We have a communications infrastructure based on SNA between 3 old AS/400.
We are to upgrade to latest versions. Is SNA still supported by the
latest OS ?
Thanks in advance.
We have a communications infrastructure based on SNA between 3 old AS/400.
We are to upgrade to latest versions. Is SNA still supported by the
latest OS ?
Thanks in advance.
Yes, it's certainly supported. With a quirk:
Older machines were talking SNA directly to the physical layer, Token
Ring or Ethernet. This "direct" approach is supported only with certain network adapters and with and IOP on these. A 2838 works fine, while
a Gigabit Adapter cannot be configured for it and can only utilize
IP connectivity.
Newer releases of the OS (V5R3 or V5R4, I think) have introduced a
feature called enterprise extender. This is an encapsulation of SNA
APPN frames into IP/UDP. Since IP is the real transport protocol (and
APPN runs on top of this "fake" link), there is no restriction about adapters, etc. Drawback is that older releases of the OS don't know
about this EE feature and so can't be networked with EE only machines.
From here, you have a few otions to migrate data. If you want more
advice, please provide more details what exactly needs to be done
with the data and the old machines.
:wq! PoC
CENTRINO <none@nonelandia.com> wrote:
We have a communications infrastructure based on SNA between 3 old AS/400. >>
We are to upgrade to latest versions. Is SNA still supported by the
latest OS ?
Thanks in advance.
Yes, it's certainly supported. With a quirk:
Older machines were talking SNA directly to the physical layer, Token Ring or Ethernet. This "direct" approach is supported only with certain network adapters and with and IOP on these. A 2838 works fine, while a Gigabit Adapter
cannot be configured for it and can only utilize IP connectivity.
Newer releases of the OS (V5R3 or V5R4, I think) have introduced a feature called enterprise extender. This is an encapsulation of SNA APPN frames into IP/UDP. Since IP is the real transport protocol (and APPN runs on top of this
"fake" link), there is no restriction about adapters, etc. Drawback is that older releases of the OS don't know about this EE feature and so can't be networked with EE only machines.
From here, you have a few otions to migrate data. If you want more advice, please provide more details what exactly needs to be done with the data and the
old machines.
:wq! PoC
I'm a n00b. I know very little about mainframes and even less about
AS/400s. (I'm that name to match the newsgroup.)
Older machines were talking SNA directly to the physical layer, TokenOkay.
Ring or Ethernet. This "direct" approach is supported only with certain
network adapters and with and IOP on these. A 2838 works fine, while
a Gigabit Adapter cannot be configured for it and can only utilize
IP connectivity.
I'd love to know more about the differences.
I immediately have lots of questions as I'm dealing with TCP/IP on Ethernet II a.k.a. DIX vs 802.2 LLC w/ SNAP on my P/390-E.
So the IBM i operating system still supports SNA. But it's dependent on
the hardware. (Back to questions about supported framing for 2838 vs
Gigabit Adapter.)
Does Enterprise Extender have a remote hardware component that will de-encapsulate SNA out of the UDP/IP for local non-EE aware systems?
Or is EE only meant to be between two systems running EE to transfer SNA traffic across a non-SNA capable interconnection?
Does IBM i support DLSw?
My understanding is that DLSw can take encapsulated traffic and de-encapsulate it for local SNA systems. I think both Cisco and Juniper make gear that does this.
:wq! PoCI like the signature.
Sorry for all the mainframe references. I'm very much aware that AS/400 / iSeries / IBM i are decidedly different than the mainframe. Unfortunately, mainframe is where my minimal knowledge comes from. Save for "wrkwrt" from 20+ years ago as an junior operator.
We are using ANYNET that's SNA over tcpip an older form of enterprise extender I think ... Hope this will work too with the new machine adapters.
No problem. I also started as a noob about 10 years ago, but I'm
primarily interested in this platform for hobbyist purposes.
I'm also not fluent with Mainframes but I have a basic understanding
about zOS (or MVS, as formally called). Search for Hercules and tk4-,
so you'll find a readymade ZIP to extract and run a complete distro
of the last Public Domain Mainframe OS Release by IBM.
You just need a 3270 terminal emulator. It comes with RAKF, as
no-cost RACF replacement and you can install KICKS for TSO to run
CICS applications. Or create these yourself. That for now, to not be
too offtopic in here. ;-)
Differences between what exactly?
Sounds reasonable. Congrats to your P/390-E. I envy you a bit. But
not if I think about the power dissipation. ;-)
Seems to be a really nice playground for making IBM i talk to it's
older sibling.
IBM i knows about SNADST and also has RJE (Remote Job Entry) available
for sending batch jobs and data back and forth between IBM i and
MVS/zOS.
Can't do that with Hercules, which emulates communication lines via
TCP ports.
Yes and no. It supports SNA as a protocol, basically. SNA transport via Ethernet SNAP frames are possible with older network IOA only.
Newer IOAs are only supported with IP, mostly but not limited to
"IOP-less" IOAs.
To enable "old" applications to talk to each other via APPC, IBM
created Enterprise Extender, which is basically APPN over UDP.
It should be possible to build a connection to a hierarchical SNA
network, but without EE: I don't think EE can cope with non APPN
connections.
zOS also knows about APPN, so maybe network both machines is easier
than anticipated. Don't know which version is necessary, though. For
older releases you maybe need a 37xx frontend controller. Same goes
for EE (Enterprise Extender), which enables you to talk betwen IBM
i and zOS without SNA frames but with IP as transport.
As far as I understand, IBM i knows about APPC Controllers which
reflect PU 2.1 network endpoints, and APPC Devices which are LU 6.2 endpoints. It's possible to create an APPC controller type "host"
which I guess is the right PU type to get an hierarchical uplink
to MVS/zOS. I don't know much about hierarchical SNA with numerous
different PU and LU levels, though.
Not that I'm aware of. Maybe the newer 37xx frontend controllers can
do that. I'm not aware of any HW support for IBM i.
I know that Cisco still supports numerous SNA features in IOS for
"bigger" (aka: 19" rackmount) routers. 2600, 2800 and 2900 series
come to mind. Also, old 4000, 4500 and 4700 can handle that but these
draw about 60..70W depending on cards which is too much for my taste nowadays.
I've been running IBM i 7.2 connected via EE to a 2901 with SNAsw
over an IPSEC VPN.
This 2901 had a Virtual Token Ring Interface (as a second SNAsw port)
bridged to a 2613 with a real Token Ring Interface connected to a
9401-150.
It ran basically, I could do aping but it wasn't simply possible to
transfer data: The connection would hang. It feels like an MTU issue
but I couldn't get a grip on it.
I was trying to get rid of the 2613 in the row and now I have a name resolution problem. The v7.1 box can aping the router. The 150 can
aping the router. Both IBMs can't aping each other.
I was trying to switch roles of both machines to EN, NN, BEX, tried
dynamic and static configuration on the 2901. No avail. I have no
clue what I'm doing wrong. This might also be due to I really don't understand what exactly BEX is supposed to do.
Earlier I was experimenting with IBM i 7.2 connected to a local 2901
via EE running SNAsw. This one was connected to two other 2901 via
IPSEC VPN and all of them had Virtual Token Ring Interfaces with RSRB
(Remote Source Route Bridging). Code seems to be mostly untested
because randomly the 2901 would simply halt. Not crash and do an
automatic reload. No. Just halt. Please power cycle to make them
behave. Thanks. Still didn't have the time to rebuild that scenario
and bug Cisco with a TAC about that. I wonder if they still have
programmers who know about SNA. :-)
I think that's the main reason for it to exist.
Yes, that is exactly what I was talking about "SNA frames directly
on Ethernet SNAP". See above: Depends on your available IOA.
Nope. DLSw is achieving something *similar* to EE but is in fact
not compatible with EE.
SNAsw is what you're looking for in Cisco gear. (Don't know the
Juniper stuff.) You can define multiple "ports", bound directly to
L3 interfaces or an UDP port on any L3 interface with an IP address
(for EE). It's not a dumb bridge but a complete APPN implementation
for accepting and forwarding APPC sessions, do prevent broadcast
traffic over dumb bridges packing VPN links tight.
Thanks. I'm doing this for ages. :-) I've been tinkering with a lot
of different systems until I got bored with them. I'm not yet bored
with the IBM stuff. ;-)
No problem. In fact, after knowing the AS/400 relatively well and
with increasing knowledge in MVS, I've come to the conclusion that the
AS/400 could have been the "next" mainframe platform. If IBM marketing
would have done it right.
OS/400 feels much more engineered in one go. Smoother in a way. More
logical when working with it. MVS feels like numerous independent stuff
has been added over time but never really tightly integrated. HASP,
RACF, CICS come to mind. Of course a lot of backwards compatibility
needs limit actual possibilities to integrate stuff more smoothly.
If you know about files and members in MVS, you'll feel
mostly at home in IBM i also.
If you know about the basics of 3270-forms-press-enter-to-send,
you'll be at home with 5250 AS/400 display files.
A lot of my affection for OS/400 stems from my earlier struggles to
have some Curses frontends for MySQLish tasks on Linux. Curses and
cursing sounds similar and I'm convinced not by chance.
Comparing that labor with creating a phsyical file, a display file
and a more or less "intelligent" driver to copy data back and forth
between these two is just marvellous.
Maybe you want to have a look at https://try-as400.pocnet.net for a
start. I'm also glad to have people helping extend that Wiki.
On 12/4/19 3:00 PM, poc@pocnet.net wrote:
No problem. I also started as a noob about 10 years ago, but I'm
primarily interested in this platform for hobbyist purposes.
I am interested in System/36 (?) / AS/400 / IBM i but I've not scratched
that itch yet. (Was System/36 the 3x model that proceeded the AS/400?
Or was it 32 or 34?)
zOS also knows about APPN, so maybe network both machines is easier
than anticipated. Don't know which version is necessary, though. For
older releases you maybe need a 37xx frontend controller. Same goes
for EE (Enterprise Extender), which enables you to talk betwen IBM i
and zOS without SNA frames but with IP as transport.
I'm surprised that EE is /needed/ for contemporary IBM i and z/OS to
talk to each other /without/ SNA.
No problem. I also started as a noob about 10 years ago, but I'mI am interested in System/36 (?) / AS/400 / IBM i but I've not scratched
primarily interested in this platform for hobbyist purposes.
that itch yet. (Was System/36 the 3x model that proceeded the AS/400?
Or was it 32 or 34?)
I get the impression that we might have more to talk about, but comp.sys.ibm.as400.misc might not be the best venue. ;-)
Is your email valid?
What the network adapters are actually doing. I'm wondering if the 2838
only supports things via 802.2 LLC w/ SNAP, thus can do SNA directly,
and the Gigabit Adapter only supports Ethernet II used by the rest of
the world for TCP/IP over Ethernet.
I assume that you're talking about Ethernet as I think that Gigabit Token Ring never got out of the lab.
Sorry, too much time spent pontificating Ethernet II / 802.3 "Raw" /
802.2 "LLC" / (802.2 LLC w/) "SNAP" Ethernet frame format (as NetWare
calls them).
I recently learned that what OS/2 calls "802.3" in the
TCP/IP Configuration is really 802.2 LLC w/ SNAP. So this all ties in together.
Side question: Do you know what frame format was used for TCP/IP on the 2838? Was it also 802.2 LLC w/ SNAP?
Sounds reasonable. Congrats to your P/390-E. I envy you a bit. ButThank you. The wonderful thing about the P/390-E is that it's a PCI
not if I think about the power dissipation. ;-)
card that you put in a normal PC running OS/2 Warp or an RS/600 running
AIX. So, it doesn't have NEARLY the power draw that traditional IBM mainframes have.
IBM i knows about SNADST and also has RJE (Remote Job Entry) availableI'm not familiar with SNADST.
for sending batch jobs and data back and forth between IBM i and
MVS/zOS.
I know of RJE and NJE. I'm not sure what the underlying technology differences are between the two. It's on my list to learn.
Can't do that with Hercules, which emulates communication lines viaYa. Hercules purportedly doesn't currently support SNA. I think that
TCP ports.
means that it doesn't support 802.2 LLC w/ SNAP.
Newer IOAs are only supported with IP, mostly but not limited toI/O Adapter?
"IOP-less" IOAs.
I thought though I could easily be wrong Enterprise Extender / APPN
/ APPC is more of an active participant in the SNA network.
Likewise, I thought that DLSw was a lower layer that avoided the
SNA network layer.
I similarly think that NetBIOS via NetBEUI can also work via DLSw, and that is decidedly NOT SNA.
I need to do some more reading to figure out what SNAsw / AnyNet /
Enterprise Extender / et al. are. I have a vague idea, but that's bad
to make assumptions based on.
I should also learn more about APPN vs APPC.
zOS also knows about APPN, so maybe network both machines is easierI'm surprised that EE is /needed/ for contemporary IBM i and z/OS to
than anticipated. Don't know which version is necessary, though. For
older releases you maybe need a 37xx frontend controller. Same goes
for EE (Enterprise Extender), which enables you to talk betwen IBM
i and zOS without SNA frames but with IP as transport.
talk to each other /without/ SNA.
I naively assumed that they could talk /something/ IBM across IP without resorting to non-IBM things like FTP / SMTP / etc.
As far as I understand, IBM i knows about APPC Controllers which
reflect PU 2.1 network endpoints, and APPC Devices which are LU 6.2
endpoints. It's possible to create an APPC controller type "host"
which I guess is the right PU type to get an hierarchical uplink
to MVS/zOS. I don't know much about hierarchical SNA with numerous
different PU and LU levels, though.
I recognize many of those terms, but I don't yet understand them.
Lots more learning to do.
I find "newer" in reference to 37xx Communications / Multiprotocol Controllers is somewhat funny.
I believe that IBM stopped selling them back in the early 2000s and is now ending support for them. There is now apparently a product that runs on Linux on Z that has taken over much, but not all, of their functionality.
;-)
You are running EE, on IBM i v2r2, and it is connected to a Cisco 2901
router with SNAsw software?
Please clarify what the purpose of having EE connect to SNAsw on the 2901
is.
This 2901 had a Virtual Token Ring Interface (as a second SNAsw port)(I think) I get the Virtual Token Ring in the 2901. But how are you
bridged to a 2613 with a real Token Ring Interface connected to a
9401-150.
bridging / connecting that vTR to a 2613 with a real Token Ring?
Where the 2613 is physically connected via MAU to a 9401-150.
Am I unpacking that correctly?
What is the physical connection and line protocol between the 2901 and
the 2613?
Am I correct in assuming that the 2901 doesn't have a physical Token
Ring interface?
And that the 2613 doesn't have the SNAsw software / feature?
Thus you need to combine the 2901 and 2613 to get the solution you need?
Ya. I'm finding that features that might have been more common in the '90s are are now largely unused, so bugs have found their way into new code.
Is there not an IP based way to do these connections? Or is EE the intended method?
Encapsulating something, SNA, in another protocol, UDP/IP, seems like a
bit of a kludge to me. I would have really expected something more
native to exist. Like TN3270 / TN5250 vs SNA over 802.2 LLC w/ SNAP.
I think we may be talking past each other.
I get the SNA support as in 802.2 LLC w/ SNAP. But to me, DLSw is something different.
My understanding is that DLSw is a way for devices; Cisco routers,
servers, etc., to be able to take 802.2 LLC w/ SNAP frames, encapsulate
them in TCP/IP to send them to a counterpart, where they are
decapsulated and sent back out as the 802.2 LLC w/ SNAP on the other
side. Thus DLSw is being used to bridge the separate 802.2 LLC w/ SNAP
LANs across an IP only intermediate connection.
If IBM i can act as a DLSw endpoint, then I'd think that you could use a (Cisco) device as a DLSw bridge to get the SNA traffic into the new
Gigabit Ethernet interface as IP traffic.
Some quick Googleing makes me think that SNAsw is Cisco's counterpart to IBM's EE. Thus SNAsw and EE can talk to each other.
I'm looking at Mainframe b/c I'm bored with much of the Windows / Linux
/ (some) Unix world. There's OS/2 (et al.) and NetWare too. Mostly
things that run on PCs.
I think there is much to be said for compatibility to run software from
50 years ago on current machines. Maybe AS/400 can also run that
software. My ignorance of such a feature doesn't preclude it from existing.
I agree that the AS/400 is like Mainframe 2.0. I just don't know if the compatibility is there to make the user base happy.
Not only is the underlying technology a concern, but you need to make
sure that the concepts are close enough to keep the people using and administering them happy.
I know some about (Partitioned) Data Sets.
I'm sort of explaining PDSs to others as something akin to a zip file that you files (not directories) into.
There really isn't any hierarchy to them like people are used to on PCs.
