Name : Mark Gambino Venue : Communications Subcommittee

Similar documents
Secure Key Management and Data Privacy on z/tpf

Hardware Cryptography and z/tpf

Recoup Deferred Lost z/tpf APAR PJ31559

TPF Users Group Code Coverage in TPF Toolkit

z/tpf Communications Enhancements

TPF Users Group Spring 2007

z/tpf Enhanced HTTP Client and High Speed Connector Enhancements

z/tpf Support for Java Enhancements

TPF Users Group Fall 2006

z/tpf Maintenance Packaging, Content, and Web Resources

Mary Komor Development Tools Subcommittee

AIM Enterprise Platform Software IBM z/transaction Processing Facility Enterprise Edition 1.1.0

Chris Filachek Database/TPFDF Subcommittee. AIM Enterprise Platform Software IBM z/transaction Processing Facility Enterprise Edition 1.1.

AIM Enterprise Platform Software IBM z/transaction Processing Facility Enterprise Edition 1.1.0

Name: Mark Gambino Venue: SOA Subcommittee

TPF Debugger / Toolkit update PUT 12 contributions!

Chris Filachek Database/TPFDF Subcommittee

TPF Users Group Fall 2006

TPF 4.1 Communications - TCP/IP Enhancements

TPF Users Group Spring 2006

TPF Users Group Fall 2007 Title: DASD External Copy Services Subtitle: Group Update -- APAR PJ31865

Josh Wisniewski Development Tools Subcommittee

TPF Users Group Fall 2008 Title: z/tpf Support for OpenLDAP

Lisa Banks Distributed Systems Subcommittee

AIM Enterprise Platform Software IBM z/transaction Processing Facility Enterprise Edition 1.1.0

TPF Users Group Spring 2008 Title: z/tpfdf Status Update

New Data Reduction Tool

TPF Users Group Spring 2006

TPF Users Group - Fall 2009 TPF Toolkit Updates

Loading Files with Programs: Version Control in the File System

z/tpf File System Security Update

z/tpfdf Encryption Communications Subcommittee! IBM z/tpf April 11, 2016! Chris Filachek z/tpf and z/tpfdf Architecture & Development!

TPF Users Group Spring 2005

z/tpf Descriptor Definition Projects

TPF Users Group Fall 2007

TPF Communications - TCP/IP Enhancements

TPFUG JavaScript Object Notation (JSON)

TPF Users Group Fall 2007 Title: Threads Support in z/tpf

Jim Johnston Distributed Subcommittee

Overview of cryptography and enhancements on z/vse 4.3

z/tpf OpenSSL Support Dan Yee IBM Software Engineer August 10, 2016

TPF Lab: z/tpf Development Environment Tools and SCMs

The Value of Using Name-Value Pairs

AIM Enterprise Platform Software IBM z/transaction Processing Facility Enterprise Edition 1.1.0

Business Events Update

TPF and TPFDF Requirements

TPF TCP/IP Load Balancing

Name: Peter Lemieszewski Venue: Education

Implementing WS-Security on TPF

OSA-Express Support for TPF

TPF Toolkit for WebSphere Studio V3 V Using an Internal Update Site

AIM Enterprise Platform Software IBM z/transaction Processing Facility Enterprise Edition 1.1.0

TCP/IP Native Stack Roadmap for TPF 4.1

IBM ^ iseries Logical Partition Isolation and Integrity

Preview: IBM z/vse Version 4 Release 3 offers more capacity and IBM zenterprise exploitation

WebSphere Application Server Base Performance

ztpf_zdt_readme.txt IBM z/tpf Limited License for Development and Test readme Copyright IBM Corporation 2016

IBM Client Center z/vm 6.2 Single System Image (SSI) & Life Guest Relocation (LGR) DEMO

PJ Dynamic CPU Capacity

Daniel Gritter / IBM TPF Development October 2004

Downloads for TPF Family Products. Sample SOAP Bridge Wrapper on z/tpf Enterprise Edition V1.1. Page 1 of 5

KVM for IBM z Systems

z/vm 6.3 Installation or Migration or Upgrade Hands-on Lab Sessions

Dynamic Routing: Exploiting HiperSockets and Real Network Devices

TPF Users Group TPF Debugger Update

DFDL Enhancements SOA Subcommittee

z/vm 6.3 A Quick Introduction

AIM Core and Enterprise Solutions

z/os Data Set Encryption In the context of pervasive encryption IBM z systems IBM Corporation

