
• describe the structure, operation and the addressing mechanisms used in a TCP/IP network
• list the major configuration steps involved in customising TCP/IP for z/OS and explain the Security Server customisation required in z/OS
• explain the purpose and use of Virtual IP addressing (VIPA) and explain how to code for both a static and dynamic VIPA configuration
• describe how to define devices to TCP/IP for z/OS and explain how to define the TCP/IP for z/OS host IP address(es)
• describe the purpose and customisation of the DATA data set
• define the host name, domain name and DNS information
• describe the purpose and use of the HOSTS file and the SERVICES data set
• explain the configuration of the TN3270 server and the SNA gateway and explain the VTAM configuration required to support the gateway
• implement a VTAM USS table for TN3270 users
• describe the operation and customisation of the FTP server and its major security features
• explain how to implement the TLS and SSL protocol technology to protect data exchanges between client and server applications.
• explain the operation and customisation of the SMTP server and the Routed server
• describe the purpose and use of the major MVS, TSO and USS commands
• explain how to start, stop and interpret a TCP/IP packet trace and a component trace
• describe in overview how SNMP is implemented on z/OS and list the steps involved in customising SNMP under z/OS
• describe how Digital Certificates can be implemented and used within z/OS and how various clients and servers use the certificates.
• explain how Digital Certificates are used in a policy-based z/OS environment
• explain the rules and policies used in the Policy Agent ( PAGENT) to dictate how users, applications and organizations access and use their IT resources
• understand how the PAGENT can be configued as a Central Policy Server
• explain how to implement IP Security

Who Should Attend

Systems Programmers and Network Administrators working in a z/OS environment.

Prerequisites

An understanding of the z/OS environment.

Duration

10 days

Fee (per attendee)

P.O.A.

This includes free online 24/7 access to course notes.

Hard copy course notes are available on request from rsmshop@rsm.co.uk

at £50.00 plus carriage per set.

Course Code

SNBC

Contents

SNA Introduction

What is SNA?; Pre-SNA networks; SNA hardware and software; SNA elements; Sessions; SNA layers; SNA message units; Session establishment sequence; Why APPN?; APPN node types; Resource registration; Resource location; LU-LU session activation; Locating resources.

Introduction to Networking and TCP/IP

What is TCP/IP?; why TCP/IP?; the growth of the Internet; internetworking principles; IP addressing: example, IP address and physical address; Internet domain names; Internet domain name hierarchy; TCP/IP protocols; common user applications; common system applications; the next generation.

Console Commands

The START command; The DISPLAY command; The VARY command; The MODIFY command; The HALT command.

Network Addressable Units

SNA Network Addressable Units (NAUs); SSCP/CP functions; PU types; Message flow; Address awareness; Subarea network addresses; APPN network address; Local addresses; Address conversion.

SNA Sessions

Sessions and half-sessions; half session layers; session types; setup flows; initiation sequences; logon request processing; LU-LU session types.

Network Installation & Definition

Network planning; Network installation; MVS installation considerations; VM installation considerations; Network related datasets; VTAM start procedure; Structure of SYS1.VTAMLST; The ATCSTR00 member of SYS1.VTAMLST; The ATCCON00 member of SYS1.VTAMLST; Network definition - major & minor nodes.

Architecture & Operation

Requests For Comments (RFCs); Protocol boundaries; Port numbers; Message formats; Transport & network protocols; A tale of two transports; Principles of IP routing; The structure of the Internet; Review questions.

User-Oriented Applications

Client/Server applications; Addressing the server; Berkeley Sockets; A TCP communication; A UDP communication; The File Transfer Protocol application; Using FTP; The Telnet application; Using Telnet; The Simple Mail Transfer Protocol; The Post Office Protocol v3; Using SMTP and POP3; The World Wide Web application; Using the Web; Review questions.

System-Oriented Applications

Resolving Internet domain names; The Domain Name System; Domain Name resolution; The Network File System; The Network File System architecture; The Network File System in operation; The Network File System port numbers; Network management - problems; Simple Network Management Protocol; Network management - solution; Review questions.

