Compaq_DECnet-Plus_for_OpenVMS______________________ Release Notes March 2001 This manual describes new features not discussed in the current documentation, corrections included in this release, documentation errata, operational notes, and known problems and restrictions. Revision/Update Information: This is a revised manual. Operating Systems: OpenVMS Alpha Version 7.3 OpenVMS VAX Version 7.3 Software Version: Compaq DECnet-Plus for OpenVMS, Version 7.3 Compaq Computer Corporation Houston, Texas © 2001 Compaq Computer Corporation COMPAQ, VAX, VMS, the Compaq logo, and the DIGITAL logo Registered in U.S. Patent and Trademark Office. ACMS, DDCMP, DECdtm, DECnet, DNA, OpenVMS, VAXcluster, and VMScluster are trademarks of Compaq Information Technology group, L.P. Motif, OSF/1, and UNIX are registered trademarks of The Open Group. All other product names mentioned herein may be the trademarks or registered trademarks of their respective companies. Confidential computer software. Valid license from Compaq or authorized sublicensor required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. Compaq shall not be liable for technical or editorial errors or omissions contained herein. The information in this publication is subject to change without notice and is provided "AS IS" WITHOUT WARRANTY OF ANY KIND. THE ENTIRE RISK ARISING OUT OF THE USE OF THIS INFORMATION REMAINS WITH THE RECIPIENT. IN NO EVENT SHALL COMPAQ BE LIABLE FOR ANY DIRECT, CONSEQUENTIAL, INCIDENTAL, SPECIAL, PUNITIVE, OR OTHER DAMAGES WHATSOEVER (INCLUDING WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, OR LOSS OF BUSINESS INFORMATION), EVEN IF COMPAQ HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING SHALL APPLY REGARDLESS OF THE NEGLIGENCE OR OTHER FAULT OF EITHER PARTY AND REGARDLESS OF WHETHER SUCH LIABILITY SOUNDS IN CONTRACT, NEGLIGENCE, TORT, OR ANY OTHER THEORY OF LEGAL LIABILITY, AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. The limited warranties for Compaq products are exclusively set forth in the documentation accompanying such products. Nothing herein should be construed as constituting a further or additional warranty. _________________________________________________________________ Contents Preface................................................... vii 1 Installation 1.1 OpenVMS Software Version Requirement.......... 1-1 2 New Features 2.1 NET$CONFIGURE Improvements.................... 2-1 2.2 Phase IV Migration Improvements............... 2-1 2.3 NET$SHUTDOWN_APPLICATION Logical Added to NET$SHUTDOWN.................................. 2-2 2.4 NCL$GLOBALSECTION.DAT Updated................. 2-2 2.5 NCL HELP Updates.............................. 2-3 2.5.1 Improved Organization..................... 2-3 2.5.2 Help for SHOW DTSS Updated................ 2-3 2.5.3 Updated Information for Access Control and Proxy Information......................... 2-3 2.5.4 Updated Help for FDDI Station Link Event Reporting................................. 2-8 2.6 New Devices Supported by MOP.................. 2-9 2.7 Host Based Routing Improvements............... 2-9 2.8 Session Control Improvements.................. 2-9 2.9 CDI$SYSTEM_TABLE Logical Name Table........... 2-10 2.10 Backtranslation Over DNS/BIND................. 2-10 2.11 OSAK Programming.............................. 2-10 2.11.1 called_aei Parameter on A-ASSOCIATE and S-CONNECT Indication Events............... 2-11 2.11.2 New Status Code........................... 2-11 2.11.3 ROSE Minimum Workspace Increased.......... 2-11 2.11.4 Handling of Default Transport Templates... 2-11 2.12 DECdns........................................ 2-12 2.12.1 New Device Support........................ 2-12 iii 2.12.2 DNS Logging Enhanced...................... 2-12 2.12.3 New System Logicals for DNS$ADVER......... 2-12 2.13 DECdts........................................ 2-13 2.13.1 New Device Support........................ 2-13 2.13.2 New Procedures for Changing Daylight Savings Time Zone Rules (Alpha Only)...... 2-13 2.13.3 Option to Disable DTSS at System Boot..... 2-16 2.13.4 New DTSS NTP Provider Sample Program...... 2-17 3 Corrections Included in This Release 3.1 Network Management Changes.................... 3-1 3.1.1 NET$CONFIGURE Command Procedure........... 3-1 3.1.2 NET$STARTUP Command Procedure............. 3-2 3.1.3 NET$SHUTDOWN Command Procedure............ 3-2 3.1.4 NCL Syntax Change for MTS Entity.......... 3-2 3.1.5 NCL Parsing Fix for End User Specification Data Types................................ 3-3 3.1.6 Event Dispatcher.......................... 3-3 3.1.7 Common Management Listener (CML).......... 3-4 3.1.8 Common Trace Facility (CTF)............... 3-4 3.2 Transport Layer............................... 3-4 3.2.1 Network Services Protocol (NSP)........... 3-4 3.2.2 OSI Transport Protocol.................... 3-5 3.2.3 DECnet over IP (RFC 1006)................. 3-6 3.3 Network Layer................................. 3-6 3.3.1 End System Routing........................ 3-6 3.3.2 Host Based Routing........................ 3-6 3.3.3 Alias..................................... 3-7 3.4 Session Control............................... 3-7 3.5 QIO Interface................................. 3-8 3.6 Maintenance Operations Protocol (MOP)......... 3-9 3.7 Distributed Naming Service (DECdns)........... 3-10 3.7.1 Clerk Changes............................. 3-10 3.7.2 Server Changes (VAX Only)................. 3-10 3.8 Distributed Time Service (DECdts)............. 3-13 3.9 X.25 Native Mode (VAX Only)................... 3-13 3.10 Wide Area Network Device Driver Support (VAX Only)......................................... 3-14 iv 4 Documentation Errata 4.1 Network Management and NCL.................... 4-1 4.1.1 Routing Maximum Buffers Characteristic.... 4-1 4.1.2 DTS/DTR and Phase V Node Names............ 4-1 4.1.3 Using the ADD Verb with OSI Transport CONS Filter Entities........................... 4-2 4.1.4 NET$EXAMINE Right Required................ 4-2 4.1.5 Configuring Multiple Cluster Aliases...... 4-2 4.1.6 Supplying Access Control Information...... 4-2 4.1.7 NCL Snapshot Command...................... 4-6 4.2 OSAK Programming.............................. 4-6 4.2.1 Using OSAK over RFC1006................... 4-6 4.2.2 New OSAK API Routine: osak_tc_no_sc() .... 4-6 4.2.3 Omitted Parameter Block Parameters........ 4-7 4.3 DECdns........................................ 4-8 5 Operational Notes 5.1 NSP Characteristics for X.25 PVCs............. 5-1 5.2 OSI Transport................................. 5-1 5.3 Transport Precedence in Predominantly Phase IV Networks...................................... 5-2 5.4 Upgrading to DECnet-Plus with Systems Running DEC X.25 (Alpha Only)......................... 5-2 5.5 COLLECT Command and Addressing in DECNET_MIGRATE Commands....................... 5-3 5.6 Decimal Syntax DSPs Not Supported............. 5-3 5.7 FDDI Large Packet Support..................... 5-3 5.8 Startup Procedure Change: NCL Information Minimized..................................... 5-4 5.9 Setting Alias Selection Weights............... 5-4 5.10 Configuring X.25 Access Filters for Use by OSI Transport (VAX Only).......................... 5-4 5.11 DECdns........................................ 5-5 5.11.1 Adjusting null_port_timeout in DNS.CONF... 5-6 5.11.2 Providing Adequate Resources for DECdns... 5-6 5.11.3 Using the DNS.CONF Configuration File..... 5-7 5.11.4 Limitation on Size of Checkpoint File Records................................... 5-10 5.11.5 Using the NEW EPOCH Command............... 5-11 5.11.6 Configuring a Node as a DECdns Server..... 5-11 5.11.6.1 Creating A New Namespace................ 5-12 v 5.11.7 Default Parameters for Process Limits on DECdns Servers............................ 5-12 5.11.8 PAGEDYN Resources: Clerks and Servers..... 5-13 5.11.9 Use the Outgoing Alias When Connecting to DECdns Servers............................ 5-13 5.12 DECdts........................................ 5-14 5.12.1 Automatic Time Zone Changes on Rebooting Clusters.................................. 5-14 5.13 OSAK Programming.............................. 5-14 5.13.1 User Data Size Restriction for Tracing.... 5-14 5.13.2 OSAK Version 1.1 No Longer Supplied....... 5-14 5.13.3 Migrating Applications from Version 2.0 to Version 3.0 OSAK API Interface............ 5-14 5.13.4 Misleading OSAK Error Message: SPM Congestion at Connect Time................ 5-15 5.14 DECnet Programming............................ 5-15 5.14.1 64-Bit Virtual Address Restrictions....... 5-15 5.14.2 Backtranslation of IP Addresses........... 5-15 5.14.3 Applications Connection Requirement....... 5-16 5.15 FTAM, Virtual Terminal, and OSI Application Kernel........................................ 5-16 5.15.1 FTAM...................................... 5-16 5.15.1.1 Downstream Processing Support in OSIF$FAL................................ 5-16 5.15.1.2 COPY Command Enhancement................ 5-17 5.15.1.3 DAP/Gateway............................. 5-17 5.15.1.4 RMS Record I/O Performance Enhancements............................ 5-17 5.15.2 Virtual Terminal.......................... 5-18 5.15.2.1 CTRL-@.................................. 5-18 5.15.2.2 Amode Repertoire........................ 5-18 5.15.2.3 Responder............................... 5-18 5.15.2.4 VT/LAT Gateway.......................... 5-18 6 Known Problems 6.1 NET$SHUTDOWN May Fail to Complete............. 6-1 6.2 Receive Buffers Attribute on HDLC LINK Entity Not Implemented (Alpha Only).................. 6-1 6.3 DECdns........................................ 6-2 6.3.1 Error Creating New Namespaces............. 6-2 6.3.2 System Hangs at Startup in DNS Clerk...... 6-2 vi 6.3.3 Server Software Is Not Available for OpenVMS Alpha Systems..................... 6-2 6.3.4 Startup Error Message: DECdns Clerk....... 6-2 6.3.5 General DECdns Problems................... 6-3 6.3.6 Handling Clerk Cache Startup Problems..... 6-3 6.3.7 Removing Obsolete DNS$CACHE Files......... 6-4 vii _________________________________________________________________ Preface Intended Audience This manual is intended for all Compaq DECnet-Plus for OpenVMS (formerly DECnet/OSI) software users. Read this manual before you install, upgrade, or use Compaq DECnet- Plus for OpenVMS, Version 7.3. Structure of This Book This manual contains the following chapters: o Chapter 1 contains installation notes for this release. o Chapter 2 describes new features not documented in the Version 7.1 documentation set. o Chapter 3 lists corrections included in this release. o Chapter 4 contains documentation errata and additions. o Chapter 5 discusses operational notes and additional product documentation not included in the product's primary documentation. o Chapter 6 lists known problems with this release. This manual contains release notes introduced in the current release and notes from previous DECnet versions that still apply to the new release. Each release note (except those in Chapter 3) contains a margin note indicating in which product version the note first appeared. vii For a list of additional documents available that support this version of the Compaq DECnet-Plus for OpenVMS software, see the DECnet-Plus for OpenVMS Introduction and User's Guide. Reader's Comments Compaq welcomes your comments on this manual or any of the DECnet-Plus documents. Please send comments to either of the following addresses: Internet openvmsdoc@compaq.com Mail Compaq Computer Corporation OSSG Documentation Group, ZKO3-4/U08 110 Spit Brook Rd. Nashua, NH 03062-2698 How To Order Additional Documentation Use the following World Wide Web address to order additional documentation: http://www.openvms.compaq.com/ Conventions The following conventions are used in this book. ___________________________________________________________ Convention_______Meaning___________________________________ special type Indicates a literal example of system output or user input. In text, indicates command names, keywords, node names, file names, directories, utilities and tools. UPPERCASE Indicates keywords that you enter. You can type the characters in uppercase or lowercase. You can abbreviate command keywords to the smallest number of characters that OpenVMS, NCP, NCL, or the other tools accept. Uppercase also indicates the names of files, directories, utilities, tools, commands, parameters, and procedures. viii ___________________________________________________________ Convention_______Meaning___________________________________ italic type Indicates a variable. bold Indicates a new term defined in the text or important information. Indicates that you press the Return key. Ctrl/x Indicates that you press the Control key while you press the key noted by x. [YES] Brackets indicate that the enclosed item is a default value in an installation prompt. { } In command format descriptions, indicates you must enter at least one listed _________________element.