WIXLIB

Introduction to Mainframe (z/OS)Network ManagementMonday, August 10, 1:45-2:45Session 17736Dean Butler (butlerde@us.ibm.com)

Agenda What is network management?Why manage the network on z/OS?z/OS networkingNetwork monitoring tools and technologiesBest practices2

What is network management?Fault managementFCAPSISO standard modelAccounting / AdminGoal: Distribute resourcesoptimally and fairly amongnetwork subscribers.Measure utilization of allimportant network resources.Analyze results. Regulate,bill, or charge users.Configuration managementGoal: Keep networkoperational, minimizedowntime.Goal: Monitor network andsystem configuration to trackand manage changes.Find and correct networkproblems. Identify futurepotential problems andprevent from occurring orreoccurring.Monitor and control networkoperation. Coordinatehardware and programmingchanges. Maintain aninventory.Performance managementGoal: Measure and makenetwork performance dataavailable to optimizeperformance.Gather, analyze, andthreshold performance data.Security managementGoal: control access toassets in the networkManage networkauthentication, authorization,and auditing. Maintain datasecurity with authenticationand encryption.3

Network management architectureManagement systemManagement atabaseManageddevices4

Agenda What is network management?Why manage the network on z/OS?z/OS networkingNetwork monitoring tools and technologiesBest practices5

Why manage the network on z/OS?Why the network?A well-managed network willallow you to get on withrunning your company. Prevent problems Work efficiently Maintain security Stay up to dateWhy on z/OS?In spite of perception thatz/OS networking doesn’tbreak, SLA’s are at risk: Application changes Hybrid networks BYOD Device failures Network congestionNetwork systems programmer:“A critical application is ‘broken’. We all get on a bridge call. Everyone says ‘My stuff isokay. It must be the network.’ I need to be able to say it is not the network or at least notmy part of the network.”6

Agenda What is network management?Why manage the network on z/OS?z/OS networkingNetwork monitoring tools and technologiesBest practices7

System z network connectivityVia external networkz/OSLPARVia OSA adapterLinuxLPARz/OSLPAROSA1K or MbitsLinuxLPAROSACapacityand speedincrease.Gbits2 OSA Express with QueuedVia HiperSocketsDirect I/O (QDIO) The HiperSocketsHiperSocketsz/OSLinuxHiperSockets LPARLPARallows operatingtechnology is based on theGBytessystem images onOSAthe sameQDIO technology from theprocessor complexOSA Express adapter. Forto exchange IPtraffic virtually atHiperSockets, it is referred to3memory speed.as internal QDIO - or iQDIOfor short.A HiperSockets network looks like an internal LAN8

z/OS Communications Server IntegratedServices Provide common services within CS–Network attachment–Storage management–High Performance Data Transfer TCP/IP and SNA integration–TN3270–Network access–Internal optimizations–Enterprise Extender Standard TCP/IP applications Multi-protocol Solutions Sockets (TCP/IP) applications–Unix services offers z/OS usersaccess to a wide range of UNIX-basedapplications over IP networks SNA applications–SNA applications are supported overSNA or IP networksz/OS Communications ServerApplicationsSocketsAPIsSNA Enterprise ExtenderNetwork AttachmentDLCs9

System z EnterpriseServersEnterprise Extender Allows use of IP network for SNAsessionso To an SNA application, the IPnetwork looks like an HPR linko To the IP network, EE is just aUDP applicationIPBackboneIBMICNIBMHPRIBMSNANetworkIBM SNA traffic is sent as UDPdatagrams (on ports 1200012004) over the IP network Supported by many platforms: o z/OSo CS/Linux, CS/AIX, CS/WindowsPCommo i5/OSo Cisco SNASwo Microsoft HIS Typically isolates SNA footprintsto the "outside" of the network.TN3270,or WebclientCisco SNASw,Communications Serverfor Linux or otherSNAClientsTCP sessions/routesSNA routes for SNA sessionsEE routes for SNA sessionsEE allows enablement of IP applications andconvergence on a single network transportwhile preserving SNA application andendpoint investment.10