Note to US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

ECE 650 Systems Programming & Engineering. Spring 2018

V6R1 System i Navigator: What s New

Virtual Security Zones on z/vm

Linux Platform Options Selecting Linux on IBM System z9 and zseries

HiperSockets for System z Newest Functions

L12. Linux Platform Options Selecting Linux on IBM System z9 and zseries. Jim Elliott San Francisco, CA. September 19-23, 2005

Securing Enterprise Extender

IBM Europe Announcement ZP , dated November 6, 2007

IBM Tivoli Directory Server for z/os. Saheem Granados, CISSP IBM Monday, August 6,

Enterprise Workload Manager Overview and Implementation

Inside Products TCP Problem Finder Thinking Inside the Box

Virtual Security Zones

Name: Sasha Krymer Venue: Database Subcommittee

Control program updates and enhancements

Chapter 7. The Transport Layer

IBM and Lawson M3 (an Infor affiliate) ERP software workload optimization on the new IBM PureFlex System

IBM i5 iseries Technical Solutions Designer V5R3. Download Full Version :

z/tpf APAR Download Commands 1.1

Introduction to. z/vm and Linux on System z. Malcolm Beattie Linux Technical Consultant, IBM UK. From a presentation by Ralf Schiefelbein, IBM Germany

iseries Tech Talk Linux on iseries Technical Update 2004

Linux on System z Performance Update - Part 2 Networking and Crypto

Setting up IBM zaware Step by Step

Topics. TCP sliding window protocol TCP PUSH flag TCP slow start Bulk data throughput

CSCI-GA Operating Systems. Networking. Hubertus Franke

Dynamic Routing: Exploiting HiperSockets and Real Network Devices

Session zse4187 Virtual Security Zones on z/vm

TPF Users Group Fall 2012 Title: z/tpf OpenLDAP Update

AIM Enterprise Platform Software IBM z/transaction Processing Facility Enterprise Edition IBM Corporation 2005

IBM z/vm V5.2 enhances scalability for virtualization on System z9 and zseries, including Linux guests

IMS and VSAM replication using GDPS IBM Redbooks Solution Guide

Transcription:

z/tpf EE V1.1 z/tpfdf V1.1 TPF Toolkit for WebSphere Studio V3 TPF Operations Server V1.2 IBM Software Group TPF Users Group Spring 2006 TCP/IP Enhancements Name : Mark Gambino Venue : Communications Subcommittee AIM Enterprise Platform Software IBM z/transaction Processing Facility Enterprise Edition 1.1.0 Any references to future plans are for planning purposes only. IBM reserves the right to change those plans at its discretion. Any reliance on such a disclosure is solely at your own risk. IBM makes no commitment to provide additional information in the future. tgs06a1.prz 05/09/06 Pages 1

IP Trace Data Conversion - z/tpf APAR PJ30808 (PUT 2) IBM Software Group Ability to convert TPF IP trace data to TCPDUMP format Data can then be analyzed by open tools such as Ethereal Ethereal is widely used in the industry Allows you to analyze IP trace data from TPF using the same tooling that you use for analyzing data from other platforms New parameter on the IPTPRT utility: Converts the output to packet capture (PCAP) format Write the converted data to the specified HFS file Can still use IPTPRT to select specific packets rather than all the packets on a tape Can put packets from multiple tapes into one file tgs06a1.prz 05/09/06 Pages 2

LPAR to LPAR Communications using TCP/IP TPF can communicate with another LPAR (Linux, z/os, another TPF system) in the server box sharing an OSA-Express adapter Packets never leave the server box (do not flow over the Ethernet) Packets flow from LPAR1's memory to OSA-Express memory to LPAR2's memory Output messages are sent: If an output buffer becomes full (16 messages is a full buffer) When a timer pop occurs (every 10 ms on TPF 4.1 ) and any messages exist in the current output buffer As the output message rate increases, response time and latency are reduced. For example, on TPF 4.1: At 1000 messages/second, average latency is 5.00 ms At 5000 messages/second, average latency is 1.60 ms At 10000 messages/second, average latency is 0.80 ms tgs06a1.prz 05/09/06 Pages 3

Reduce Latency LPAR to LPAR over TCP/IP TPF 4.1 APAR PJ31168, z/tpf APAR PJ31198 TPF now uses a dynamic blocking algorithm for output messages Designed to produce consistent and low latency for all message rates and message sizes Makes it more attractive to consolidate multiple operating systems onto the same server box and communicate via high speed memory Can now use for time sensitive applications where message rate is low at certain times Can use for transactions that do several message exchanges between LPARs Average round trip time (RTT) test results * < 0.1 ms, 100-byte messages at 7500 messages/second 0.5 ms, 500-byte messages at 25000 messages/second 0.6 ms, 1400-byte messages at 23900 messages/second * Message exchange between 2 native TPF 4.1 LPARs, each with 1 dedicated I-stream on z990. Your results may vary. tgs06a1.prz 05/09/06 Pages 4