__________________________________ ix 1 _________________________________________________________________ Installation 1.1 OpenVMS Software Version Requirement Compaq DECnet-Plus for OpenVMS, Version 7.3 requires Version 7.3 of the Compaq OpenVMS operating system. Installation 1-1 2 _________________________________________________________________ New Features This chapter describes new functionality provided by Compaq DECnet-Plus for OpenVMS Version 7.3 not documented in the Version 7.1 documentation set. This section includes new functionality implemented in Version 7.2. Also included is new functionality present in Version 7.1 which was not documented in the Version 7.1 documentation set. 2.1 NET$CONFIGURE Improvements The following changes have been made to NET$CONFIGURE.COM: o The status of both DECnet over TCP/IP (RFC1859) and OSI over TCP/IP (RFC1006) is now included in the OSI transport summary. o The OSI transport script contains an explanation of the RFC1006 listener ports attribute so that it is easy to determine if OSI over TCP/IP or DECnet over TCP/IP is enabled. o When FDDI routing circuits are present, a comment in the Routing script explains if a small or large packet size is in use. o When using Advanced Option 1 or 4, the entire transport configuration is displayed before asking if the user wishes to change it. 2.2 Phase IV Migration Improvements This section describes improvements that enhance a Phase IV-to-Phase V migration. The following improvements have been made to the NET$CONFIGURE.COM command procedure: o During migration from Phase IV, Phase IV addressing is no longer disabled on all routing circuits. New Features 2-1 New Features 2.2 Phase IV Migration Improvements This prevented the newly migrated Phase V node from communicating with Phase IV nodes. Instead, Phase IV addressing is now enabled on one broadcast circuit, and a message is displayed which explains how and when Phase IV addressing can be enabled on additional circuits. o When selecting a broadcast circuit on which to enable Phase IV addressing, the migration process now prefers FDDI broadcast devices over CSMA broadcast devices. o During migration from Phase IV, FDDI routing circuits are no longer configured with the "Reserved" type. Instead, they are configured to use a small packet size by default (type = csma-cd), and a message is displayed which explains how and when that default can be changed. The following improvements have been made to the NET$CONVERT_DATABASE.EXE image: o EI/82558, EB, and EO devices are now recognized during migration from Phase IV. o All FDDI and CSMA stations are now enabled in the NCL scripts regardless of the line states in the Phase IV line database. 2.3 NET$SHUTDOWN_APPLICATION Logical Added to NET$SHUTDOWN NET$SHUTDOWN now checks for the existence of the NET$SHUTDOWN_APPLICATION logical. If this logical is defined, NET$SHUTDOWN invokes the site-specific shutdown command procedure referenced by the logical. This new logical does not change the function of the NET$AUX_CONTROL logical. 2.4 NCL$GLOBALSECTION.DAT Updated NCL$GLOBALSECTION.DAT has been modified to include changes needed to manage the Message Transfer Agent (MTA), Message Transfer Server (MTS), Directory Services Agent (DSA), and X.25 over TCP/IP (XOT). 2-2 New Features New Features 2.5 NCL HELP Updates 2.5 NCL HELP Updates This release includes several updates to NCL HELP. The sections that follow describe these changes. 2.5.1 Improved Organization NCL HELP utility has been reorganized to include additional network management information, diagrams and descriptions of the entity hierarchy, and command examples. The Network_Management topics now contains the following subtopics: Controlling_Access, Logical_Names, Startup_ Scripts, MOP, Event_Dispatcher, Shutdown_and_Restart, Running_over_TCP_IP, Namespace_Management, and Remote_ Node_management. The new entity hierarchy diagrams and descriptions are accessed using the following command: HELP ENTITY module-name SUBENTITIES You can view the entire entity hierarchy by using the following command: HELP ENTITY 2.5.2 Help for SHOW DTSS Updated In Version 7.1, the syntax for the SHOW DTSS LOCAL SERVERS and SHOW DTSS GLOBAL SERVERS commands changed in order to distinguish DECnet servers from DCE servers. The updated help file contains the new versions of these commands: SHOW DTSS DECNET LOCAL SERVERS and SHOW DTSS DECNET GLOBAL SERVERS. 2.5.3 Updated Information for Access Control and Proxy Information NCL HELP has been updated to more clearly describe access control policies, especially with regard to the use of wildcard proxies. Note that there has NOT been any recent change to DECnet's access control checking procedures; this HELP update is merely for documentation purposes. New Features 2-3 New Features 2.5 NCL HELP Updates The following text is now included under HELP NETWORK_ MANAGEMENT ACCESS_CONTROL OPENVMS_POLICY: Access can be established using an explicitly specified account, a default proxy account, an application-specific default account, or a nonprivileged default account. The following steps are used to determine if a remote user will be granted access. (Note that access control checking is handled in the same fashion for a local user who specifies the local node or 0 in a command.) 1. If explicit access control information is provided, this information is evaluated first. When an empty access control string is provided, as in: $ DIR PRKCHP"":: $ DIR 0"":: No proxy checking is performed. Instead, access checking is continued at Step 3. When both a username and password are explicitly provided, as in the following examples: $ DIR PRKCHP"PRKCHP_USER PASSWD":: $ DIR 0"PRKCHP_USER PASSWD":: $ MCR NCL SHOW NODE PRKCHP"PRKCHP_USER PASSWD" ALL that account must be accessible using that password (even if a valid proxy exists), in order for access to succeed. If this fails (say, for example, the password is wrong or the account does not exist), then no further checking is performed and access is denied. When only the username is explicitly provided, as in: $ DIR PRKCHP"PRKCHP_USER":: $ DIR 0"PRKCHP_USER":: $ MCR NCL SHOW NODE PRKCHP"PRKCHP_USER" ALL the local proxy database is searched for one proxy record matching source_node::username_on_source. An exactly matching proxy record is preferred over a wildcard match. (Refer to HELP NETWORK_MANAGEMENT ACCESS_CONTROL PROXIES for more information if a wildcard proxy is present.) If a match is not found, then no further checking is performed and access is denied. 2-4 New Features New Features 2.5 NCL HELP Updates If a match is found, the selected proxy record is examined to determine if access should be attempted using this explicitly specified local username. It does not matter if this local username is specified in the proxy record as the default account or not. As long as that username is included somewhere in that proxy record, then access will be attempted via that account. For example, if the following command were issued by SYSTEM on LAMCHP: $ DIR PRKCHP"PRKCHP_USER":: And PRKCHP had one of the following proxy records in its database: LAMCHP::SYSTEM PRKCHP_USER LAMCHP::SYSTEM PRKCHP_USER (D) LAMCHP::SYSTEM SYSTEM (D) PRKCHP_USER Then access would be attempted using the explicitly specified PRKCHP_USER account. If this access succeeds, the remote user is mapped into the specified account and granted the rights and default privileges for that account. If there is a problem (say, for example, the directory for that account does not have the correct owner), then no further checking is performed and access is denied. 2. If no access control information was provided at all (not even an empty string), as in: $ DIR PRKCHP:: $ DIR 0:: $ MCR NCL SHOW NODE PRKCHP ALL The proxy database is scanned for a proxy record matching source_node::username_on_source. (A default wildcard proxy may not be sufficient. Refer to HELP NETWORK_MANAGEMENT ACCESS_CONTROL PROXIES for more information.) If no matching proxy record is found, then access control checking proceeds to Step 3. New Features 2-5 New Features 2.5 NCL HELP Updates If a matching proxy record is found, but it does not specify a default account, then access will NOT be attempted using that proxy. Instead, access checking proceeds to Step 3. If the matching proxy record specifies a default account, then access is attempted using that account. If this succeeds, the user is granted the rights and default privileges of this default account. If this fails (say, for example, the directory for that account does not have the proper owner), then no further checking is done and access is denied. 3. If an application-specific default is present, as indicated by the session control application user name attribute, then access will be attempted using that account. If this access fails (say, for example, the specified account is non-existent), then no further checking is performed and access is denied. If no default was specified for that particular application, access checking is continued with Step 4. --- NOTE --- The CMIP Management Listener (CML) application uses this method of access to allow remote users to perform NCL SHOW commands. This is why the session control application CML user name is usually set to CML$SERVER, and this account is generally granted the NET$EXAMINE right. Even if a remote user does not include explicit access control information in an NCL command, and even if he does not possess a default proxy account with NET$EXAMINE or BYPASS, his NCL SHOW requests will still be permitted via the CML$SERVER account. 4. If a non privileged default has been established, as indicated by the session control non privileged user attribute, then access will be attempted using that account. If this access fails, or if the session control non privileged user attribute has not been set, then access is denied. 2-6 New Features New Features 2.5 NCL HELP Updates The following text is now included under HELP NETWORK_ MANAGEMENT ACCESS_CONTROL PROXIES to describe why wildcard proxies are sometimes ignored during proxy evaluation: Proxies are managed using the AUTHORIZE facility. Each proxy record should specify a default account, regardless of whether a default wildcard proxy exists, to ensure that at least one valid destination account is specified. For example, if a default wildcard proxy existed on PRKCHP: UAF> SHOW/PROXY * Default proxies are flagged with (D) LAMCHP::* * (D) The SYSTEM user on node LAMCHP would have default proxy access into the SYSTEM account on PRKCHP. If the network manager then wished to add ALTERNATE as an alternate account to be used from the SYSTEM account on LAMCHP, while still retaining SYSTEM as the default, he would need to explicitly specify that default in the new proxy record like so: UAF> ADD/PROXY LAMCHP::SYSTEM SYSTEM/DEFAULT, ALTERNATE So the proxy database on PRKCHP would now look like this: UAF> SHOW/PROXY * Default proxies are flagged with (D) LAMCHP::* * (D) LAMCHP::SYSTEM SYSTEM (D) ALTERNATE If he instead did this: UAF> ADD/PROXY LAMCHP::SYSTEM ALTERNATE So the proxy database looked like this: UAF> SHOW/PROXY * Default proxies are flagged with (D) LAMCHP::* * (D) New Features 2-7 New Features 2.5 NCL HELP Updates LAMCHP::SYSTEM ALTERNATE then LAMCHP::SYSTEM would no longer have default access to PRKCHP's SYSTEM account. That is because only one proxy record is considered for proxy processing; and in this case, the exact match LAMCHP::SYSTEM is preferred over the LAMCHP::* match. This LAMCHP::SYSTEM proxy record does not specify any default account. For further information on how proxies are used to grant access, refer to HELP NETWORK_MANAGEMENT ACCESS_CONTROL OPENVMS_POLICY. 2.5.4 Updated Help for FDDI Station Link Event Reporting NCL HELP EVENT_MESSAGES FDDI_STATION LINK has been updated to reflect restrictions in FDDI Station Link event reporting which are imposed by the VMS device drivers. The following events cannot be logged, but their respective counters will increment if these events occur: block check error directed beacon received duplicate address test failure duplicate token detected fci strip error frame status error link buffer unavailable pdu length error receive data overrun ring beacon initiated ring purge error trace initiated transmit failure transmit underrun The "unrecognized individual pdu destination", "unrecognized multicast pdu destination", and "user buffer unavailable" events can be reported, and their respective counters can increase accordingly. However, DECnet blocks "unrecognized multicast pdu destination" by default. Refer to SYS$MANAGER:NET$EVENT_LOCAL.TEMPLATE if you wish to pass this event. 2-8 New Features New Features 2.5 NCL HELP Updates The "ring initialization initiated" and "ring initialization received" events are now logged by certain VMS device drivers. If a VMS device driver supports these events, they are not logged on a one-to-one basis with increases in their corresponding counters. Instead, only one error report is issued for any number of these events that occur within a sampling period. This is intended to decrease any possibility of flooding OPCOM. 2.6 New Devices Supported by MOP Modified NET$NISCS_LAA.EXE to recognize new style device names returned by $GETDVI. This permits loads over SCSI PAC devices. Prior to this release, the satellite load failed with the following messages displayed at the satellite: %VMScluster-I-MSCPCONN, Connected to a MSCP server for the system disk, node nnnnnn %VMScluster-E-NOT_SERVED, Configuration change, the system disk is no longer served by node nnnnnn 2.7 Host Based Routing Improvements This release of the NET$ROUTING_IS.EXE module contains the following improvements: o Raised the maximum allowed circuits from 20 to 40. o Modified logic used to set maximum circuit segment size for FDDI circuits. Previously, the calculation could sometimes use the Phase IV default of 576. This has been changed to always use the FDDI default of 4352. 2.8 Session Control Improvements This release of the NET$SESSION_CONTROL.EXE module contains the following improvement: o On Alpha systems, the NET$SESSION_CONTROL.EXE module now uses the name string from the PSB instead of GETJPI. New Features 2-9 New Features 2.9 CDI$SYSTEM_TABLE Logical Name Table 2.9 CDI$SYSTEM_TABLE Logical Name Table You can use a logical name table (CDI$SYSTEM_TABLE) to define node synonyms. You should use the following commands to create and examine logical names in a CDI$SYSTEM_TABLE. For example, you can define a system named bks.pub.dec.com as bks according to the following command examples. To define a table, enter the following command: $ create/name_table/exec/parent=lnm$system_directory cdi$system_table To define a logical name, enter the following command: $ define/table=cdi$system_table bks bks.pub.dec.com To examine a logical name, enter the following command: $ show logical/table=cdi$system_table bks The system displays the logical name information: $ "bks.pub.dec.com" = "bks" (cdi$system_table) SYSNAM system privileges are required. 