HP OpenVMS Systems Documentation
HP TCP/IP Services for OpenVMS
The startup procedure enables the configured services and initializes the configured network interfaces.
To stop (shut down) the product manually, enter the following command:
The shutdown procedure does the following:
To start TCP/IP Services automatically, add the following command to the system startup file:
To maintain site-specific startup and shutdown commands and settings, create the following files:
The site-specific startup procedure is invoked after all the TCP/IP services have been started. These files are not overwritten when you install a new version of TCP/IP Services.
HP recommends that you use the TCPIP$CONFIG configuration procedure to stop and start services. However, startup and shutdown files are provided for individual services, allowing you to stop and start individual components without impacting the operation of the remaining TCP/IP Services software.
This feature allows you to modify a service configuration without restarting the TCP/IP Services product. For example, you can shut down the LPD service, change its configuration parameters, and then restart it, without interrupting the other TCP/IP services that are running on the system.
Each service is provided with its own startup and shutdown command procedures, as follows:
To preserve site-specific parameter settings and commands for a specific service, create the following files, specifying the service or component name for service. These files are not overwritten when you reinstall TCP/IP Services:
Service-specific startup and shutdown procedures, as well as
configuration parameters, are described in the later chapters of this
1.1.5 Editing Configuration Files
Several facilities can be managed using configuration options in a facility-specific configuration file. The following facilities support configuration files:
A configuration file is an ASCII text file consisting of one or more lines formatted as follows:
Field1: Value1 Field2: Value2 . . .
In this format:
Field1: Item1, [Tab]Item2, [Tab]Item3 Field2: Value2
Field1: Item1 Field1: Item2 Field1: Item3
Field1: Item1, Item2, Item3
|To turn the feature on||To turn the feature off|
To comment out a line, type an exclamation point (!) in column 1.
1.2 Enabling PATHWORKS/Advanced Server and DECnet-over-TCP/IP Support
TCP/IP Services software includes the PATHWORKS Internet Protocol (PWIP) driver and the PWIP ancillary control process (PWIP_ACP).
The PWIP driver allows OpenVMS systems that are running both the
HP PATHWORKS/Advanced Server and the TCP/IP Services software to
communicate with personal computers running PATHWORKS client software.
It also enables the DECnet-over-TCP/IP feature, which is included with
the DECnet-Plus for OpenVMS Version 6.0 and later software. For more
information about DECnet over TCP/IP, see the DECnet-Plus for OpenVMS
1.2.1 Starting and Stopping the PWIP Driver
The PWIP driver can be shut down and started independently. The following files are provided:
To preserve site-specific parameter settings and commands, create the following files. These files are not overwritten when you reinstall TCP/IP Services.
To start the PWIP driver, run TCPIP$CONFIG or enter the following command:
To shut down the connection to the PWIP driver, enter the following command:
You will need to set up accounts for local users, coordinate the establishment of corresponding accounts on remote systems, and create accounts for remote users who will be accessing server components on the local host.
When creating accounts for remote users, you can create one account for all remote users, an account for groups of remote users, or accounts for individual users. The strategy you use depends on your organization, system resources, and security needs.
Certain product components (for example, LPD, RSH, RLOGIN, and NFS) act as servers for remote clients. You control access to your system and to these services by giving remote users proxy identities. A proxy identity maps a user account on one host to an account on another host. The information you provide with each entry, along with the privileges you set for the account, lets you specifically grant or deny access to your system.
The configuration procedure TCPIP$CONFIG creates a proxy database file called TCPIP$PROXY. You add proxies to this database with the ADD PROXY command. The TCP/IP Services product allows the following two types of proxies:
TCPIP> ADD PROXY user /HOST=host /REMOTE_USER=user
TCPIP> ADD PROXY STAFF /HOST=STAR /REMOTE_USER=*
TCPIP> ADD PROXY CHESTER /NFS=OUTGOING /UID=23 /GID=34 /HOST="orbit"
See the HP TCP/IP Services for OpenVMS Management Command Reference manual for a complete description of the ADD PROXY
command. For a more complete discussion about UNIX style identities and
how the NFS server and client use the proxy database, see Chapter 22.