TCP Resets (RSTs) on IPL - z/tpf APAR PJ30720 (PUT 2) IBM Software Group After a software IPL, send RST messages for TCP sockets that were active at the time of the IPL Informs remote nodes that the old sockets no longer exist Enables faster application recovery after the IPL For example, remote applications that are suspended from a socket read API waiting for data from TPF Cleans up information in stateful routers and firewalls Sending of the RST messages is throttled RST message is the last flow (no ACK to a RST) If you flood the network and some RST messages are dropped, the end result is the same as if the RST was never sent tgs06a1.prz 05/09/06 Pages 5

TCP Resets on IPL Example - Part 1 z/tpf system environment: 8 GB of memory Dump buffer size is large enough to hold multiple control (CTL) dumps 2000 active connected TCP sockets Sequence of events: 1. Force software IPL (multiple CTL dumps) 2. After the IPL when the OSA-Express connections are restarted, z/tpf sends a RST message for each of the 2000 sockets tgs06a1.prz 05/09/06 Pages 6

TCP Resets on IPL Example - Part 2 CPSE0151T 16.09.42 IS-0001 SS-BSS SSU-HPN SE-005329 CTL-I000001 CATASTROPHIC CPSF0010I 16.09.42 DISK QUEUES PROCESSED CSMP0097I 16.09.42 CPU-C SS-BSS SSU-HPN IS-01 CPSF0014W 16.09.42 CRITICAL RECORD FILING COMPLETED *** Cause dumps *** CSMP0097I 16.09.42 CPU-C SS-BSS SSU-HPN IS-01 *** to force a *** CPSF0013I 16.09.42 SOFTWARE IPL INITIATED *** software IPL *** CVRN0004I 16.10.03 RESTART COMPLETED- 1052 STATE *** Back in 1052 state *** ZDBAI DISP *** Display dump buffer *** CSMP0097I 16.10.05 CPU-C SS-BSS SSU-HPN IS-01 DBAI0001I 16.10.05 DUMP BUFFER AREA CONTENTS SEQ NUM SYSTEM ERROR BLOCKS DUMP SIZE *** Dumps are being *** 005328* CTL-I000001 25783K *** written to tape *** 005329 CTL-I000001 817 25819K *** after the IPL *** 815 AVAILABLE BLOCKS - 2744 END OF DISPLAY tgs06a1.prz 05/09/06 Pages 7

TCP Resets on IPL Example - Part 3 CVCX0001I 16.10.15 SS BSS NOW IN NORM STATE TTCP0060I 16.10.18 OSA-OSA1 ACTIVATED *** Start sending 2000 RSTs *** *** Sample entry in the offline IP Trace output *** RWI-01 IPCCW-D1 SOURCE IP-9.57.9.198 DEST IP-9.57.13.12 LEN-40 TOD-BE4459341781C4CA (Jan 25 16:10:18.234908) PROTOCOL-06 (TCP) SOURCE PORT-9999 DEST PORT-1248 SEQ-2308737483 ACK-2308727988 WINDOW-32767 URGENT OFFSET-0 TCP FLAG BYTE-14 (ACK, RST) REASON CODE - SYSTEM IPL IP HEADER TCP HEADER 45000028 592F0000 3C06FC5D 093909C6 09390D0C 270F04E0 899C89CB 899C64B4 50147FFF D8E50000 IPTS0000I PROCESSED 3713 FILE RECORDS, SELECTED 2000 TRACE ENTRIES *** In this example, it only took 36 seconds *** *** to IPL and restart the network *** tgs06a1.prz 05/09/06 Pages 8

Rebalance Sessions when Failed Gateway Becomes Active Again - TPF 4.1 APAR PJ30781 (PUT 20), z/tpf APAR PJ30960 (PUT 2) Each OSA-Express connection can have two default gateways New sessions are distributed equally across both gateways If one gateway fails: All sessions now go through the one remaining gateway Each gateway must be able to handle 100% of the load When a gateway (GATEWAY1) that failed becomes active again: TPF now rebalances sessions across the two gateways Sessions that were originally using GATEWAY1 are now moved back to GATEWAY1 Half the sessions that were started after GATEWAY1 failed (when only one gateway was active) are moved to GATEWAY1 tgs06a1.prz 05/09/06 Pages 9