2.10 Backtranslation Over DNS/BIND Incoming connections over an IP network might not work with applications that require a Phase IV-style (six character or less) node name unless Domain synonyms are set up as described in the Compaq DECnet-Plus for OpenVMS installation manuals. CDI now attempts to backtranslate the IP address using the first simplename in the fully qualified DNS/BIND host name. For example, NOTAMI.div.cmp.com translates into NOTAMI. If the first simplename is not a legal Phase IV-style node name, such as NOTAMI2.div.cmp.com, backtranslation is still provided. 2.11 OSAK Programming The following sections discuss new programming features that apply to the OSAK programming interface. 2-10 New Features New Features 2.11 OSAK Programming 2.11.1 called_aei Parameter on A-ASSOCIATE and S-CONNECT Indication Events For A-ASSOCIATE indication events in the OSAK API, and S-CONNECT indication events in the SPI, the nsap field of the called_aei parameter is no longer filled in by OSAK. Previously, the called_aei.paddress.nsap structure contained the values specified in the local_ aei.paddress.nsap parameter on the osak_open_responder or spi_open_responder call. However, these values are not used by osak_open_responder or spi_open_responder and may not contain correct information about the received connection (for example, the transport type). 2.11.2 New Status Code The routines osak_send_more and spi_send_more can now return a status code of OSAK_S_NODATA which indicates that there is no data remaining. In previous versions, the status code OSAK_S_INVFUNC may have been returned when this error occurred. 2.11.3 ROSE Minimum Workspace Increased The minimum required size for the parameter block workspace for ROSE has increased. If your ROSE application is using the old minimum workspace size, you will now get a bad parameter error. It is recommended that your application use the constant ROSE_WS_SIZE defined in osak_api.h to get the correct minimum workspace size. ________________________ Note ________________________ Depending on the size of your application's parameter block workspace, you may have to recompile your ROSE applications. ______________________________________________________ 2.11.4 Handling of Default Transport Templates If no transport template is specified in the osak_ associate_req (API and ROSE) or spi_connect_req (SPI) call, OSAK takes the following actions: o If the NSAP in the osak_nsap data structure is CONS or CLNS, OSAK uses the default transport template. New Features 2-11 New Features 2.11 OSAK Programming o If the NSAP in the osak_nsap data structure is RFC 1006, OSAK uses the osit$rfc1006 transport template. 2.12 DECdns 2.12.1 New Device Support This version of DECdns provides support for EB, EI, and EO Ethernet devices. 2.12.2 DNS Logging Enhanced The option to include more communications logging information in the SYS$MANAGER:DNS$CHFAIL.LOG is now available. Prior to this enhancement, hard communications errors were only reported to the DNS$CONTROL program and the DECnet-Plus IPC status was lost. With this new feature enabled, these errors are reported to the DNS$CHFAIL.LOG (along with the DECnet-Plus IPC status). To enable this feature, define the logical name DNS$MORE_ COMMO_LOGGING in the DNS$SYSTEM_TABLE and give it a value of one as shown below: DEFINE/TABLE=DNS$SYSTEM_TABLE DNS$MORE_COMMO_LOGGING 1 To disable this feature, deassign the logical name. 2.12.3 New System Logicals for DNS$ADVER Five new user-defined system logicals have been added for the DNS$ADVER process: o DNS$ADVER_AST_LIMIT o DNS$ADVER_BUFFER_LIMIT o DNS$ADVER_EXTENT o DNS$ADVER_MAX_WORKING_SET o DNS$ADVER_PAGE_FILE These system logical names correspond to qualifiers on the RUN statement which are described in the OpenVMS documentation. If any of these system logical names are defined at the time that the DNS$ADVER process starts up, then the values defined for these system logical 2-12 New Features New Features 2.12 DECdns names are used instead of the default quotas. Typically, these system logical names are defined in the file SYS$MANAGER:SYLOGICALS.COM. Use these system logical names if you have a system configured with more than two ethernet controllers. You can also use these logicals to define increased quota for the DNS$ADVER process when you receive a message on the console during startup that the DNS cache is not initialized (DNS$_ NOCACHE,"Clerk cache not initialized"). Selected default quotas for the DNS$ADVER process have also been increased for this release. The selected quotas that have been increased include direct I/0, enqueue limit, queue limit, buffer limit, and maximum_working_set. 2.13 DECdts 2.13.1 New Device Support This version of DECdts provides support for EB, EI, and EO Ethernet devices. 2.13.2 New Procedures for Changing Daylight Savings Time Zone Rules (Alpha Only) This version of DECdts (Alpha only) uses the timezone files provided by the DEC C RTL. These timezone files are located in the directories pointed to by the logical SYS$TZDIR. If there is an error in any of these files you can correct it by using the update procedure given in the next section. Updating the Time Zone File The time zone source files are a database which provides information about time zone rules in the past, present, and future for virtually every country in the world. The time zone source files are updated as follows: 1. Modify the appropriate time zone source file so that it reflects the new rule. Time zone source files are located in SYS$COMMON:[SYS$ZONEINFO.SYSTEM.SOURCES]. The format of the time zone source files is described in the DEC C Run-Time Library Utilities Reference Manual. Please refer to the section describing the Zone Information Compiler (ZIC). New Features 2-13 New Features 2.13 DECdts 2. Recompile the modified time zone source file with the ZIC compiler. The ZIC compiler is available on OpenVMS V7.0 and above. It is described in the DEC C Run-Time Library Utilities Reference Manual. 3. Make sure that the new binary time zone file is being used by applications. To make use of the new binary time-zone file, the user should place it in the location referred to by the SYS$TZDIR logical name. ________________________ Note ________________________ The DEC C RTL has the ability to cache environment variables and binary time-zone files. This caching may prevent either the newly defined TZ environment variable or the newly created time-zone file from taking effect. The simplest way to ensure that the change takes effect is to reboot the system. ______________________________________________________ To verify that the rule is set up correctly, use the following command: $ SHOW LOGICAL SYS$TIME* For example, the output might look like the following: "SYS$TIMEZONE_DAYLIGHT_SAVING" = "1" "SYS$TIMEZONE_DIFFERENTIAL" = "-14400" "SYS$TIMEZONE_NAME" = "EDT" "SYS$TIMEZONE_RULE" = "EST5EDT4,M4.1.0/02,M10.5.0/02" The SYS$TIMEZONE_RULE is a POSIX-style rule. POSIX-style rules are discussed in the section below. This rule corresponds to the value of the TZ environment variable that is found on UNIX systems. The SYS$TIMEZONE_DIFFERENTIAL is the time differential (expressed in seconds) from GMT. The time differential is the time you add to GMT to compute the local time. Format of the SYS$TIMEZONE_RULE POSIX-style Rule The material presented here was extracted from the Compaq Tru64 UNIX manual page for tzset. stdoffset[dst[offset] [,start[/time],end[/time]]] The components of the string are as follows: 2-14 New Features New Features 2.13 DECdts std and dst Three or more characters that are the designation for the standard (std) or alternative (dst) time zone (such as Daylight Saving Time). Only std is required. If dst is not supplied, the alternative time does not apply to the locale. Upper- and lower-case letters are explicitly allowed. Any characters, except digits, a leading colon (:), comma (,), minus (-), plus (+), and ASCII NUL, are allowed. offset Indicates the value to be added to the local time to arrive at GMT. The offset has the form hh[:mm[:ss]]. The minutes (mm) and seconds (ss) are optional. The hour (hh) is required and can be either one or two digits. The offset following std is required. If no offset follows dst, the alternative time is assumed to be one hour ahead of standard time. One or more digits can be used; the value is always interpreted as a decimal number. The hour value must be between zero and 24. The value for the minutes and seconds, if present, must be between zero and 59. If preceded by a minus sign (-), the time zone is east of the Prime Meridian; otherwise it is west, which can be indicated by a preceding plus sign (+). start and end Indicates when to change to and return from alternative time. The start argument is the date when the change from standard to alternative time occurs; end is the date for changing back. If start and end are not specified, the default is the US Daylight Saving Time start and end dates. The format for start and end must be one of the following: Jn The Julian day n (1 < n < 365). Leap days are not counted. That is, in all years, including leap years, February 28 is day 59 and March 1 is day 60. It is impossible to explicitly refer to February 29. n The zero-based Julian day (0 < n < 365). Leap days are counted making it possible to refer to February 29. New Features 2-15 New Features 2.13 DECdts Mm.n.d The dth day (0 < d < 6) of week n of month m of the year (1 < n < 5, 1 < m < 12). When n is 5, it refers to the last d day of month m which may occur in either the fourth or fifth week. Week 1 is the first week in which the dth day occurs. Day zero is Sunday. time Describes the time when, in current time, the change to or return from alternative time occurs. The time parameter has the same format as offset, except that there can be no leading minus (-) or plus (+) sign. If time is not specified, the default is 02:00:00. Sample Rule As an example, the TZ variable value EST5EDT4,M4.1.0,M10.5.0 describes the rule defined in 1987 for the Eastern time zone in the US. EST (Eastern Standard Time) is the designation for standard time, which is 5 hours behind GMT. EDT (Eastern Daylight Time) is the designation for alternative time, which is 4 hours behind GMT. EDT starts on the first Sunday in April and ends on the last Sunday in October. In both cases, since time was not specified, the changes occur at the default time, which is 2:00 A.M. Note that the start and end dates did not need to be specified since they are the defaults. 2.13.3 Option to Disable DTSS at System Boot You can now disable DTSS when the system boots. You should use this option when another time provider controls the system clock. To disable DTSS, do the following: 1. Boot the system normally. 2. Set the TDF using NET$CONFIGURE OPTION 5 (Set Timezone). This allows DTSS to run DTSS$SET_TIMEZONE.EXE which sets the EXE$GQ_TDF cell and the SYS$TIME logicals (SYS$TIMEZONE_DAYLIGHT_SAVING, SYS$TIMEZONE_ DIFFERENTIAL, SYS$TIMEZONE_NAME, and SYS$TIMEZONE_RULE). 3. Disable DTSS using the following command: $ MCR NCL DISABLE DTSS 2-16 New Features New Features 2.13 DECdts 4. Define the following logical in SYLOGICALS.COM: $ DEFINE/SYSTEM NET$DISABLE_DTSS 1 5. Reboot the system. _______________________ Caution _______________________ DECnet-Plus requires the TDF to be properly set. Do not attempt to prevent DTSS$SET_TIMEZONE.EXE from running; to do so will cause a system hang during system startup. ______________________________________________________ 2.13.4 New DTSS NTP Provider Sample Program A new sample program, DTSS$PROVIDER_NTP, may be used on a DTSS server to obtain the time from an NTP V3 server (on another node in the network). The new files are located in SYS$EXAMPLES: DTSS$PROVIDER_NTP.C DTSS NTP Provider Program DTSS$PROVIDER_NTP.EXE DTSS NTP Provider Image RUN_NTP_TP.COM Procedure to run DTSS$PROVIDER_ NTP START_DETACHED_NTP_TP.COM Procedure to run as a detached process New Features 2-17 3 _________________________________________________________________ Corrections Included in This Release This chapter discusses corrections included in Compaq DECnet-Plus for OpenVMS, Version 7.3. The chapter contains an abbreviated list of the updates included in the Version 7.3 release. If a specific update you are looking for is not listed, this does not mean that it is not included in the Version 7.3 release. For further information on specific updates, contact your Compaq support representative. 3.1 Network Management Changes This section describes network management corrections in Compaq DECnet-Plus for OpenVMS, Version 7.3. 