TCP/IP Services

by Scott Slyvester and Brad L Brech

Abstract

Enterprises around the world have recognized the shift of networking to TCP/IP technologies and
the business potential of leveraging these technologies as well as the Internet itself. It is being
used in many fashions for internal company, intercompany, or for public access. As the awareness
and adoption rate of TCP/IP has increased, the AS/400 has been enhancing its TCP/IP and
related technologies. As a result, the AS/400 has built-in leading-edge security and
enterprise-class TCP/IP.

This article provides an overview of AS/400 TCP/IP support, and with other articles in the
journal, provides greater insight to the technology the AS/400 provides to meet the networking
needs of its customers.

Key messages

y AS/400 delivers the TCP/IP networking offerings that provide you the confidence you
need to simplify and grow your e-business.

y AS/400 leverages both its strong system networking hardware support, scalability,
security, and built-in industry TCP/IP standards for enterprise-class TCP/IP in support of
e-business.

Introduction

The need to interconnect networks based on different protocols and platforms was recognized
early in the 1970s during a period when the use and development of networking technology was
increasing. The rapid growth in networking over the past three decades has allowed users much
greater access to resources and information as well as causing significant problems when merging,
or interconnecting, different types of networks. Open protocols and common applications were
required, leading to the development of a protocol suite known as
Transmission Control Protocol/Internet Protocol (TCP/IP). TCP/IP originated with the U.S.
Department of Defense (DoD) in the mid-1960s and took its current form around 1978.
Because of its openness, it is the main protocol used for system interconnection, and the protocol
on which the Internet runs.
The Growth of TCP/IP

TCP/IP has become widely used due to its inexpensive availability in UNIX and its spread to
other operating systems, resulting in increasing use in both local area network (LAN) and wide
area network (WAN) environments. Today, TCP/IP provides the ability for corporations to merge
differing physical networks while giving users a common suite of functions. It allows
interoperability between equipment supplied by multiple vendors on multiple platforms, and it
provides access to the Internet. In fact, the Internet, which has become the largest computer
network in the world, is based on the TCP/IP protocol suite. The Internet consists of large
international, national, and regional backbone networks, which allow local and campus networks
and individuals access to global resources. Use of the Internet has grown rapidly over the last few
years. The most recent estimate has a number in excess of 29 million hosts on the Internet today.
As opposed to the Internet, the term intranet has evolved recently to describe TCP/IP networks
that are entirely under the control of a private authority or company. Those intranets may or may
not have connections to other independent intranets (which would then be referred to as
extranets) or the Internet. They may or may not be fully or partially visible to the outside
depending on the implementation. TCP/IP also provides for the routing of multiple protocols from
and to diverse networks. For example, a requirement to connect isolated networks using IPX,
AppleTalk, and TCP/IP protocols using a single physical connection can be accomplished by
using routers utilizing TCP/IP protocols.One further reason for the growth of TCP/IP is the
popularity of the socket programming interface, which is the programming interface between the
TCP/IP transport protocol layer and TCP/IP applications. A large number of applications have
been written for the TCP/IP socket interface.

TCP/IP is a defacto

We mentioned in the previous section that the Internet is a large multinational, multivendor,
multiplatform network. That might give reason to ask some questions, such as:

y Are there any standards for such a diverse network?

y Who establishes and reviews them?
y Who assigns network addresses?
y Who manages the Internet?

The Internet Society (ISOC), formerly known as Internet Activities Board (IAB), is the nonprofit,
coordinating committee for Internet design, engineering, and management. The ISOC members
are committed to making the Internet function effectively and evolve to meet a large-scale,
high-speed future. The ISOC holds several bodies for administering, standardizing, and
researching for the Internet:

y The Internet Architecture Board (IAB)

y The Internet Engineering Task Force (IETF)
y The Internet Research Task Force (IRTF)
y The Internet Assigned Numbers Authority (IANA)
While the IAB oversees and manages the Request For Comments (RFC) publication process, the
IETF actually defines the standards through a number of subcommittees or task forces, and the
IRTF engages in Internet-related research projects. RFC is the mechanism through which the
Internet protocol suite has been evolving. For example, an Internet protocol can have one of six
states: standard, draft standard, proposed standard, experimental, informational, and historic. In
addition, an Internet protocol has one of five statuses: required, recommended, elective,
limited use, and not recommended. By communicating using the RFC, new protocols are being
designed and implemented by researchers from both academic institutions and commercial
corporations. At the same time, some old protocols are being superseded by new ones.
The RFC standards are described in the "Internet Official Protocol Standards" RFC,
currently RFC 2200. The task of coordinating the assignment of values to the parameters of
protocols is delegated to the IANA. These protocol parameters include op-codes, type fields,
terminal types, system names, object identifiers, and so on.

