Defining TCP/IP communication

If you want to use TCP/IP for CAS-to-CAS communication, make sure that you are aware of the restrictions on specifying SUB=MSTR on the CAS START command. For more information, see CAS-START-command-parameters.

To define TCP/IP communication for a CAS, use the following fields when Adding-CAS-definitions and Changing-existing-CAS-definitions:

Related topic

Managing-CAS-definitions

IP Hostname

Specify a unique host name that resolves to an IP address or the IP address itself. An IP address consists of four decimal integers between 0 and 255, with each number separated by a period. The first integer must be less than 224.

Port Number

Specify a unique port number for the CAS as an integer between 1024 and 65535.

Important

Be sure to assign a unique port number to each application that runs on a given system image. For example, the CAS must use a different port number than the Host Server. The default port number for the Host Server is 3940.

TCP Jobname

(Optional) Specify the job name of the desired TCP/IP stack. Use this option if you are running multiple TCP/IP stacks and you want BMC AMI Ops products to use a specific stack. Make sure that the host name or IP address that you specified in the IP Hostname field is served by this stack.

In addition to specifying a host name or IP address, a port number, and, optionally, a TCP/IP job name, you must consider the following requirements for TCP/IP communication:

  • Secure TCP/IP ports
  • OMVS segment definitions

TCP Encryption

(Optional) Specify Y(ES) if you want to enable data encryption for all TCP/IP communications from or to the address spaces, which are connected to this CAS. You can use this option if the CAS you are adding or changing is capable of data encryption. If left undefined, the default value is N(O).

Important

When using this option:

  • The system does not perform any validation as to whether data encryption is possible.
  • Data will only be encrypted if the CASs on both sides of the connection have the correct hardware and software configuration to support data encryption and decryption.

Secure TCP/IP ports

BMC recommends that you use a secure TCP/IP port for each production CAS. This topic explains how to secure a TCP/IP port for use by a CAS.

The profile data set for your TCP/IP started task, contains a section for reserving the port. If the started task name and step name of your CAS are the same, you can reserve the port number by started task name. If you use a different step name, you must reserve the port number by the step name of your CAS started task.

The following example is from SYSI.IBMTCP.PRD.CNTL(PROFILE):

;Reserve ports for the following servers.
;
NOTES:
;
;A port that is not reserved in this list can be used by any user.
;If you have TCP/IP hosts in your network that reserve ports
;in the range 1 - 1023 for privileged applications, you should
;reserve them here to prevent users from using them.
;
;The port values below are from RCF 1060, 'Assigned Numbers.'
PORT
4100 TCP C410 ; CAS 41 reserved PORT

OMVS segment definitions

BMC AMI Ops TCP/IP communication makes use of z/OS UNIX System Services. A z/OS UNIX security context, called an OMVS segment, is required for any user ID that requests these services.

For more information about OMVS segment definitions, see OMVS-segment-requirements-and-ESM-definitions.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*