The archives (data sets) are named with some guidelines to make things easier, but they are really in a flat grouping.
At least that's my current working understanding.
I've been likening them to an HTML form.
It's true that the as/400 was released with a S/36 environment,
but the real inheritance comes from S/38.
If you don't need SNA thus you don't need EE, assuming that tne network
is TCP/IP based. Both i and z/os support socket based application.
APPC over TCP is indeed a socket based application, that's supported
also by newere IBM i, what I don't know is whether it's also supported
by z/os.
First, let me explain that I try to shorten the communications by
omitting stuff where I don't see need to comment on.
Nope, it was S/38, as Dr.UgoGagliardelli already pointed
out. Have a look at Wikipedia in regard to that. The articles
on all-things-computer are mostly very extensive and fulfilling
knowledge needs.
You're right. I'm not sure where to split, though. I guess talk
about SNA and how to network *may* be interesting in here for others,
too. Even for bein archived and searched up later.
Yes.
You got me. :-) I'm not all too much into details here. I also remember
the confusion by Novell naming a proprietary framing format like the
official IEEE one.
Also, to correct a former error of myself: This adapter supports
Ethernet standards 802.3 and Ethernet II.
I think, SNAP was used on Token Ring, maybe I confused that. Sorry
for that!
Assumption correct. Besides that, I find 100M Token Ring boring:
It's running in full-duplex-mode and needs an active component on
the other end (no more simple MAU). I hope I'm remembering right. So
the most interesting part part compared to initial Thick- or Thin-
or Hub-based Ethernet is negated: No CSMA/CD but everybody please
talk in an orderly fashion. 100M TR and "switched" Ethernet are just
mere point to point links and so it's no emotional struggle for me
to just use Ethernet, then. :-)
Aah, the good old days. ;-) I'm still running a heavily
bugfix-NLM-loaded 3.12 on my ESXi.
When I'll feel bored in the distant future, I want to have a look
into Netware for SAA.
Meanwhile, this is mostly serving stuff for an old 386 running DOS
(mainly for EPROM burner) and older Macs, via AppleTalk. Novell had the fastest transfer rates on a 486DX2 compared to File Sharing in 68040
based Macs and Windows NT Services for Macintosh on the same 486. :-)
The DOS box is attached to Token Ring, the mentioned 2613 routes
between Ethernet and Ring. IP, IPX and AppleTalk.
Maybe somewhat later I'll also do DECNET but that's on my list for
when I'll be bored with the IBM stuff. ;-)
I also learned that despite Cisco claiming "not supported", if you add
a simple Fast Ethernet Network Module to the 2613 (must be one WITHOUT
WIC slots), it's indeed supported and running fine. So I'm getting
the real 16M Ring performance, without 10M Ethernet being a bottleneck!
Now, I'm confused. :-) Novell called SNAP an additional frame format
besides 802.2 (which is "true" 802.3). Hmm. Maybe I need to re-read
a bit and refresh my memories over the weekend.
I think it's Ethernet II. I once remember to set support from default
(both) to Ethernet II only and so I wasn't able to talk SNA on Ethernet directly anymore. IP worked, though.
At least with V4R5 you can't change the setting in the line description
once set. You need to vary off, delete and recreate the line desc.
I know. :-) And you maybe have the additional benefit that you can
utilize OS/2 as an integrated Service Element to IPL the board. :-)
If you remember UUCP, you'll be very familiar with SNADST.
Never heard of NJE.
As far as I'm aware, MVS 3.8j simply doesn't know about the OSA,
Hercules is emulating.
See "Bridging and IBM Networking Configuration Guide" from Cisco. Very extensive!
Besides, EE is part of SNA (as a collection of protocol descriptions).
Yes, and that something exactly *is* EE.
I've gone through the same. Sorry to have overwhelmed you with IBM-technobabble. Please read the Wikipedia article about SNA to get
a basic understanding of terms. In short:
PU (Physical Unit) is a term I'd translate into "the networking stack
in a hardware device" while as LU (Logical Unit) is to me something
like Sockets in the IP world.
Being used how crazy the invention-obsolescence-wheel is spinning
in the PC world: Yes, it is. Clocks in the Mainframe and Midrange
Worlds from IBM tick at a fraction of that. End result: Mainframes
and AS/400's are old and outdated stuff to those who keep the wheel
spinning at it's incredible speed.
The guys who administer the IBM boxes are used to keep availability
and performance at premium. Having the lastest and greates features
and invention in "regular" computing is most often just not necessary.
Yap. But this could just to because the newer z's now have proper
network adapter hardware.
Did you know that Cisco once had a CIP for some enterprise class
routers, to allow IOS to to some stuff the 37xx normally do? :-)
Yes. 7.2 but yes.
I want to use the 2901 as a translation device between EE (which is
the only protocol/encapsulation I can use with 7.2 on the 8203-Hardware without adding further hardware) and 802.2 SNA on Ethernet.
Both the 2901 and the 2613 are connected to a common Ethernet
segment. Sorry for leaving that out.
Basically Fast- and Gigabit Ethernet, see above. I don't know about
exact frame formats, though.
But it doesn't matter, since direct SNA frames are not involved.
Yes. I fact, the old NM-1E1R2W aren't supported in 2800 and 2900
routers anymore.
Also: Yes. Cleverly deducted!
There's no IOS Image with SNA support *and* "Desktop protocol" support
(IPX, AppleTalk). But (R)SRB is supported with the Desktop-Image.
Exactly!
I'm not sure. I think that code haven't been touched in ages and also
testing could have been somewhat limited, for whatever reason. Maybe
some scenarios I tried out were just uncommon.
The latter is true, I think.
Try to put the invention of EE into context of the 1990's. IP was
"suddenly" some kind of lingua franca for machines normally talking
each manufacturer's proprietary implementation of the OSI model.
…I'm not quite sure if EE was indeed done by IBM *together*
with Cisco.
So, yes, it was a kludge but a less ugly one compared what we're facing
today in enterprise networking.
Have a look at Ivan Pepelnjak's blog (https://blog.ipspace.net)
and archived articles there for some ugly insights.
IBM created AnyNet to encapsulate "any" of SNA, IP and IPX into
each other for WAN transport over just one leased line.
But it was ugly to configure (you had to "fake" hostnames in ibm.com namespace to utilize IP transport) and it also wasn't very good
in handling outages of connections between two machines. Often,
there was need to manually vary off/on controller descriptions on
both sides to make the connection work again.
On a side note, Apple also was Collaborating with IBM at the
beginning of the 1990's, at the advent of System 7. They tasked
Orion software to create a piece of Mac Software called SNA.ps to
encapsulate APPC sessions (not APPN traffic!) into AppleTalk with accompanying 3270- and 5250 terminal emulators and printer session
support. The SNA-Part of that software ran on a separate 68000 CPU on
the Token Ring/Serial/Coax NuBus Card for these old Macs.
There also were API linkable libraries and header files to do your
own client. Totally crazy! I was searching for *years* for that
software and got hold of it just about 2 years ago. :-)
On a side note to the side note, did you ever hear about DAL (Data
Access Language)?
Also a brainchild of the said collaboration. Kind of a predecessor to
ODBC, but done right: The translator is on the host, not on the client.
I haven't found the server side stuff (OS/400) yet.
Unfortunately, that's really easy to achieve. :-/
As far as I'm aware: Correct. AFAIR this capability is *not* built
into IBM i nor zOS but just Cisco IOS (and maybe Juniper).
In a way it is. But SNAsw can do more than EE. EE is a transport
facility. SNAsw can be seen as an (APPC) session router: It
terminates a LU-LU session from one node and forwards that session
to the destination PU. Roughly, it's a bit like a TCP proxy (as found
in Xinetd).
My first "look at this huge thing" experience at a former employer
in the late 1990s with an old AS/400 B30 also triggered no further
interest. Maybe I was just content mastering Linux, back then. :-)
I did my first true network experiences with Netware, though. And
Cheapernet.
Maybe this ignorance also stems from the fact that the need to run
such ancient stuff is rare to find. The more time passes, the more
rare it is.
There's no real compat to classical mainframe MVS.
It's not even sufficient to "just recompile". 3270- and 5250 screenI was referring to what ran on the 360 also ran on the 370 also ran on
creation are completely different beasts.
Interestingly, did a "CICS for AS/400" somewhen. Never saw it myself,
though.
Maybe it simply was too expensive and admins were reluctant to exchange
the impressing huge S/370 with that tiny 9406-890 they don't know
yet how to administer.
Good point!
That's the equivalent of having multiple members in physical files
(aka: database files). There also are source physical files with a
prefefined record format for text (source) files. Dunno if these are
special on MVS, though.
Similar to how I explain. I'm explaining with tar files, since
zip usually compresses. :-) Also, members in a file share certain
attributes such as record format.
Yes, I already observed in Hercules MVS. The AS/400 has kind of
multiple filesystems, but the most important one knows about just
Libraries (a one level deep virtual folder structure) and therein
are other "objects", files, programs, etc.
Also that's perfectly good. The only drawback is that there is no
"Java Script" like in modern browsers. :-) So you're often limited
when it comes to "making stuff feel more interactive". For me, this
lack is not a restriction but a challenge. :-)
Allow me to close with a big "thanks". It's been a while I had such
an enjoyable conversation.
Sometimes I do, sometimes I don't. I'll try to make a point to do so.
You're right. I'm not sure where to split, though. I guess talkI'm sort of inclined to keep discussing it here. At least until someone
about SNA and how to network *may* be interesting in here for others,
too. Even for bein archived and searched up later.
asks us to stop. Also, as long as we don't obfuscate our subject and /
or alter Message-ID / References, people can ignore this (sub)thread.
Are you saying that what Novell calls 802.2 LLC is what the IEEE calls
802.3?
Also, to correct a former error of myself: This adapter supportsI think I'm being handicapped by Novell's terminology. (See Novell
Ethernet standards 802.3 and Ethernet II.
802.3 vs IEEE 802.3 above.)
I think, SNAP was used on Token Ring, maybe I confused that. SorryI believe that TCP/IP on Token Ring (802.5) did in fact use 802.2 LLC w/
for that!
SNAP frames.
I also believe that IBM used 802.2 LLC w/ SNAP for TCP/IP on some
Ethernet networks. Hence how TCP/IP in 802.2 LLC w/ SNAP frames could
easily be bridged between Token Ring and Ethernet. The frame format was
the same. (Admittedly, Token Ring had bigger MTU ~> frame support.)
I am seeing TCP/IP in 802.2 LLC w/ SNAP Ethernet frames coming from my P/390-E. I'm currently using an OS/2 VM to route between TCP/IP in
802.2 LLC w/ SNAP Ethernet frames to TCP/IP in Ethernet II frames for
the rest of my network.
I get the Digital Intel Xerox being Ethernet II. (I think Ethernet I
was the 3 Mbps experimental Ethernet.) But "IEEE 802.3" vs "Novell
802.3" is new to me. But this new information does make some things
make a little bit more sense. Like AIX's "et" interfaces being "IEEE
802.3" (802.2 LLC w/ SNAP) and "en" interfaces being "DIX" (Ethernet II).
As I type this, I'm inclined to believe that "IEEE 802.3" "Novell
802.3".
Like I said before, more questions.
Aah, the good old days. ;-) I'm still running a heavily bugfix-NLM-loadedDo you have a CPU Idle NLM? Or are you burning a core? I know that
3.12 on my ESXi.
there are NWIdle.NLMs for NW4 & NW5. (I've used them.)
Systems Application Architecture
/me sighs heavily. Now I have something else to mess with.
Thank you. :-)
I'm thinking seriously about putting a NetWare 4.x or 5.x online (it's
what I know) using IPX for DOS / Windows 3.x / Windows 9x / DOSBox
machines.
What Ethernet frame formats are you using for IPX on Ethernet?
Maybe somewhat later I'll also do DECNET but that's on my list forI've dabbled with DECnet Phase IV but have thus far avoided Phase V
when I'll be bored with the IBM stuff. ;-)
(~OSI). I even got DECnet Phase IV working between Linux systems.
Ya, there's "supported" as in TAC will (would) hold your hand to
configure something, and then there's "supported" as in it works?
Great! #hazFun Read: TAC won't hold your hand.
I'm contemplating using a NetWare box as a router between 16 Mbps Token
Ring, 10 Mbps Thicknet (10Base5), and 100 Mbps Ethernet.
I /might/ use a Cisco router for that. Especially if I need it for the
DLSw+ and / or SNASw.
I'm aware of four Ethernet frame formats:
*Ethernet II* a.k.a. Digital Intel Xerox (DIX) used by TCP/IP
*802.3* a.k.a. raw only used by IPX
*802.2* LLC can be used by a number of things
802.2 LLC w/ *SNAP* is used by a number of things
I can STOP TCPIP (from the master console), modify the proper data set,
and START TCPIP to change things like that. Granted, that doesn't mean
that what I change them to will work.
I know. :-) And you maybe have the additional benefit that you canOS/2 (or AIX) is actually more critical than /just/ a Support Element. Drivers and applications emulate the rest of the mainframe hardware.
utilize OS/2 as an integrated Service Element to IPL the board. :-)
The PCI card really is just thee S/390 CPU and memory.
If you remember UUCP, you'll be very familiar with SNADST.I remember UUCP. I've configured a small UUCP network using SSH as a transport }:-)
I've still got it configured on a couple of systems, but
I'm not currently using it.
I'm even more confused about thee differences between NJE and RJE after reading the first paragraph of this page:
https://www.ibm.com/support/knowledgecenter/en/SSLTBW_2.1.0/com.ibm.zos.v2r1.hasa800/j2nje.htm
MVS38j TCP/IP
- http://cbttape.org/~jmorrison/mvs38j-ip/
I naively thought EE was an add-on and did not realize that it was more
of a core component.
I've gone through the same. Sorry to have overwhelmed you withApology returned to sender as unnecessary.
IBM-technobabble. Please read the Wikipedia article about SNA to get
a basic understanding of terms. In short:
The wonderful thing about email / newsgroups is that I can find
previously unknown things that I need / want to learn about. Learn
about them. Grow and learn new things based on them. :-)
PU (Physical Unit) is a term I'd translate into "the networking stackIs it acceptable to (naively) equate PU to the lower layers of the OSI
in a hardware device" while as LU (Logical Unit) is to me something
like Sockets in the IP world.
stack and LU to the upper layers of the OSI stack? - I won't even
bother trying to define the transition point.
I was referring to the fact that IBM has discontinued sale of the 3745 &
3746 and replaced them with Communications Controller for Linux (on Z).
As in the mainframe speed wheel has replaced something. I think as of
the early 2000s.
My biggest reason for a contemporary PC is for better virtualization
support so that I can play with operating systems from the '90s.
I'll have to pontificate what "proper network adapter" means,
particularly what was improper / less proper than a LAN Channel Station
or a channel attached 3172 (?) and the likes.
Yep. I think you can put a Channel Interface Processor in a Cisco 7000
/ 7500 series router. I think that @FaultyWarrior has one and is
planning on hooking it up to his z890. He might need to go through an
ESCON to Channel adapter to do so.
But it doesn't matter, since direct SNA frames are not involved.
This doesn't make sense to me. You recently stated "I want to use the
2901 as a translation device between EE and 802.2 SNA on Ethernet."
So, how are direct SNA frames not involved? Or are you saying that they aren't involved on the Gigabit Adapter?
It seems to me like you have the following:
IBM i w/ EE --- Gigabit Adapter --- EE encapsulated SNA --- 2901 w/
SNASw --- SNA on Ethernet --- 2613 --- Token Ring --- SNA.
Where did I go wrong?
I wonder if I'm going to be looking at a 3600 for some of the previously mentioned routing. (I think 2600 is fixed at one NM while some 3600s
can take multiple.)
I'm trying to unpack things and learn vicariously through your efforts.
I hope you don't mind.
So, are you using the (Remote) Source Route Bridging to craft (source
route) SNA (802.2 LLC w/ SNAP) frames that come out of the SNASw and
then get Route Bridged via the 2613?
Somehow I was not aware that (R)SRB applied to Ethernet too.
For some reason I thought it only applied to Token Ring. Maybe because that's the only context I've ever heard it discussed in.
I'm not sure. I think that code haven't been touched in ages and alsoI'm of the opinion that a LOT of people only stuck with a few of the
testing could have been somewhat limited, for whatever reason. Maybe
some scenarios I tried out were just uncommon.
common known to work solutions and never really tried to make the
systems do what they advertise they can do.
Wasn't there a governmental mandate that computer systems be "Open" and
able to communicate with other "Open" systems? As in "Open Systems Interconnection"?
After reading the message I'm replying to, I wonder if the OSA gets it's
name from the same "Open Systems" mentality.
So, yes, it was a kludge but a less ugly one compared what we're facingI'm not sure /which/ particular kludge you're referring to.
today in enterprise networking.
How many different ways do we need to solve the same or very similar problems.
I'm familiar with Ivan's work and periodically read his blog. I
occasionally listen to Packet Pushers too. LOTS of good information.
Much of it over my head and out of the realm of what I need or want to know.
The only other protocol hybridization that I was aware of was Novell's TCP/IPX & UDP/IPX solution, and I think Apple has a TCP/DDP solution.
The SNA-Part of that software ran on a separate 68000 CPU on the TokenPlease clarify, was the Coax the coax that 3270 terminals used? Or was
Ring/Serial/Coax NuBus Card for these old Macs.
it Ethernet (10Base2)?
What I've learned from a friend is that it was common for Apple's & Macs to use serial as a daisy chain network.
... After thinking more, I'm now wondering if the serial was more like
the serial for SDLC.
Was this card meant to be used as a gateway for a network of Apples / Macs?
Or was it meant as an interface for the computer that it was in? Much like the 3270 cards that you could get for PCs.
Aside: *Open* Database Connectivity. (Is this a case of everything
looks like an "Open" nail while I'm holding an "Open" hammer?)
In a way it is. But SNAsw can do more than EE. EE is a transportI like the TCP proxy analogy. That makes sense.
facility. SNAsw can be seen as an (APPC) session router: It
terminates a LU-LU session from one node and forwards that session
to the destination PU. Roughly, it's a bit like a TCP proxy (as found
in Xinetd).
I dabbled with 10Base2. I did get my hands on a 10Base5 segment with taps and transceivers. I just need AUI cables. Some, but not much, NetWare.
Most of my interest in NetWare has been in the last five years, as I've been doing more retro-computing.
There's no real compat to classical mainframe MVS.It may largely be a perceived need being leveraged as a marketing ploy.
I was referring to what ran on the 360 also ran on the 370 also ran on
the 390 also ran on the z.
WAY TOO MANY people equate the physical size of the machine with
capability.
If I'm thinking of the correct thing, a file with defined fields in it,
sort of tangentially like objects in OO programming; I think that
(Open)VMS may have had something similar. But I'm not (yet) aware of anything like that on the mainframe.
Would you please elaborate on what you mean by multiple filesystems?
AFAIR yes. To sound more official, Novell called their IPX-only
framing 802.3 but in fact, it isn't the official 802.3.
Maybe, I'm, too.
Honestly, I don't know which frame formats are defined for Token
Ring at all.
Unfortunately ESXi doesn't provide virtual Token Ring NICs. What
a shame!
Hmm. Honestly, I never thought about that. Using Linux, Cisco, Solaris, MacTCP, OpenVMS, OS/400, OS X (to name a few), it just works.
The only think I had to cope with frame formats was Netware.
For IP, I configured Ethernet II because I read that this one is
"standard" for IP. I can't recall the source for that claim,
though. Beware, it's ancient knowledge, I'm repeating here.
Because of that difference in maximum MTUs, I'm reluctant to bridge
in favor of routing. If it's possible, though.
Huh! This seems strange to me, Why would IBM do that?
Thanks for implicitly confirming that EthII is the normal way to go.
To throw in even more confusion, IBM i line descriptions have
configurable SSAP values: 04 for SNA, C8 for HPR and 12 and AA for
"non sna". This setting is essentially the same for TR and Ethernet.
Reading https://en.wikipedia.org/wiki/IEEE_802.2, it seems that 0xAA
defines the addition of a SNAP header ("Ethertype"), 0x4 is SNA
path control. No more matches.
I haven't found out what stuff is transferred in the SNAP prepended
packets on IBM i, though.
https://en.wikipedia.org/wiki/Ethernet_frame sheds some light. Maybe
I confused 802.2 frame format with the 802.3 ethernet working group
and also the 802.3 "dumb" format used by Netware.
Thanks for the hint. Yes, I searched and found a nw4-idle NLM which
runs on 3.12. This breaks the cpu usage display on monitor.nlm, though
and altough I never did precise measurements, I feel that transfers
are slower with cpuidle. Maybe due to the cooperative multitasking
scheme the server.exe kernel supports.
You're welcome. I love to inspire people. :-D
ATM…
I can't prove it, I never measured but it feels screens appear a tiny
but faster compared to tn5250 directly to the 150.
Even if I'm wrong, the "why do you do that" can be answered almost
anytime with "because I can".
Let's say: It's of great help especially for any flavor of DOS on
PCs. I never found enough patience to get a whole IP-with-NetBIOS
running on DOS for directly accessing Samba shares.
Netware is a good compromise, since it also can talk FTP and even
NFS if one want's to do that.
SNAP.
Nice! Never played with that and want to postpone until I start to
seriously tinker with VMS.
Btw., a few years ago I was thinking about adapting inetd to
additionally support not just IP (and maybe IPv6) mit also AppleTalk
sockets. I have a "Helios Terminal" application somewhere which would
have been put to some use by that. After considering that afterwards,
I'd probably started to crave for an FTP client for AppleTalk on old
Macs, I tried to forget about that whole thing.
Might draw considerable power and create more noise than possible
otherwise. But would be really cool!
Remember: If you're only into IP, no problem. If you want to support
more protocols:
I'm not sure if there once was an IOS image supporting SNA *and*
desktop protocols. [...] Cisco Feature Navigator says, adventerprise
*with* SNAsw images were available for 28[125]1, 38[24]5, 7200 and
7301 routers (12.4(24)T8). 12.4(15)T14 additionally was available for
2600XM and 2691 as well as 3660. AFAIR that one was the last image
before Cisco decided to kick AppleTalk support from their entire IOS
code base.
SNAP is almost the same as 802.2.
Thanks for clarifying. I wasn't really aware.
How did you set up ssh transport?
I was reading about that and found a lot of people put considerable
effort to first creating a TCP tunnel with and ssh connection and
then run uucp over tcp through that tunnel.
Since I know that UUCP can also be used with stdin/stdout, there's no
need to pre-establish a ssh session. Just create a new port definition
type "pipe" in port and there you go.
https://kb.pocnet.net/wiki/UUCP-Mail-News-FAQ
I think you can guess stuff without need to translate from German.
Hah! Same here. Sometimes I'm using UUCP to actually copy files when
a source can't reach the destination directly with ssh (scp).
Hm. It helped me to understand what NJE does. But yes, after thinking a
bit more, I'm also somewhat confused. Maybe N is not only for network
but also for new? I *guess* that RJE is a kludge to misuse a terminal
line for remote job entry while NJE utilizes network protocols more
directly and eliminates the terminal line stuff.
I know that something like that exists. AFAIK it's not yet incorporated
into TK4- and while it's nice to have a way to load stuff directly into
a DS via FTP, there is still the emulated card reader which does about
the same. More slow and with some preparation necessary, though. ;-)
The interesting part starts when it comes to network an old machine
(OS release, to be precise) who doesn't know about EE to a newer
machine who's hardware doesn't support SNA on 802.2 but runs an OS
release with EE.
That's what I want to accomplish with my Cisco gear in the long
run. Earlier, there has been a second 150 at a friends location
but somehow he's not using it anymore, so no need create a more-complex-than-necessary scenario with bridging.
You're probably thinking about Netware for SAA? ;-)
until you've actually climbed these mountains. I didn't.
Yes. Btw., a very special way of copy protection, since source code
isn't available and binaries are for 390 instruction set.
Perfectly valid reason. For me, I'd add:
- Less electrical power needed,
- much easier to handle than anything LPAR on anyhing IBM. :-)
Ethernet or Token Ring. Sorry if I was too unspecific. I'm
not sure that exactly Hercules supports. Looking at this one: <https://hercules-390.github.io/html/herctcp.html> it seems, it's
not a real Ethernet Adapter.
Since I never tried to run Linux for z on Hercules, I'm really out
of knowledge here.
More reading here: <https://github.com/hercules-390/hyperion/wiki/Network-access-for-operating-systems-running-on-Hercules>
Now *that* is some cool stuff! But I don't want to know how much
Watts the 890 eats up.
Please extend with "9401-150 via 2724 Token Ring IOA". For the rest:
Correct. Sorry if I've been ambigous.
The 150 not incorporates a 2723 (10M Ethernet IOA) to connect to the
same physical Ethernet segment as the 2613. New layout:
IBM i w/ EE --- Gigabit Adapter --- EE encapsulated SNA --- 2901 w/
SNASw --- SNA on Ethernet --- 9401-150 with 2723.
So far, nowhere.
Yes, you're right. But honestly, how many interfaces do you need?
I'm content with the three of the 2613: NM-1FE to the "backbone",
onboard TR for the sole ring in the house, onboard 10M Ethernet for
the LocalTalk to Ethernet Bridge.
(Connecting the bridge to the backbone ethernet segment reglarly made
the bridge crash. After connecting it to a dedicated port on the
2613 with only AppleTalk configured, the problem has vanished. Maybe
the box struggled with too many broadcast ethernet frames to handle.)
The *only* reason to use a bigger pile of steel is the availability
of SNAsw and AppleTalk/IPX/DECNET/IPv6 functionality in one image.
I'm glad to being your mentor, then. ;-)
Not at all! In fact, I'm happy to share knowledge with some enhusiasm
if the other side is truely interested.
I've done Linux courses for trainees at my former employment.
Trainees were required to attend and a lot of them had no real
interest. That was no good experience.
Yes and no. I had used RSRB functionality to create a connection
between two 150's and their sites already networked with a VPN,
with the aid of Virtual Token Ring Interfaces and Source Route
Bridging.
Mine over true Token Ring and the other one via 802.2 Ethernet. No
SNAsw involved. That came later, when the 8203 arrived and I needed
to dig into the EE thing.
It can't. Ethernet can be used as a direct transport for RSRB. Or
IP. Ethernet without doesn't stress the router's CPU that much,
compared to IP.
The peer router needs to have at least one Virtual Token Ring Interface
to use as one port for SNAsw. There has to be a destination Ring,
not Ethernet.
No, you're perfectly right. The sole reason seems to be that Token
Ring Bridging usually is source routed and packets get RIF headers
added and removed as they trespass the bridged rings. Ethernet has
no equivalent of source routing on the MAC layer, thus no RIF and
thus cannot make use of SRB. You *can* bridge between Ethernet and
Token Ring transparently, though (bridge irb in IOS). With your valid
comment about maximum frame sizes.
Interestingly, the Token Ring Implementation in Linux (they killed
not long ago) doesn't either know about RIFs or had bugs.
It wasn't possible to make two boxes talk IP to each other via two
Token Rings connected through a source route bridge.
I wonder if the IP implementation on IBM i (or Netware) could do
better. Sigh. Another idea to try out somewhen.
You made a point. Anyway, I really hope nobody can hear my evil laugh
when I finally manage to open a TAC for some SNA issues I encountered.
I really don't know, even if I think I can recall something. Since
I'm located in Germany, maybe this passed me by unnoticed and I
remember wrong.
Maybe? It also can stem from "every computer company shows openness
in some way, so we have to do also" - just a marketing fart, in
other words.
Must... not... recall why we have network bridges, actually. It makes
me scream in agony. Said in more calm words: Thanks, short-sighted
DEC guys! Bridges are a kludge for "oh, our management protocol isn't routable". Spanning tree is a kludge against "build a loop over a
network bridge and you're doomed". Cisco's portfast is a kludge against spanning tree checks causing DHCP timeouts for client ports. And so
on. We're sitting on top of a card house and the ground is shaking...
And still, I can't see a lightweight, address-saving-friendly solution
for proper host isolation when running multiple VMs in the same IP
segment. PPPoE and MAC filters come to mind but PPP can be a real
CPU hog when transferring over high bandwidth links.
Oops. Sorry, this is really off-topic.
Better: How many different and crude ways to solve a problem which
would have been much easier to solve on a higher layer.
Similarily here: Much of it way over my head but just knowing
stuff already helped me to prevent some stuff he mentioned as being
"bad". Stretched Vlans come to mind.
Are you talking about running true TCP or UDP above IPX?
Apple used a technique called MacIP to encapsulate IP datagrams in DDP.
Fortunately, Cisco decided to implement the server side in IOS. Nice!
To get on-topic again: Did you know that IBM once build LocalTalk cards
(SPD) for the AS/400?
And at least for V3Rsomething there was a PTF bringing the AppleTalk
network stack to OS/400! Documents I find say that this solution even provided console capability!
Same coax as for attaching 3270 terminals. I don't know more details,
though.
I have such a card which additionally has a DB-15 port for Twinax!
I was highly disappointed to learn that SNA.ps doesn't support that Twinax-Port.
Yes, you're talking about what was called LocalTalk eventually.
Perfect hit. :-) Apple Hardware designers decided to not use just
a dumb UART for serial ports but a complete serial communications
controller chip, the 8530 or 8350. I always confuse these: One is
SCSI, one is the SCC. The SCC has built-in support for handling SDLC
frames in hardware. Funny in some way, since SDLC was AFAIK only
ever used with IBM midrange and big iron (and compatible) stuff over
serial lines.
LocalTalk defines a hardware transceiver box utilizing CSMA/CA and
SDLC frames for basic communication over a common bus. On top came
DDP. Common speed is 230.4 kb/s but since transfers occur in bursts,
real world performance is lower.
As good as this reads, all early and a lot of later lower cost
models made the user experience bad mouse pointer stuttering issues
(because while the OS was communicating with the SCC, interrupts had
to be disabled or something like that). Since the early OS didn't
incorporate multitasking, that wasn't a big deal, though. Starting
with Apple utilizing PowerPC CPUs in their Macs, that problem was
entirely gone. Yes, Macs had LocalTalk support for a long time into
the 1990's, together with Onboard Ethernet.
Yes. Macs.
Since the gateway was a background task, the gateway Mac could be
also used as a workstation. Socket2Socket-AppleTalk-Communication
didn't leave the physical machine, though.
Details here: <https://kb.pocnet.net>, search for SNA. Direct link
not possible, since tin doesn't accept the "bullet" char. I guess
you know how to use google translator ;-)
"What's that water pipe doing in here?" - "That's my network backbone!"
Besides, 10BASE2 = Cheapernet.
I thought that was a 1990's or earlier misconception. Is this still
true?
Allow me to redirect you to here: <https://www.ibm.com/support/knowledgecenter/en/ssw_ibm_i_72/ifs/rzaaxfsknow.htm>
The very first OS/400 releases (and thus the S/38 CPF, I guess) knew
only about what's called QSYS.LIB today. There was no filesystem
"root", there were just Libraries and Objects, much as there's no
concept of a "root" in MVS. Even today, the majority of native IBM i
(CL) commands just operate with library and object name. They don't
know about the concept of filesystems.
It's also not the same as mountpoints/partitions. All filesystems
share the available hard disk space, each filesystem "knows" if blocks
are occpied by something else than an entry in it's own filesystem housekeeping facility.
Okay, I lied. In a way: Not all FS' a common pool of disk blocks. QOPT, QFileSvr.400, UDFS and maybe others are indeed separate.
With passing time, often QSYS.LIB degrades to contain the OS and
database files and much of the other stuff is in / or /QOpenSys. Owing
to the fact that IBM i has an AIX runtime environment called PASE. More
and more OSS is ported by IBM and others to there and thus more and
more bugs will begin to plague that plaform, because this development increases the speed of the slowly spinning wheel of "innovation". That
is: Frequency of bug fixes is increased, etc.
As I think about our discussion I'm realizing that IEEE 802.3 is 802.3
with 802.2 LLC. My understanding is that all 802 networks are supposed
to use 802.2 LLC, but that TCP/IP and IPX/SPX are the only protocols
(that I'm aware of) that don't use the 802.2 LLC by default.
I wonder how many people have been confused by Novell's use of 802.3 "raw".
Honestly, I don't know which frame formats are defined for TokenThe only two that I'm aware of are 802.2 LLC and 802.2 LLC w/ SNAP.
Ring at all.
It's really a question of is the SNAP header used or not.
Unfortunately ESXi doesn't provide virtual Token Ring NICs. WhatI'm not aware of any hypervisor or emulator that provides virtual Token
a shame!
Ring NICs.
My understanding is that once retroactively IEEE acknowledged Ethernet
II for TCP/IP, the world adopted it wholesale. Prior to that, we end up
with things using a mixture of Ethernet II and 802.2 w/ SNAP.
The only think I had to cope with frame formats was Netware.I knew that AIX had an option in the "en" and "et" network interfaces.
Though routing will just end up fragmenting the packet (presuming Don't Fragment is not set to one) or returning an error stating that
fragmentation is needed (in the event that Don't Fragment is set to one).