3.1.1 NET$CONFIGURE Command Procedure The following corrections have been made to the NET$CONFIGURE.COM command procedure: o If the transport information in the checksum database becomes corrupted, NET$CONFIGURE no longer prevents configuration of both transports in the future. o Creation of the PHONE$SERVER account has been corrected. o Corrected an error that could result in duplicate device names (and duplicate commands for the devices). This error occurred if NET$CONFIGURE had been previously run and either aborted or was stopped by the user with a CTRL-C. The correction allows NET$CONFIGURE to properly clean up the temporary files it uses. o Corrected an error in the "ADD an Application" option that frequently caused this option to generate a RMS warning message and prevented the procedure from creating the new application. Corrections Included in This Release 3-1 Corrections Included in This Release 3.1 Network Management Changes 3.1.2 NET$STARTUP Command Procedure The following corrections have been made to the NET$STARTUP.COM command procedure: o No longer requires DNS Server nodes to include LOCAL in their search path. o Corrected a condition that could cause the generation of the following message: %DECnet-W-NOREAD, could not read SYS$SYSROOT:[SYSEXE]NET$CONFIG.DAT If this message was received, the SYS$NODE and SYS$NODE_ FULLNAME logicals would be undefined. 3.1.3 NET$SHUTDOWN Command Procedure The following correction has been made to the NET$SHUTDOWN.COM command procedure: o Modified to prevent aborting when a NET process logical was defined. 3.1.4 NCL Syntax Change for MTS Entity The NCL$GLOBALSECTION.DAT file has been modified to correct an error with the SET MTS command. Previously, the following NCL SET MTS command failed as shown: NCL>set mts "/C=fr/O=mm/MTS=MMmts" ora "C=gb" - _NCL>rout inst [action = md redirect, redirection = "C=gb;A=TEST] %NCL-E-MISSINGRIGHTBKT To correct this error, it was necessary to modify the syntax of the SET MTS command to include a new routing instruction as follows: NCL>set mts "/C=fr/O=mm/MTS=MMmts" ora "C=gb" - _NCL>rout inst [action = md redirect, md redirection = "C=gb;A=TEST] Note that redirection in the action list has been changed to md redirection. 3-2 Corrections Included in This Release Corrections Included in This Release 3.1 Network Management Changes 3.1.5 NCL Parsing Fix for End User Specification Data Types NCLSHR.EXE has been modified to correct the handling of the UIC format of attributes using the end user spec data type (for example, the remote end user address attribute of the session control port entity). Prior to this correction, specifying the following command: SHOW SESS CONT PORT * ALL, WITH REMOTE END USER ADDR = UIC = [0,0]SYSTEM returned the %NCL-E-BADVALUE error. 3.1.6 Event Dispatcher The following change has been made to the NET$EVENT_ DISPATCHER.EXE image: o Created new filters to block the following CSMA and FDDI events to correct the command RESET EVENT DISPATCHER OUTBOUND STREAM. The global filter blocks the following events by default: node,csma,station, unrecognized multicast destination pdu node,csma,station, unavailable station buffer node,fddi,station,link, unrecognized multicast pdu destination If you do not want these events blocked by default at creation time, create a new SYS$MANAGER:NET$EVENT_ LOCAL.NCL by copying the NET$EVENT_LOCAL.TEMPLATE and include appropriate commands to pass one or more of these events. The following change has been made to the NET$EVENT_ LOCAL.TEMPLATE file: o If a NET$EVENT_LOCAL.NCL was previously created from the old NET$EVENT_LOCAL.TEMPLATE, then your site-specific NET$EVENT_LOCAL.NCL should be edited to remove the following duplicate block command: BLOCK EVENT DISPATCHER OUTBOUND STREAM local_stream - GLOBAL FILTER ((NODE,MOP,CIRCUIT), Unrecognized Dump Client). Since new filters now block the CSMA and FDDI events by default, the following pass commands have been added: Corrections Included in This Release 3-3 Corrections Included in This Release 3.1 Network Management Changes !PASS EVENT DISPATCHER OUTBOUND STREAM * GLOBAL FILTER - ! ((NODE,CSMA-CD,STATION), Unrecognized Multicast Destination PDU) !PASS EVENT DISPATCHER OUTBOUND STREAM * GLOBAL FILTER - ! ((NODE,CSMA-CD,STATION), Unavailable Station Buffer) !PASS EVENT DISPATCHER OUTBOUND STREAM * GLOBAL FILTER - ! ((NODE,FDDI,STATION,LINK), Unrecognized Multicast PDU Destination) If you have previously created a NET$EVENT_LOCAL.NCL script by copying the old .TEMPLATE, regardless of whether you choose to use these commands or not, please update that site-specific NET$EVENT_LOCAL.NCL script. 3.1.7 Common Management Listener (CML) The following correction has been made to the CML.EXE image: o Deleted an unnecessary entity name length check that could cause remote LAPB management commands (such as SHOW NODE NODEA LAPB LINK * PHYSICAL PORT) to fail with a data corruption error. The commands failed when used with a remote node name but succeeded when used with NODE 0. 3.1.8 Common Trace Facility (CTF) The following correction has been made to the CTFDCP.EXE image: o Included a sanity check of the TP_CELL parameter on a CTF$$DECLARE call. Invoking CTF with unsupported parameter values occasionally resulted in a system crash because TP_CELL did not contain a valid address. 3.2 Transport Layer This section describes changes made to the transport layer. 3.2.1 Network Services Protocol (NSP) The following corrections have been made to the NET$TRANSPORT_NSP.EXE image: o Corrected logic used to ensure that a receive buffer is always available. Previously, this logic failed when the number of receive buffers exceeded 32767. 3-4 Corrections Included in This Release Corrections Included in This Release 3.2 Transport Layer o Corrected logic associated with extending the internal TCTB table when the number of transport connections exceeds 8191. Previously, a crash would occur with the NETNOSTATE bugcheck when the number of connections exceeded 8191. o Prevent a remote TCID from attempting to be reused for a connection if the previous connection failed to be deaccessed. o Brought NSP more in line with the Phase IV protocol by correcting the possible delivery of protocol errors with disconnect data. If the user string (P2) is not a counted string, this will now be included on behalf of the user. Phase IV did this previously, but removed the first byte of the user data while making it counted. 3.2.2 OSI Transport Protocol The following corrections have been made to the NET$TRANSPORT_OSI.EXE image: o Modified state tables such that if the port is in a WFNC state and receives a DR or DC, the port ignores the message rather than bugchecks. o Corrected restraint mode window. o Corrected default packet size (from 7 to 128) when remote fails to set the size. o Prevent OSITP retransmission timeouts with zero credit. o Prevent OSITP premature port deallocation. o Corrected I/O completion processing to verify the VCIB prior to using a field in the VCIB as a completion routine address. o Prevent possible system crash on a disconnect indication. Corrections Included in This Release 3-5 Corrections Included in This Release 3.2 Transport Layer 3.2.3 DECnet over IP (RFC 1006) The following corrections have been made to the NET$TPCONS.EXE image: o Corrected I/O completion processing to verify the VCIB prior to using a field in the VCIB as a completion routine address. o Prevent possible system crash on a disconnect indication. 3.3 Network Layer This section describes corrections made to the network layer. 3.3.1 End System Routing The following corrections have been made to the NET$ROUTING_ES.EXE image: o Corrected handling of routing circuit reenable timer expirations to prevent a system crash that occurred when the timer handler attempted to reenable a deleted circuit. o Corrected Phase V to Phase IV translation padding on transmit header. o Prevent possible shutdown crash on disable when a WCB contained an unexpected Routing Routine, net$clns_ transmit_discard. Clear the CLNS_CDB before deleting the TSEL in the CLNS port close. o Prevent invalid NSAP on initial ES hello message by checking the area address and not the HIORD of the NSAP. 3.3.2 Host Based Routing The following corrections have been made to the NET$ROUTING_IS.EXE image: o Prevent a possible crash in the GetBuffer routine when allocating forwarding buffers. o Corrected alias forwarding logic. o Prevent a possible shutdown crash when the alias port was deallocated. 3-6 Corrections Included in This Release Corrections Included in This Release 3.3 Network Layer o Prevent possible crash with X.25 PVCs. o X.25 circuit enable code was modified to prevent possible corruption if the X.25 channel was disconnected. o Modify the use of R9 to avoid corruption in LES (Alpha only). o Remove possible alias_IDdisable forced bugcheck. o Prevent possible system crash in net$fwd_pkt_GetBuffer. 3.3.3 Alias The following corrections have been made to the NET$ALIAS.EXE image: o Corrected incoming selection weight on objects. o Corrected object lock conversion for alias enable. 3.4 Session Control The following corrections have been made to the NET$SESSION_CONTROL.EXE image: o Corrected logic in the session I/O completion routines to allow session I/O to properly complete even when session is in the off state. Occasionally, the transport module would complete I/O after session had entered the off state. Session control treated this as an invalid condition and forced a bugcheck. o Corrected a situation where session control could leave connections active even after VAX P.S.I. applications (using GAP) properly disconnected during application termination. The application $CANCEL request was failing because the connection was already in the disconnected state. The code has been modified to treat a $CANCEL request in the disconnected state in the same manner as it does for the running state. This replicates the behavior found in Phase IV. o Conditionalize out SCL spinlock checking because this check is now obsolete. Corrections Included in This Release 3-7 Corrections Included in This Release 3.4 Session Control o Prevent crash in NET$ACP from a bad DECdns and CDI cache entry. A stale pointer in DNSResult[DNSREQ$A_ Pointer] with ACP$CheckBackTransTask could cause a double deallocation. o Prevent SMP PGFIPLHI crash that could occur trying to access a port EIB that no longer existed. o Correctly include proxy information for use by LOGINOUT when SYSGEN parameter NET_CALLOUTS is set to 255. 3.5 QIO Interface The following corrections have been made to the NET$DRIVER.EXE image: o Prevent possible application RWAST or network device hangs with QIOUCB$V_closeassocdone. Double close associations precipitated this modification. Both QIO_ EXECUTE and QIO_COMPLETION were modified to check if the association has already been closed and if the channel can then be deallocated. o Modified disconnect data counted string to emulate Phase IV behavior of stepping on the first byte of user data to make it a counted string (only if the user application does not supply this necessary count). o Corrected ExecuteDeaccess code latency when the connection was not yet in the run state and it was aborted. This allows the abort to happen immediately if a) the channel type indicates that there is some semblance of a connection and b) the state indicates that the connection is not already in the process of being torn down. o Prevent IPCACP from trying to $ASSIGN a NET device before the driver has been initialized. 3-8 Corrections Included in This Release Corrections Included in This Release 3.6 Maintenance Operations Protocol (MOP) 3.6 Maintenance Operations Protocol (MOP) The following corrections have been made to the NET$MOP.EXE image: o Prevent a KRNSTAKNV crash with DECthreads changes in V7.2-1. o The following MOP CCR protocol corrections are included in this release: - MaxCommand from the SYSID now determines the maximum CommandPoll data size. This prevents commands longer than 16 bytes from being unnecessarily broken into separate messages. - If a RespAck is transmitted just as the thread is timing out, MOP no longer gets stuck in "retransmit mode". - MOP no longer inappropriately reuses CommandPoll message numbers. - The retransmit count is now only cleared if a matching RespAck has been received and MOP has finished processing any pending VCRP. These problems had a very negative impact on SET HOST/MOP and TSM performance. They remained undetected until the CCR timer was recently decreased to improve performance for the TSM SHOW SERVER ALL command. At faster speeds, MOP was more likely to get stuck in "retransmit mode", often leading to CCR-E-NORESOURCE or TSM-S-NO_RSP_DATA error messages. This occurred primarily when DECserver 200s were in use. Now that these corrections have been implemented, the CCR timer has been reduced to improve performance. (This timer is used by MOP to determine how long the thread should wait for a response.) The CCR timer is calculated using the mop circuit entity's retransmit timer attribute. The default for this attribute is 4, but setting this attribute to 1 may provide better performance (if there aren't any DECserver 200s present). Corrections Included in This Release 3-9 Corrections Included in This Release 3.7 Distributed Naming Service (DECdns) 3.7 Distributed Naming Service (DECdns) 3.7.1 Clerk Changes The following corrections have been made to the clerk (DNS$ADVER.EXE) image: o Corrected a situation where NSAP's with a prefix of %x49 were being inserted in the cache when the configured prefix was other than %x49. o Corrected a situation where the STICKY bit was not preserved in the cache (if it was previously set) when the address of an item in the cache was updated. o Corrected a problem that caused the clerk to crash when a "SHOW DNS CLERK REMOTE CLEARINGHOUSE ..." command was issued. This problem sometimes appeared as a hang to the user when a command similar to the one shown above was issued. o Corrected the clerk (SYS$NAME_SERVICES.EXE) to prevent a crash. The symptom of this crash is that the variable CTL$GL_DNSPTR is zero when entering routine RECEIVED_ DISCONNECT_AST. o Corrected the DNS$ADVER process to prevent it from aborting. The symptom of this aborting process is an access violation on a call to the DECC$FREE routine. 