TCP/IP stack support

TCP/IP, as a set of communications protocols, is based on layers. Unlike SNA or OSI, which
distinguish seven layers of communication, there are only four layers in the TCP/IP model. They
enable heterogeneous systems to communicate by performing network-related processing such as
message routing, network control, error detection, and correction.

The layering model of TCP/IP is shown in Figure 1, with an explanation of each layer following
thereafter:
FTP, HTTP, Telnet, DHCP
Application Layer DNS, SMTP, POP, SNMP
and many more

Sockets, Secure Sockets

Trasnport Layer TCP, UDP, PPP, L2TP

Internetwork Layer IP, ICMP, IGMP, ARP

LAN, X.25, ATM,

Network Interface Layer
Frame Relay, Async

Figure 1. Protocol stack

Application layer

The application layer is provided by the program that uses TCP/IP for communication. Examples
of applications are Telnet, FTP, e-mail, HTTP, and SMTP. The interface between the application
and transport layers is defined by port numbers and sockets. The applications that are part of the
AS/400 offering are discussed later in the TCP/IP suite servers section.

Transport layer

The transport layer provides communication between application programs. The applications may
be on the same host or on different hosts. Multiple applications can be supported simultaneously.
The transport layer is responsible for providing a reliable exchange of information. The main
transport layer protocol is TCP. Another is User Datagram Protocol (UDP), which provides a
connectionless service in comparison to TCP, which provides a connection-oriented service. That
means that applications using UDP as the transport protocol have to provide their own
end-to-end flow control. Usually, UDP is used by applications that need a fast transport
mechanism.

Internetwork layer

The internetwork layer provides communication between computers. Part of communicating

messages between computers is a routing function that ensures that messages will be correctly
delivered to their destination. The Internet Protocol (IP) provides this routing function. Examples
of internetwork layer protocols follow: IP, ICMP, IGMP, ARP and RARP.

Network interface layer

The network interface layer, sometimes also referred to as the link layer, data link layer, or
network layer, is implemented by the physical network that connects the computers. Examples are
LAN (IEEE 802.x standards), Ethernet, X.25, ISDN, ATM, Frame Relay, or async. Note that the
RFCs actually do not describe or standardize any network layer protocols per se. They only
standardize ways of accessing those protocols from the internetwork layer.

Internet protocol (IP)

IP is the layer that hides the underlying physical network from the upper-layer protocols. It is an
unreliable, best-effort and connectionless packet delivery protocol. Note that best-effort means
that the packets sent by IP may be lost, out of order, or even duplicated, but IP will not handle
these situations. It is up to the higher-layer protocols to deal with these situations.
One of the reasons for developing a connectionless network protocol was to minimize the
dependency on specific computing centers that used hierarchical connection-oriented networks.
The DoD intended to deploy a network that would still be operational if parts of the country were
destroyed.
IP uses IP addresses to specify source and target hosts on the Internet. (For example, we can
contrast an IP address in TCP/IP with a fully qualified NETID.LUNAME in SNA.) An IP address
consists of 32 bits, which is usually represented in the form of four decimal numbers, one decimal
number for each byte (or octet). For example, a 32-bit address 9 67 38 1 decimal notation
(9.67.38.1).

An IP address consists of two logical parts: a network address and a host address. An IP address
belongs to one of four classes depending on the value of its first four bits. (A fifth class, class E, is
not commonly used.)

Transport protocols

Transmission Control Protocol (TCP)

Transmission Control Protocol (TCP) provides a reliable delivery of a stream of bytes in

sequence. TCP takes a stream of data, breaks it into segments (a TCP header and application
data), sends each one individually using IP, and then reassembles the segments back into the
original steam. If any segements are lost or damaged during the transmission, TCP detects this
and resend the missing segments. From a performance perspective, the AS/400 supports TCP
extensions for high-performance (RFC 1323) that provides for large TCP transmissions over
high-bandwidth connections.