1.4 Configuring a TCP/IP Cluster
If your host is part of an OpenVMS Cluster, you can use a cluster alias to represent the entire cluster or selected host members. In this case, the network sees the cluster as a single system with one name. Alternatively, you can configure clustering using a DNS alias, as described in Chapter 6.
Incoming requests are switched among the cluster hosts at the end of each cluster time interval (specified with the SET COMMUNICATION command).
The cluster name is not switched from a host if there are any active TCP connections to the cluster interface on that host.
All of the TCP/IP services support automatic failover and can be run on
multiple nodes in an OpenVMS Cluster. For example, if more than one
host in the cluster is running the NFS server, the cluster can appear
to the NFS client as a single host. For more information about
configuring a specific service for cluster failover, refer to the
chapter in this manual that discusses the particular service.
1.4.1 Setting Up an ARP-Based Cluster
HP strongly recommends using the configuration procedure TCPIP$CONFIG to configure a TCP/IP cluster. If you cannot run TCPIP$CONFIG, configure a TCP/IP cluster by completing the following steps:
TCPIP> SET INTERFACE QE0 /CLUSTER=ALLOFUS /C_NETWORK=255.255.0.0 - _TCPIP> /C_BROADCAST=188.8.131.52
TCPIP> SET CONFIGURATION INTERFACE QE0 /CLUSTER=ALLOFUS - _TCPIP> /C_NETWORK=255.255.0.0 /C_BROADCAST=184.108.40.206
The auxiliary server is the TCP/IP Services implementation of the UNIX internet daemon ( inetd ). In addition to standard inetd functions, the auxiliary server provides access control and event logging.
The auxiliary server listens continuously
for incoming requests and acts as a master server for programs
specified in its configuration file. The auxiliary server reduces the
load on the system by invoking services only as they are needed.
1.5.1 How the Auxiliary Server Works
The auxiliary server listens for connections on the internet addresses of the services that its configuration file (TCPIP$SERVICES.DAT) specifies. When a connection is found, it invokes the server daemon for the service requested. Once a server is finished, the auxiliary server continues to listen on the socket.
When it receives a request, the auxiliary server dynamically creates a network process, obtaining user account information from one or all of the following sources:
In addition, users requesting services at the client can include their user account information as part of the command line.
Once a process is created, the auxiliary server starts the requested
service. All services except RLOGIN and TELNET must have access to
their default device and directories and to the command procedures
220.127.116.11 Rejecting Client Requests
The auxiliary server rejects client requests for the following reasons:
The postinstallation configuration procedure, TCPIP$CONFIG, creates an entry in the services database (TCPIP$SERVICE.DAT) for each service you configure. If you need to modify your initial configuration, run TCPIP$CONFIG or use the SET SERVICE command.
The configuration file TCPIP$SERVICE.DAT includes information about the service name, the socket and protocol type associated with the service, the user name under which the service should run, and any special options for the service program.
Before you activate a service manually, configure the auxiliary server as follows:
TCPIP> SET SERVICE service /PROCESS_NAME=process
For TELNET and RLOGIN, the process name is set by either the system or users.
TCPIP> SET SERVICE service-name /LIMIT=n
$ SET PROTECTION=(W:RE) SYS$MANAGER:SYLOGIN.COM
The services you configured are enabled during the TCP/IP Services startup procedure. Afterwards, to initialize (enable) a service, enter the following command:
TCPIP> ENABLE SERVICE
The ENABLE SERVICE command immediately changes the running system. The SET CONFIGURATION ENABLE SERVICE command causes the services to be enabled the next time TCP/IP Services starts up.
To specify the type of socket, include the /PROTOCOL qualifier on the SET SERVICE command line. For example, to specify stream sockets, enter /PROTOCOL=TCP. To specify datagram sockets, enter /PROTOCOL=UDP.
The auxiliary server can set socket options for a requested service either before or during data communications. Some available options are:
To set the socket options, include the /SOCKET_OPTIONS qualifier on the
SET SERVICE command.
1.6.1 Setting Up Event Logging
Event logging can help you manage the software. By default, user-defined services do not log events, but you can enable event logging for all or selected configured services. You can configure the product to log events to the operator's console, a log file, or both. To set up event logging, enter the following command:
TCPIP> SET SERVICE service-name /LOG_OPTIONS=ALL