How z/OS communicates with the outside world Enable networkconnectivity withdifferentiated z/OSQualities ofService Performance Security HighAvailabilityCICS, IMS, DB2, MQ, WAS, WebSphere middleware,IM software, Batch, Rational, Tivoli, ISV, RYOz/OSWebServicesDataServingTransactionsNetwork Management InterfacesISV networkmanagementproducts toprovidedifferentiatedvalue on System zNetwork Mgt Products: Tivoli (Netview,OMEGAMON, zSecure, TSOM), ISVs Enable IBM andApplicationsNetworkApplications andServicesFTP, TN3270 SMTP,Pagent, SNMP, J Enables all key z/OS workload tocommunicate with the outside world Every request for service andresponse flows through CommServerProvides standard suite of TCP/IPapplications but with closeintegration into z/OSz/OS Communications Server Network Communications APIsTCP/IP and SNAz/OS Differentiation and Value AddSecurityDesigned bythe yNetwork Layer Protocol StacksDesigned bythe"Chief"LynnLongTCP/IP V4TCP/IP V6Enables network connectivity usingstandards based network protocols IPv4: Current internet protocol,support for latest standardsz/OS Comm ServerConfiguration Assistant Web Based GUI Part of z/OS ManagementFacility IPv6: Emerging next generationInternet protocol SNA: Maintain existing customerapplication investmentSNANetwork Attachment DriversNetworkAdaptersSNAIPv4IPv611

Typical data center networkz/OSNetwork12

Agenda What is network management?Why manage the network on z/OS?z/OS networkingNetwork monitoring tools and technologiesBest practices13

Network diagnostic 14

Network diagnostic commands PING– Test connectivity to a host or device on an IP network– ICMP echo request / echo response– Measures round trip time TRACERTE––––Shows most likely path to an IP deviceSeries of ICMP or UDP packetsUses TTL to identify network hops in pathMeasures round trip time to each hop15

Network diagnostic commands NSLOOKUP– Query the Domain Name System (DNS)– Translate host name to/from IP address DROP– Terminate a TCP/IP socket endpoint– TCP listener, TCP connection, UDP endpoint– Requires CONTROL access to MVS.VARY.TCPIP.DROP16

Network diagnostic commands NETSTAT– Display information about the local host, including TCP/IPconfiguration, connections, network clients, gateways, anddevices– Drop connections (access to MVS.VARY.TCPIP.DROP)17

Network diagnostic commandsz/OS operator commands: DISPLAY TCPIP– Display information about the local TCP/IP or TELNETaddress spaces VARY TCPIP– Control some functions of local TCP/IP and TELNETaddress spaces18

What is SNMP?Simple Network Management ProtocolOne of the most widely accepted protocols tomanage and monitor network elements. UDP application Each SNMP agent maintains an informationdatabase describing the managed deviceparameters SNMP manager uses this database to request Networkmanagementinformation from the SNMP agentsprotocol SNMP agent sends some information as trapsBasic commands: Get, Get next, Get bulk Set Traps Inform ResponseSNMPmanagerNetworkSNMP AgentManageddevicesMIBSNMP AgentMIBSNMP AgentMIB19

What is SNMP?An Object Identifier (OID) identifies amanaged object.For example, the OID in RFC1213 for"sysDescr" is .1.3.6.1.2.1.1.1SNMP packet flows:SNMPManagerSNMPAgent20

System Management Facilities (SMF) Standardized method for writing out records of activity to afile (or data set to use a z/OS term) Full "instrumentation" of all baseline activities running on anLPAR, including I/O, network activity, software usage, errorconditions, processor utilization, etc. SMF forms the basis for many monitoring and automationutilities Each SMF record has a numbered type (IBM: 1-127,others: 128 ) Installations have great control over how much or how littleSMF data to collect TCP/IP statistics are captured in SMF 109, 118, 11921