UDP (User Datagram Protocol)

UDP enables an application to send datagrams to other programs on other systems with a
minimum of protocol overhead. Unlike TCP, UDP is datagram oriented and does not guarantee
the delivery of data in sequence. Datagrams may possibly be dropped or reordered as they travel
from the source to the destination. UDP can be used instead of TCP when the application does
not want to incur the overhead of TCP connecting and disconnecting. It then becomes the
responsibility of the application to ensure reliable data transfer and sequencing of datagrams. The
AS/400 UDP also includes multicast support, which allows a host to send packets to a group of
hosts in a single transmission.

PPP (Point-to-Point Protocol)

Dial-up TCP/IP, known as Point-to-Point protocol, is used to dial into remote sytems, or allow
remote systems to dial into the AS/400 over a telephone line using a modem. Null modems or
non-switched connections are also supported. The Serial Line Internet Protocol (SLIP) and
Point-to-Point Protocol (PPP) are supported on the AS/400. In addition, the AS/400 supports
dial-on-demand PPP connections and routing over point-to-point connections.

L2TP (Layer 2 Tunneling Protocol)

Layer 2 Tunneling Protocol (L2TP) enables connections, which are also called virtual lines, that
provide cost-effective access for remote users regardless of whether their IP address is
dynamically assigned. Further, L2TP connections secure access when they are used in
conjunction with IP Security (IPSec). L2TP is actually a variation of an IP encapsulation
protocol. An L2TP tunnel is created by encapsulating an L2TP frame inside a UDP packet, which
in turn is encapsulated inside an IP packet. The source and destination addresses of this IP packet
define the tunnel’s endpoints. Because the outer encapsulating protocol is IP, you can apply
IPSec protocols to the composite IP packet. This protects the data that flows within the L2TP
tunnel. You can then apply Authentication Header (AH), Encapsulated Security Payload (ESP),
and Internet Key Exchange (IKE) protocols in a straightforward manner. Using IPSec protocols
to encrypt an L2TP tunnel provides encryption for all sesssions contained in the tunnel. The
AS/400 can serve as either an L2TP-enabled client or an L2TP network server (LNS).

Internet Control Message Protocol (ICMP)

The Internet Control Message Protocol (ICMP) provides for error and control messages between
host systems and routers. Routers and host systems use ICMP to send reports of problems.
ICMP also includes an echo request or reply message that is used to test whether a destination
can be reached and is responding (via Packet InterNet Groper (PING)).

Internet Group Management Protocol (IGMP)

The Internet Group Management Protocol (IGMP) is used by IP hosts to report their host group
memberships to neighboring multicast routers. Multicast routers send host membership query
messages to discover which host groups have members on their attached networks. Hosts
respond to the query by generating host membership reports reporting each host group to which
they belong. The multicast routes use this information to determine where multicast datagrams
need to be forwarded.

ARP

The Address Resolution Protocol (ARP) dynamically associates Internet addresses to physical
hardware addresses on a local network. ARP relies on the broadcast capabilities of the underlying
media to provide this function.

Security

The TCP/IP protocol suite provides some security features as options to the base protocol.
Several options have been defined, but the three most used and talked about are IP packet
filtering, network address translation, and IP secure.

IP packet filtering and network address translation

The AS/400 provides support for IP packet filtering and Network Address Translation (NAT). IP
packet filtering and NAT provided added security features for the AS/400 systems role as an
Internet server. Administrators can put security policies in place for access to the Internet or
intranets. In some environments, IP packet filtering and network address translation make it
possible to connect an AS/400 to the Internet without a firewall.

IP packet filtering examines every IP packet coming into and out of a TCP/IP interface and then
compares them against a set of filter rules that are written for that TCP/IP interface. If the IP
packet matches a filter rule, the IP packet filtering performs the operation that the filter rule
describes (PERMIT, DENY). If there is not a match, the system drops the IP packet.

The network address translations support contains two types: masquerade NAT and static NAT.
Masquerade NAT, also known as hiding addresses, translates a source IP address into a second,
or masquerade, address. The masquerade address appears as the source IP address on the
outbound IP packets. A reverse translation occurs for inbound IP packets. Masquerade NAT is a
stronger security feature than static NAT because it does not allow inbound connections that are
not a result of an outbound request. Conversations are initiated from the masquerade address in
an outbound direction only. As a result, the IP addresses must be internal or trusted addressess.
In addition, masquerade NAT can translate port numbers. Static NAT, also known as mapping
addresses, translates all occurrences of a specific source address to another specific source
address for incoming or outgoing IP packets. Static NAT does not translate port numbers.