3.7.2 Server Changes (VAX Only) The following corrections have been made to the server (DNS$CONTROL.EXE) image: o Corrected the clerk treewalk algorithm to prevent the algorithm from failing to find the desired clearinghouse to satisfy the name lookup request. Typically, the symptom of this problem was the return status of DNS$_ NOCOMMUNICATIONS on a "SHOW CLEARINGHOUSE ..." command when the clerk should have been able to connect the proper clearinghouse. 3-10 Corrections Included in This Release Corrections Included in This Release 3.7 Distributed Naming Service (DECdns) o Added the ability to detect a newly created clearinghouse object that is missing a valid DNA$TOWER and/or DNS$ADDRESS attribute. When this situation is detected by the BACK_GROUND thread (which runs on a hourly basis), it is corrected by updating both of these attributes to the correct value. Typically, this situation can occur when someone has accidentally deleted the clearinghouse object and the clearinghouse object is manually recreated. This situation is discussed in the Section 12.10, "Restoring a Missing Clearinghouse Object Entry", of the DECnet- Plus DECdns Management. o Adjusted the server quota and timeout default values to handle the average size configuration. The changes are shown below: ________________________________________________________ Quota/Timeout____Old_Value___New_Value__________________ idle_conn_ 600 300 timeout null_port_ 60 1800 timeout maximum_ 100 200 handlers_quota ta_conn_quota 100 200 back_conn_quota__10__________20_________________________ However, if you have a large configuration, you may have to adjust some of the above quotas upward. For example, if you have large directories the null_port_timeout should be adjusted upward. Another example would be to adjust the ta_conn_quota upward, typically for a large number of users connected to the DNS server. When quota or timeout adjustment is required the new quotas or timeouts can be specified in the SYS$SYSDEVICE:[DNS$SERVER]DNS.CONF file. This file is only read at server startup time. The server must be restarted to make the changes effective. Corrections Included in This Release 3-11 Corrections Included in This Release 3.7 Distributed Naming Service (DECdns) o Corrected for bugcheck 704 which caused a server crash. This problem only occurred when a connection did not supply all the parameters that the server was expecting. The code has been corrected to handle these connections properly. o Corrected the clerk (SYS$NAME_SERVICES.EXE) to provide better handling for the expiration of the null_port_ timeout. This correction prevents the NEW EPOCH (SET DIRECTORY x TO NEW EPOCH ...) and CREATE REPLICA commands from being retried if the link times out. Previously, if the timeout occurred during the NEW EPOCH command processing, you could experience one or more of the following symptoms: o "Directory replicas are not synchronized" message in the DNS$SERVER.LOG. o "Insufficient local resources at the server" message while using the DNS$CONTROL program. o Transaction log file (for example: MY_ CH.TLOG0000003907) growing to an unusually large size. If the timeout occurred during CREATE REPLICA command processing, you would receive the following message while using the DNS$CONTROL program: Specified clearinghouse already contains a replica of that directory The software has been corrected to report the timeout as a communications error ("Unable to communicate with any DECdns server"). See additional information in Section 5.11.1. o Corrected the procedure for counting the number of skulks initiated. Prior to this correction, if a skulk was already in progress it could have been counted twice. 3-12 Corrections Included in This Release Corrections Included in This Release 3.8 Distributed Time Service (DECdts) 3.8 Distributed Time Service (DECdts) The following corrections have been made to the DTSS$SERVICE.EXE image: o Corrected handling of the CHANGE DTSS TIME directive to properly set up daylight savings time. Previously, if this directive was issued, the change to daylight savings time did not occur at the specified time unless the system was rebooted before the daylight savings time switch was to occur. o Corrected a PGFIPLHI crash on startup. The code was corrected to insure that any linkages which are touched at an elevated IPL are in a page which is locked. Prevent possible crash on boot in read cluster time. o Corrected to prevent the clerk from sending advertisements when the cache is purged. 3.9 X.25 Native Mode (VAX Only) This section describes changes to the X.25 Native Mode software (formerly known as VAX P.S.I.). The following change has been made to the PSI$CONFIGURE.EXE image: o Provide support for DPGXET profile. The following change has been made to the PSI$LLC2.EXE image: o Modified response to DM while link is up. The following change has been made to the PSI$L3CS.EXE image: o Modified to no longer pass generated ISO extensions over GAP. Modified X.29 filter priority. Corrections Included in This Release 3-13 Corrections Included in This Release 3.10 Wide Area Network Device Driver Support (VAX Only) 3.10 Wide Area Network Device Driver Support (VAX Only) This section describes changes to the Wide Area Network Device Drivers (WAN driver) software. The following change has been made to the SLDRIVER.EXE image: o Modified DSB receiver code following an auto-reload. The following correction has been made to the WANDD$DEVICE.EXE image: o Removed race condition in enable with auto-load true that prevented a subsequent load from completing on some fast machines. 3-14 Corrections Included in This Release 4 _________________________________________________________________ Documentation Errata This chapter contains corrections to the current documentation set (Version 7.1) for Compaq DECnet-Plus for OpenVMS. 4.1 Network Management and NCL 4.1.1 Routing Maximum Buffers Characteristic In the DECnet-Plus Network Control Language Reference manual, the documentation for the maximum buffers characteristic of the routing entity indicates that the characteristic's maximum value is 65535. This is incorrect. The maximum value is 500. The characteristic sets the number of buffers preallocated, not the maximum attainable value. The routing module automatically allocates additional buffers when all buffers are in use. This was done to conserve on static memory requirements (each buffer is over 4500 bytes in size). 4.1.2 DTS/DTR and Phase V Node Names In Section 3.10.2 of the DECnet-Plus Problem Solving manual, the documentation for the /nodename qualifier of the DTS test command contains a statement that seems to indicate that DTS/DTR might support Phase V node names. The statement should read as follows: The node-id can be 0, a Phase IV address or node name, or, on a Tru64 UNIX system, a DECnet-Plus NSAP address or Phase V node name. To specify a Phase V node on OpenVMS systems, you can use a node synonym of 6 characters or less. Documentation Errata 4-1 Documentation Errata 4.1 Network Management and NCL 4.1.3 Using the ADD Verb with OSI Transport CONS Filter Entities Section 20.1 of the DECnet-Plus Network Control Language Reference, "osi transport", incorrectly states that the cons filters attribute of the osi transport entity cannot be modified unless first disabled. This is partially correct. You can add filters using the ADD verb while the entity is enabled. To use the REMOVE or SET verbs, you must first disable the osi transport entity. 4.1.4 NET$EXAMINE Right Required Section 1.5.12 of the DECnet-Plus Network Control Language Reference should read: The NET$EXAMINE right is required to issue SET NCL DEFAULT ENTITY and SET NCL DEFAULT ACCESS commands. 4.1.5 Configuring Multiple Cluster Aliases Section 9.2.3, of the DECnet-Plus for OpenVMS Network Management manual, "Configuring Multiple Cluster Aliases", is incorrect. If you want to set an outgoing alias for an application, use the following command: ncl> set session control application application-name - _ncl> outgoingalias name alias-name 4.1.6 Supplying Access Control Information When supplying access information, both the username and password should be provided in a single command. In addition, the command should include a default node entity. Here are a few recommended forms of the SET NCL DEFAULT command: NCL>SET NCL DEFAULT ENTITY - _NCL>NODE nodename"username password" [subentity | subentities] NCL>SET NCL DEFAULT ENTITY NODE nodename [subentity | subentities], - _NCL>ACCESS BY USER=username, PASSWORD=password NCL>SET NCL DEFAULT ACCESS BY USER=username, PASSWORD=password, - _NCL>ENTITY NODE nodename [subentity | subentities] 4-2 Documentation Errata Documentation Errata 4.1 Network Management and NCL Once established, default entity and access control information remains in effect for the duration of the NCL session or until it is modified by subsequent SET NCL DEFAULT commands. When a SET NCL DEFAULT command contains new access information but lacks a default node entity, the new access information is stored, but is not used until some subsequent SET NCL DEFAULT ENTITY NODE command is issued. For example, the following commands set new access information but do not specify a default entity node: NCL>SET NCL DEFAULT ACCESS BY USER=username, PASSWORD=password NCL>SET NCL DEFAULT ENTITY [subentity | subentities], - _NCL>ACCESS BY USER=username, PASSWORD=password NCL>SET NCL DEFAULT ACCESS BY USER=username, PASSWORD=password, - _NCL>ENTITY [subentity | subentities] The following example shows the result of using a command of this type. NCL>SHOW NCL DEFAULT No NCL Default Access has been set NCL Default Entity () NCL>SET NCL DEFAULT ACCESS BY USER=user1, PASSWORD=goodpassword NCL>SHOW NCL DEFAULT NCL Default Access by User user1, Password xxx NCL Default Entity () Note that the access control information created in the preceding commands remains unused until the default node entity is modified. The following SET command would then result in the establishment of a connection to node remnod using the user1 account: NCL>SET NCL DEFAULT ENTITY NODE remnod NCL>SHOW NCL DEFAULT NCL Default Access by User user1, Password xxx Once you have set a default node entity, all subsequent SET NCL DEFAULT ENTITY [subentity | subentities] commands apply to that node until the user modifies the default node entity. For example, with the default node entity set to Documentation Errata 4-3 Documentation Errata 4.1 Network Management and NCL remnod, you can set the default entity to Session Control on node remnod without re-specifying the node entity: NCL>SET NCL DEFAULT ENTITY Session Control NCL>SHOW NCL DEFAULT NCL Default Access by User user1, Password xxx NCL Default Entity Node remnod Session Control To change to another subentity on the remote node, you must include (or re-specify) any subentities beneath the node entity. Even though the current default entity in this example is Node remnod Session Control, you must re-specify the Session Control subentity if you want to set default to a lower subentity on that node. For example, NCL does not parse the following command because the Session Control entity is not respecified: NCL>SET NCL DEFAULT ENTITY Application fal %NCL-E-INVALIDCOMMAND, unrecognized command SET NCL DEFAULT ENTITY \Application\ fal NCL>SHOW NCL DEFAULT NCL Default Access by User user1, Password xxx NCL Default Entity Node remnod Session Control Since the command could not be parsed, the NCL defaults remained unchanged. Instead, the following command would be necessary to change the default to a lower subentity on node remnod: NCL>SET NCL DEFAULT ENTITY Session Control Application fal NCL>SHOW NCL DEFAULT NCL Default Access by User user1, Password xxx NCL Default Entity Node remnod Session Control Application fal Note that in the preceding example the "fal" instance identifier specified a particular instance of a Session Control Application. But it is also acceptable to use wildcards to specify the default entity. In the example below, the wildcard "*" is used as an instance identifier to refer to all session control applications on the default node. NCL>SET NCL DEFAULT ENTITY Session Control Application * NCL>SHOW NCL DEFAULT NCL Default Access by User user1, Password xxx NCL Default Entity Node remnod Session Control Application * 4-4 Documentation Errata Documentation Errata 4.1 Network Management and NCL Note that if the default access control information and the default entity is now modified, but no node entity is specified, the old default access control remains in effect. NCL>SET NCL DEFAULT ACCESS BY USER=user2, PASSWORD=badpassword, _NCL>ENTITY Session Control NCL>SHOW NCL DEFAULT NCL Default Access by User user2, Password xxx NCL Default Entity Node remnod Session Control Application * In the preceding example, the new default access information is stored, but contrary to the default access information displayed by SHOW NCL DEFAULT, the connection to node remnod through the user1 account will remain in use until the default node entity is changed. This next command would request a new connection to node remnod using the latest default access information (through the user2 account), but the connection would fail because the password information provided earlier for the user2 account was incorrect: NCL>SET NCL DEFAULT ENTITY NODE remnod %NCL-E-REQUESTFAILED, command failed due to: -CML-E-SESSPROB, error returned from session control -IPC-E-BADUSER, access control rejection -NET-F-REMOTEDISCONN, connection disconnected by remote user %NCL-E-NOCONNECTION, cannot establish CMIP connection to remote node set ncl default entity node remnod Whenever a connection to a default entity node fails, the default entity node is reset to the local node entity. Default subentity information is cleared as well because subentities are node-specific. The default access information is left as is, but it remains unused until the default node entity is reset. For example, after the above failure to modify the default node entity, the NCL defaults would look like this: NCL>SHOW NCL DEFAULT NCL Default Access by User user2, Password xxx NCL Default Entity () Documentation Errata 4-5 Documentation Errata 4.1 Network Management and NCL 4.1.7 NCL Snapshot Command Snapshot information is only retained for the duration of an NCL session. Therefore, the snapshot command and subsequent show commands must be issued at the NCL> prompt rather than at the DCL prompt. To gather snapshot information from a remote node, you can either set the NCL default to the remote node entity or include the nodename in each NCL command, as long as the commands are issued within the same NCL session. 