IBM ^ zSeries 890 and z/OS
Reference Guide
January 2005
Table of Contents
z/Architecture page 5
IBM ~ zSeries 990 page 6
z890 Family Models page 10
z890 and z900 Performance Comparison page 13
z890 I/O SubSystem page 14
z890 Channels and I/O Connectivity page 16
Fibre Channel Connectivity page 18
A New Generation for SANs – FICON Express2 page 22
A New Generation of zSeries LAN Adapters
Open Systems Adapter-Express2 page 24
Open Systems Adapter-Express Features
(OSA-Express) page 27
HiperSockets page 31
Cryptography page 33
Availability page 38
Advanced Availability Functions page 40
Parallel Sysplex Cluster Technology page 41
z890 Support for Linux page 53
zSeries 890 Family Confi guration Detail page 58
Physical Characteristics page 60
Coupling Facility - CF Level of Support page 60
z/OS page 62
z/VM page 83
VSE/ESA page 92
To Learn More page 93
2
zSeries Overview
Technology has always accelerated the pace of change.
New technologies enable new ways of doing business,
shifting markets, changing customer expectations, redefi n-
ing business models. Each major enhancement to technol-
ogy presents opportunities. Companies that understand
and prepare for changes can gain advantage over com-
petitors and lead their industries.
Customers of every size, in every industry are looking for
ways to make their businesses more resilient in the face of
change and uncertainty. They want the ability to react to
rapidly changing market conditions, manage risk, outpace
their competitors with new capabilities and deliver clear
returns on investments.
Welcome to the on demand era, the next phase of
e-business, in which companies move beyond simply
integrating their processes to actually being able to sense
and respond to fl uctuating market conditions and provide
products and services to customers on demand. While
the former notion of on demand as an e-utility capability
is a key component, on demand companies have much
broader capabilities.
What does an on demand company look like?
• Responsive: It can sense and respond in real time to
the changing needs of customers, employees, suppliers
and partners
• Variable: It must be capable of employing variable cost
structures to do business at high levels of productivity,
cost control, capital effi ciency and fi nancial predictability.
• Focused: It concentrates on its core competencies
– areas where it has a differentiating advantage – and
draws on the skills of strategic partners to manage
needs outside of these competencies.
• Resilient: It can handle the ups and downs of the global
market, and manage changes and threats with consistent availability, security and privacy – around the world,
around the clock.
To support an on demand business, the IT infrastructure
must evolve to support it. At its heart the data center must
change to refl ect these needs, the data center must be
responsive to changing demands, it must be variable to
support the diverse environment, it must be fl exible so that
applications can run on the optimal resources at any point
in time, and it must be resilient to support an always open
for business environment.
The on demand era plays to the strengths of the IBM
®
^
zSeries®. The IBM ^ zSeries 900
(z900) was launched in 2000 and was the fi rst IBM server
‘designed from the ground up for e-business.’ The latest
member of the family, the IBM ^ zSeries 890
(z890), brings enriched functions that are required for the
on demand data center to a larger audience.
The ‘responsive’ data center needs to have systems that
are managed to the quality of service goals of the business
they need systems that can be upgraded transparently
to the user and they must be adaptable to the changing
requirements of the business. With the zSeries you have a
server with high levels of reliability and a balanced design
to enable high levels of utilization and consistently high
service to the user. The capacity on demand features
continue to evolve, helping to ensure that upgrading the
servers is timely and meets the needs of your business. It’s
not just the capacity of the servers that can be changed
on demand, but the mix of workload and the allocation of
resources can be changed to refl ect the evolving needs
and priorities of the business.