IPSec (IP Secure)

The AS/400 fully implements the IPSec Internet standards. The IPSec implementation provides a
stable, long lasting base for providing network layer security. It supports all of the cryptographic
algorithms in use today and can also accommodate newer, more powerful algorithms as they
become available. IPSec protocols address these major security issues:

y Data origin authentication verifies that each datagram was originated by the claimed sender.
y Data integrity verifies that the contents of the datagram were not changed in transit.
y Data confidentiality conceals the clear text of a message, typically using encryption.
y Replay protection assures that an attacker cannot intercept a datagram and play it back at a
later time.
y Automated management of cryptographic keys and security associations assures that the
security policy can be implemented throughout the extended network with little or no manual
configuration of cryptographic keys and algorithms. This is achieved using the Internet Key
Exchange (IKE) Internet standard.

The IPSec protocol contains Authentication Header (AH) and Encapsulating Security Payload
(ESP). In addition, IPSec support can be in either tunnel or transport mode. Tunnel mode
creates a new IP header for the source and destination while transport mode contains the original
IP header. The AH protocol provides data origin authentication, data integrity, and replay
protection. Data integrity is assured by the checksum that a message authentication code like
MD5 generates; data origin authentication is assured by including a secret shared key in the data
that is to be authenticated; and replay protection is provided by use of a sequence number field
within the AH header. The format of an ESP packet is more complicated than that of the AH
packet. There is not only an ESP header, but also an ESP trailer and ESP authentication data. As
the name of the protocol implies, the payload is located between the header and trailer. ESP
always provides data confidentiality (encryption). It can also provide data origin authentication,
data integrity checking, and protection against replay. ESP and AH can be applied alone, in
combination with the other (ESP with AH), or even nested within another instance of itself. With
these combinations, authentication and encryption can be provided between a pair of
communicating hosts, between a pair of communicating firewalls or gateways, or between a host
and a firewall or gateway.

More details on Internet security can be found in ‘Internet Security : Doing e-business with
confidence” article.

API support

For an application to use all of this support, it needs an application programming interface to the
protocol stack.

Sockets and secure sockets interface

The sockets interface allows you to write your own applicatons to supplement those supplied with
TCP/IP. Sockets allows unrelated processes to exchange data locally and over netwworks. Both
connection oriented and connectionless communications are provided for TCP/IP. With this
support, you can write applications to the TCP, UDP, and IP protocols directly. The sockets
interface operates over TCP/IP or AnyNet/400. In addition, the sockets interface has been
enhanced to support the Secure Sockets Layer (SSL).

Send MIME Mail API

The send MIME Mail API allows applications to use SMTP and TCP/IP to send mail to the
Internet.

Communications line interface support

The AS/400 provides several types of physical interfaces for networking connectivity. The
AS/400 supports the following:

y Token-ring (4Mb and 16Mb)

y Ethernet (10Mb and100Mb)
y Distributed Data Interface (DDI), including fiber
y Wireless LAN
y Frame relay
y X.25 Permanent and Switched Virtual Circuits (PVC and SVC)
y X.25 over ISDN
y PPP over ISDN
y Netfinity Integrated PC server LAN
y Asynchronous
 y ATM
y Twinaxial

Multihoming support

Given the AS/400’s strength as a server and scalable business computer, the AS/400 fullys
supports multihoming. Multihoming is the support of multiple IP addresses by a single host,
which can be thought of as logical interfaces. These logical interfaces may be associated with one
or more physical interfaces, and these physical interfaces may be connected to the same or
different networks.

The AS/400 TCP/IP implementation supports multihoming by allowing the specification of either
a single interface or multiple interfaces for a communications line. You can have your AS/400
appear as any one or combination of the following scenarios:

y A single host on a network over a communcations line

y Multiple hosts on the same network over the same communications lines
y Multiple hosts on the same network over multiple communications lines
y Multiple hosts on different networks over the same communications lines
y Multiple hosts on different networks over multiple communications lines

Multiprotocol support (AnyNet/400)

AS/400 supports AnyNet/400, which is part of the AnyNet family of products. AnyNet products
allow application programs written for one communication protocol to run over non-native
protocols without changing (or recompiling) the application programs. The destination address
determines if the request is sent over the native protocol or through the AnyNet code and on to a
non-native protocol.