I think it has to do with IBM following the IEEE guidelines stating that
802 networks should use the 802.2 LLC frame format. I've since read
that other vendors did the same thing.
I haven't found out what stuff is transferred in the SNAP prependedI'm sure it's documented somewhere. But good luck finding it in the sea
packets on IBM i, though.
of documentation that IBM has.
I'm starting to think that IEEE 802.3 in any context not involving
NetWare means that it's an Ethernet (802.3) network following IEEE
standards, which means 802.2 LLC frame format.
I think that nw?-idle.nlm basically creates a loop that would take any
free cycles and causes the CPU to do a HALT in them. Thus saving CPU.
I'm not really surprised that it could inadvertently interfere with performance.
I have to confess, I needed to re-read your statement a few times to see
if you were referring to Asynchronous Transfer Mode or At The Moment. I decided that you meant At The Moment.
We have been talking about eccentricities of networking, which means
that Asynchronous Transfer Mode is not that far out of scope.
I can't prove it, I never measured but it feels screens appear a tinyDepending on the CPU speed of the ESXi server and the AS/400, I'm not
but faster compared to tn5250 directly to the 150.
all that surprised.
From the AS/400's side, I wonder if SNA might be faster than TN5250.
Given that OS/400 V4 was from the late '90s or early 2000s, I wouldn't be surprised if the CS on OS/400 V4 might be slow for TN5250 connections.
Especially if the CPU in your AS/400 is considerably slower than the CPU in your ESXi server.
I could see how MS-SNA Server might be able to do the TN5250 to SNA 5250 conversion faster than OS/400 could.
It's just a thought.
Even if I'm wrong, the "why do you do that" can be answered almostOr "because I want to".
anytime with "because I can".
Aside: I've come to the conclusion that NetBIOS is the API that rides
on multiple transports and that NetBEUI is the traditional transport.
Netware is a good compromise, since it also can talk FTP and evenAre you referring to an FTP server running on a NetWare server
NFS if one want's to do that.
I think I was vaguely aware that NetWare could be an NFS server.
I'm curious, do you have a specific reason for using SNAP vs 802.2 LLC?
Then I remember that there probably won't be any clients that I don't
create.
That being said, I do have a special use case where I'd like a protocol
that I can use to carry SSH traffic between machines. I'd prefer it to
be able to be routed. My motivation is to use protocol isolation to
hard contain IPv4 and IPv6 into an isolated VM network. (Somewhat of a
light grey hat desire to play with viruses in a sandbox that they can't
get out of.)
At the moment, I'm sort of thinking about 802.2 LLC, possibly with SNAP,
-or- X.25.
As sure as I type this, I wonder if I could get DECnet to do it. Have a
dual protocol host with IPv4 and DECnet, route through a DECnet only intermediary, and another IPv4 & DECnet host on the other side. I
can do this on Linux, which is my current preferred platform.
The box that I'm using for my P/390-E is drawing < 175 W. But that's considerably more than the 40 W that the 3660 or 17 W that the 2613 draw.
At the moment, my short list is:
* IPv4
* IPv6 is desired, but not required
* IPX
* DECnet
* SNA
* NetBEUI
* DDP
* I'd like to get Banyan VINES running
Epiphany: I have a 2811 that is unused. It has two FE NICs in it. I
wonder if I can get a Token Ring NM that will work in it.
I further wonder if I could get a WIC-1E to connect to my 10Base5 via a transceiver.
Because (I think) I can. / Because I want to.
How did you set up ssh transport?I'm using TaylorUUCP (no known relation) and I have custom port entries
for the remote system:
I think the security is acceptably good.
I was reading about that and found a lot of people put considerableThat sounds like a lot of work and like it would be subject to race conditions or IP in use blocking errors.
effort to first creating a TCP tunnel with and ssh connection and
then run uucp over tcp through that tunnel.
UUCP (read: store-and-forward) networks don't need end-to-end
connectivity. IMHO this is one of the things that makes them great.
Aside: Have you heard about HNET? @bmoshix (Twitter) is
re-establishing BITNET. Because it's There. / Because he can. /
Because he wants to. }:-) I think it uses NJE, but I suspect that RJE
can probably be made to work.
I know that something like that exists. AFAIK it's not yet incorporatedI'd like to see if I can get SNA (?) to work on MVS 3.8j in Hercules.
into TK4- and while it's nice to have a way to load stuff directly into
a DS via FTP, there is still the emulated card reader which does about
the same. More slow and with some preparation necessary, though. ;-)
(Or better, as a VM guest on my P/390-E.)
The interesting part starts when it comes to network an old machineLike the situation you are in.
(OS release, to be precise) who doesn't know about EE to a newer
machine who's hardware doesn't support SNA on 802.2 but runs an OS
release with EE.
That's what I want to accomplish with my Cisco gear in the longCan you ""route things through one machine to get to the others?
run. Earlier, there has been a second 150 at a friends location
but somehow he's not using it anymore, so no need create a
more-complex-than-necessary scenario with bridging.
I guess if you could talk to one old machine via Token Ring or Ethernet,
you could talk to all of them.
Is there any sort of serial networking that is common between the
machines? SDLC / BiSync / etc.
Though I think (virtual) machines that can run S/390 code are more
prevalent than 3745s or 3746s to run their code. So, CCL might have
made it easier to find more places to run the proprietary code.
Ethernet or Token Ring. Sorry if I was too unspecific. I'mIt's not an OSA, if that's what you mean.
not sure that exactly Hercules supports. Looking at this one:
<https://hercules-390.github.io/html/herctcp.html> it seems, it's
not a real Ethernet Adapter.
Having read that page before, a number of times, and re-reading parts of
it now, I see some of the exact same things that I read about with my P/390-E.
The LAN Channel Station 3172 is channel attached to the mainframe via a virtual 3088 Multisystem Channel Communication Unit.
As I type this, I wonder if the 3088 MCCU is a channel (bus & tag) counterpart to ESCON & FICON directors.
Since I never tried to run Linux for z on Hercules, I'm really outI don't think any of that page is for Linux on z on Hercules. I think
of knowledge here.
it's Hercules on Linux or Windows.
Unfortunately neither of the pages go into what the LCS is nor what the
OSA is, much less how they differ from OS/390's point of view.
Now *that* is some cool stuff! But I don't want to know how muchIt's a lot.
Watts the 890 eats up.
Please extend with "9401-150 via 2724 Token Ring IOA". For the rest:
Correct. Sorry if I've been ambigous.
9406 running IBM i w/ EE --- Gigabit Adapter --- EE encapsulated SNA ---
2901 w/ SNASw --- SNA on Ethernet --- 2613 --- Token Ring --- SNA ---
2724 Token Ring IOA --- 9401 running IBM i w/o EE
Correct?
The 150 not incorporates a 2723 (10M Ethernet IOA) to connect to theIs that "not incorporates" or "now incorporates"?
same physical Ethernet segment as the 2613. New layout:
IBM i w/ EE --- Gigabit Adapter --- EE encapsulated SNA --- 2901 w/If you have the 2723 (Ethernet IOA), why are you trying to get the 2724 (Token Ring IOA) to work? To get 16 Mbps instead of 10 Mbps?
SNASw --- SNA on Ethernet --- 9401-150 with 2723.
Aside: I find the 2723 & 2724 IOAs being PCI NICs to be entertaining.
Yes, you're right. But honestly, how many interfaces do you need?I don't /need/ anything 3600 / 2600 / 2800 any more than I need a hole
in my head.
I /want/ the following interfaces:
* Token Ring
* 10Base{T,2,5} to connect my Thicknet segment to
* 100BaseT (or better) to connect to my main network.
(100 because I want to have full 16 Mbps Token Ring.)
* WIC-1T
* WIC-1DSU-T1
Because I can. / Because I want to. }:-)
I would sort of like to play with FDDI and other legacy networking typologies. (Hence why I have a 10Base5 segment.)
For some reason ARCnet is calling to me.
No, you're perfectly right. The sole reason seems to be that TokenI'm intrigued at the idea of bridging Token Ring and Ethernet via
Ring Bridging usually is source routed and packets get RIF headers
added and removed as they trespass the bridged rings. Ethernet has
no equivalent of source routing on the MAC layer, thus no RIF and
thus cannot make use of SRB. You *can* bridge between Ethernet and
Token Ring transparently, though (bridge irb in IOS). With your valid
comment about maximum frame sizes.
Integrated Routing and Bridging.
(While confirming the RFC number, I saw references for AAL5SNAP. Which
now means more to me than it did years ago.)
... further down the rabbit hole ...
ATM Adaptation Layer 5 prepends bridged frames with 802.2 LLC headers.
It seems as if OSI directly uses LLC and non-OSI uses SNAP.
Ya. I think it was pulled out in 3.5 or 3.6. I'm fairly certain that
it was in 3.4. (I went looking within the last year, but it's too late
at night for me to remember.)
It wasn't possible to make two boxes talk IP to each other via twoHum. That sort of surprises me. But not completely. I think much of
Token Rings connected through a source route bridge.
the Linux Token Ring stuff was only ever tested on individual rings and
never used SRB.
I wonder if the IP implementation on IBM i (or Netware) could doI don't know about IBM i. I would bet quite a bit of money that NetWare
better. Sigh. Another idea to try out somewhen.
got it correct. Or at least what was considered correct at the time.
I personally consider NetWare to be the routing Swiss Army Knife of the
OS world. I think that Cisco (and maybe Juniper) is the routing Swiss
Army Knife of the router world.
You made a point. Anyway, I really hope nobody can hear my evil laughWhat's the fun in denying them the chill running down their spine? }:-)
when I finally manage to open a TAC for some SNA issues I encountered.
Maybe? It also can stem from "every computer company shows opennessI think the "Open" aspect of the government mandate was that multiple
in some way, so we have to do also" - just a marketing fart, in
other words.
vendors needed to have a common standard to allow them to interoperate
with each other.
My understanding is that "Open" was what we would now call a "buzz word"
that many things wanted to have / needed to have / were mandated to have.
And still, I can't see a lightweight, address-saving-friendly solutionOh Linux has some options. MAC-VLAN and IP-VLAN come to mind.
for proper host isolation when running multiple VMs in the same IP
segment. PPPoE and MAC filters come to mind but PPP can be a real
CPU hog when transferring over high bandwidth links.
I question why we need more isolation than two physical systems plugged
into the same LAN would have.
Better: How many different and crude ways to solve a problem whichIt depends who you ask. Too many and not enough at the same time.
would have been much easier to solve on a higher layer.
Ya. Trying to extend a Layer 2 Broadcast Domain across data centers is "bad". Yet people want to do it all the time.
Are you talking about running true TCP or UDP above IPX?I don't know precisely how true the TCP or UDP are. But, yes, Novell
has an option to replace the (lower part of?) Winsock with a modified
version that will transport things across IPX.
It is a feature of the Novell NetWare Client 32 for Windows 9x. It was
meant as a way to allow an IPX network to provide connectivity for TCP (and UDP?) applications without needing to institute IP on the LAN. One of the things they touted was IPX addressing is a LOT easier than IP addressing.
MacTCP (control panel) was the IP over DDP.
Open Transport was DDP over IP.
First of all: Is your email address valid? I sent you one and it got delivered to somewhere, saw no bounce. I wrote to you, had this answer
in usenet meanwhile but none via mail. May I ask you to have a look?
I've come to the same conclusion. With a quirk: Since an unknown
version of Netware, the default frame type was changed from
Novell-dumb-802.3 to true 802.2 (with LLC). Can't recall where I
read that. Could be that this change was between 3.11 and 3.12,
since these were the ones I was using back then.
A *lot* of.
Makes sense to me. Thanks!
I know. Even more shame on them! Once that could have been the network
of the future! Wait. Sorry, had a flashback into 1992.
I didn't tinker with AIX yet. People say it feels like unix but
somehow strange and different.
Yes, you're right. But fragmenting or sending an error back is *way*
better than silently dropping a too large frame at the bridge and
stuff mysteriously fails sometimes.
Hm. I remember that the IEEE approved IBM Token Ring *afterwards*
IBM had the specs finished. Maybe that was only valid for 4M? Can't
prove that out of the box.
Seems so. I'm not getting much more than a 10M NIC will transfer
by FTP.
Sorry for ambiguity. Yes, you're perfectly right.
Hmm. I never had to do with ATM beyond a thin layer of "PVC 1/30"
in early Cisco gear with integrated DSL Modems.
The 150 has something similar to a PPC 603 with in between 80 ... 150
MHz. The ESXi is running on an AMD Turion II N54L with 2,1 GHz.
Let me put it this way: Doing an FTP transfer over the 10M NIC in
that 150 yields about 800 KBytes/s and pushes the CPU to around 90%
usage. It's not really faster when doing the same via Token Ring.
Transferring a file via SNADST via Token Ring yields a CPU load of
about 30%. Since the transfer is like UUCP not direcly visible,
I can't reliably deduct a transfer rate. Hitting refresh on the
WRKACTJOB screen too often also creates considerable CPU load which
might influence the transfer speed.
I didn't manage to prepare a huge SNA transfer between two faster
boxes in my basement yet (a 9406-800 and a 9406-S20) connected via
100M NICs to a common segment.
We're talking of a really tiny fraction of a second. :-) Maybe it's
the reason, maybe not.
I disagree. If you want to do something and can't, it will not
happen. Seen from the opposite side: "Because I can" together with
the fruitfully done something includes "because I want to". Putting
aside external factors like other people pushing you, that is.
That's also my understanding. Available transports were NetBEUI
(NetBIOS Frames), IP and IPX.
Yes, you needed to get the Netware for NFS addon product. Wasn't
very stable, at least not with my early tries with Linux as NFS
client. Sometimes, the connection got stuck. Dunno what I did to
recover that condition. Maybe needed to reboot the Linux box, maybe
also Netware.
Nothing more than a gut feeling that SNAP might be a good choice
because the SNAP header extension provides precisely what's in
the packet.
A similar challenge like to answer "Why do you have so many old
computers? What do you actualy do with them?"
In fact, I have just two platforms I have a true killer application
for to make these old boxes really useful to me. First are Macs. I
love FreeHand 3.1 above anything else for drawing circuit diagrams.
See https://www.radiomuseum.org/r/telefunken_opal_iii.html for
an example.
And the 150 got important after I realised how easy and cool it is to
create small things to show and edit data. Most people probably would
have utilized Excel for that. I did some lists of old electronics
magazines I own, but especially an inventory solution for my radio
tube collection. Slowly as I dedicate time and brain capacity to it,
there are more and more features like equivalent types, pinouts and
maybe more data besides already included filament specs.
What startet with paper and pencil when I was about 12, grew into an
Excel sheet which in turn wandered into a MySQL table and is now in
a physical file on my 150. That data has gone a loooong way.
And if anyone points to my O2, I can truly say that I sometimes use
Photoshop 3 on that. But if they point to the Sun Ultra 1 I can only
shrug. No killer app yet.
I see. Interesting challenge!
Brrrr. I never managed to get into X.25 on Cisco gear. Maybe that's
because I don't have proper endpoints.
Yes, as long as DECNET support is still in there (which means,
someone takes care of it). Good luck and happy coding!
Yes, that's true. On the other hand, the P/390-E already draws power
when you want to tinker with zOS, so routing on that box seems to me
a logical step.
That's a lot. :-) I'm keeping to IPv4, IPv6 (German Telekom already
provides me with a /56), IPX, SNA and AppleTalk/DDP.
Banyan VINES support in Cisco gear is to be found only in very ancient
image releases.
I tested an NM-1R1E2W in a 2801 a while ago and boot messages
indicated it as unsupported. There were no additional interfaces. So
I don't know if a 2811 would support it: The images are different (c2801-advsomething vs. 2800nm-advsomething), so there's a certain
chance.
Nope. The only (ancient) WIC-1ENET were designed specifically for
some Cisco 172x series boxes and they simply don't run anywhere
else. Beleive me, I tried. :-) A friend of mine says, that's maybe
because the 172x utilize a PPC based SOC called PowerQUICC and the
WICs need this QUICC-Support to function. In other words, they lack circuitry to be to true standalone NICs.
Additionally, the WIC-1ENET just have 10BASE-T Ports.
Look out for NMs with Ethernet. They most often have a proper AUI
connector.
You'll receive no objections from me.
Hah! Someone else who uses his brain!
Since this is exactly the same thing I do, I agree. :-)
Yes. I think that's people completely forgot that UUCP usually ran
directly on modem or serial lines. Now since everything's tcp, maybe
they only saw this as a feasible way to encrypt UUCP traffic.