,
3
The variable data center needs to be able to respond to
the ever changing demands that occur when you sup-
port multiple diverse workloads as a single entity. It must
respond to maintain the quality of service required and the
cost of utilizing the resources must refl ect the changing
environment. The zSeries Intelligent Resource director
(IRD), which combines three key zSeries technologies,
®
Workload Manager (WLM), Logical Partitioning
z/OS
®
and Parallel Sysplex
technology helps enable your most
important workloads to get the resources they need
and constantly manages the resources according to the
changing priorities of the business. With workload license
charging, as the resources required by different applica-
tions, middleware and operating systems change over
time, the software costs change to refl ect this. In addition,
®
new virtual Linux
servers can be added in just minutes
with zSeries virtualization technology to respond rapidly to
huge increases in user activity.
The fl exible data center must be adaptable to support
change and ease integration. This is achieved through
a combination of Open and industry standards along
with the adaptability to direct resources where they are
required. The zSeries along with other IBM servers have
been investing in standards for years. Key is the support
™
for Linux, but let’s not forget Java
and XML and industry
standard technologies, such as FCP, Ethernet and SCSI.
Finally the on demand data center must be designed to be
resilient. The zSeries has been renowned for reliability and
availability. The zSeries platform will help protect from both
®
scheduled and unscheduled outages, and GDPS
auto-
mates site reconfi guration for both planned and unplanned
outages.
The New zSeries from IBM
IBM’s ongoing investment in zSeries technology produced
a re-invention of the zSeries server — the z990 which was
developed at a cost in excess of $1 Billion. The new tech-
nology introduced a host of new benefi ts to meet today’s
on demand business.
The z890 takes advantage of the new z990 technology in a
package that helps deliver excellent price/performance for
those customers requiring a lower capacity entry point and
more granularity of upgrades than offered with the z990
but still delivering the ability to add incremental capacity
as it is required in an on demand world.
And IBM’s investment in zSeries doesn’t stop here. To
solidify the commitment to zSeries, IBM introduced the
“Mainframe Charter” that provides a framework for future
investment and a statement of IBM’s dedication to deliver
ongoing value to zSeries customers in their transformation
to on demand business.
Tools for Managing e-business
The IBM ^ product line is backed by a compre-
hensive suite of offerings and resources that provide value
at every stage of IT implementation. These tools can help
customers test possible solutions, obtain fi nancing, plan
and implement applications and middleware, manage
capacity and availability, improve performance and obtain
technical support across the entire infrastructure. The
result is an easier way to handle the complexities and
rapid growth of e-business. In addition, IBM Global Ser-
vices experts can help with business and IT consulting,
business transformation and total systems management
services, as well as customized e-business solutions.
4
z/Architecture
The zSeries is based on the z/Architecture™, which is
designed to reduce bottlenecks associated with the lack of
addressable memory and automatically directs resources
to priority work through Intelligent Resource Director (IRD).
The z/Architecture is a 64-bit superset of ESA/390.
z/Architecture is implemented on the z890 to allow full 64-
bit real and virtual storage support. A maximum 32 GB of
real storage is available on z890 servers. z890 can defi ne
any LPAR as having 31-bit or 64-bit addressability.
z/Architecture has:
• 64-bit general registers.
• New 64-bit integer instructions. Most ESA/390 architecture instructions with 32-bit operands have new 64-bit
and 32- to 64-bit analogs.
• 64-bit addressing is supported for both operands
and instructions for both real addressing and virtual
addressing.
• 64-bit address generation. z/Architecture provides 64-bit
virtual addressing in an address space, and 64-bit real
addressing.
• 64-bit control registers. z/Architecture control registers
can specify regions, segments, or can force virtual
addresses to be treated as real addresses.
• The prefi x area is expanded from 4K to 8K bytes.
New instructions provide quad-word storage consis-
•
tency.
• The 64-bit I/O architecture allows CCW indirect data
addressing to designate data addresses above 2 GB for
both format-0 and format-1 CCWs.
• IEEE Floating Point architecture adds twelve new
instructions for 64-bit integer conversion.
• The 64-bit SIE architecture allows a z/Architecture server
to support both ESA/390 (31-bit) and z/Architecture (64bit) guests. Zone Relocation is expanded to 64-bit for
®
LPAR and z/VM
.