AnyNet/400 allows sockets, intersystem communications functions (ICF), CPI communications

(CPI-C), and CICS/400 applications to run over APPC, TCP/IP and Internetwork Packet
eXchange (IPX). AnyNet/400 is based on the Multiprotocol Transport Network (MPTN)
architecture, and is designed to allow any application to run over any networking protocol.
AnyNet/400 can be used to:

y Access APPC using TCP/IP if your applications were developed for the System Network
Architecture (SNA) but they are using TCP/IP to connect the systems.
y Access APPC using IPX if your applications were developed for SNA but they are using IPX
to connect the systems.
y Access sockets using SNA if your sockets applications were developed for TCP/IP but they
are using SNA to connect the systems.
y Access sockets using IPX if your sockets applications were developed for TCP/IP but they are
using IPX to connect the systems.
TCP/IP suite servers

As we noted in the introduction, the TCP/IP suite is made up of several applications that provide
services. The AS/400 provides many of these servers as part of the optional program products
library. Here is the description of several of the more popular servers.

Dynamic Host Configuration Protocol (DHCP/DHCP relay agent)

DHCP provides a framework for passing configuration information to hosts on a TCP/IP

network. DHCP is based on the Bootstrap Protocol, adding the capability of automatic allocation
of reusable network addresses and additional configuration options.

What does it do?

The Dynamic Host Configuration Protocol (DHCP) provides configuration parameters to Internet
hosts. DHCP consists of two components:

y A protocol for delivering host-specific configuration parameters from a DHCP server to a

host
y A mechanism for allocation of network addresses to hosts.

DHCP is built on a client-server model, where designated DHCP server hosts allocate network
addresses and deliver configuration parameters to dynamically configured hosts.

The diversity of hardware and protocol implementations in the Internet would preclude reliable
operation if random hosts were allowed to respond to DHCP requests. For example, IP requires
the setting of many parameters within the protocol implementation software. Because IP can be
used on many dissimilar kinds of network hardware, values for those parameters cannot be
guessed or assumed to have correct defaults. Also, distributed address allocation schemes depend
on a polling or defense mechanism for discovery of addresses that are already in use. IP hosts may
not always be able to defend their network addresses, so that such a distributed address allocation
scheme cannot be guaranteed to avoid allocation of duplicate network addresses.

There are two primary differences between DHCP and BOOTP:

y DHCP defines mechanisms through which clients can be assigned a network address for a
fixed lease, allowing for serial reassignment of network addresses to different clients.

y DHCP provides the mechanism for a client to acquire all of the IP configuration
parameters that it needs to operate.
Services provided by DHCP:

The first service provided by DHCP is to provide persistent storage of network parameters for
network clients. A client can query the DHCP service to retrieve its configuration parameters.
The client interface to the configuration parameters repository consists of protocol messages to
request configuration parameters and responses from the server carrying the configuration
parameters.

The second service provided by DHCP is the allocation of temporary or permanent nework (IP)
addresses to hosts. The basic mechanism for the dynamic allocation of network addresses is
simple: a client requests the use of an address for some period of time. The allocation mechanism
(the collection of DHCP servers) guarantees not to reallocate that address within the requested
time and attempts to return the same network address each time the client requests an address.
The client may extend its lease with subsequent requests. The client may issue a message to
release the address back to the server when the client no longer needs the address. The client may
ask for a permanent assignment by asking for an infinite lease. Even when assigning permanent
addresses, a server may choose to give out lengthy but not infinite leases to allow detection of the
fact that the host has been retired.

In some environments it is necessary to reassign network addresses due to exhaustion of available

addresses. In such environments, the allocation mechanism reuses addresses whose lease has
expired. The server should use whatever information is available in the configuration information
repository to choose an address to reuse. For example, the server may choose the least recently
assigned address. As a consistency check, the allocation mechanism may probe the reused
address, with an ICMP echo request, before allocating the address, and the client will probe the
newly received address with ARP.

DHCP supports three mechanisms for IP address allocation:

y Automatic allocation
DHCP assigns a permanent IP address to the host.
y Dynamic allocation
DHCP assigns an IP address for a limited time period called a lease. Dynamic allocation
allows reuse of the addresses that are no longer needed.
y Manual allocation
The host's address is assigned by a network administrator.