Yes. And I remember, I really *have* a workflow running over UUCP. When
I use my script to add a new zone to my master DNS, config-replication
to the slaves is done via UUCP. It works like a charm, so I simply
forgot a about it, in a way. :-)
Yes, I could have done that with ssh and call a remote script. I
didn't. Because I can. And because it runs asynchronous, so I don't
need to wait until all slaves are configured before continuing with registration process.
Nope, I wasn't aware. In fact, I know BITNET but I need to refresh
my knowledge a bit on the net. Pun intended.
I was also reading somewhere that RSCS was used as some kind of
chatting facility. As I read about it, there comes BITNET as a
link! And there it is!
"Bitnet's NJE (Network Job Entry) network protocols, called RSCS..." I
found the missing link! I understood RSCS after the first read some
years ago to be something similar to UUCP, also.
I wonder how inter-node-communication for NJE will take place in our
modern world.
I had concluded a while ago that RJE needs a dedicated line, Bisync or whatever. Since I found no easy way to get that attached to Hercules,
I lost interest. On the other side, I know that Cisco IOS has some
facilities to encapsulate certain serial traffic into IP or even
modify protocols (AFAIR it's possible to convert a serial attached host talking SNA over SDLC to come out of the Router as a 802.2 LLC node).
You aren't alone in search of that particular holy grail.
A while ago I had a mail exchange with J?rgen Winkelmann, the
maintainer of TK4- and he told me that there has been some effort to implement the functionality of a 3703 or 3705 (can't remember) with
the accompanying (but not freely available) NCP into Hercules.
Still, SNA is tied to VTAM within MVS and I think that even *if*
there'll be a chance to pull a loose thread out of MVS via a 370x to
be able to talk SNA over something else than hercules-internal lines
to terminals, it's still the "old", mainframe-centric, hierarchial SNA,
not APPN
thus I guess, there's no chance to make it talk EE.
Thus, more work remains to be done to get SNA SDLC frames to 802.2 LLC.
I really can't guess if there are enough capable enthusiasts to do
all that labor for just "because I can". It's a small group of people
running MVS or zOS or OS/400 at home in more than one instance to
make networking these something nice to have. It's already possible
to emulate a CTCA to build a loosely coupled cluster picking batch
jobs from a common JES2 spool and I'm not sure how many people already
play with it regularly.
As I think about that, I'm wondering which protocol is running within
this CTCA tunnel, but I fear it's not SNA but just machine-made
channel programs.
Exactly. And it basically works but since I can't do a proper name resolution, I'm stuck at the moment.i
Maybe I need to dig deeper into the differences about up- and
downstream nodes. Cisco IOS has very few configuration parameters
and does most things automatic. But it's possible to make an APPN
Node attach to IOS as a dynamic (not defined in IOS config) way, and
as a configured peer. Then I also can set a preferred netword node
(which is supposed to know about all names). I was hoping that since
IOS is a router OS, the SNA implementation there is always a Network
Node with name resolution capabilities.
I think I solved the problem.
Sometimes it really helps to muse about things to someone else and
make your brain run full speed in a background task. Or maybe as
batch job. ~giggle~ So, thanks for listening!
In the general (SNA) network attributes of IBM i, you can set a network
node server (something which acts as mDNS in a way, amongst other
things) manually. I had the intention that if left blank, it will be negotiated with each PU when intially connecting. I'm wrong. In a way.
After configuring the V7 box (connected via EE to the cisco router)
to utilize the cisco router's SNAsw facility as a neighboring network
node server (parameter NETSERVER in chg/dspneta on IBM i), the 150
can sucessfully APING the 8203 and vice versa.
After re-reading the help text for the NETSERVER parameter, I have
the intention that the mentioned negotiation takes place *only* if
the local network id and the NN's network ID match. And the 150/cisco
SNAsw *have* different NETIDs than the V7 box.
Excurse: The LCLNETID is a way to logically group SNA APPN
nodes. Putting SNA nodes into a common group also influences the
flow of alert messages (See Alert support PDF). In a way it's like
the concept of a Zone in AppleTalk. (Difference: Zones are defined
on Routers only while every APPN node can have it's own NETID.)
After changing the NETSERVER parameter again to *ANY (host part) but
with the network name of "my" bunch of AS/400's (which is the same as
the Cisco Router's LCLNETID), name resolution still works. It certainly didn't work before, even if I supplied the "FQDN" to do APING.
Therefore I conclude, there has to be a NETSERVER entry for every
existing NETID of APPN peers in an End Node.
What remains as tbd is to again review documentation about Alerts,
since the 8203 now thinks, it must send alerts to the "true" NN (not
the Cisco Router) in my LCLNETID group. Minor thing, since I administer
all of these but when tying machines of different companies together,
it certainly will raise discussions between admins.
Also, if I change the configuration of the EE endpoint to Network Node instead of End Node, the whole thing should also work out of the box.
Nope. Now I'm confused. More than usual, that is.
And, hooray, doing an APING with 1500 byte packets to see if the
"MTU" issue is gone made the 2901 crash. :-) Another one I wanna
throw at TAC!
%SYS-3-OVERRUN: Block overrun at 2575E9C8 (red zone 00000000)
-Traceback= 30012E94z 35085D00z 35081A20z 35097F8Cz 35094D1Cz 3509482Cz 3508AD00z 3508AE40z 3508AF80z 34F835A4z 34F65B24z 30032B5Cz 30032B40z
That's how SNA works anyway, but on the session layer, not on the
network layer as we know it from AppleTalk, IP, IPX, IPv6 and others.
Yes and no, see above.
SDLC but since the 8203 is about 50km north of here, this isn't
an option.
It's nice feeling if stuff makes more sense after reviewing, isn't it?
I fear there are just two ways to find out:
- Ask the devs,
- Read the source.
4 digits? Or less?
Not 9406 but 8203-E4A.
Not "just" 9401 but 9401-150.
Than it's 100% correct. :-)
9406 was a huge class of machines.
The E4A with Power6 can be bought (used condition) for very cheap. Unfortunately, these draw about 400W (with 4 CPUs and 5 15k disks). And they're not exactly quiet, even if running in the basement.
There also was a 9401-P0[23], a so called "portable" AS/400. Rumor
says, mostly used by sales guys to lure Bosses into buying a big
AS/400, because, look, I show you in just one hour how to create your
first tiny business application.
Unfortunately, V4 doesn't run on these. I'm not sure how earlier
versions lack stuff I'm used to today.
Sorry, typo. Should be "now".
As much as I enjoy this discussion, it takes looong time to answer
properly.
Maybe I should cease to try to answer in one go.
Exactly.
Yes. Both run fine in Linux. The 2723 is just an AMD PCNet-32 Chip
and the 2724 is by looking at it identical to the IBM Olympic based
PCI cards. Yet, something in some ROM must be different, because
putting a "normal" Olympic card in makes OS/400 complain that the
IOA has troubles and doesn't work.
Another case of "apply magic pixie dust to get more revenue because
customers are forced to buy our overpriced stuff."
I simply don't have the skills to understand the differences of both
card's ROM images. Too much binary babble. :-)
Sorry for being dumb. Of yourse you're perfectly right! :-D
I'd recommend a 3640. It's relatively easy to add resistors so fans
spin less fast and thus make less noise without the box to overheat. At least, it draws around 25W. So, at most 25W heat will be generated.
Nice playthings. Did you know that the corresponding cable to RS-232
will give you a true RS-232 with *two* independent Rx/Tx lines (plus accompanying handshake and whatnot).
Interesting. What do you want to connect to that?
Again, I will not object. :-)
Similarl here. But I'm content with "just" 10BASE2.
I had some ISA cards a loooong time ago but learned that I needed
cabling with 96 Ohms (?) instead of 50, I got rid of them. Duh!
To me it seems boring: It's the same config and behavior as if bridging
just ethernet. :-)
Okay, you can have a lot of fun to make TR nodes generate packets
with less-equal-than 1500 bytes.
Hm. AppleTalk is OSI derieved, IP not. Do you refer to this kind
of OSI/non-OSI?
I remember that with Debian 8, TR support was gone. No further details.
Yes. I think I was one of the few people on earth to be crazy enough
to even bother testing.
I wouldn't bet against you, since I think alike. Again.
True. But for Cisco, mostly older gear, only.
Maybe they'll refuse to handle the request because of apparent cruelty against employees. :->
These aren't IP-saving. I'd need to give every machine it's own
/30. Three addresses per host wasted. Thus I'm wishing for a true
point to point protocol but with less cpu impact compared to ppp. At
least thats my understanding of the the stuff you mentioned.
Each host shall not talk to each other directly, so I can group hosts
into a L3 segment to save IP addresses and have security. Talking must
be done always trough the gateway to enforce packet filtering rules.
Each host is "untrusted". It's fairly easy to do MAC spoofing to
attract traffic. Even if communications to the outside world most
likely will be lost by then, because MAC collisions shall not
happen. Dunno how to enforce that within a VMWare vSwitch, though.
I think, we truely need something independent of (emulated) ethernet. Something like a logical NIC which does only support IP and IPv6, but
not anyhing 802.3. Sadly, other protocols are irrelevant today.
These should be logically linked outside of the guest OS in a point
to point fashion to some kind of concentrator as dialin servers were
in the 1990's.
That would enable a true p2p config, no broadcast, no network,
no IP wasting, no MAC spoofing, no IP spoofing (if done right),
no laughable 1500-bytes-max-frame, and probably more.
I really wonder which huge pile of kludges large virtual root
server providers stacked to prevent customers to attack each other intentionally or unintentionally (because one of these had security
holes and now has a nifty backdoor).
Yes, because it's easier than to do it with L3. And it *is* easier to initially set up but if things go wrong (which could be by own fault
but must not necessarily) you'll have a lot of fun to clean up the
resulting mess.
That's the most strange thing I heard about in years!
This almost certainly needed a rewrite of code for applications,
right?
MAC addresses for hosts plus IPX network numbers are completely
I'm sorry for not replying sooner. It was late last night when I finished my reply to the newsgroup and I was helping my wife with things today.
I'm sorry for the confusion I caused.
Did you see / hear about the FCoTR joke that Ivan Pepelnjak and co were having fun with a few years ago?
Have you seen LGR's OS/2 spoof video?
https://youtu.be/wQdK9owqVd0
I didn't tinker with AIX yet. People say it feels like unix butAIX is technically a Unix. It's even got rights to the name with the
somehow strange and different.
capital U.
But it is different. It's IBM's take on a Unix. Think IBM nomenclature
for things and command naming habits. There are quite a few things
about it that are different than Solaris or Linux or *BSD. But it is
very much a unix.
Yes, you're right. But fragmenting or sending an error back is *way*
better than silently dropping a too large frame at the bridge and
stuff mysteriously fails sometimes.
I completely agree!
For some reason I assumed that the bridge would send an error back. But
that may just be a naive assumption.
Seems so. I'm not getting much more than a 10M NIC will transferWhat do you get when nw4-idle.nlm is unloaded? Do you see closer to 16
by FTP.
Mbps?
Transferring a file via SNADST via Token Ring yields a CPU load ofSNADST? Is that possibly SNADEST, a parameter to FLOPTS?
about 30%. Since the transfer is like UUCP not direcly visible,
I can't reliably deduct a transfer rate. Hitting refresh on the
WRKACTJOB screen too often also creates considerable CPU load which
might influence the transfer speed.
That's also my understanding. Available transports were NetBEUII'm glad to know that someone else agrees with my understanding of
(NetBIOS Frames), IP and IPX.
NetBIOS vs NetBEUI.
A similar challenge like to answer "Why do you have so many old
computers? What do you actualy do with them?"
I play with them.
I learn things that I didn't know.
I also liken them to old cars or boats or other common (expensive) collectible things.
See https://www.radiomuseum.org/r/telefunken_opal_iii.html forNice diagram.
an example.
You're using one hobby to support / organize another hobby. I like it!
I have data that I want to make easy to access. Thus far, I've been doing it on web page on my server.
I like playing with old networking technologies and making them do things that others say they can't do.
That's a lot. :-) I'm keeping to IPv4, IPv6 (German Telekom alreadySadly, few residential ISPs provide IPv6 in the USA.
provides me with a /56), IPX, SNA and AppleTalk/DDP.
There are some notable exceptions. But that means that the people that care use a tunnel of some sort, likely from Hurricane Electric.
Have you seen BIND's Catalog Zone feature?
My understanding is that VM used RSCS to be able to send messages back and forth between users. BITNET took that capability to work between systems. Including through a network of systems thanks to store-and-forward networking.
Agreed. I think some of that is how HNET is working.
@bmoshix has indicated that they are relying on a feature of the
Hercules emulator to do some of the TCP/IP interfacing & translation so
that VM sees it as a terminal or an SNA connection. I think.
The MVS community has produce KICS and a REXX for MVS. Both completely independent creations that provide the comparable functionality.
There are some determined people that have made some impressive solutions.
Still, SNA is tied to VTAM within MVS and I think that even *if*And what's the problem with that?
there'll be a chance to pull a loose thread out of MVS via a 370x to
be able to talk SNA over something else than hercules-internal lines
to terminals, it's still the "old", mainframe-centric, hierarchial SNA,
not APPN
thus I guess, there's no chance to make it talk EE.Seeing as how it doesn't have a robust TCP/IP stack, I think EE on MVS
3.8j is not going to happen.
But does EE actually /need/ to be on MVS 3.8j?
Or can EE talk to a Cisco running SNASw and let it convert to traditional SNA?
Or is my ignorance of SNA showing? Can EE+SNASw not be used to talk to
an old hierarchical SNA that doesn't support APPN?
Thus, more work remains to be done to get SNA SDLC frames to 802.2 LLC.I feel like that has probably been done. Or at least pertinent parts of that.
There are people that have 3172s / 3174s ? talking to /Hercules/ via
TN3270 for the purpose of driving real 3270 terminals. I don't
understand enough to know where the SNA vs SDLC etc stop and start.
The fact that IBM is not making it easy in any way shape or form to
break into mainframes for students or hobbyists is causing people to do
more with ancient MVS 3.8j.
Look at KICS and REXX on MVS 3.8j. ;-)
I think it's the 3172s / 3174s / 3745s / 3746s / et al. that do some of
the translation from CCW to SNA.
Though, as I understand it, VTAM (BTAM / TCAM) do need to know about the
SNA endpoints. So there has to be more to it than just the channel
attached controllers.
You seem tenacious enough to figure it out.
So if I understand you correctly, the core part of the solution was hard setting (or nailing a setting one way) to use the SNASw on the Cisco as
the Network Node Server?
Sort of functionally like making sure that all systems are using the
same WINS server (with broadcasts disabled or unrouted).
Aside: I wonder just how much overlap there is between SNA's NNS and NetBIOS's WINS. I think it's better for my health if I don't pontificate that question.
After re-reading the help text for the NETSERVER parameter, I haveSort of like why you /need/ a WINS server when NetBIOS over TCP/IP
the intention that the mentioned negotiation takes place *only* if
the local network id and the NN's network ID match. And the 150/cisco
SNAsw *have* different NETIDs than the V7 box.
(a.k.a. NBT) are on different subnets. Broadcasts / auto-discovery
doesn't work in the non-directly-connected configurations.
Excurse: The LCLNETID is a way to logically group SNA APPNWhy do NetBIOS "work groups" / "domains" come to mind? ;-)
nodes. Putting SNA nodes into a common group also influences the
flow of alert messages (See Alert support PDF). In a way it's like
the concept of a Zone in AppleTalk. (Difference: Zones are defined
on Routers only while every APPN node can have it's own NETID.)
After changing the NETSERVER parameter again to *ANY (host part) but
with the network name of "my" bunch of AS/400's (which is the same as
the Cisco Router's LCLNETID), name resolution still works. It certainly
didn't work before, even if I supplied the "FQDN" to do APING.
Therefore I conclude, there has to be a NETSERVER entry for every
existing NETID of APPN peers in an End Node.
That doesn't surprise me.
It seems sort of like telling dynamic routing protocols which networks
they should advertise to neighbors. Defining what is in scope and
assuming that anything undefined is out of scope.
It sounds like you are talking about AS/400 / IBM i alerts much like
I've talked about building a hierarchy of DNS / proxy / SMTP / MQ(TT) /
etc. servers and controlling what information passes through different administrative boundaries. Networking at the application layer.
Nope. Now I'm confused. More than usual, that is.
~chuckle~
Confusion is a precursor state to enlightenment.
Much like UUCP ""networking host-to-host-to-host at the application layer.
Ah! But there is. SDLC into a Cisco that converts things to IP to send
50 km to another Cisco that converts IP back to SDLC which is connected
to the local system.
Did any AS/400 / iSeries use SAN instead of DASD (term?)
That's why I wanted a 100 Mbps link to the router that I connect the 16
Mbps Token Ring into.