• 64-bit operands and general registers are used for all
Cryptographic instructions
• The implementation of 64-bit z/Architecture can help
reduce problems associated with lack of addressable
memory by making the addressing capability virtually
unlimited (16 Exabytes).
z/Architecture Operating System Support
The z/Architecture is a tri-modal architecture capable of
executing in 24-bit, 31-bit, or 64-bit addressing modes.
Operating systems and middleware products have been
modifi ed to exploit the new capabilities of the z/Architecture
Immediate benefi t can be realized by the elimination of the
overhead of Central Storage to Expanded Storage page
movement and the relief provided for those constrained by
the 2 GB real storage limit of ESA/390. Application programs
can run unmodifi ed on the zSeries family of servers.
Expanded Storage (ES) is still supported for operating sys-
tems running in ESA/390 mode (31-bit). For z/Architecture
mode (64-bit), ES is supported by z/VM. ES is not supported
by z/OS in z/Architecture mode.
Although z/OS and z/OS.e do not support Expanded Stor-
age when running under the new architecture, all of the
™
Hiperspace
and VIO APIs, as well as the Move Page
(MVPG) instruction, continue to operate in a compatible
manner. There is no need to change products that use
Hiperspaces.
Some of the exploiters of z/Architecture for z/OS include:
• DB2 Universal Database™ Server for z/OS
™
• IMS
• Virtual Storage Access Method (VSAM)
• Remote Dual Copy (XRC)
• Tape and DASD access method
.
5
IBM
^
zSeries 890
Operating System ESA/390 z/Arch Compati Exploita
(31-bit) (64-bit) bility tion
OS/390® 2.10 (support ended) Yes Yes Yes3 No
z/OS 1.2 (support ended) No Yes Yes
z/OS and z/OS.e 1.3 No Yes Yes
z/OS and z/OS.e 1.4 No Yes Yes
z/OS and z/OS.e 1.5, 1.6 No Yes Included
Linux for S/390
Linux for zSeries No Yes Yes Yes
z/VM 3.1 Yes Yes Yes No
z/VM 4.3 Yes Yes Yes No
z/VM 4.4 Yes Yes Included Included
z/VM 5.1 No Yes Included Included
VSE/ESA
z/VSE* 3.1 Yes No Yes Yes
TPF 4.1 Yes No Yes No
z/TPF 1.1 No Yes Yes No
1 – TPF and zTPF use LCSS-0 only, but more than 15 LPARs are permitted.
See APAR PJ29309 (included in z/TPF).
2 – VSE 2.7 exploits Thin Interrupts with 4Q04 SPE
3 – Web Deliverable for Secure Crypto
* – z/VSE can execute in 31-bit mode only. It does not implement
z/Architecture, and specifi cally does not implement 64-bit mode
capabilities
®
Yes No Yes Yes
™
2.6, 2.7 Yes No Yes No
.
3
No
3
No
3
Yes
3
Included
2
1
1
IBM ^ zSeries is the enterprise class e-business
server optimized for integration, transactions and data
of the next generation e-business world. In implement-
ing the z/Architecture with new technology solutions, the
zSeries models are designed to facilitate the IT business
transformation and reduce the stress of business-to-busi-
3
ness and business-to-customer growth pressure. The
zSeries represents an advanced generation of servers
that feature enhanced performance, support for zSeries
Parallel Sysplex clustering, improved hardware man-
agement controls and innovative functions to address
e-business processing.
The z890 server, the latest addition to the zSeries family,
takes advantage of the design enhancements and new
technology of the z990 in a package that helps deliver
excellent price/performance for those customers requiring
a lower capacity entry point than that offered by the z990.
With a new superscalar microprocessor and the CMOS 9S-
SOI technology, the z890 is designed to further extend and
integrate key platform characteristics such as dynamic
fl exible partitioning and resource management in mixed
and unpredictable workload environments, providing tra-
ditional zSeries Quality of Service to emerging e-business
®
applications such as WebSphere
, Java and Linux.