A particular network will use one or more of these mechanisms, depending on the policies of the
network administrator.

Dynamic allocation is the only one of the three mechanisms that allows automatic reuse of an
address that is no longer needed by the host to which it was assigned. Thus, dynamic allocation is
particularly useful for assigning an address to a host that will be connected to the network only
temporarily or for sharing a limited pool of IP addresses among a group of hosts that do not need
permanent IP addresses. Dynamic allocation may also be a good choice for assigning an IP
address to a new host being permanently connected to a network. This is important where IP
addresses are sufficiently scarce and it is important to reclaim them when old hosts are retired.
Manual allocation allows DHCP to be used to eliminate the error-prone process of manually
configuring hosts with IP addresses in environments where (for whatever reasons) it is desirable
to manage IP address assignment outside of the DHCP mechanisms.

1) DHCP Client powers up, and asks if DHCP Server exists via broadcast

2) System responds with IP address of DHCP Server

3) Client sends a DHCP Request packet to DHCP Server

4) DHCP Server responds with a DHCP Offer packet

5) Client send a DHCP ACK packet

6) DHCP Server assigns an IP address according to the pre-programmed

rules

The AS/400 system has provided a DHCP server as a part of the Base Operating System. It is
automatically installed as option 3 of the BOS (5769SS1 *BASE) during operating system
installation. The DHCP integrated server in the AS/400 added the capability for the AS/400 to act
either as a DHCP transaction server or as a BOOTP/DHCP Relay Agent. Since we have only one
set of attributes associated with the DHCP server taht is *SERVER or *RELAY therefore it is
not possible for a single system to assume the roles of a SERVER and a RELAY at the same
time.

The DHCP server accommodates the already existing BOOTP integrated server available in the
earlier release of the OS/400 within itself and can perform all the functions specific to BOOTP in
addition to all the added functionality a DHCP server is assumed to carry. There is, however, a
downside to this scenario, that is , we cannnot run a BOOTP and a DHCP server at the same
time on a single system. The reason for this is that DHCP is basically an extension of the BOOTP
protocol and both of them use the same services of the TCP/IP stack i.e. port 67 and 68 to service
the clients and almost the same message formats in the UDP packets therefore running both the
servers on a single system yields unpredictable results. Due to the embedded nature of the DHCP
server it can serve both DHCP clients and existing BOOTP clients. All the functions in BOOTP
have a one-to-one mapping in DHCP; therefore, migrating from an existing BOOTP configuration
to DHCP is completely transparent. DHCP is configured completely using the Operations
Navigator interface which provides a migration wizard to migrate from an existing BOOTP setup
to DHCP without any manual configurations or effort. However, you may not want to migrate
from the BOOTP. Because you may want to assign IP addresses dynamically instead of statically
(BOOTP), you do not keep the static relationship between hardware address and IP address.

DHCP server has the capability to serve a complete range of clients including Windows 95/NT,
network stations, and the latest of all the twinaxial network stations. Now the twinaxial network
stations can participate in a TCP/IP network and assume an IP address that can put them directly
on the Internet for Web browsing and similar functions. However DHCP server still lacks the
capability to provide DHCP services to PPP and ISDN clients.

Domain Name System (DNS)

The AS/400 supports the Domain Name System server. The domain name server is used by
applications to translate domain names of hosts to IP addresses. The domain name server is the
network naming service of intranets and the Internet.

File Transfer Protocol (FTP)

AS/400 TCP/IP provides client and server support for transferring files. FTP allows a user to
transfer data between local and remote hosts. FTP is built on the services of TCP in the transport
layer. FTP transfers files using either an ASCII or EBCDIC mode. ASCII mode is used to
transfer data that contains only text characters.

FTP provides functions such as listing the remote directories, changing the current remote
directory, creating and removing the remote directories, and transferring one or more files in a
singe request. In addition, FTP provides support for popular graphical FTP clients and Web
server development tools via the UNIX-style directory listings and transferring of large integrated
file system files (greater than 2 GB and upto 256 GB).

HyperText Transfer Protocol (HTTP)

The HTTP server provides World Wide Web browser clients access to AS/400 information and
supplies a rich application deployment environment. In addition, the AS/400 HTTP server
supports secure HTTP and multiple instances of the HTTP server running on one AS/400.