Nice playthings. Did you know that the corresponding cable to RS-232Are you talking about the cable with the HD-60 (?) connector on one end breaking out to two RS-232s on the other end? (I'm presuming you are.)
will give you a true RS-232 with *two* independent Rx/Tx lines (plus
accompanying handshake and whatnot).
I'm not at all surprised.
My understanding is that the HD-60 connector was specifically chosen so
that different cables could be used for different connections.
I know that there is one to a V.35 and one that is a cross over
(DTE/DCE) between two WIC-1Ts.
Interesting. What do you want to connect to that?I want to put a T1 / PRI card in a Linux box and play with things.
If I get one with voice capabilities, I can get Asterisk (et al.) to do
some interesting things.
I know that I can do Frame Relay across it. I don't know if ATM will go across it or not. (I'm not holding my breath for ATM.)
Add an ATM OC3 module to the list.
I'm particularly interested in FDDI because some older computers /
servers had 100 Mbps FDDI when the other networking options were 10 Mbps Ethernet. So FDDI actually gets more bandwidth into and out of the
machines. }:-)
I had some ISA cards a loooong time ago but learned that I needed
cabling with 96 Ohms (?) instead of 50, I got rid of them. Duh!
Ya. The proper coax makes a difference.
Initial looking says that it needs to be 93 Ohms RG-62.
I frequently get RG-58 for 10Base2 and RG-59 for cable TV mixed up.
Link - IBM PS/2 Model 50 and the IBM Network Bridge Program
- https://youtu.be/eHylz96t45Y
I've stared at many a listing for a Cisco 4000 or 4500 router.
I had a 7500 once upon a time. But it went a way years ago.
These aren't IP-saving. I'd need to give every machine it's ownHave you considered a /31?
/30. Three addresses per host wasted. Thus I'm wishing for a true
point to point protocol but with less cpu impact compared to ppp. At
least thats my understanding of the the stuff you mentioned.
My understanding is that MAC-VLAN and IP-VLAN create virtual interfaces
that are connected to the underlying physical NIC. Much like if you had multiple physical NICs.
I've achieved a similar effect by putting a physical NIC into a bridge (brctl) with one end of a vEth pair and the other end in the Network Namespace.
I understand the what. I just don't understand the why.
Why are we after more security between VMs / containers than we would
have between physical machines on the same switch?
To me, each machine / VM / container should have it's own filtering to protect itself against other systems, even on the local ""LAN.
I think, we truely need something independent of (emulated) ethernet.TUN (L3 IP) interfaces come to mind.
Something like a logical NIC which does only support IP and IPv6, but
not anyhing 802.3. Sadly, other protocols are irrelevant today.
These should be logically linked outside of the guest OS in a pointTake a look at Open vSwitch and what it calls internal interfaces.
to point fashion to some kind of concentrator as dialin servers were
in the 1990's.
That would enable a true p2p config, no broadcast, no network,Why oh why is RFC 1483 based DSL coming to mind? IPs could be assigned
no IP wasting, no MAC spoofing, no IP spoofing (if done right),
no laughable 1500-bytes-max-frame, and probably more.
to / routed to individual PVCs which shared a common loopback. Thus addressing both security and IP conservation.
I really wonder which huge pile of kludges large virtual rootI don't think they do prevent the attacks.
server providers stacked to prevent customers to attack each other
intentionally or unintentionally (because one of these had security
holes and now has a nifty backdoor).
At least not any more than a Co-Lo provider protects one customer from another customer on the shared Ethernet switch.
I think that SDN (OpenFlow) has the technical capability to change
things. At least in that it's possible to make it appear as if there is
an L2 connection when in fact it's a routed network in between doing
some special magic.
That's the most strange thing I heard about in years!Is it conceptually any different than carrying TCP or UDP on top of DDP?
Or AnyNet carrying IP / IPX on top of traditional SNA?
Bog standard TCP/IP applications on Windows 98 work perfectly fine
across IPX without changing the applications in any way.
MAC addresses for hosts plus IPX network numbers are completelyMAC addresses are exactly the same. Nothing at L2 changes.
different to IPv4 addresses and netmasks.
Yes, IPX addresses are completely different from IP addresses. But that doesn't matter.
It doesn't matter because the IPX packet is from the local IPX address
to the remote IPX address of the gateway running on the NetWare server
that does the opposite.
It's conceptually very similar to IP over SNA via AnyNet.
MacTCP provided an IP stack and proprietary API to MacI may have the names wrong. But I know that the IP support the predated
Applications. Open Transport was a complete rework to integrate
AppleTalk and IP under the STREAMS API, also as PPC native code. AFAIR
the only other company using STREAMS was Novell with their Netware.
Open Transport was on top of DDP.
On a side note, The Open Transport IP implementation has problems withI wonder if there is an IPTables target to (conditionally) disable
Window Scaling. Uploads to current Linux's will be painfully slow,
single-digit KBytes/s range, even over 100M Ethernet. If you disable
window scaling in /proc (or /sys?), it's fast again, but everything
else will be slow. Or if you put a Cisco ASA in between to delete
the WScale-Option while the TCP handshake takes place.
window scaling (for specific IPs)
I have a Pentium Overdrive Board (2850) with the accompanying board
with S3 graphics chip and other peripheral support. It was hard to
get hand on a breakout cable to actually see what's going on on the
PC side (VGA, PS/2 Keyboard and Mouse, Serial and Parallel Port).
Nice!
I'm not surprised that the breakout cable was difficult to find.
Though, it's my understanding that X.25 was largely used as a long
distance serial interface or to transport other protocols. I'd think
that the gateway machine would gateway more common protocols.
DB-15, M or F depends on what's to be connected on the other side. AIs the M or F on the DB-15 or the Twinax connector?
distinction I don't understand.
And now I'm again learning that there was even more highly interestingI'm sort of surprised to learn that Coax / Twinax connected terminals
stuff. CL/1 server vor MVS/TSO! MacAPPC! It seems that the latter
is part of the API stuff for SNA.ps. And MacDFT, which seems to be
the other Application to talk to the Coax/Twinax-Card.
were Distributed Function Terminal. I thought DFTs were a completely different class, more akin to ASCII terminals. I could easily have the
wrong understanding.
I'm sorry for not replying sooner. It was late last night when I finished my reply to the newsgroup and I was helping my wife with things today.
I'm sorry for the confusion I caused.
Did you see / hear about the FCoTR joke that Ivan Pepelnjak and co were having fun with a few years ago?
Have you seen LGR's OS/2 spoof video?
https://youtu.be/wQdK9owqVd0
I didn't tinker with AIX yet. People say it feels like unix butAIX is technically a Unix. It's even got rights to the name with the
somehow strange and different.
capital U.
But it is different. It's IBM's take on a Unix. Think IBM nomenclature
for things and command naming habits. There are quite a few things
about it that are different than Solaris or Linux or *BSD. But it is
very much a unix.
Yes, you're right. But fragmenting or sending an error back is *way*
better than silently dropping a too large frame at the bridge and
stuff mysteriously fails sometimes.
I completely agree!
For some reason I assumed that the bridge would send an error back. But
that may just be a naive assumption.
Seems so. I'm not getting much more than a 10M NIC will transferWhat do you get when nw4-idle.nlm is unloaded? Do you see closer to 16
by FTP.
Mbps?
Transferring a file via SNADST via Token Ring yields a CPU load ofSNADST? Is that possibly SNADEST, a parameter to FLOPTS?
about 30%. Since the transfer is like UUCP not direcly visible,
I can't reliably deduct a transfer rate. Hitting refresh on the
WRKACTJOB screen too often also creates considerable CPU load which
might influence the transfer speed.
That's also my understanding. Available transports were NetBEUII'm glad to know that someone else agrees with my understanding of
(NetBIOS Frames), IP and IPX.
NetBIOS vs NetBEUI.
A similar challenge like to answer "Why do you have so many old
computers? What do you actualy do with them?"
I play with them.
I learn things that I didn't know.
I also liken them to old cars or boats or other common (expensive) collectible things.
See https://www.radiomuseum.org/r/telefunken_opal_iii.html forNice diagram.
an example.
You're using one hobby to support / organize another hobby. I like it!
I have data that I want to make easy to access. Thus far, I've been doing it on web page on my server.
I like playing with old networking technologies and making them do things that others say they can't do.
That's a lot. :-) I'm keeping to IPv4, IPv6 (German Telekom alreadySadly, few residential ISPs provide IPv6 in the USA.
provides me with a /56), IPX, SNA and AppleTalk/DDP.
There are some notable exceptions. But that means that the people that care use a tunnel of some sort, likely from Hurricane Electric.
Yes. And I remember, I really *have* a workflow running over UUCP. When
I use my script to add a new zone to my master DNS, config-replication
to the slaves is done via UUCP. It works like a charm, so I simply
forgot a about it, in a way. :-)
Nice!
Have you seen BIND's Catalog Zone feature?
Yes, I could have done that with ssh and call a remote script. I
didn't. Because I can. And because it runs asynchronous, so I don't
need to wait until all slaves are configured before continuing with
registration process.
Agreed.
Nope, I wasn't aware. In fact, I know BITNET but I need to refresh
my knowledge a bit on the net. Pun intended.
I was also reading somewhere that RSCS was used as some kind of
chatting facility. As I read about it, there comes BITNET as a
link! And there it is!
Yep.
My understanding is that VM used RSCS to be able to send messages back
and forth between users. BITNET took that capability to work between systems. Including through a network of systems thanks to
store-and-forward networking.
"Bitnet's NJE (Network Job Entry) network protocols, called RSCS..." I
found the missing link! I understood RSCS after the first read some
years ago to be something similar to UUCP, also.
I wonder how inter-node-communication for NJE will take place in our
modern world.
SNA and / or TCP/IP
I had concluded a while ago that RJE needs a dedicated line, Bisync or
whatever. Since I found no easy way to get that attached to Hercules,
I lost interest. On the other side, I know that Cisco IOS has some
facilities to encapsulate certain serial traffic into IP or even
modify protocols (AFAIR it's possible to convert a serial attached host
talking SNA over SDLC to come out of the Router as a 802.2 LLC node).
Agreed. I think some of that is how HNET is working.
@bmoshix has indicated that they are relying on a feature of the
Hercules emulator to do some of the TCP/IP interfacing & translation so
that VM sees it as a terminal or an SNA connection. I think.
You aren't alone in search of that particular holy grail.
A while ago I had a mail exchange with J?rgen Winkelmann, the
maintainer of TK4- and he told me that there has been some effort to
implement the functionality of a 3703 or 3705 (can't remember) with
the accompanying (but not freely available) NCP into Hercules.
I wouldn't give up hope.
The MVS community has produce KICS and a REXX for MVS. Both completely independent creations that provide the comparable functionality.
There are some determined people that have made some impressive solutions.
Still, SNA is tied to VTAM within MVS and I think that even *if*
there'll be a chance to pull a loose thread out of MVS via a 370x to
be able to talk SNA over something else than hercules-internal lines
to terminals, it's still the "old", mainframe-centric, hierarchial SNA,
not APPN
And what's the problem with that?
thus I guess, there's no chance to make it talk EE.
Seeing as how it doesn't have a robust TCP/IP stack, I think EE on MVS
3.8j is not going to happen.
But does EE actually /need/ to be on MVS 3.8j? Or can EE talk to a
Cisco running SNASw and let it convert to traditional SNA?
Or is my ignorance of SNA showing? Can EE+SNASw not be used to talk to
an old hierarchical SNA that doesn't support APPN?
Thus, more work remains to be done to get SNA SDLC frames to 802.2 LLC.
I feel like that has probably been done. Or at least pertinent parts of that.
There are people that have 3172s / 3174s ? talking to /Hercules/ via
TN3270 for the purpose of driving real 3270 terminals. I don't
understand enough to know where the SNA vs SDLC etc stop and start.
I really can't guess if there are enough capable enthusiasts to do
all that labor for just "because I can". It's a small group of people
running MVS or zOS or OS/400 at home in more than one instance to
make networking these something nice to have. It's already possible
to emulate a CTCA to build a loosely coupled cluster picking batch
jobs from a common JES2 spool and I'm not sure how many people already
play with it regularly.
I think there's more than you may realize.
The fact that IBM is not making it easy in any way shape or form to
break into mainframes for students or hobbyists is causing people to do
more with ancient MVS 3.8j.
Look at KICS and REXX on MVS 3.8j. ;-)
As I think about that, I'm wondering which protocol is running within
this CTCA tunnel, but I fear it's not SNA but just machine-made
channel programs.
I suspect it's CCW programs.
I think it's the 3172s / 3174s / 3745s / 3746s / et al. that do some of
the translation from CCW to SNA.
Though, as I understand it, VTAM (BTAM / TCAM) do need to know about the
SNA endpoints. So there has to be more to it than just the channel
attached controllers.
Exactly. And it basically works but since I can't do a proper name
resolution, I'm stuck at the moment.i
Maybe I need to dig deeper into the differences about up- and
downstream nodes. Cisco IOS has very few configuration parameters
and does most things automatic. But it's possible to make an APPN
Node attach to IOS as a dynamic (not defined in IOS config) way, and
as a configured peer. Then I also can set a preferred netword node
(which is supposed to know about all names). I was hoping that since
IOS is a router OS, the SNA implementation there is always a Network
Node with name resolution capabilities.
You seem tenacious enough to figure it out.
I'd love to learn about your journey as you do.
I think I solved the problem.
Cool!
Sometimes it really helps to muse about things to someone else and
make your brain run full speed in a background task. Or maybe as
batch job. ~giggle~ So, thanks for listening!
I *COMPLETELY* /get/ it. I've been in your shoes so many times.
You're welcome. I'm glad that my curiosity helped you.
In the general (SNA) network attributes of IBM i, you can set a network
node server (something which acts as mDNS in a way, amongst other
things) manually. I had the intention that if left blank, it will be
negotiated with each PU when intially connecting. I'm wrong. In a way.
Okay. That makes sense.
After configuring the V7 box (connected via EE to the cisco router)
to utilize the cisco router's SNAsw facility as a neighboring network
node server (parameter NETSERVER in chg/dspneta on IBM i), the 150
can sucessfully APING the 8203 and vice versa.
Yay!!! \o/
So if I understand you correctly, the core part of the solution was hard setting (or nailing a setting one way) to use the SNASw on the Cisco as
the Network Node Server?
Sort of functionally like making sure that all systems are using the
same WINS server (with broadcasts disabled or unrouted).
Aside: I wonder just how much overlap there is between SNA's NNS and NetBIOS's WINS. ??? I think it's better for my health if I don't pontificate that question.
After re-reading the help text for the NETSERVER parameter, I have
the intention that the mentioned negotiation takes place *only* if
the local network id and the NN's network ID match. And the 150/cisco
SNAsw *have* different NETIDs than the V7 box.
Sort of like why you /need/ a WINS server when NetBIOS over TCP/IP
(a.k.a. NBT) are on different subnets. Broadcasts / auto-discovery
doesn't work in the non-directly-connected configurations.
Excurse: The LCLNETID is a way to logically group SNA APPN
nodes. Putting SNA nodes into a common group also influences the
flow of alert messages (See Alert support PDF). In a way it's like
the concept of a Zone in AppleTalk. (Difference: Zones are defined
on Routers only while every APPN node can have it's own NETID.)
Why do NetBIOS "work groups" / "domains" come to mind? ;-)
After changing the NETSERVER parameter again to *ANY (host part) but
with the network name of "my" bunch of AS/400's (which is the same as
the Cisco Router's LCLNETID), name resolution still works. It certainly
didn't work before, even if I supplied the "FQDN" to do APING.
Therefore I conclude, there has to be a NETSERVER entry for every
existing NETID of APPN peers in an End Node.
That doesn't surprise me.
It seems sort of like telling dynamic routing protocols which networks
they should advertise to neighbors. Defining what is in scope and
assuming that anything undefined is out of scope.
What remains as tbd is to again review documentation about Alerts,
since the 8203 now thinks, it must send alerts to the "true" NN (not
the Cisco Router) in my LCLNETID group. Minor thing, since I administer
all of these but when tying machines of different companies together,
it certainly will raise discussions between admins.
Yep.
It sounds like you are talking about AS/400 / IBM i alerts much like
I've talked about building a hierarchy of DNS / proxy / SMTP / MQ(TT) /
etc. servers and controlling what information passes through different administrative boundaries. Networking at the application layer.
Also, if I change the configuration of the EE endpoint to Network Node
instead of End Node, the whole thing should also work out of the box.
:-)
Nope. Now I'm confused. More than usual, that is.
~chuckle~
Confusion is a precursor state to enlightenment.
And, hooray, doing an APING with 1500 byte packets to see if the
"MTU" issue is gone made the 2901 crash. :-) Another one I wanna
throw at TAC!
%SYS-3-OVERRUN: Block overrun at 2575E9C8 (red zone 00000000)
-Traceback= 30012E94z 35085D00z 35081A20z 35097F8Cz 35094D1Cz 3509482Cz
3508AD00z 3508AE40z 3508AF80z 34F835A4z 34F65B24z 30032B5Cz 30032B40z
LOL
That's how SNA works anyway, but on the session layer, not on the
network layer as we know it from AppleTalk, IP, IPX, IPv6 and others.
ACK
That's what I was referring to by networking at the application layer.
Much like UUCP ""networking host-to-host-to-host at the application layer.
Yes and no, see above.
SDLC but since the 8203 is about 50km north of here, this isn't
an option.
Ah! But there is. SDLC into a Cisco that converts things to IP to send
50 km to another Cisco that converts IP back to SDLC which is connected
to the local system.
Do for SDLC what EE does for SNA.
It's nice feeling if stuff makes more sense after reviewing, isn't it?
Yep.
I fear there are just two ways to find out:
- Ask the devs,
- Read the source.
Yep.
4 digits? Or less?
I don't know.
I tried to glean some information from @faultywarrior's Twitter feed,
but I'm not getting anything of value.
Not 9406 but 8203-E4A.
I took a stab at the model numbers I've seen mentioned in this thread.
Not "just" 9401 but 9401-150.
Fair.
I elided the -150 to save a few characters and because I didn't have the
type numbers for the 9406.
Than it's 100% correct. :-)
:-)
9406 was a huge class of machines.
ACK
The E4A with Power6 can be bought (used condition) for very cheap.
Unfortunately, these draw about 400W (with 4 CPUs and 5 15k disks). And
they're not exactly quiet, even if running in the basement.
Fair.
Did any AS/400 / iSeries use SAN instead of DASD (term?)
There also was a 9401-P0[23], a so called "portable" AS/400. Rumor
says, mostly used by sales guys to lure Bosses into buying a big
AS/400, because, look, I show you in just one hour how to create your
first tiny business application.
Interesting.
Unfortunately, V4 doesn't run on these. I'm not sure how earlier
versions lack stuff I'm used to today.
:-/
Sorry, typo. Should be "now".
That's what I figured and how I read the statement.
As much as I enjoy this discussion, it takes looong time to answer
properly.
Yep. That's why your email went unanswered until this evening.
Good conversations deserve good responses. I'm also having to look some things up as I go along. Thus additional rabbit holes for me.
Maybe I should cease to try to answer in one go.
Some of my replies have been over the course of a number of hours and
across meals.
Exactly.
That's why I wanted a 100 Mbps link to the router that I connect the 16
Mbps Token Ring into.
The 10Base5 can be downstream of the Token Ring, but not upstream.
Yes. Both run fine in Linux. The 2723 is just an AMD PCNet-32 Chip
I am not at all surprised.
and the 2724 is by looking at it identical to the IBM Olympic based
PCI cards. Yet, something in some ROM must be different, because
putting a "normal" Olympic card in makes OS/400 complain that the
IOA has troubles and doesn't work.
This doesn't surprise me either.
Another case of "apply magic pixie dust to get more revenue because
customers are forced to buy our overpriced stuff."
No comment.
I simply don't have the skills to understand the differences of both
card's ROM images. Too much binary babble. :-)
Agreed.
Sorry for being dumb. Of yourse you're perfectly right! :-D
I'd recommend a 3640. It's relatively easy to add resistors so fans
spin less fast and thus make less noise without the box to overheat. At
least, it draws around 25W. So, at most 25W heat will be generated.
Thank you for the pointer.
Nice playthings. Did you know that the corresponding cable to RS-232
will give you a true RS-232 with *two* independent Rx/Tx lines (plus
accompanying handshake and whatnot).
Are you talking about the cable with the HD-60 (?) connector on one end breaking out to two RS-232s on the other end? (I'm presuming you are.)
I'm not at all surprised.
My understanding is that the HD-60 connector was specifically chosen so
that different cables could be used for different connections.
I know that there is one to a V.35 and one that is a cross over
(DTE/DCE) between two WIC-1Ts.
Interesting. What do you want to connect to that?
I want to put a T1 / PRI card in a Linux box and play with things.
If I get one with voice capabilities, I can get Asterisk (et al.) to do
some interesting things.
I know that I can do Frame Relay across it. I don't know if ATM will go across it or not. (I'm not holding my breath for ATM.)
Add an ATM OC3 module to the list.
Again, I will not object. :-)
Similarl here. But I'm content with "just" 10BASE2.
Fair.
I'm particularly interested in FDDI because some older computers /
servers had 100 Mbps FDDI when the other networking options were 10 Mbps Ethernet. So FDDI actually gets more bandwidth into and out of the
machines. }:-)
I had some ISA cards a loooong time ago but learned that I needed
cabling with 96 Ohms (?) instead of 50, I got rid of them. Duh!
Ya. The proper coax makes a difference.
Initial looking says that it needs to be 93 ?? RG-62.
I frequently get RG-58 for 10Base2 and RG-59 for cable TV mixed up.
To me it seems boring: It's the same config and behavior as if bridging
just ethernet. :-)
Fair.
I sort of want to try it so that I can say that I've done it.
I'll leave this here:
Link - IBM PS/2 Model 50 and the IBM Network Bridge Program
- https://youtu.be/eHylz96t45Y
Okay, you can have a lot of fun to make TR nodes generate packets
with less-equal-than 1500 bytes.
Ya.... That will be problematic.
Hm. AppleTalk is OSI derieved, IP not. Do you refer to this kind
of OSI/non-OSI?
Sorry for being ambiguous. I was referring to the actual OSI protocol
suite, as in something very close to DECnet Phase V.
AppleTalk would be non-OSI in this context.
I remember that with Debian 8, TR support was gone. No further details.
Token Ring was pulled out of the Linux kernel at version 3.5. The story
that I read was that the Token Ring code was making it difficult to
maintain other more important code. It might have been actually
blocking the new code because of conflicts. So rather than updating the
old Token Ring code, they decided to remove it.
Yes. I think I was one of the few people on earth to be crazy enough
to even bother testing.
I may have to try it at some point.
I wouldn't bet against you, since I think alike. Again.
:-)
True. But for Cisco, mostly older gear, only.
I've stared at many a listing for a Cisco 4000 or 4500 router.
I had a 7500 once upon a time. But it went a way years ago.
Maybe they'll refuse to handle the request because of apparent cruelty
against employees. :->
:-)
These aren't IP-saving. I'd need to give every machine it's own
/30. Three addresses per host wasted. Thus I'm wishing for a true
point to point protocol but with less cpu impact compared to ppp. At
least thats my understanding of the the stuff you mentioned.
Have you considered a /31?
My understanding is that MAC-VLAN and IP-VLAN create virtual interfaces
that are connected to the underlying physical NIC. Much like if you had multiple physical NICs.
I've achieved a similar effect by putting a physical NIC into a bridge (brctl) with one end of a vEth pair and the other end in the Network Namespace.
Each host shall not talk to each other directly, so I can group hosts
into a L3 segment to save IP addresses and have security. Talking must
be done always trough the gateway to enforce packet filtering rules.
Each host is "untrusted". It's fairly easy to do MAC spoofing to
attract traffic. Even if communications to the outside world most
likely will be lost by then, because MAC collisions shall not
happen. Dunno how to enforce that within a VMWare vSwitch, though.
I understand the what. I just don't understand the why.
Why are we after more security between VMs / containers than we would
have between physical machines on the same switch?
To me, each machine / VM / container should have it's own filtering to protect itself against other systems, even on the local ""LAN.
I think, we truely need something independent of (emulated) ethernet.
Something like a logical NIC which does only support IP and IPv6, but
not anyhing 802.3. Sadly, other protocols are irrelevant today.
TUN (L3 IP) interfaces come to mind.
These should be logically linked outside of the guest OS in a point
to point fashion to some kind of concentrator as dialin servers were
in the 1990's.
Take a look at Open vSwitch and what it calls internal interfaces.
(Internal interfaces are poorly named and are very similar to a vEth
pair, but with one end hard wired into OvS.) That will provide the ""physical network. You can then use OpenFlow to filter what sort of
traffic is allowed to cross each of the internal interfaces.
That would enable a true p2p config, no broadcast, no network,
no IP wasting, no MAC spoofing, no IP spoofing (if done right),
no laughable 1500-bytes-max-frame, and probably more.
Why oh why is RFC 1483 based DSL coming to mind? IPs could be assigned
to / routed to individual PVCs which shared a common loopback. Thus addressing both security and IP conservation.
OvS w/ OpenFlow can easily do this too.
I really wonder which huge pile of kludges large virtual root
server providers stacked to prevent customers to attack each other
intentionally or unintentionally (because one of these had security
holes and now has a nifty backdoor).
I don't think they do prevent the attacks. At least not any more than a Co-Lo provider protects one customer from another customer on the shared Ethernet switch.
Yes, because it's easier than to do it with L3. And it *is* easier to
initially set up but if things go wrong (which could be by own fault
but must not necessarily) you'll have a lot of fun to clean up the
resulting mess.
Yep.
I think that SDN (OpenFlow) has the technical capability to change
things. At least in that it's possible to make it appear as if there is
an L2 connection when in fact it's a routed network in between doing
some special magic.
I think that EVPN plays in this space too.
That's the most strange thing I heard about in years!
Is it conceptually any different than carrying TCP or UDP on top of DDP?
Or AnyNet carrying IP / IPX on top of traditional SNA?
This almost certainly needed a rewrite of code for applications,
right?
Nope.
Bog standard TCP/IP applications on Windows 98 work perfectly fine
across IPX without changing the applications in any way.
Remember that the applications use Winsock as their TCP/IP stack. This feature replaces Winsock with a different version that does TCP/IPX and UDP/IPX.
The new Novell Winsock varient provides the same APIs for the programs.
They are just fulfilled via IPX instead of IP.
MAC addresses for hosts plus IPX network numbers are completely
different to IPv4 addresses and netmasks.
MAC addresses are exactly the same. Nothing at L2 changes.
Yes, IPX addresses are completely different from IP addresses. But that doesn't matter.
It doesn't matter because the IPX packet is from the local IPX address
to the remote IPX address of the gateway running on the NetWare server
that does the opposite.
So it goes from APIs that think TCP/IP to a Novell Winsock stack using
the local IPX address to a remote IPX address where the corresponding
gateway receives the IPX packet, extracts the TCP or UDP portion and
then sends it out as traditional TCP/IP or UDP/IP.
It's conceptually very similar to IP over SNA via AnyNet.
Since the Network Number in IPX was already 32 Bit, this solution
*could* have prevented the need for IPv6 in the first place! ;-D
Ya. I've wondered what would have happened if IPX had won instead of IP.
Nope. :-)
MacTCP provided an IP stack and proprietary API to Mac
Applications. Open Transport was a complete rework to integrate
AppleTalk and IP under the STREAMS API, also as PPC native code. AFAIR
the only other company using STREAMS was Novell with their Netware.
I may have the names wrong. But I know that the IP support the predated
Open Transport was on top of DDP.
On a side note, The Open Transport IP implementation has problems with
Window Scaling. Uploads to current Linux's will be painfully slow,
single-digit KBytes/s range, even over 100M Ethernet. If you disable
window scaling in /proc (or /sys?), it's fast again, but everything
else will be slow. Or if you put a Cisco ASA in between to delete
the WScale-Option while the TCP handshake takes place.
I wonder if there is an IPTables target to (conditionally) disable
window scaling (for specific IPs)
I have a Pentium Overdrive Board (2850) with the accompanying board
with S3 graphics chip and other peripheral support. It was hard to
get hand on a breakout cable to actually see what's going on on the
PC side (VGA, PS/2 Keyboard and Mouse, Serial and Parallel Port).
Nice!
I'm not surprised that the breakout cable was difficult to find.
Those are the types of accessories that get lost in the shuffle, despite people holding onto the bigger components.
Yes. The Coax/Twinax-Card was special in the way that it couldn't be
used with standard AppleTalk and MacTCP.
I'm not at all surprised.
The serial card could be used as standard serial ports but also for
X.25 and SDLC. I have Mac X.25 server but I didn't take time to have
a closer look at it. I think, it's also a network central gateway to
provide X.25 services to other Macs via AppleTalk.
Nice.
Though, it's my understanding that X.25 was largely used as a long
distance serial interface or to transport other protocols. I'd think
that the gateway machine would gateway more common protocols.
The Token Ring Card could be used with AppleTalk and MacTCP but it is
painfully slow. I measured about 200 KBytes/s FTP on a reasonably fast
Mac IIfx with not much difference when put into a PowerMac 7100. A
PowerMac 7500 in the same ring with a PCI NIC sucked 1,5 MB/s per
FTP from the same server.
Yes. The card is called "Apple Coax/Twinax Card"
Thank you for thee confirmation.
DB-15, M or F depends on what's to be connected on the other side. A
distinction I don't understand.
Is the M or F on the DB-15 or the Twinax connector?
My understanding is the difference is simply a matter of which gender connector you're working with. If you have a couple long runs of Twinax
with M connectors, it would connect to the F connectors on the breakout cable. Conversely, if you wanted to come directly out of said breakout
cable into another machine, you'd need the M connector on that breakout cable. So it has to do with pick the cable with the gender that you
need so that you don't need adapters.
Maybe you confuse DB-9 with Token Ring?
Well, Token Ring does use a DB-9 (more properly DE-9), as in a 9 pin d-sub-shell, connector. Token Ring has F DB-9 connector (or RJ-45) on
card. Serial uses a M DB-9 connector (or M DB-25).
And now I'm again learning that there was even more highly interesting
stuff. CL/1 server vor MVS/TSO! MacAPPC! It seems that the latter
is part of the API stuff for SNA.ps. And MacDFT, which seems to be
the other Application to talk to the Coax/Twinax-Card.
I'm sort of surprised to learn that Coax / Twinax connected terminals
were Distributed Function Terminal. I thought DFTs were a completely different class, more akin to ASCII terminals. I could easily have the
wrong understanding.
Nope.
ACK
I'm not sure.
Because the software support maybe was once planned, but never
released.
*facepalm*
A bit similar to the splendid Mac IIfx. The first Mac to incorporate
true DMA for SCSI transfers. Unfortunately, stock MacOS never made
use of that capability. A/UX did, rumor says.
A/UX. That's something I've never messed with.
Yap. Early documentation referred to what we now know as LocalTalk as
"Apple Bus". Maybe someone decided it was too technical and renamed
it AppleTalk to sound more friendly.
Likely.
<This> will allow your Apple computers to talk to each other.
Not only Ethernet. Afterwards, Apple needed to clarify that Ambiguity
and called AppleTalk different depending on which media: EtherTalk,
TokenTalk, FDDITalk. Ah, yes, and LocalTalk.
I didn't know about TokenTalk or FDDITalk. I vaguely remember hearing
about EtherTalk.
Did you know that almost every internal HP-Print Server for Ethernet
supported AppleTalk, IPX and IP but the Token Ring variants supported
just IPX and IP.
I agree that most of the older ones supported more protocols.
I think that some of them had DLC support too.
And, in case you ever need to configure the IPX part of those Print
Servers, you really don't need JetAdmin. JetAdmin just configures
SNMP over IPX transport. You can set the same parameters via SNMP
Sorry I'm too dumb to use tin properly. :-) So I sent a half-written
article and don't know how to cancel that one.
No. Do you have a reference at hand?
Nope, but thanks. Neat!
AFAIK there's no mechanism to send back an error on L2. ICMP could
but that's L3.
No, it's SNA distribution services. Another store-and-forward thing,
almost like UUCP. https://en.wikipedia.org/wiki/SNADS
I must confess that I learned about the differences about last year,
when I was having yet another 200-tab-session with Wikipedia. :-)
Also a possibility. If you're fluent in COBOL, you might go for
KICKS. Docs are there, example programs, too. AFAIR there are even
Hooks for C! But from RTFM I guess it's still way more complicated
compared to do the same on the AS/400.
I'm astonished in a way. I had the impression that the chicken-egg
problem was finally solved by reality kicking in when IANA was handing
out it's last IPv4 block.
Which means: If you care, you can use IPv6. If you don't, you're stuck
with IPv4. That is a proved solution. Until somewhen in the future
when certain services on servers will maybe available only via IPv6.
Rumor says, the adoption of IPv6 could have been sped up by large
amounts if there had been free porn available through IPv6-only
connected servers. ;-)
Not until now. That's definitely something I should have a closer
look into! Thanks for the pointer!
