-
Notifications
You must be signed in to change notification settings - Fork 70
Network access for operating systems running on Hercules
As far as the Open Systems Interconnect (OSI) model is concerned, Hercules device managers support network connections at level 2 (ethernet frames) or level 3 (IP datagrams).
An operating system running under Hercules accesses the network via a System/360 device, of which Hercules supports, with copious redundancy, but all slightly differently:
- Channel-to-channel adapter.
The channel-to-channel adapter was an integrated adapter in System/360 and /370; it has two bus and tag interfaces that connect to the channels of two systems.
On ESCON and later, a CTC is imlemented by an optic fibre from one channel to another; the protocol is implemented at the IOCP level. The fibre has to be installed even for CTCs between LPARs.
Hercules supports three device managers for a channel-to-channel adapter for various types of connections.
- CTCT
- Connect to another CTCT in another Hercules instance.
- CTCI
- Connect to a host network interface using the original TCP/IP (Wiscnet) stack-to-stack protocol.
The CTCI device requires a pair of CC devices at an even/odd device number.
The even device is the write channel; packets destined for the network should be written to that channel.
The odd device is the read channel; packets destined for the System/360 can be read from this channel. The program should put up a read; the host is not alerted by an attention interrupt to the arrival of a datagram.
Each record on the CTC contains a block of IP frames.
struct blkpfx { unsigned short blksize; /* BE! Block length inclusive of self */ /* Logical record begins here */ struct record { unsigned short lrecl; /* BE! Inclusive of self */ unsigned char netid[2]; /* = x'0800' */ unsigned char unused[2]; } record; /* lrecl-6 bytes data here */ /* Repeat struct record to blksize */ };The payload data contains an IP datagram; the first starts eight bytes from the start of the data read from the channel. - PPP
- Create an MPCPTP type of connection to another instance of the z/OS communications manager.
- Lan Control Station.
The LAN control station was an outboard (separate box) adapter that usually connected via bus and tag and looked like a channel-to-channel adapter, though integrated LCS was offered for the 9370.
- LCS
- Connect to a host network interface as a lan control station at the ethernet packet level.
- Queued direct I/O to an ethernet adapter. Queued direct I/O is an IBM proprietary undocumented interface, even the instructions are not documented, though z/Linux shows examples of use.
A preconfigured interface is a special character file that has been set up permanetly prior to starting Hercules. Not all unixen support this.
Creating a tun interface by ifconfig tun<n> create also creates a corresponding /dev/tun<n> special character file.
Ownership of the character special file can be transferred by chown.
Thus, a preconfigured device can be created without additional software and no programming is required to activate the tunnel.
But, as of release 9.1 the network interface loses the IP address when the corresponding special character file is closed.
FreBSD supports a similar tap interface, but only root can open such a special device unless the system configuration variable net.link.tap.user_open is set to a nonzero value.
Note, however, that this system control exists only when the tap device driver has been loaded by the kernel, so it may not be possible to set it until a tap interface is defined.
FreeBSD also supports tun/tap cloning.
That is, opening /dev/tun or /dev/tap will create the next lowest numbered interface.
IP forwarding is specified by gateway_enable="YES" in /etc/rc.conf.
The system control net.inet.ip.forwarding should be set to 1 as a result.
FreBSD 9.1 has a bug/quirk/feature whereby root can indirectly create an interface and the corresponding special device file by stat of the device file.
Thus, do not use ls /dev/tun1 to check the exisence of the device file; it will be created if it does
not exist.
Use ls /dev/tun* instead or list from an unprivileged user.
The linux implementation creates a tun/tap interface by opening /dev/tun and issuing ioctl() to select tun or tap.
Configuration of IP addresses are also done via ioctl().
Use openvpn to create a permanent network interface.
To access the interface, the special device file /dev/net/tun must be opened and the desired interface selected by ioctl().
openvpn --mktun --dev tun0 --group hercules
Use the ifconfig command to configure the tun<n> network interface; the exact syntax depends on your unix dialect.
You will supply two IP addresses, the first being the IP address of the network interface, the second being the IP address of the host running under hercules.
The first IP address must be in the same subnet as one of your real network interfaces (e.g., eth0); the other can be in the same subnet as the other end of the tunnel, or it can be in a subnet of its own.
Routing is different for the two cases.
You need proxy arp for this to work. IP forwarding does harm, but it is probably not necessary. What you must not do is to define a route to the host end of the tunnel.
No other system need configuration changes in this case.
Here you must use IP forwarding and configure a route on all systems that are to access the operating system at the other end of the tunnel. You need not activate proxy arp.