Example: Step 1 - Each Gateway has Some Sockets socket 1, socket 3, socket 5, socket 7 Gateway 1 TPF OSA-Express Layer 2 Switch socket 2, socket 4, socket 6, socket 8 Gateway 2 tgs06a1.prz 05/09/06 Pages 10

Example: Step 2 - Gateway 2 Fails, Sockets Moved to Gateway 1 socket 1, socket 2, socket 3, socket 4, socket 5, socket 6, socket 7, socket 8 Gateway 1 TPF OSA-Express Layer 2 Switch Gateway 2 tgs06a1.prz 05/09/06 Pages 11

Example: Step 3 - New Sockets are Started socket 1, socket 2, socket 3, socket 4, socket 5, socket 6, socket 7, socket 8, socket 9, socket 10, socket 11, socket 12 Gateway 1 TPF OSA-Express Layer 2 Switch Gateway 2 tgs06a1.prz 05/09/06 Pages 12

Example: Step 4 - Gateway 2 Becomes Active Again, Sockets are Rebalanced socket 1, socket 3, socket 5, socket 7, socket 9, socket 11 Gateway 1 TPF OSA-Express Layer 2 Switch socket 2, socket 4, socket 6, socket 8, socket 10, socket 12 Gateway 2 tgs06a1.prz 05/09/06 Pages 13

poll API support - z/tpf APAR PJ30767 (PUT 2) Added support for the poll API Similar to the select API Allows you to monitor file descriptors (FDs) and check status: POLLIN - is there any normal data to be read POLLPRI - is there any priority data to be read POLLOUT - can normal data be written without blocking POLLWRBAND - can priority data be written Many application and middleware packages use select, poll, or both Both APIs are now supported to make it easier to port code to z/tpf tgs06a1.prz 05/09/06 Pages 14

Hardware Acceleration for Starting SSL Sessions Starting Secure Socket Layer (SSL) sessions requires significant CPU overhead if the RSA crypto operations are done in software PCI cryptographic accelerator (PCICA): Hardware crypto adapter that does clear key RSA operations Can start up to 1000 SSL sessions per second per PCICA card Supported on the z900, z800, z990, and z890 processors TPF 4.1 and z/tpf added support for PCICA in 2005 RSA operations done in hardware (if installed) rather than in software Enabled TPF to start thousands of SSL sessions/second tgs06a1.prz 05/09/06 Pages 15

Crypto Express2 support - z/tpf APAR PJ30717 (PUT 2) IBM Software Group Crypto Express2 on System z9 can be configured in one of two modes: Crypto Express2 accelerator (CEX2A): System z9 replaced PCICA with CEX2A CEX2A only does clear key RSA operations Can start up to 3000 SSL sessions per second per CEX2A card Crypto Express2 coprocessor (CEX2C): System z9 replaced the secure crypto card (PCIXCC) with CEX2C z/tpf now supports CEX2A z/tpf does not support CEX2C tgs06a1.prz 05/09/06 Pages 16

Summary of Recent Enhancements Ability to analyze TPF IP trace data using open tooling such as Ethereal Reduce latency communicating between LPARs Reduce application recovery time following an IPL Rebalance sessions when a gateway that failed becomes active again Support poll API to make porting code easier Support Crypto Express2 accelerator (CEX2A) to further increase the rate at which SSL sessions can be started tgs06a1.prz 05/09/06 Pages 17

Linux is a trademark of Linus Torvalds in the United States, other countries, or both. Ethereal is a trademark of Ethereal, Inc. Other company, product, or service names may be trademarks or service marks of others. Notes All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only. Prices subject to change without notice. Contact your IBM representative or Business Partner for the most current pricing in your geography. This presentation and the claims outlined in it were reviewed for compliance with US law. Adaptations of these claims for use in other geographies must be reviewed by the local country counsel for compliance with local laws. IBM Software Group Trademarks All customer examples cited or described in this presentation are presented as illustrations of the manner in which some customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics will vary depending on individual customer configurations and conditions. This publication was produced in the United States. IBM may not offer the products, services or features discussed in this document in other countries, and the information may be subject to change without notice. Consult your local IBM business contact for information on the product or services available in your area. Information about non-ibm products is obtained from the manufacturers of those products or their published announcements. IBM has not tested those products and cannot confirm the performance, compatibility, or any other claims related to non-ibm products. Questions on the capabilities of non-ibm products should be addressed to the suppliers of those products. tgs06a1.prz 05/09/06 Pages 18

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback