TCPware V5.9 Management Guide Table of Contents
Introducing This Guide
What You Need to Know Beforehand
How This Guide Is Organized
Online Help
Obtaining Customer Support
Licensing Information
Maintenance Services
Reader's Comments Page
Documentation Set
Conventions Used
Introduction
Ethernet, FDDI, Token Ring, and ATM
Address Resolution Protocol
Reverse Address Resolution Protocol
Ethernet Trailer Packets
Qualifiers with LAN Device Lines
VMS Communications Interfaces Support
Limiting Receive Packet Rate
HYPERchannel
Address Format
Address Mapping
Qualifiers with HYPERchannel Lines
IP-over-DECnet
Configuring DECnet Lines
Line-Specific Information
Sample Configuration
Qualifiers with DECnet Lines
proNET-10/80
Configuring proNET Lines
Qualifiers with proNET Lines
HP Wide Area Network (WAN) Device Drivers
Line-Specific Information
Qualifiers with VAX WAN Device Driver Lines
Pseudo Devices
Adding a Pseudo Device
Characteristics of Pseudo Devices
When to Use Pseudo Devices, Secondary Addresses, and Interface Routes
Introduction
General Description
Setting Up the DHCP Client
DHCP Client Functions and Logicals
DHCP Client Configuration
Protocol Timing
Lease Requirements and Requests
Option Modifiers
Lease Declarations
Other Declarations
Example
Troubleshooting the DHCP Client
Introduction
Domain Name System (DNS) Concepts
DNS Client
Domain Name Server
Starting and Stopping
The TCPWARE_NAMED_ROOT:NAMED.CONF File
Zone
Options
Logging
Editing Database Files
Special Characters
Special Commands
Resource Records
Configuration Requirements
Load Balancing Process
Cluster Names
Load Request Protocol
Introduction
DHCP and BOOTP
DHCP Process
DHCP Administration
DHCP Configuration
Verifying the DHCP Configuration
Reloading the DHCP Configuration
DHCP Conversion Tool
Introducing the Configuration File
Client Classing
Conditional Behavior
DNS Dynamic Updates Within DHCP
Host Name Generation
Configuration File Declarations and Parameters
Expressions
DHCP Options
DHCP Lease Format
Address Lease States in DHCP Dump Files
Registering Clients While the DHCP Server is Running
Examples:
DHCP Safe-failover Introduction
Configuring DHCP Safe-failover
Boot File for DHCP Safe-failover
State File for DHCP Safe-failover
DHCP Safe-failover Configuration File Statements
DHCP Safe-failover Lease File Statements
Transitioning to DHCP Safe-failover Partner-Down State
Introduction
Point-to-Point Protocol Interface
Implementation
Before Configuring PPP Lines
PPPD Command
Configuring PPP Links
Authentication
Using the Password Authentication Protocol
Using the Challenge Handshake Authentication Protocol
Authentication Files
Modifying Authentication Names
IP Addresses
Incoming Dialup Lines
Routing
TCP/IP Header Compression
Command Reference
Troubleshooting PPPD
Serial Line IP Interface
SLIP Line Identification
Before Configuring SLIP Lines
Configuring SLIP Lines
Sample SLIP Link
Sample Unnumbered SLIP Link
Incoming Dialup SLIP Lines
Outgoing Dialup SLIP Lines
Disconnecting SLIP Lines
Full XON/XOFF Flowcontrol
Qualifiers with SLIP Lines
Compressed SLIP
Troubleshooting SLIP
Introduction
How It Works
Setting It Up
Limitations
Introduction
Links
Traps
Management Information Base
MIB Access Rules
MIB Groups
Configuring SNMP Services
Configuration File
File Format
Values for MIB Objects
Community Parameters
Disabling Traps
Generating Traps
Receiving Traps
SNMP Multiplexing Peers
SNMP Agent Extensibility (AgentX) Peers
Private MIB Application Program Interface
SNMP Log File
Reloading the SNMP Configuration Without Rebooting
Performing SNMP Functions with TCPware
Template Configuration File
Introduction
Support
System Parameters
DTE or X.25 Addresses
Mapping Database
Before You Begin
Database
Tips
Map Entries
Route Entries
Address Entries
Translate Entries
Sample X25.CONF Files
On Condor
On Hawk
On Eagle
Sample Module Characteristics
Troubleshooting
Introduction
Multiple Gateway Support
Router or Link Failure
Router or Link Recovery
Static Routing
Routing Guidelines
Example 1
Example 2
Forwarding
Multicast Routing
Using GateD
GateD Configuration File
GateD Route Selection
Starting and Stopping GateD
GateD NETCU Commands
GateD Configuration Statements
Interface Clause
Sample GateD Configurations
Introduction
Overview of NTP
Programs and Files
Program Files
Configuration Files
Other Files
Configuration
NTP Network Design
NTP.CONF
Access Control Commands
Authentication Using a Keys File
Using the call_dst_proc option
NTP Utilities
Command Line Format
NTP Management
Implementing NTP
Modifying the NTP Configuration File
Monitoring
Troubleshooting Tips
Troubleshooting Using NTPQ
Configuration Example
Introduction
Time Synchronization
Primary Candidate Election Process
TIMED Operation Mode
Changing Network Time
Setting TIMED Parameters
Loadable Timezone Rules
Loadable Timezone Rules Provided with TCPware
TIMEDC Command Reference
Examples
Introduction
Client Considerations
Startup Command File
Status on Exiting FTP Status
Server Security
Incoming Access Restrictions
Configuring the FTP server for TLS
Login Procedures
Directory Access Restrictions
Log File
Idle Control Connection Timeout
Network Service Monitoring
Session Accounting
Configuring Session Accounting
Configuration File
File Format
Enabling the Session Accounting Facility
Displaying the Contents of the Logging File
Special Messages
ANONYMOUS Support
Server Logicals
TCPWARE_FTP_220_REPLY
TCPWARE_FTP_221_REPLY
TCPWARE_FTP_230_REPLY
TCPWARE_FTP_421_REPLY
TCPWARE_FTP_ACCESS
TCPWARE_FTP_ALL_VERSIONS
TCPWARE_FTP_ALLOWCAPTIVE
TCPWARE_FTP_ANONYMOUS_230_REPLY
TCPWARE_FTP_ANONYMOUS_RIGHTS
TCPWARE_FTP_ANONYMOUS_ROOT
TCPWARE_FTP_CONNECT_BANNER
TCPWARE_FTP_DISALLOW_UNIX_STYLE
TCPWARE_FTP_DISALLOW_WILDCARD_DELETES
TCPWARE_FTP_DONT_REPORT_FILESIZE
TCPWARE_FTP_EXTENSION_QUANTITY
TCPWARE_FTP_GETHOST_MAX_TIME
TCPWARE_FTP_IDLE_TIMEOUT
TCPWARE_FTP_LOGFILE
TCPWARE_FTP_LOG_ALL_USERS
TCPWARE_FTP_LOWERCASE_NLST
TCPWARE_FTP_MAX_PRE_ALLOCATION
TCPWARE_FTP_MAXREC
TCPWARE_FTP_MAX_SERVERS
TCPWARE_FTP_MESSAGE_FILE
TCPWARE_FTP_NEW_LOGFILE
TCPWARE_FTP_NOKEEPALIVES
TCPWARE_FTP_NO_PASV_SECURITY
TCPWARE_FTP_ONLY_BREAK_ON_CRLF
TCPWARE_FTP_PASSWORD_WARNING_MESSAGE
TCPWARE_FTP_PASSWORD_WARNING_TIME
TCPWARE_FTP_RECEIVE_THRESHOLD
TCPWARE_FTP_RECODE_NONVMS_FILE_NAMES
TCPWARE_FTP_ROOT
TCPWARE_FTP_username_ROOT
TCPWARE_FTP_SEMANTICS_FIXED_IGNORE_CC
TCPWARE_FTP_SEMANTICS_VARIABLE_IGNORE_CC
TCPWARE_FTP_SERVER_DATA_PORT_RANGE
TCPWARE_FTP_SERVER_LOG_LIMIT
TCPWARE_FTP_SERVER_RELAXED_PORT_COMMAND
Server quota control logicals
TCPWARE_FTP_SET_DEFAULT_TO_ROOT
TCPWARE_FTP_STRIP_VERSION
TCPWARE_FTP_SYST_BANNER
TCPWARE_FTP_STOU_OLDNAM
TCPWARE_FTP_TLS_ALLOW_CCC
TCPWARE_FTP_TLS_ALLOW_CDC
TCPWARE_FTP_UNIX_STYLE_BY_DEFAULT
TCPWARE_FTP_UNIX_STYLE_CASE_INSENSITIVE
TCPWARE_FTP_UNIX_YEAR_OLD_FILES
TCPWARE_FTP_USE_SRI_ENCODING_ON_ODS5
TCPWARE_FTP_WINDOW
Implementation
RETRIEVE, STORE, and APPEND Command Qualifiers
Troubleshooting
Introduction
Client Concepts
Client-Server
User and File Protection
Filename Mapping
File Version Mapping
Filesystem Mounting
Cluster Environments
Mount Example
Mount Flexibility
Mount Commands
Symbolic Links
Client Auditing
Mount Strategies
Regular
Shared
Automounting
Background
Overmounting
Occluded
Network File Locking
Other Mount Options
Auto-converting Text Files
Attributes Data Files
Cache Timeout
Read/Write Transfer Size
Default User
Default UIDs and GIDs
Limiting File Versions
Superusers
Mount Type
Server Type
Retry Times
Timeout Times
Volume Labels
Cache Space
Disk Quotas
Implementation
Client Commands
Troubleshooting
Introduction
Server Security
PROXY Database
Maintaining PROXY
Adding Superusers
Reloading PROXY
EXPORT Database
Maintaining EXPORT
Reloading EXPORT
EXPORT Options
PCNFSD Services
PCNFSD Authentication
Remote PC Printing
Mounting Client Directories
Network File Locking
NFS Client Users' View
OpenVMS Users' View
Mapping Filenames
Protecting Files
UIC Protection
UID/GID Protection
OpenVMS-to-NFS File Attribute Mapping
NFS-to-OpenVMS File Attribute Mapping
Access Control Lists
File Formats
Reading Files
Writing Files
Converting Files Manually
Server Parameters
Basic Parameters
Advanced Parameters
Implementation
Restrictions
NFS Protocol Procedures
Troubleshooting
Introduction
Line Printer Services Client
LPS Client Commands
OpenVMS Print Queues
Print Forms
PRINTCAP Database
LPS System Logicals
Troubleshooting LPS
LPD Server
Server Supported Options
Data and Control Files
LPD Access File
Batch Queues
LPD Logicals
Troubleshooting LPD
Terminal Server Print Services
TSSYM Print Queue
Spool Device
Autostart Queue
Sample TSSYM Configuration
TSSYM Tuning Logicals
Troubleshooting TSSYM
Internet Printing Protocol (IPP)
IPP Protocol Background
Configuration
Global Settings
PRINT Command Options
Allowable Values
Using Logicals to Define Queue Configurations
Setting Up IPP Symbiont Queues
Submitting Jobs to IPP Symbiont Print Queues
TCPWARE IPP SHOW Command
Introduction
R Services
Service Access Lists
Host Equivalence Files
Customizing the shell and exec Services
R Services Log File
Troubleshooting R Services
RCP Server
Troubleshooting RCP
RMT Server
RMT Client Utilities
Client Examples
Modifying the TCPware SMTP Configuration File
Delivering Mail to Specific Folders
Using the New Mail Delivery Mechanisms
Rejecting Mail Messages
Network Service Monitoring
Session Accounting
Configuring Session Accounting
Configuration File
File Format
Enabling the Session Accounting Facility
Displaying the Contents of the Logging File
Configuring Mail Parameters
Configuring the SMTP Server for Inbound Mail
Configuring the SMTP Symbiont and Mail Queues for Outbound Mail
IMAP Server
IMAP Mail Folders
IMAP Directives File
IMAP State Information Files
POP3 Server
Configuring SMTP Service for ALL-IN-1 Users
Configuring the SMTP-DECnet Mail Gateway
Introduction
TELNET Logicals
Virtual Terminals
Options
ECHO
END-OF-RECORD
REMOTE-FLOW-CONTROL
SUPPRESS-GO-AHEAD
TERMINAL-SPEED
TERMINAL-TYPE
TRANSMIT-BINARY
WINDOW-SIZE
Control Functions
Exiting Status
Introduction
Security Tips
Independent Security Features
Incoming Access Restrictions
Outgoing Access Restrictions
Packet Filtering
Kerberos Services
IP Security Option
Token Authentication
Component Security
Berkeley R Commands
DECwindows
FTP-OpenVMS
NFS-OpenVMS Server
Remote Copy Program
Secure Server
TELNET-OpenVMS
Introduction
Incoming Access Restrictions
Subnet Masks
Examples