4.2 OSAK Programming The following sections provide information that updates the current OSAK documentation. 4.2.1 Using OSAK over RFC1006 On the initiator side, to make a connection over RFC1006, specify as the NSAP the IP address as a 6-byte nibble packed hex value including the port number in the first two bytes. For example, the address of 16.36.12.142 on port 102 would be encoded as follows: 102 16.36.112.142 | | | | | 0066 10 24 70 8E In this case, the NSAP would be 00661024708E (hex). Specify the NSAP type as OSAK_C_RFC1006. For the transport template, specify either the pseudo-template "1006" or no template at all. OSAK uses a default template of "1006" if the NSAP type is OSAK_C_RFC1006. On the responder side, to listen for RFC1006 connections, specify as the transport template the pseudo-template "1006". 4.2.2 New OSAK API Routine: osak_tc_no_sc() OSAK now contains a new API routine which allows application programs to query OSAK to determine whether a transport connection has been established on a port, but a session connection has not. Syntax: status = osak_tc_no_sc(port, state) 4-6 Documentation Errata Documentation Errata 4.2 OSAK Programming C Binding: osak_tc_no_sc(port, state) osak_port port; int *state; Arguments: port The OSAK port that you wish to query. state A pointer to an integer where OSAK should return the state information. If the port is connected at the transport layer, but not at the session layer, OSAK returns a non- zero value (true). If the port is connected at the session layer, OSAK returns a zero value (false). Description: Call this routine to determine whether the port is connected at the transport layer, but not at the session layer. This information can be useful when interoperating with some other OSI implementations that may incorrectly terminate the transport connection, or may establish a transport connection but never complete the session connection. Use of this routine can assist an application in determining if the OSAK port is hung. An equivalent routine also exists for the SPI interface: spi_tc_no_sc(). Return Values: OSAK_S_NORMAL The routine has finished without error. OSAK_S_INVPORT The port identifier is invalid. 4.2.3 Omitted Parameter Block Parameters In the DECnet-Plus OSAK SPI Programming Reference manual, the following OSAK parameter block parameters were omitted from the SPI routine descriptions. Although the parameters are listed in Section 1.2 and described in Section 1.4.2, they should also appear in the Parameters Used table as follows: Documentation Errata 4-7 Documentation Errata 4.2 OSAK Programming ___________________________________________________________ Parameters Used_________Data_Type____Access___________________________ [user_ Address read only context] port_id______osak_port____write_only_______________________ The preceding parameters should be listed for all SPI routines that have the OSAK parameter block argument, except for the following: o spi_async_close o spi_close_port o spi_collect_pb o spi_expedited_req 4.3 DECdns The information given in the following DECnet-Plus V7.1 manuals is not correct: o Installation and Basic Configuration - Section 7.1.2.1, "Creating a New Namespace." o Installation and Advanced Configuration - Section 2.1.2.1, "Creating a New Namespace." These sections direct you to use DECNET_REGISTER (option 10, Manage the directory service) to create namespace directories and then to use NET$CONFIGURE.COM to create the new namespace. This order is incorrect. The correct order is to first use NET$CONFIGURE.COM to create the new namespace. This procedure creates all of the directories needed for a single clearinghouse to function correctly. Then, if you need to create additional directories, use DECNET_REGISTER (option 10, Manage the directory service) to create the additional directories. 4-8 Documentation Errata 5 _________________________________________________________________ Operational Notes This chapter contains operational notes for DECnet-Plus. Topics discussed here expand and amplify material present in the DECnet-Plus documentation set. 5.1 NSP Characteristics for X.25 PVCs If a node has routing circuits of type x25 permanent you should set the NSP flow control policy characteristic to no flow control. In addition, if the call packet window size is 8 or less, the NSP maximum window characteristic should be set to 8. This lowers the number of NSP unacknowledged transmits and thus prevents the NSP out-of-order cache from filling. 5.2 OSI Transport The following notes apply to OSI transport: o If OSI transport times out during data transfer mode because the remote end is unreachable, the error SS$_CONNECFAIL may also be returned in the IOSB for the $QIO(IO$_READVBLK) or $QIO(IO$_WRITEVBLK) call. User code should handle SS$_TIMEOUT as well as SS$_ CONNECFAIL. o When defining an RFC 1006 address using the OSIT$NAMES logical name table, you must put a quotation mark around the address portion. o The requirement against using 0 (zero) and 1 as valid NSELs (network selectors) has been removed, but the following restrictions apply: - The selector fields for OSI transport must be the same in both transport partners if the packet is traversing a backbone containing Phase IV routers (as opposed to routing vector domains). Operational Notes 5-1 Operational Notes 5.2 OSI Transport - Although the cluster alias uses two ranges of network transport selector fields to reduce the risk of a collision, Compaq recommends that you do not choose values from those ranges, or at least that you do not choose the first few values in each range. o The osi transport entity does not support a value of 0 for the maximum remote NSAPs (network service access points) attribute. o The osi transport template entity does not support a value of any for the network service attribute. If this attribute is set to any, it is treated by OSI transport as clns. 5.3 Transport Precedence in Predominantly Phase IV Networks When using DECnet over IP on a Phase V node, the default for session control's transport precedence characteristic is {TP4,NSP}. This causes session control to attempt an OSI connection first, followed by an NSP connection. If you have a predominantly Phase IV network, this causes an unnecessary delay when connecting to Phase IV nodes. If the precedence is causing the delay, the delay will not be seen when connecting in the reverse. To change the precedence, insert the following line at the end of the NET$SESSION_ STARTUP.NCL file: set node 0 session control transport precedence = {NSP,TP4} Remember to reinsert this line if you run NET$CONFIGURE. 5.4 Upgrading to DECnet-Plus with Systems Running DEC X.25 (Alpha Only) If you are upgrading to DECnet-Plus from DECnet Phase IV and have the DEC X.25 Client for OpenVMS Alpha Systems product installed, be aware that there are two X.25 products for OpenVMS Alpha systems: o X.25 client software, for DECnet Phase IV systems only o Compaq X.25 for OpenVMS software, for DECnet-Plus systems only 5-2 Operational Notes Operational Notes 5.4 Upgrading to DECnet-Plus with Systems Running DEC X.25 (Alpha Only) If you upgrade to DECnet-Plus and want to retain access to X.25, remove the DEC X.25 Client product and install the Compaq X.25 for OpenVMS product, which provides both client and native X.25 functionality. For details about installing and configuring the Compaq X.25 for OpenVMS product, refer to the DECnet-Plus for OpenVMS Applications Installation and Advanced Configuration and the X.25 for OpenVMS Configuration manuals. 5.5 COLLECT Command and Addressing in DECNET_MIGRATE Commands Some connection errors might be reported for nodes with DECnet-Plus addresses that are not Phase-IV compatible as well. These errors occur because the network management interface on the OpenVMS operating system does not recognize connections to nodes by the explicit use of a DECnet-Plus address that is not Phase-IV compatible. If a DECnet-Plus node also has a Phase-IV compatible address, information is collected for it using that address. 5.6 Decimal Syntax DSPs Not Supported Compaq DECnet-Plus for OpenVMS supports only those IDPs (initial domain parts) that specify the use of binary syntax DSPs (domain-specific parts). IDPs that specify decimal syntax DSPs are not supported. 5.7 FDDI Large Packet Support Phase IV nodes do not support FDDI large packets. If your node has an FDDI controller that uses large packets, routing selects a smaller segment size for Phase IV adjacencies. To communicate with Phase IV nodes, Phase IV addressing must be enabled on the routing circuit. Verify that the enable phaseiv address attribute is set to true on one FDDI circuit in the sys$management:net$routing_ startup.ncl file. Operational Notes 5-3 Operational Notes 5.8 Startup Procedure Change: NCL Information Minimized 5.8 Startup Procedure Change: NCL Information Minimized The startup procedure now displays a minimum amount of Network Control Language (NCL) information. If you want to view the complete NCL output for troubleshooting purposes, you can define the following logical name in sys$manager:net$logicals.com: $ define/system/nolog net$startup_quiet_ncl false If the net$logicals.com file does not exist on your system, you can create one by copying the file from the sys$manager:net$logicals.template. 5.9 Setting Alias Selection Weights The DECnet-Plus Network Control Language Reference suggests that the alias selection weight characteristic be set to values between 0 and 10. Setting the selection weight to a very low non-zero number, such as 1, encourages needless connection delay because each incoming connection is treated in a round-robin fashion. That is, as each new connection comes in, it must be passed to the next cluster member. In general, Compaq now recommends that values of 5 to 10 be used. Zero should still be used when it is desired to exclude a cluster member. 5.10 Configuring X.25 Access Filters for Use by OSI Transport (VAX Only) To create X.25 Access filters with the X.25 Native Mode software (formerly VAX P.S.I.) configuration procedure, use the Declaring a Network Process section, as follows: 1. On the introduction screen to Declaring a Network Process section, answer YES to the question: Do you want X.25 or X.29 programs to specify filter names in $QIO(IO$_ACPCONTROL) calls? 2. On the next screen, answer NO to the question: Do you want IO$_ACPCONTROL calls issued by your programs to name any dynamic filters? 5-4 Operational Notes Operational Notes 5.10 Configuring X.25 Access Filters for Use by OSI Transport (VAX Only) 3. On the next screen, answer YES to the question: Do you want IO$_ACPCONTROL calls issued by your programs to name any static filters? 4. On the following two screens, you can set up the attributes for the X.25 Access filter. You are prompted to enter network process filter information. You must complete the following fields: o Filter Name: OSI Transport o Call Data Value: for example, %X03010100 o Call Data Mask: for example, %XFFFFFFFF You can set the filter name to any name. However, the name you use must match the name you entered as the X.25 Access template name and as the OSI Transport template CONS template name. The OSI transport template attribute cons template is case sensitive and must match the OSI transport attribute cons filters exactly. Modification of the OSI transport cons filters attribute while OSI transport is enabled is permitted with the add command. The set and remove commands can only be used to modify the CONS filters when the OSI transport is disabled. The Call Data Value and Call Data Mask entries are used by X.25 Native Mode software to determine whether an inbound network connect should be passed to OSI transport. For other fields, use the default value provided. You can set up a security filter corresponding to this X.25 Access filter in the Incoming Security for Network Processes section of the X.25 Native Mode configuration procedure. 