I had a look at the mentioned Video and was surprised that I did not
stumble over that one much earlier. I was watching the most interesting moshix vids over the couse of this year, because I like how he explains
stuff and also his attitude of not preparing and doing right away to
show possible mishaps and how to deal with them.
Apparently, they're just doing a long range connection via IP,
looking to RSCS like a CTC-Connection.
I digged a bit deeper into that particular hole and found:
OS/400 also can utilize SNA transport for RJE. Thus I searched for
the documentation collection @IBM for the RJE facility in OS/400 and
found it. Have yet to read. And try out if SNA over LLC support
for RJE is also in V4.
Also, there has been some effort to create a SNA stack for Linux. I
don't know yet how well it works or how complete the coding is. It
hasn't been touched in years. But maybe it could help to establish
a LU-LU connection from OS/400 to Linux SNA which in turn could be
given a facility to connect to TCP ports (from Hercules) to overcome
the limitation of Hercules and the free MVS cannot utilize SNA beyond internal VTAM.
I get the impression that if it's possible to attach to the SNA
facilities in VM (if there are any in the early and "freely" available versions) from outside, the AS/400 *maybe* could participate in RSCS
based message forwarding.
But honestly, before digging into the next deep rabbit hole (VM),
I'd opt to get more used to MVS first.
I've also gleaned the term BSC equivalence in the RJE-Manual of
OS/400. And I somehow remember SNAsw enabled Cisco IOS to also
support BSC in a way. If this encap/dcap facility is transparent,
it *could* be possible to network Hercules with MVS 3.8j through a
simulated BSC line, connecting to the Cisco router via TCP, which
in turn re-encapsulates the traffic to a serial line (WIC-1T?)
connected to a serial interface on an AS/400 which has a BSC line
description for that particular interface.
A *very* tempting thing to try out right away but I fear that once
started, I couldn't stop until I have proof that it either runs. Or
to learn that it's not possible to get it running without some code modifications in Hercules. Would eat too much time, right now.
Hm, maybe you're right. We'll see. I'd like to contribute but
my skills are low, thus my motivation is lacking. Add the always
prevalent tightness on free time.
That APPN and hierarchical SNA share the name and have some common
concepts but they can't talk to each other without some kind of
translation facility.
Yes, if there'd be a way to connect VTAM to Ethernet, to get a
connection from SNAsw to VTAM in the host. Basically.
I never tested it but since Cisco claims broad SNA support, I guess
it's supposed to work.
Hm. As far as I know there are two ways to achieve that:
- Modern zOS can utilize given hardware in an emulated zSeries to
do so,
- MVS 3.8j lacks software facilities for talking SNA (VTAM) to that
mentioned emulated hardware (whatever it is called). To achieve this connection on the real 360 hardware, one could use a communications controller.
To my understanding, the emulated 3xxx-with-NCP (in parts) in Hercules
4 is a possible start to have that functionality by extending code
to the features of a full-blown communications controller. Honestly,
I don't know if I'm mixing up things here. I'm much better with AS/400.
Same here. I think, the terminals are connected via Coax or serial/SDLC
to the comm controller, which is configured to forward data via
tn3270 over ethernet to an IP address. Roughly what the BOSCom Twinax Controller II does in the 5250 world.
I think so, also. And I'm very appaled that IBM is constantly ignoring
AS/400 hobbyists around the world, leaving not many ways to have an
own AS/400 running without any lic problems.
DEC did it right by offering one-year licenses without cost to
hobbyists. Licensing prohibits commercial exploitation. This hapit
survived the ackquisition by Compaq and subsequently to HP(E).
Right. But to my understanding KICKS started as a commercial
product. Or there has been a free and a commercial version.
I have REXX on my list of stuff to put onto my install. :-) Since I'm
still struggling with all the necessary steps to do so, I didn't take
time yet.
Did you know that REXX is available on the AS/400 also?
How do you know? ;-)
I'm not aware about that crossover-thing but I guess you're talking
about the X.21 cables.
Beware that there's a difference between data-only and voice capable
cards in the Cisco world.
I didn't take time yet to learn the true technical differences yet.
I see. FR is just a protocol extension to support multiple independent channels over serial lines. It smells familiar to ATM with it's
concept of PVCs.
In the early 2000's at my previous employer, we had an OC3-Connection
to an ISP via coax cable to a DSU and from there to a HSSI NP in a
Cisco 4700. Yes, old box even back then but despite that, it performed extremely well. CPI load was never in excess of 50%, even when there
was a lot of traffic.
Yap. Since it was very expensive back then and thus rarely found in
the wild, today it's hard to find anything interesting in that area,
though.
TV Antenna cables were 60 Ohms in the 1950's until somewhen in the
1970's. Afterwards there were just 75 Ohms everywhere. Usually, I
refer to that as TV antenna cables which is also unambiguous enough
to me.
Thanks for sharing. What a cute CRT! Now I want one of those,
IBM labelled. :-)
No. I never tried if that actually works and how the segment is
coping by having an apparent IP conflict between Broadcast and Host
address.
And it's still an 2:1 loss for IP addresses. Thus I'd still prefer
a true Point to Point protocol with no underlying point to multpoint architecture.
Enforcing security by not sharing physical network media.
On a physical switch with physical end user machines connected,
I'd do a "switchport protected" and have a good deal of my desired functionality.
VMware vSwitch doesn't know about that. Given the fact that vSwitch and physical uplink into the hardare based switching infrastructure are effectively separate control plane domains, it's simply not possible
to solve this problem with the given Hardware/Software combination
(ESXi vSwitch, Cisco Catalyst).
I'd love to have some kind of true "stacking" of a physical switch
to the vSwitch(es). Part of that is possible with Cisco Nexus and
distributed vSwitches, as I heard. Didn't take time to verify to
which degree that would help, though.
Yes. But since I consider machines from customers (with root access)
as untrusted, a local firewall to restrict outgoing stuff is mostly superflous.
Additionally, with every other host, I'd have to add more and more
rules to all hosts to allow specific connectivity (SMTP, http, ...).
Since these also need to be configured *inside* the VM, my objection
that the customer can fuck up the network segment the TUNs are bundled
into, is still there.
Yes, I could create a seaparate Vlan with RFC-1918-addresses for each
VM and use the L3-Tunnel to create internet connectivity. Doesn't
scale well and sounds more like a workaround than a solution.
If the emulated serial ports on VMs didn't have a speed limit to
ancient 115200, I'd really opt for PPP over emulated serial links. No
ARP, no flooding, no problems.
Is this in any way compatible with ESXi? I guess, no.
And, it's still a switch, I still have the same issues with possible
MAC spoofing and ARP flooding.
Which is bad habit. The RIPE lately created a map showing distribution
of rogue nodes participating in DDOS-Attacks (flooding). Surprisingly,
first place in the list goes to the USA.
See? That's why I want to do better. :-)
No. Even if you bridge an L2-Domain over an L3-Channel, it's still
a L2-Domain.
Inherent issues of L2 are
a) ARP flooding to "find" unknown nodes by blindly shouting
b) the impossibility to aggregate "routing" information. Every single
node (MAC address) is exactly one entry in the "routing" table. Forwarding-Table, that is. To be precise.
This creates ambiguity about which node is supposed to be
where. Compare that to IP addressing, where nodes are grouped through
the netmask feature and thus are tightly coupled to the local network segment.
If you insist to have IP mobility (address of a node must stay the
same, no matter which DC runs that VM), you need stretched L2-Domains
Or emulate the DECNET way of Networking: Every end node participates
in Routing. The NIC's DECNET address is meaningless and just needed
to have connectivity. The true node address used to access the
node's services is a loopback address.
Since the loopback address is injected into the routing protocol,
the node can be reached everywhere, no matter in which of the
geographically separated data centers it resides. No need to have
stretched L2-Domains, every DC can utilize it's own network segment
to be unabigous about addressing each node.
This again is a rabbit hole in itself, because as you fall down,
you see *so many* details to consider, that scenario is probably
too complex to be reliable, resonably resistent agains attacks from
"inside" and foolproof at the same time.
Currently, I'm not aware of an easy solution. At least as easy to
handle as a streched L2-Domain. As long as it works and all measures
have been taken to prevent split brain sutuations to the greatest
extent possible.
No. But at least I'm used to AnyNet in old OS/400 releases. ;-)
Okay, let's say, you want to open an FTP connection to a remote
host via that facility. What do you enter in the host field of that
graphical FTP client program? A name? If yes, what resolves that name
to an IPX address? And if not, may I just enter an IPX-Address into
that field?
What about some applications whose devs thought, it's a nice thing
to hard code periods every fourth column?
How to enter an IPX address there?
Yes. But applications utilizing IP usually never deal with MAC
addresses.
Sure? See above.
You're way too deep into details. :-) I hope I could clarify my
questioning above.
Not really: AnyNet is an encapsultion mechanism. What you describe
is the complete replacement of the L3 protocol with another. Just
like IPv6 vs. IPv4.
Optionally, it was. But MacTCP could utilize an Ethernet NIC to send
and receive Ethernet II frames as usual. You *could* utilize that encapsulation also on Ethernet, since AppleTalk also runs on Ethernet.
The very same functionality is offered by Open Transport.
Interesting remark! Why did this idea never occur to me?
Just had aa quick glance over iptables-extensions(8) and saw that
it's possible to match by --tcp-option and can alter packets with
either Target SYNPROXY, Option --wscale, or Target TCPOPTSTRIP, --strip-options.
I'll definitely check this out, thanks!
You just made my PIX 506E useless. ;-)
Yes. And because I can, I documented the pinout. https://kb.pocnet.net/wiki/AS/400_FSIOP_Kabel
So it's at least once to be found in the internet. If one is desperate enough, one can acquire connectors and cable and do it himself.
I don't know yet. Also on my list to try out, maybe together with
connecting OS/400 via serial port and Macs with Cisco gear. Don't know
what to run on top of X.25. AFAIR, it also has been used as simple
terminal data transport facility. Sadly, X.25 support in current
Linux has been shrinked to just AX.25 a long time ago.
I never heard of DFT before at all, so you're more an expert than
me. :-)
Come on, that also happened with other companies. ;-)
I've a Mac IIci with A/UX 2 (feeling like System 6) and a IIfx with
A/UX 3 installed, mimicking System 7. Nice is that if an application
crashes, I could easily telnet to the host and kill the Mac OS task. No
need to do a hard reset anymore. Drawback is that the Mac environment
because of constant polling for new events creates a load of 1.
True. I also tried to find out if earler samba releases supported
NBF but apparently, it never did. Just NBT.
That's possible. Maybe I need to find out which Ethertype field
NBF used.
Yet another thing to try out: Add 1 and 2 to the line description,
vary off/on and see if I can connect to the NT4 VM.
Doesn't ring a bell here.
No. Do you have a reference at hand?Fibre Channel over Token Ring.
AFAIK there's no mechanism to send back an error on L2. ICMP couldI think I was thinking something like BPDUs, akin to "Explorer Frames".
but that's L3.
(I think that's the proper term.)
As I type this out, I wonder what NBT would look like over Token Ring.
It would be NetBIOS over TCP on 802.2 LLC w/ SNAP. When NetBEUI would
be NetBIOS over 802.2 LLC. I feel like there is an overhead ~>
performance impact. ¯\_(???)_/¯
when I was having yet another 200-tab-session with Wikipedia. :-)You have those too?
I thought that some of the remote connections were Hercules specific.
I don't think the SNA stack in Linux was ever really completed.
That APPN and hierarchical SNA share the name and have some commonAh. So like IPv4 and IPv6.
concepts but they can't talk to each other without some kind of
translation facility.
Yes, if there'd be a way to connect VTAM to Ethernet, to get aI've not seen any documentation / tutorials for this. But I am actively looking for ways to do this. Hence some of the conversations that we've
connection from SNAsw to VTAM in the host. Basically.
had about DLSw and SNASw (EE).
To my understanding, the emulated 3xxx-with-NCP (in parts) in Hercules
4 is a possible start to have that functionality by extending code
to the features of a full-blown communications controller. Honestly,
I don't know if I'm mixing up things here. I'm much better with AS/400.
What your saying matches my understanding.
I think part of the problem is that the NCP that ran on the 3xxx
controllers is proprietary code and thus a LOT of work to replicate.
I also think that there is not sufficient demand for this work effort.
Right. But to my understanding KICKS started as a commercialCICS is a commercial product. I believe that KICKS was created by the hobbyist community. I may be wrong.
product. Or there has been a free and a commercial version.
I'm not aware about that crossover-thing but I guess you're talkingI'm talking about the HD-60 cables.
about the X.21 cables.
In the early 2000's at my previous employer, we had an OC3-ConnectionHum. Coax (two BNCs?) sounds like a DS-3 to me.
to an ISP via coax cable to a DSU and from there to a HSSI NP in a
Cisco 4700. Yes, old box even back then but despite that, it performed
extremely well. CPI load was never in excess of 50%, even when there
was a lot of traffic.
That should be about 45 Mbps. Conversely an OC-3 was akin to a DS-5, or about 150 (?) Mbps.
I /think/ that you can get more stations to talk to each other by taking
the Tx on one system and connecting it to the Rx on another, repeat
until you have a ring. Though this has NONE of the redundancy aspects
that FDDI had. If any single station of this configuration is down, the entire ""ring is down.
Link - RFC 3021 - Using 31-Bit Prefixes on IPv4 Point-to-Point Links
- https://tools.ietf.org/html/rfc3021
;-)
There's always unnumbered point-to-point links. I know that Linux and
Cisco support this.
On a physical switch with physical end user machines connected,The key thing being "end user machines". You can know that end users
I'd do a "switchport protected" and have a good deal of my desired
functionality.
don't need to talk to each other.
I'd love to have some kind of true "stacking" of a physical switchI'm not sure how the stacking forms a different interconnect than a
to the vSwitch(es). Part of that is possible with Cisco Nexus and
distributed vSwitches, as I heard. Didn't take time to verify to
which degree that would help, though.
really high speed Ethernet port.
Yes. But since I consider machines from customers (with root access)I was thinking that the guest VMs would run their own firewall for
as untrusted, a local firewall to restrict outgoing stuff is mostly
superflous.
/inbound/ protection. Just like I would want to run on a physical system.
I'm fairly certain that some hypervisors can enforce MAC filtering for
the VM. As in the VM can only originate as the known MAC and there's no
way for it to actually receive anything but it's MAC and broadcast /
unknown / multicast (a.k.a. B.U.M.) traffic.
If the emulated serial ports on VMs didn't have a speed limit toIf you're okay with PPP, then why not do PPPoE?
ancient 115200, I'd really opt for PPP over emulated serial links. No
ARP, no flooding, no problems.
Is this in any way compatible with ESXi? I guess, no.I don't know.
See? That's why I want to do better. :-)
I don't have a problem with what Co-Lo providers do.
I protect my system (in the Co-Lo) from the Internet and other Co-Lo
tenants.
Or emulate the DECNET way of Networking: Every end node participatesI've not heard about this before. Maybe it's a mode of using DECnet
in Routing. The NIC's DECNET address is meaningless and just needed
to have connectivity. The true node address used to access the
node's services is a loopback address.
that I'm not aware of. Or perhaps a different phase of DECnet than I'm
used to (IV).
I'm used to the MAC address being intimately associated with the DECnet address. As in the MAC address gets changed to match what is declared
by the DECnet address.
All applications see names or IPv4 addresses.
The lower portion of the Winsock stack removes the IP network layer
protocol and substitutes the IPX network layer protocol and sends the
packet to the pre-configured IPX address.
You're way too deep into details. :-) I hope I could clarify myI don't think I am too deep. I think I'm where I need to be. I hope my description above helps.
questioning above.
Not really: AnyNet is an encapsultion mechanism. What you describe
is the complete replacement of the L3 protocol with another. Just
like IPv6 vs. IPv4.
I was not aware that AnyNet was an encapsulation.
You just made my PIX 506E useless. ;-)
Hum.
Can you run Linux on it? Turn it into a LinPIX running IPTables. }:-)
You might reach out to Internet Archive and / or Bit Savers and see if
they want to archive the information.
I never heard of DFT before at all, so you're more an expert thanHa! I'm HARDLY an expert. I'm simply an inquisitive idiot who
me. :-)
struggles to learn things.
That's possible. Maybe I need to find out which Ethertype fieldI can get you a packet capture from Windows if you want. I think it's
NBF used.
802.2 LLC. I want to say no SNAP option.
| Sysop: | Keyop |
|---|---|
| Location: | Huddersfield, West Yorkshire, UK |
| Users: | 293 |
| Nodes: | 16 (2 / 14) |
| Uptime: | 239:35:26 |
| Calls: | 6,624 |
| Files: | 12,173 |
| Messages: | 5,320,014 |