z/OS Communication Server Network ManagementInterfaces (NMI)Most “modern” networkmanagement products onz/OS use the NMI to icationsNetworkApplications andServicesFTP, TN3270 SMTP,Pagent, SNMP, Jz/OS Communications ServerNetwork Management InterfacesMethods of collection: Callable APIs Event information Real-time packet traceCICS, IMS, DB2, MQ, WAS, WebSphere middleware, IMsoftware, Batch, Rational, Tivoli, ISV, RYOz/OSNetwork Mgt Products: Tivoli (Netview,OMEGAMON,zSecure,TSOM), ISVsAPI to obtain informationabout TCP/IP and VTAMresources: Alternative for most SNMP,NETSTAT, and DISPLAYoutput Efficient!Network Communications APIsTCP/IP and SNAz/OS Differentiation and Value AddSecurityDesigned bythe yNetwork Layer Protocol StacksDesigned bythe"Chief"LynnLongTCP/IP V4TCP/IP V6z/OS Comm Server ConfigurationAssistant Web Based GUI Part of z/OS Management FacilitySNANetwork Attachment DriversNetworkAdaptersSNAIPv4IPv622

Agenda What is network management?Why manage the network on z/OS?z/OS networkingNetwork monitoring tools and technologiesBest practices23

Network management processPlan / Design:- Build history- Baseline- Trend analysis- Capacity planning- Procurement- Topology designPlan /designImplement/ deployImplement / Deploy:- Install and configure- Address management- Adds, moves, changes- Security- Accounting/billing- Assets/inventory- User management- Data managementOperate /maintainOperate / Maintain:- Define thresholds- Monitor exceptions- Notify- Correlate- Isolate problems- Troubleshoot- Bypass/resolve- Validate and report24

Baseline Your Environment Become familiar with your network resources. Know what is:– Normal– Abnormal but uninteresting– Abnormal and interesting Be part of yourchange controlsystem Reviewperiodically!!!25

Problem isolationz/OS Comm Server: TCP/IP IP layer TCP layer UDP layer TCP/IP address space VTAM Buffer pools EE HPR VTAM address spacez/OSCommServerApplicationApplication: Applications TCP Listeners TCP Connections UDP EndpointsHardware ornetworkHardware or network: OSA ports OSA channel HyperSockets Interfaces Data center network Intranet Internet26

Isolate ssionsConnectionsListenersUDP terfacesCICS,IMS,DB2,WAS,FTP,TN3270,.OSA ExpressHipersocketsAPPN sessionsICMPApplicationTCP/IP or VTAMHardware or network27

Protocol IP ICMPIP StackGateway/DevicesInterfacesTCP/IP Input Discards Output Discards UDP Discard UDP Input Errors UDP No PortOSA Fragments, jabber, length error, CRC, alignment Unknown IP FramesOSA-ExpressOSA-ExpressInterfaces Inbound Packets – discarded, in error Outbound Packets – discarded, in error Utilization Transmission Rates Unknown IP Frames28

Resource constraint IP ICMPIP ssTCP/IP CPU Percentage CSA – Allocated, In Use Authorized Private Storage – Allocated, In Use ECSA storage – max, allocated, in use, pools Datagrams Discarded Backlog Connections RejectedUDP Datagrams DiscardedHPR Throughput rate – allowed Unacknowledged Buffers – high water markInterfaces Receive/Transmit Bandwidth utilizationOSA PCI Utilization Processor Utilization Missed PacketsVTAM CPU Percentage CSA – Allocated, Allowed, In Use29

Indirect TCP Segments Retransmitted Response Time Fragmentation and/or reassembly Out of Order Segments Remote Window Size Frequency TCP Keep-Alive DropsIP ICMPIP StackGateway/DevicesInterfacesHPR Out of Sequence Buffers Packet Retransmission Rate Path Switches Response Time Variance Smoothed Round Trip TimeOSA-ExpressOSA-ExpressTN3270 Average IP Response Time and variance Average SNA Response Time and variance30

Scenario: User reports batch FTP failuresThe setting:A company relies on batch FTP to copy files between a mainframe at headquarters andeach of its retail stores every night (local store time). Sales and inventory data isuploaded and product and pricing changes are downloaded to the stores. One morning,a systems administrator notices that some of the files have not been updated for days.He reports the problem to the IT help desk. The problem is routed to the mainframenetworks systems programmer.31