An Overview of TCP/IP on z/Os

TCP/IP for z/OS; TCP/IP access to SNA applications; How the gateway works; SNA access to TCP/IP applications; Communications Storage Manager; Device connectivity; Device attachments; Direct vs indirect attachment; Direct attachment problem; Virtual IP addressing - the solution; Sharing attachments across LPARs; UNIX Systems Services considerations.

TCP/IP for z/OS Installation

UNIX Systems Services prerequisites; Security Server prerequisites; Customisation procedure (Steps 1 through 8); z/OS customisation procedures; 'Must Have' reference manuals; 'Nice to Have' reference manuals.

TCP/IP for z/OS - Command Overview

Starting and stopping TCP/IP; commands: MODIFY, VARY, OBEYFILE, NETSTAT.

APPN/HPR Concepts

Introduction to APPN; APPN protocol; Base and Towers; SNA layer model; Why APPC?; APPC LU differences; Route calculation; APPN Class Of Service; APPN COS definition in VTAM; Transmission groups; Channel to Channel Adapters; Cross domain logon processing; PU Type 2.1; The Address Space Manager; APPN and the Boundary Function; Link Stations; APPN Node Services.

APPN/HPR Topology

Topology Database - Part One; Learning of Topology; Topology Database - Part Two; Topology Database - Part Three; Garbage Collection; HPR overview; The High Performance pouting principle; Rapid Transport Protocol; RTP Route Recovery; APPN/HPR options; Adaptive rate based pacing; ISTRTPNM; HPR only links.

Network Level Protocols

Resolving Internet domain names; the Network Level Protocols; IP services; IP address classes; subnetting principles; subnetting mechanism; subnetting in action; IP datagram format; fragmentation and reassembly; type of service; Time To Live; IP datagram format review; IP address space exhaustion; Classless Inter-Domain Routing: CIDR in action; Internet Control Message Protocol: ICMP message format, example ICMP messages; Address Resolution Protocol: ARP message format, ARP in action; Reverse Address Resolution Protocol: RARP in action, RARP message format; the Bootstrap Protocol: BootP message format, BootP in action, the problem with BootP; Dynamic Host Configuration Protocol: DHCP message format.

Basic Profile Definitions

Customising the PROFILE dataset; PROFILE dataset syntax; Device interface properties; Statements that define an interface; The basic DEVICE statement; The basic LINK statement; Defining LCS devices; Defining CLAW devices; OSAs, Hipersockets and Channel Attached Routers; OSA diagnostic device; QDIO and non-QDIO; OSA Express

User-Coded Tables

Assembled Tables; Unformatted System Services (USS) logon procedure; Mode Tables; USS Tables; USSCMD macro format; USSPARM macro format; SNA/SCS message 10 example; SNA character set; Non-SNA/3270 message 10 example; 3270 commands and orders.

Other Datasets Needed

Customising the DATA dataset; a ssociation with the TCP/IP stack; specifying the host name and domain name; specifying the name server parameters; A typical DATA dataset ; RESOLVER;RESOLVER procedure; RESOLVER files ;Resolver other statements; CINET GLOBALTCPIPDATA; TCPIP.DATA Search Order; The SITE dataset; The SERVICES file.

Server Customisation

Configurable servers;TN3270 customisation steps; updating the TN3270 started task JCL; TelnetGlobals statement;Reducing demand for ECSA storage; TELNETPARMS statement; updating the PORT statement; BEGINVTAM statement; VTAM application major node; defining a USS table; Identifying the USS table in the PROFILE dataset; other TN3270 profile statements; UNIX Telnet server operation; customising the INETD server; starting Inetd and Telnet; SSHD UNIX files; SSHD - Using ICSF and /dev/random);SSHD - Creating configuration files; SSHD - Creating SSHD server keys; SSHD - Set up SSHD server userids; SSHD - Create SSHD server started task; SSHD - TCP configuration; SSHD - Verify z/OS DNS / Resolver operation; FTP server in operation; FTPS and SFTP; Pros and cons of FTPS and SFTP; customising the FTP.DATA dataset; customising the PROFILE and SERVICES datasets for FTP; Starting FTP; SYSLOGD ;SYSLOGD -/dev/console and /dev/log ; SYSLOGD Create the syslog daemon configuration file; SYSLOGD Create empty syslog output file; SYSLOGD - Port and Services assignments ; SYSLOGD Started Task JCL; OMVS startup ;SYSLOGD RACF Definitions; operation and customisation of the ROUTED server; OMPROUTE; OMPROUTE - Configuration file; OMPROUTE Reserve the ports; OMPROUTE - Update the Resolver Configuration File; OMPROUTE - Started Task JCL; OMPROUTE Services Port Numbers; OMPROUTE - RACF defintions; OMPROUTE - SYSLOGD; OMPROUTE - Static Routes; OMPROUTE - Configure OSPF authentication; operation and customisation of the SMTP server; customising other servers.