Outgoing Access Restrictions
Setting and Showing
Examples
Using Packet Filtering
Cautions
Packet Filter File
Filtering by Time
Filter Logging
Configuration Recommendations
Setting and Showing
Setting at Startup
Introduction
ACE/Client
Terms
Documents and Standards
ACE/Server Functions
ACE/Client Logicals
Disabling ACE/Client
Database Transfer and Startup
Commands
Enter PASSCODE: Prompt
New PIN Operation
Next Tokencode Mode
Backup ACE/Server
Encryption
Application Functionality
FTP
TELNET, RLOGIN, and SET HOST
User Messages
Error Messages
Introduction
Configuration Checklist
Server Concept
Configuring the Server
Service Type
Realm Name
Primary Server Name
Maximum Database Age
Management Commands
Kerberos Database
Stashing the Master Password
Adding Entries
Modifying Entries
Removing Entries
Showing Entries
Changing the Master Password
Dumping to Another File
Loading from Another File
Creating the Service Table File
Administration Server
Accounts
Access Control Lists
Examples
Kerberos for the Berkeley R Services
Require, Allow, or Disable Requests
Customizing the Kerberos Authentication Services
Kerberos for TELNET
IPSO Security
Consequences
Basic and Extended Security Options
Security Levels and Protection Authorities
Labeling as Opposed to Screening a Datagram
System and Line Basis Protection
Unlabeled Datagrams
Sample Implementation
Commands
Adding an IPSO Label
Accepting Datagrams Regardless of Authority
Applying Implicit Labels
Datagrams with Extended Security Options
Stripping Datagrams of Options
Setting IP Security Options First in the Datagram Header
Enabling ICMP Errors
Automatic Startup
Site-Specific Authority Names
Full SHOW IPSO Output
Troubleshooting
SSH1 and SSH2 Differences
Restrictions:
Understanding the TCPware Secure Shell Server
Servers and Clients
Security
Options
Configuration File
Starting the SSH Server for the First Time
Changing SSH Configuration File After Enabling SSH
Connection and Login Process
AUTHORIZED_KEYS File Format
SSH_KNOWN_HOSTS File Format
SSH Logicals
SSH daemon Files
SSH1 and SSH2 Differences
Restrictions:
Understanding the TCPware Secure Shell Server
Servers and Clients
Expired Password Handling
Break-In and Intrusion Detection
Configuring SSHD Master
SSH2 Configuration File
Starting the SSH Server for the First Time
Configuring the SSH2 Server on a VMScluster with a Common System Disk
Changing SSH2 Configuration File After Enabling SSH2
Connection and Login Process
SSH2 AUTHORIZATION File Format
SSH2 Logicals
SSH daemon Files
Configuring IPS
Configuring PMDF to use IPS on TCPware
Controlling the Filter Server
Filter Server Files
IPS Logicals
Instrumenting a User-Written Application with IPS
Introduction
PATHWORKS Version 4 Server
PATHWORKS Version 5 Server
On the PC
Troubleshooting
Version 4
Version 5
Introduction
DECnet over IP Lines
DECnet over IP Tunnels
Starting and Stopping
Status
Troubleshooting
Introduction
Installation and Initial Setup
Server Configuration
Server Access Control
Introduction
Setting Up the Interface
Setting Up the Remote Host
Displaying on a Remote Host
Displaying Locally
Troubleshooting
Introduction
CHARGEND
DAYTIMED
DISCARD and DISCARDD
ECHOD
FINGER and FINGERD
IDENT
NETCU DEBUG
NSLOOKUP
Noninteractive Mode
Interactive Mode
Entering Host-to-Find Names
Setting Options
Query Command Reference
NSLOOKUP Utility Error Messages
Using the Newer PING
Using PING_V2
Interpreting TCPDUMP Output
IP Fragmentation
TCPDUMP Command Reference
Expressions
TIME