5.11 DECdns Operational Notes 5-5 Operational Notes 5.11 DECdns 5.11.1 Adjusting null_port_timeout in DNS.CONF If you receive the message Unable to communicate with any DECdns server during a NEW EPOCH or CREATE REPLICA command, you should increase the value for the null_port_timeout parameter on the server. For example, to set the timeout to 3600 seconds (60 minutes), add the following line to your SYS$SYSDEVICE:[DNS$SERVER]DNS.CONF file: dns.dnsd.null_port_timeout: 3600 It is CRITICAL that you increase the null_port_timeout parameter on all servers that are in the replica set for the directory that had the problem. The timeout value should be the same on all servers in the replica set. If you fail to do this, any changes that you make will have no effect. ________________________ Note ________________________ This release of DECdns has increased the default value of the null_port_timeout parameter from 20 seconds to 60 seconds. However, this default value will not be sufficient for all cases. ______________________________________________________ 5.11.2 Providing Adequate Resources for DECdns It is important to provide the DECdns server with adequate resources because the DECdns server uses an "in memory" database. Compaq strongly recommends that users be generous with system quotas, especially the working set quota. Autogen does not correctly calculate the working set size required by the DECdns Server. The working set size depends on the size of your checkpoint file. The size of the working set typically varies from 50,000 to 250,000. Using working set sizes below 50000 is generally not recommended. If you need help on setting the quotas, contact your Compaq representative to obtain the tools to monitor the quota utilization. 5-6 Operational Notes Operational Notes 5.11 DECdns 5.11.3 Using the DNS.CONF Configuration File Proper configuration of the server may be required if the default server quotas and timeouts are not sufficient for your particular situation. These parameters are specified in the file DNS.CONF which is in the SYS$SYSDEVICE:[DNS$SERVER] directory. An example DNS.CONF file is shown below: ! all parameters in lowercase dns.dnsd.acs_override: 1 dns.dnsd.node_verification: 0 !dns.dnsd.idle_conn_timeout: 500 !dns.dnsd.null_port_timeout: 5400 dns.dnsd.maximum_handlers_quota: 1000 dns.dnsd.standby_handlers_quota: 10 dns.dnsd.maximum_buffers_quota: 1000 dns.dnsd.ta_conn_quota: 600 !dns.dnsd.back_conn_quota: 100 dns.dnsd.dormancy_evaluation_interval: 30 !dns.dnsd.db_version_to_prune: 1236 Parameter lines may be commented out by placing a exclamation character (!) at the beginning of the line. The meaning of these parameters and the default values are discussed below: o dns.dnsd.acs_override: Disables access control if set to 1. The default setting is zero (access control checking on). _______________________ Caution _______________________ While access control checking is overridden, any privileged or non-privileged user on your network has complete read, write, delete, and control privileges to any object, directory, or clearinghouse managed on this server. ______________________________________________________ o dns.dnsd.node_verification: Disables node verification if set to zero. The default setting is 1 (node verification enabled). Operational Notes 5-7 Operational Notes 5.11 DECdns If you set this option to 0, the server does not backtranslate the incoming address to verify that the incoming connection is actually coming from where the incoming connection claims it is coming from. With this disabled, servers are vulnerable to intentional or unintentional "node spoofing" where systems make updates to the namespace for which their node names are authorized but their addresses are not. o dns.dnsd.idle_conn_timeout: Time in seconds to wait while link is idle before disconnecting the link. The default value is 300 seconds (5 minutes). If this value is set too low, it results in excessive processing time to recreate links every time a request is processed. If set too high, it ties up resources for links that are not being used. o dns.dnsd.null_port_timeout: Time in seconds to wait before unconditionally disconnecting the link. The default value is 1800 seconds (30 minutes). The value should be set high enough to allow the longest command to complete execution. Typically, the longest command is "SET DIR .X TO NEW EPOCH ..." which includes a skulk as the final part of its processing. Values for this parameter can range anywhere from a couple of minutes to 90 minutes depending on the size of the directory involved and delays present in the network. (See Section "Problems Corrected in ECO 71" for a description of the symptoms of the null_port_ timeout being incorrectly set too low.) If you get a no communications error (DNS$_NOCOMMUNICATIONS) this can be caused by the null_port_timeout being set too low. However, if the time for long commands starts to approach 2 hours this may indicate a hung link or a hung server. o dns.dnsd.maximum_handlers_quota: Maximum number of request handlers to allocate for request processing. The default value is 200. In most cases, the number of request handlers needed is approximately equal to the number of clerks connecting to the server. o dns.dnsd.standby_handlers_quota: Maximum number of request handlers to keep ready to process incoming requests. The default is 10. 5-8 Operational Notes Operational Notes 5.11 DECdns o dns.dnsd.maximum_buffers_quota: Maximum number of buffers available for request handlers from the request pool (rpool). The default is 200. Normally, the value for this parameter should be the same as the MAXIMUM_ HANDLERS_QUOTA. o dns.dnsd.ta_conn_quota: Maximum number of connections for front end operations (lookups, modify operations). The default is 200. Typically, the value for this parameter can be same or somewhat less than MAXIMUM_ HANDLERS_QUOTA AND MAXIMUM_BUFFER_QUOTA. Both MAXIMUM_ HANDLERS_QUOTA and MAXIMUM_BUFFERS_QUOTA may include an additional allowance for the back end operations. o dns.dnsd.back_conn_quota: Maximum number of connections for back end operations (skulks, other back ground activities). The default is 20. Note that the sum of these two quotas (TA_CONN_QUOTA, BACK_CONN_QUOTA) should be below the values for NCL characteristics for either OSI TRANSPORT MAXIMUM TRANSPORT CONNECTIONS, or NSP MAXIMUM TRANSPORT CONNECTIONS. Compaq recommends that the maximum transport connections characteristics be set so that the system never reaches the maximum number of connections specified. Increase maximum transport connections characteristics for NSP and OSI if required to meet this requirement. In addition, increase NET$ACP process defaults. o dns.dnsd.dormancy_evaluation_interval: The time (seconds) to keep resources used by a request available in pool so that they may be reused. The default is 60. Decreasing the value from the default may allow resources to be released earlier. However, decreasing it too much results in a delay in starting the processing of a new request. Consequently, if it is changed, it should be done very carefully. o dns.dnsd.db_version_to_prune: Sequence number of a checkpoint file. All dying replicas will be removed from this file. The default is 0 (turned off). Operational Notes 5-9 Operational Notes 5.11 DECdns The sequence number can be determined by typing out the clearinghouse version file (the file which has a file extension of .VERSION). Next, restart the server and then shut it down again. The server should write out a new checkpoint file with the dying replicas eliminated. Finally, remove the above line from the DNS.CONF file, and restart the server. Only one prune operation is allowed per server session. ________________________ Note ________________________ If you choose to leave the line in the file you should change the value to 0 (zero) to avoid accidental pruning. ______________________________________________________ To display the results of a prune operation in the DNS$SERVER.LOG file, insert the "db_checkpoint_info" event into the SYS$SYSDEVICE:[DNS$SERVER]DNSD.EVENT file before beginning the prune operation. 5.11.4 Limitation on Size of Checkpoint File Records The checkpoint file has a limitation of 500 blocks maximum on the size of individual records. To detect any records over this limit or approaching this limit, run the SURGEON "-scanrx" option. You will need to take corrective action if you see a line indicating greater than 500 blocks and the number of records is one (RECS: 1) because the server may bugcheck with a 902 error in the DB_COMPRESSION.C module. Records that exceed the 500 block maximum can be caused by an application that is writing records larger than this limit or the garbage collector mechanism (removes deleted records) is not running. To correct the problem, apply one of the following actions: o Use the SURGEON "-exciser" option to remove the offending records o Use the RECREATE OBJECT command (if the garbage collector is not running). If you have any questions about doing this, consult your Compaq representative. 5-10 Operational Notes Operational Notes 5.11 DECdns Avoid the situation with the garbage collector not running by making sure all your directories skulk to a success status and that the DNS$ALLUPTO date is recent. Use the following command in DNS$CONTROL to check the skulk status of all directories in the namespace: SHOW DIR ... DNS$SKULKSTATUS Use the following command in DNS$CONTROL to check the DNS$ALLUPTO date on all directories in the namespace: SHOW DIR ... DNS$ALLUPTO 5.11.5 Using the NEW EPOCH Command When issuing the NEW EPOCH command in the DNS$CONTROL program, do not assume that the command completed successfully if you do not get any errors reported. You must check the skulk status on the master replica to determine if the NEW EPOCH command completed successfully. To check the skulk status, use a command similar to the following command: SHOW REPLICA .directory CLEARINGHOUSE .master_ch DNS$SKULKSTATUS ________________________ Note ________________________ Specify the name of your clearinghouse that contains the master replica, as the skulk status is only available on the master replica. ______________________________________________________ 5.11.6 Configuring a Node as a DECdns Server When you configure your system as a DECdns server, DECdns must be the primary name service. To specify DECdns as the primary name service, execute NET$CONFIGURE and specify DECdns as the first name service in the ordered list. Operational Notes 5-11 Operational Notes 5.11 DECdns 5.11.6.1 Creating A New Namespace If your system is to be the first server for a new namespace, first configure the system in the Local namespace. After you finish configuring the system in the Local namespace, configure the system with DECdns as the primary name service. Remove the Local namespace later, if appropriate. 5.11.7 Default Parameters for Process Limits on DECdns Servers This note describes several default parameters for process limits on NET$ACP and DNS$SERVER. o The default value of 100 for FILLM on a DECdns server limits the number of DECdns clerks that can connect. This limitation causes the DECdns clerk to log a USERREJECT error into the DNS$CHFAIL.LOG file when the limit of 100 connections is exceeded. You can raise this limit by modifying the line in SYS$STARTUP:DNS$SERVER_ STARTUP.COM that specifies /FILLM=100. o The default value of 100 for ASTLM on NET$ACP limits the number of connections that NET$ACP can process at one time. o When NET$ACP runs out of ASTs (asynchronous system traps), FILLM on the NET$ACP is closely following ASTLM toward 0. Both parameters must be raised together. o The VIRTUALPAGECNT limit for nodes with DECdns servers that have a small number of connections must be approximately 10,000 blocks greater than the DECdns checkpoint file size. For DECdns servers with a large number of connections, you should set the VIRTUALPAGECNT limit to a value at least three times the size of the DECdns checkpoint file. You must also size the page files on the node accordingly. If the system has more than one page file, the individual page files must be at least as large as the checkpoint file. Because each OpenVMS process is assigned to a single page file, the total combined size of the page files is not useful to DECdns, because it can only use the capacity of one of them when it reads the entire clearinghouse checkpoint file into memory. Note also that DECdns is 5-12 Operational Notes Operational Notes 5.11 DECdns not guaranteed to use the larger page file if one page file is sufficiently large and others are not. 5.11.8 PAGEDYN Resources: Clerks and Servers DECdns clerk and server systems can require additional paged dynamic memory resources (PAGEDYN). For DECdns clerk systems, consider increasing the PAGEDYN resource on the node if you see either the RESOURCEERROR or NONSRESOURCES error during skulk operations. Before you configure a system as a DECdns server, check that the system has at least 50,000 free bytes of paged dynamic memory. Insufficient paged dynamic memory on servers can cause configuration errors, skulk failures, and in some cases normal clerk operations can fail, returning either the RESOURCEERROR or NONSRESOURCES error. The DNS$SERVER.LOG file can also contain messages regarding failures caused by this resource. Servers holding master replicas of directories that have many read-only replicas can also require additional paged dynamic memory. 5.11.9 Use the Outgoing Alias When Connecting to DECdns Servers Because of a change in DECnet-Plus Session Control, all DECdns requests from nodes in an OpenVMS Cluster can send the cluster alias address as the source address. The current behavior is to send the individual node address. To use this functionality, edit the file SYS$MANAGER:DNS$CLERK_CLUSTER.NCL and set outgoing alias = true. To affect the running system, use the following NCL command on all nodes in your cluster: NCL> set session control application dnsclerk outgoing alias = true ________________________ Note ________________________ Implementing this functionality might require nontrivial changes to the current access control in your namespace because you are changing the source address of DECdns clerk requests. ______________________________________________________ Operational Notes 5-13 Operational Notes 5.11 DECdns 5.12 DECdts 5.12.1 Automatic Time Zone Changes on Rebooting Clusters If all members of a cluster are down when daylight saving time (DST) takes effect and automatic time zone changes are enabled, then members may reboot with the incorrect local time. If you anticipate that the cluster will be down during the change to or from daylight saving time, you should disable automatic time zone changes and make the changes manually. 