APPN & VTAM Data Flow

The NAU layers; session profiles; session level pacing; adaptive session level pacing; request chaining; bracketing; Send/Receive modes; function management headers; BIND command.

APPN Message Structures

Message format and flow; RU categories; BIU structures; request header format; response header format; transmission header formats; additional TH fields; FID conversion.

Transport Level Protocols

TCP and UDP compared; Transport Level Message formats; UDP datagram format; UDP checksum pseudo-header; UDP in action; TCP segment format; TCP checksum pseudo-header; connection setup and release; sequence numbers; segment acknowledgement; TCP reliability; TCP Sliding Windows; Sliding Windows in action; TCP Control Flags; TCP Segment Format; TCP Finite State Machine; establishing a TCP connection; TCP data transfer; TCP connection release.

Configuring & Managing a TCP/IP Network

Setting up a TCP/IP host; Network infrastructure; Interconnection devices; TCP/IP addressing & naming; Choosing names & addresses; Security & privacy; Firewalls & encryption; Public key encryption - principle; Public key encryption - capabilities; Digital certificates; Secure Sockets Layer; Firewalls - packet filtering; Firewalls - bastion host; Firewalls - screened subnet; Network management - ping; Network management - Netstat; Review questions.

Network Security

Introduction; Vulnerabilities; The user; The user's operating system; Software running on the user's system; Lack of security in the communicating protocol; An inherent weakness of the network the user is on; Wireless networks; Internet based threats; Defense; Firewalls; Intrusion Prevention; Anti-virus software; Updates and Patches; User education; Tools; Wireshark; Backtrack; Metasploit/Armitage; Social Engineering Toolkit (SET).

RACF & Digital Certificates

Cryptography in Internet applications; Public key cryptography overview; What is a digital certificate?; Public key & certificate; Uses for certificates in applications; Secure Sockets Layer (SSL); Digital certificates and RACF; How RACF uses digital certificates; RACF classes & commands; RACF certification generation; RACDCERT command; Creating a certificate; Gencert examples; Key rings; Certification installation; RACDCERT ADD examples; Certification installation; Certificate management.

VIPAs and Sysplex

VIPAs; Static VIPA; Dynamic VIPA; Virtual IP addressing - a reminder; Defining VIPA devices; Specifying the source IP address; Syntax for INTERFACE -- VIRTUAL interfaces statement; Examples of the INTERFACE statement for VIPA; IP solutions in a sysplex; Communication paths in a Sysplex; DynamicXCF transport choices; IUTSAMEH; XCF

Enterprise Extender

z/OS services for SNA traffic; APPN parameters in startup options; Implementation considerations; TCP/IP implementation; IUTSAMEH; DYNAMICXCF; DYNAMICXCF & HiperSockets; Modifications to TCP/IP profile; Modifications to OSPF interface; Proof of initialisation of IUTSAMEH; VTAM implementation; Defining the XCA HPRIP major node; Defining model Major Nodes for EE connections and RTP pipes; Defining switched PUs for EE connections.

VTAM/APPN Trace

Introduction to VTAM trace; Starting a trace; Trace details.

Problem Determination Considerations

Problem determination tools; The PING and OPING commands; The TRACERTE and the OTRACERT commands; TCP/IP SYSLOG output ; TCP/IP packet trace overview; Starting a packet trace; The external writer procedure; Stopping a packet trace; Analysing a packet trace with IPCS; Analysing a packet trace; Non-z/OS packet traces; TCP/IP component trace overview; Starting and stopping a component trace; Analysing a component trace via IPCS; Analysing a component trace; Other available traces; Packet trace.