Internet Daemon (INETD)

The INETD super server eliminates the need for many individual servers to be up and running at
all times waiting for incoming connections. Instead, the INETD listens for connections on a set of
configured ports, and when a connection request is received, it decides to which service the port
corresponds, and invokes a program to service the request. After the program is started, the
INETD continues to listen on the port for additional requests. Essentially, INETD allows one
running daemon to invoke serveral others, reducing the load on the system.

Post Office Protocol Mail server (POP)

The POP server is the AS/400 implementation of the POP version 3 mail interface. This server
allows AS/400 systems to acts as POP servers for any clients that support the POP mail interface.
One of the key benefits of the POP server is that it allows users to exchange multimedia mail.
Remote Printing -- Line Printer Requester/Line Printer Daemon (LPR/LPD)

AS/400 provides client and server support for remote printing. The client, line printer requester
(LPR), allows the user to send spooled files to a remote system running a remote line printer
daemon (LPD). This enables printing files remotely to any system that supports and is running an
LPD. In turn, AS/400 also supports remote printing to its printers by being a remote printer
server using LPD.

Route Daemon (RouteD)

The route server provides support for the Routing Information Protocol (RIP) version 1 and
version 2. Routing Information Protocol on the AS/400 is an Interior Gateway Protocol (IGP)
used to assist TCP/IP in the routing of IP data packets.

Remote Execution (REXEC)

The remote execution server enables a client user to submit system commands to a remote server
for processing.

Simple Mail Transfer Protocol (SMTP)

AS/400 provides support for the Simple Mail Transfer Protocol. SMTP enables the exchange of
electronic mail between hosts running TCP/IP. The SMTP function on the AS/400 is coupled
with the AS/400 SNA distribution services (SNADS). SNADS is part of the OS/400 operating
system and it contains extensions to support SMTP. SNADS allows you to send mail to various
types of users (not just SMTP users) with one consistent user interface. The distribution services
(send, receive, and forward electronic mail) for the OfficeVision licensed program are provided by
SNADS.

Simple Network Management Protocol (SNMP)

The AS/400 can be an SNMP agent in an SNMP network. That is, the AS/400 gathers
information about the network and performs the management functions requested by some remote
SNMP manager. The AS/400 TCP/IP SNMP provides the means for managing a TCP/IP
environment. SNMP allows network management by elements, such as routers and hosts.
Network elements act as servers and contain management agents that perform the management
functions requested. Network management stations act as clients; they run the management
applications that monitor and control the network. SNMP provides a means of communicating
between these elements and stations to send and receive information about network resources.

SOCKS client

The AS/400 SOCKS client support enables programs that use sockets such as AF_INET or
SOCK_STREAM to communicate with server programs that run on systems outside a firewall.
In addition, by using SOCKS client support, both AS/400 FTP and AS/400 Telnet client
connections can be directed through a firewall. The key advantage to AS/400 SOCKS client
support is that it enables client applications to access a SOCKS server transparently without
changing any client code. The SOCKS client support operates with any SOCKS server that
supports version 4 SOCKS protocols.

Telnet

AS/400 provides client and server support that allows remote logon to hosts that support the
Telnet 5250 protocol. The Telnet client supports both 5250 and 3270. In addition, the Telnet
server supports Secure Sockets Layer (SSL) client requests for encrypted data flow. Telnet
makes your computer act like a mainframe computer’s workstation. In other words, when using
Telnet, your computer (the client) pretends to be, or emulates, a terminal attached to the remote
computer (the Telnet server).

Trivial File Transfer Protocol (TFTP)

TFTP is a protocol used to provide basic file transfers with no user authentication to and from a
remote server. TFTP is used to support the IBM Network Station for AS/400 solution.

5250 Work Station Gateway

5250 HTML Workstation Gateway Server is an application that automatically transforms AS/400
5250 applications to HTML. This server enables users to run AS/400 applications from any client
supporting a Web browser.

TCP/IP configuration

IBM has intensified its focus on simplifying AS/400 TCP/IP administration tasks. The AS/400
Operations Navigator that is free with each AS/400 contains the AS/400 graphical adminstration
components. One of those key components is the TCP/IP network graphical admininstration
component that contains wizards for initial setup called the EZ Setup wizard, as well as wizards
and graphical user interfaces for day-to-day tasks.