5.13 OSAK Programming The following sections discuss operational notes for the OSAK interface. 5.13.1 User Data Size Restriction for Tracing OSAK does not support tracing with user data buffers larger than 32765 bytes. 5.13.2 OSAK Version 1.1 No Longer Supplied Compaq no longer provides the OSAK Version 1.1 interface. If you use the OSAK Version 1.1 interface, you must migrate to the OSAK Version 3.0 SPI (session programming interface). The OSAK Version 3.0 SPI provides the same capabilities as the OSAK Version 1.1 interface. For detailed information about the OSAK Version 3.0 SPI, see the DECnet-Plus OSAK SPI Programming Reference manual. 5.13.3 Migrating Applications from Version 2.0 to Version 3.0 OSAK API Interface Version 3.0 of OSAK includes a programming interface that is backwards compatible with the Version 2.0 programming interface. As a result of more rigorous conformance testing, some additional problems have been uncovered in the Version 2.0 interface. 5-14 Operational Notes Operational Notes 5.13 OSAK Programming As a result, applications built against OSAK Version 2.0 might encounter problems when using the Version 2.0 backwards-compatible interface in OSAK Version 3.0 if the applications contain previously untrapped application problems. 5.13.4 Misleading OSAK Error Message: SPM Congestion at Connect Time When OSAKserver receives an association request that specifies a nonexistent user identity, it generates the error message "SPM Congestion at Connect Time." If you see this error, check that the user name and password specified in the request are correct. If the user name is correct but the password is incorrect, the OPCOM message %LOGIN-F-INVPWD is logged. If the user name is incorrect, no OPCOM message is logged. 5.14 DECnet Programming The following sections discuss programming issues that apply to the DECnet programming interface. 5.14.1 64-Bit Virtual Address Restrictions You can use 64-bit virtual addresses only with $QIO operations on the NET: devices; you cannot use 64-bit virtual addresses with $QIO operations on the OS: devices. For transparent task-to-task communication, the $ASSIGN system service accepts only 32-bit addresses and 32-bit descriptors for the DEVNAM parameter when it describes a network connect block (NCB). You can use non-transparent task-to-task operations when you want 64-bit descriptor addresses and 64-bit descriptors to specify an NCB. 5.14.2 Backtranslation of IP Addresses For IP addresses, session control returns the full name if the synonym is not available regardless of the Session Control Application Node Synonym setting. If neither the full name nor synonym is available, the IP$aa.bb.cc.dd format is returned. Operational Notes 5-15 Operational Notes 5.14 DECnet Programming If the system is configured to use IP addresses, you should prepare the application to receive a node name or address string longer than six characters in length even if Session Control Application Node Synonym = TRUE is specified for the application. 5.14.3 Applications Connection Requirement With DECnet-Plus, your application must wait for the completion of the $QIO system service call used to accept the connection before attempting to use the connection. 5.15 FTAM, Virtual Terminal, and OSI Application Kernel 5.15.1 FTAM This section discusses issues related to FTAM software. 5.15.1.1 Downstream Processing Support in OSIF$FAL This version of FTAM includes additional support for downstream file processing when using the FTAM responder (OSIF$FAL.EXE). OSIF$FAL creates the OSIF$FILEINFO logical name. When translated, this logical name provides information about all files that were opened via an FTAM F-OPEN-REQUEST during the FTAM association. The information currently available includes the local RMS file name and the FTAM processing mode for the file. Each piece of information is delimited by a slash (/). For example: $ show logical osif$fileinfo "osif$fileinfo" [SUPER] = "dka500:[tmp]file1.txt;1/48" (lnm$process_table) = "dka500:[tmp]tmp.tmp;9/48" The OSIF$RESPONDER.COM procedure located in SYS$SYSTEM has been enhanced with sample DCL code that demonstrates how this information can be parsed and used. 5-16 Operational Notes Operational Notes 5.15 FTAM, Virtual Terminal, and OSI Application Kernel 5.15.1.2 COPY Command Enhancement In older versions of DECnet-Plus, when you copied a file from a local file to a remote alias, the following command automatically created the output file name "." on the target system: copy/app=ftam file.ext alias"user pwd":: This command now uses the name you specify on the initiating system to create the file on the target system. 5.15.1.3 DAP/Gateway Support now exists for the DAP/FTAM gateway append function. 5.15.1.4 RMS Record I/O Performance Enhancements This version of FTAM includes changes that enhance performance with RMS when doing record-oriented I/O. In addition to internal changes, two logical names now allow some control over initial file creation and extend sizes. These logical names are most useful when you know in advance that a typical file will exceed a certain size, and that FTAM is acting as the receiver of data. The logical names are: ___________________________________________________________ Logical_Name________Action_________________________________ OSIF_FILE_ALQ Controls initial file allocation size (in blocks) OSIF_FILE_DEQ_______Controls_extension_size_(in_blocks)____ ________________________ Note ________________________ If a future_filesize parameter is supplied in the F-CREATE-REQUEST, the logical names are ignored. ______________________________________________________ You can define the logical names in any appropriate location, such as in SYS$SYSTEM:OSIF$RESPONDER.COM. For example: $ define OSIF_FILE_ALQ 1000 ! allocate files initially @ 1000 blocks $ define OSIF_FILE_DEQ 500 ! extend by 500 blocks when needed Operational Notes 5-17 Operational Notes 5.15 FTAM, Virtual Terminal, and OSI Application Kernel Limited performance testing has been done with FTAM-1 fixed files. Increases in performance ranges are dependent on the platform and other variables. Because many factors influence performance, actual increases vary. 5.15.2 Virtual Terminal This section discusses issues related to Virtual Terminal (VT) software. 5.15.2.1 CTRL-@ A previous release note item incorrectly stated that the SET command in Local Command Mode would not accept CTRL- @ as a valid value for the break, command, or disconnect characters. You may specify CTRL-@ as the break, command, or disconnect character by using the circumflex-character notation (by typing the circumflex (^), followed by the "at-sign" (@)). 5.15.2.2 Amode Repertoire The SEND command in Local Command Mode no longer incorrectly indicates that a character is not in the Amode- default repertoire. 5.15.2.3 Responder The Virtual Terminal responder no longer stops accepting connections after several connections have been established and aborted. 5.15.2.4 VT/LAT Gateway The VT/LAT gateway no longer hangs if an unknown LAT service is provided at the LAT service name prompt. 5-18 Operational Notes 6 _________________________________________________________________ Known Problems This chapter discusses known problems and restrictions present in the Compaq DECnet-Plus for OpenVMS Version 7.3 product. 6.1 NET$SHUTDOWN May Fail to Complete NET$SHUTDOWN may fail to complete if there are network applications that issue new connections during the shutdown. A solution is to invoke the application shutdown prior to the network shutdown by use of the NET$AUX_CONTROL logical. Define NET$AUX_CONTROL to point to an auxiliary application shutdown DCL command procedure. 6.2 Receive Buffers Attribute on HDLC LINK Entity Not Implemented (Alpha Only) The receive buffers attribute of the hdlc link entity is not implemented in DECnet-Plus. If you attempt to set the attribute according to the following example, NCL displays the subsequent informational messages: NCL> set node 0 hdlc link hdlc-0 receive buffers 8 Node 0 HDLC Link HDLC-0 at 1994-04-28-09:51:10.780-04:00I0.113 Command failed due to: set list error Characteristics no such attribute ID: Receive Buffers = 8 HDLC (High-level Data Link Control) allocates the number of receive buffers that it requires; you cannot specify this setting. Known Problems 6-1 Known Problems 6.3 DECdns 6.3 DECdns 6.3.1 Error Creating New Namespaces An error can occur when creating a new namespace if the directory SYS$SYSDEVICE:[DNS$SERVER] is missing. Correct this error by issuing the following command from the SYSTEM account: $ CREATE/DIRECTORY SYS$SYSDEVICE:[DNS$SERVER] Use the above command before attempting to create a new namespace. 6.3.2 System Hangs at Startup in DNS Clerk The system may hang at startup in the DNS clerk initialization procedures. This problem can occur when a system with three or more LAN adapters fails on startup of the DECdns clerk. The startup fails because the DECdns Clerk Buffer Limit has been reached. To work around this problem, define the logical DNS$ADVER_BUFFER_LIMIT in SYLOGICALS>COM as follows: $ DEFINE/SYSTEM DNS$ADVER_BUFFER_LIMIT 300000 6.3.3 Server Software Is Not Available for OpenVMS Alpha Systems DECdns server software is not available to use with OpenVMS Alpha systems. All references to DECdns servers (and to their resident clearinghouses) apply to the DECdns servers in your namespace that are running on ULTRIX, DIGITAL UNIX, or OpenVMS VAX systems. 6.3.4 Startup Error Message: DECdns Clerk The DECdns clerk startup might output the following error message: Create Node 0 DNS Clerk Known Namespace CZ command failed due to: process failure A Known Namespace with this name or NSCTS already exists 6-2 Known Problems Known Problems 6.3 DECdns You can disregard this message. The DECdns clerk configuration procedure puts a create dns clerk known namespace command for the default namespace into the DECdns clerk NCL startup file. The command remains there in case the DECdns cache file has been deleted or corrupted. 6.3.5 General DECdns Problems You might encounter the following DECdns problems: o DNS$Control might return Syntax Error if the clerk is disabled. o You should not use DNS$Control to modify the DNA_ NodeSynonym attribute on DECnet node objects. DNS$Control displays the attribute properly but does not modify it properly. Use the decnet_register tool to modify DECnet data stored in DECdns. o Re-created entries retain the case of the original entry name. o On OpenVMS VAX systems, if you have trouble creating a clearinghouse, make sure that either the dns$server account (user authorization file entry) does not exist or its default directory does exist. 6.3.6 Handling Clerk Cache Startup Problems The DECdns clerk resizes the clerk cache file only when a sizing calculation determines that the file is less than whichever is smaller: 1000 blocks or .5% of memory. If the amount of physical memory available to a system has changed or if the GBLPAGFIL system parameter has been modified, check the SYS$MANAGER:DNS$ADVER_ERROR.LOG file. The DECdns clerk indicates in this file if it has calculated a new recommended cache size. When you see the following message, fewer than 10 GBLPAGFILs are available and the cache file was not created: Insufficient Global Page File Limit - no cache When this situation happens, increase the size of GBLPAGFIL, run AUTOGEN, and reboot your system to get a functioning DECdns clerk. Known Problems 6-3 Known Problems 6.3 DECdns If the cache file size exceeds 75 percent of the available GBLPAGFIL, it is set to that figure (75 percent of the available GBLPAGFIL) so it does not use up all of the available GBLPAGFIL. For OpenVMS systems, the maximum size of the clerk cache is 512 MB. If the recommended change in the size of the cache file is substantial and you want DECdns to use the new cache size, take the following steps: 1. Shut down DECdns. 2. Delete the existing cache files (SYS$SYSTEM:DNS$CACHE.*). 3. Reboot the system (do not start DECdns before rebooting- the cache sizing algorithm must run on a fresh boot of OpenVMS). 4. Start DECdns during the reboot or at any time thereafter. The first time DECdns Version 2 runs on a system (or if DECdns runs and finds the cache file missing), the advertiser creates the file SYS$SYSTEM:DNS$CACHE.0000000001) (again, only if it does not already exist). This file is the backing store file for the DECdns clerk cache. The backing store update interval is 30 minutes. The extension part of the file name (0000000001) is incremented by 1 at each interval and is updated in the associated file SYS$SYSTEM:DNS$CACHE.VERSION. If you want to start with an empty cache, delete both files by entering the following command before you start the clerk: $ delete sys$system:dns$cache.* 6.3.7 Removing Obsolete DNS$CACHE Files Multiple obsolete copies of the DECdns clerk cache backing store file (SYS$SYSTEM:DNS$CACHE.000000000n) can, under unusual circumstances, accumulate and cause disk space problems on the system. DECdns uses only the DNS$CACHE.VERSION file and the one or two most recent DNS$CACHE.000000000n files referenced in DNS$CACHE.VERSION. DECdns normally deletes prior unreferenced versions of the file. 6-4 Known Problems Known Problems 6.3 DECdns If you check the contents of the SYS$SYSTEM directory and see more than one backing store file, type the DNS$CACHE.VERSION file to see which backing store files DECdns is currently using and delete all prior DNS$CACHE.000000000n files from the directory. Known Problems 6-5