With the AS/400 Operations Navigator, TCP/IP administration, such as setting up TCP/IP and
monitoring servers, is easier than ever. A Network folder has been added to the Operations
Navigator hierarchy, as shown below, to host the new TCP/IP administration functions. These
graphical user interfaces are the foundation for configuring AS/400 e-business solutions.
 Figure 2. TCP/IP graphical administration

In the Network folder, a Protocols subfolder contains the TCP/IP protocol object. From this
object, TCP/IP interfaces and the TCP/IP protocol can be administered. TCP/IP interfaces to the
AS/400 can be set up through a wizard.

The New Interface wizard creates LAN, WAN, and inbound load balancing interfaces. It guides
you through all of the steps necessary to create a TCP/IP interface, such as:

y Chooses your communication type

y Choose the hardware
y Select a line or create a new line on the hardware
y Set up the IP address information for the interface
y Set up any gateways and routing information
y Set up the host and domain information for the interface
y Test the interface to verify everything is working as planned

Once configured, managing your interfaces is easy through the Interfaces window, which allows
you to start, stop, change, or delete the interfaces.

The administration of TCP/IP properties, shown in figure 3, is easy since all of the attributes have
been integrated into a single dialog containing pages for each category as shown below. The
categories include: host and domain information, host table management, TCP/IP protocol
settings, TCP/IP port restriction management, AS/400 servers to start when TCP/IP is started,
and SOCKs client management.
 Figure 3. TCP/IP graphical administration

Administration of AS/400 server applications

Managing your network servers has never been easier using Operations Navigator. In
the servers subfolder under the network folder, you can monitor the status of the servers, start or
stop them, and set their attributes. Also, with a simple click, you can set up a server to start
automatically every time TCP/IP is started. You can manage this through each individual server
or administer this for all servers in the TCP/IP properties.

For example, DHCP and DNS both have powerful graphical user interfaces that include wizards
to simplify their initial setup.

The DHCP Configuration wizard allows you to migrate existing BOOTP client information and
configure IBM network stations easily. Once you have set up the DHCP server, you can view
and change the configuration using the graphical user interface shown in figure 4. The subnets,
classes, and clients being served, as well as their options, are all presented in one window. For
instance, when you click on a subnet in the left pane, all of the classes and clients within the
subnet are shown in the upper right pane. The locally scoped and inherited options, information
delivered to all clients within the subnet, are shown in the lower right pane. This provides a quick
and easy way to manage DHCP information. In addition, the user interface also supports
configuring DHCP in relay agent mode.

Figure 4. DHCP server configuration

Similar to DHCP, a DNS Setup wizard is included for the initial configuration of the DNS server
with primary or secondary domains. After setting up the server, you can easily add more primary
or secondary domains to manage and also add additional hosts to serve. Creating primary
domains has a nice feature that gives the ability to automatically create reverse domains so that
when hosts are added into a primary domain they are automatically added to the reverse domain.
This is a significant time-saver when managing large networks that require reverse mapping
domains. Unlike the DNS administration on Windows NT, the AS/400 DNS administration is
structured to give a view of the domains it is serving instead of a view of the DNS records that
make up the DNS server’s configuration. This provides a very intuitive user interface for
managing and monitoring the DNS server. For an active DNS server, the server’s statistics and
active database can also be viewed. This is shown in the DNS configuration screen in figure 5.

Figure 5. DNS server configuration

Remote Access Administration

The AS/400’s remote access is administered in the Point-to-Point subfolder under Network.
Point-to-Point communication profiles and modems can now be created, monitored, and
maintained for both SLIP and PPP. Switched and leased line dial-in and dial-out communication
profiles using analog or ISDN modems can simply be created using a single dialog. For instance,
using Operations Navigator, you can set up the point-to-point communication for mobile users to
get access to e-mail on AS/400 while out of the office. Also, you can use point-to-point to allow
connection to the Internet through AS/400. All you need to do is set up a dial-out
communication profile for AS/400 to call the Internet Service Provider (ISP) which would
provide the link to the internet. All of the setup is through the new graphical user interface for
Remote Access.
Conclusion

As discussed in this article, AS/400 integrates a rich set of TCP/IP functions and related
technologies. AS/400 delivers a robust, complete, and fully integrated TCP/IP suite that is
leading edge, standards-based, and enterprise class for an e-business advantage.

References

AS/400 Books:
TCP/IP Configuration and Reference Guide SC41-5430

AS/400 Redbooks:
Cool Title About the AS/400 and the Internet SG24-4815

Home Pages:
Secureway http://www.ibm.com/security