The IBM ^ zSeries Application Assist Processor
(zAAP), available on the IBM ^ zSeries 990 (z990)
and zSeries 890 (z890) servers, is an attractively priced
specialized processing unit that provides strategic z/OS
Java execution environment for customers who desire the
powerful integration advantages and traditional Qualities
of Service of the zSeries platform.
When confi gured with general purpose Central
Processors (CPs) within logical partitions running z/OS,
zAAPs can help you to extend the value of your existing
zSeries investments and strategically integrate and run
6
e-business Java workloads on the same server as your
database, helping to simplify and reduce the infrastructure
required for Web applications while helping to lower your
overall total cost of ownership.
zAAPs are designed to operate asynchronously with the
general purpose CPs to execute Java programming under
control of the IBM Java Virtual Machine (JVM). This can
help reduce the demands and capacity requirements on
general purpose CPs which may then be available for real-
location to other zSeries workloads. The amount of general
purpose CP savings may vary based on the amount of
Java application code executed by zAAP(s). And best
of all, IBM JVM processing cycles can be executed on
the confi gured zAAPs with no anticipated modifi cations
to the Java application(s). Execution of the JVM process-
ing cycles on a zAAP is a function of the IBM Software
Developer’s Kit (SDK) for z/OS Java 2 Technology Edition,
z/OS 1.6 (or z/OS.e 1.6) and the innovative Processor
™
Resource/Systems Manager
(PR/SM™).
Notably, execution of the Java applications on zAAPs,
within the same z/OS SMP LPAR as their associated
database subsystems, can also help simplify the server
infrastructures and improve operational effi ciencies. For
example, use of zAAPs to strategically integrate Java
Web applications with backend databases could reduce
the number of TCP/IP programming stacks, fi rewalls, and
physical interconnections (and their associated process-
ing) that might otherwise be required when the application
servers and their database servers are deployed on sepa-
rate physical server platforms.
Essentially, zAAPs allow customers to purchase additional
processing power exclusively for z/OS Java application
execution without affecting the total MSU rating or machine
model designation. Conceptually, zAAPs are very similar to
a System Assist Processor (SAP); they cannot execute an
Initial Program Load and only assist the general purpose
CPs for the execution of Java programming. Moreover,
IBM does not impose software charges on zAAP capacity.
Additional IBM software charges will apply when additional
general purpose CP capacity is used.
Customers are encouraged to contact their specifi c ISVs/
USVs directly to determine if their charges will be affected.
z890 has a single model, the A04, and will support a wide
performance range from sub uni models through to a 4-
way multiprocessor. There will be a total of 28 capacity
settings which will offer outstanding granularity for custom-
ers' workload and cost management. The A04 model will
provide up to four processor units (PUs) that can be char-
acterized as either Central Processors (CPs), Integrated
Facility for Linux (IFLs), Internal Coupling Facilities (ICFs)
or zAAPs. This model will be offered as a new build and as
upgrades from designated models of the z800.
With the introduction of the z890 customers can expect to
see the following performance improvements with z/OS 1.4:
Number of CPs Base Estimated Ratio
1 z800 2.0
2 z800 2.1
3 z800 2.1
4 z800 2.1
The Large System Performance Reference (LSPR) should
be referenced when considering performance on the z890.
Visit: ibm.com/servers/eserver/zseries/lspr/ for more infor-
mation on LSPR.
7
As with the z990, an improvement to the I/O subsystem
has been introduced on the z890 to “break the barrier”
of the 256 CHPIDs per Channel Subsystem. Horizontal
growth is provided by allowing the defi nition of two Logical
Channel SubSystems (LCSSs) each capable of supporting
up to 256 CHPIDs, giving a total of 512 CHPIDs per z890
server. The z890 can support up to 30 Logical Partitions
(LPARs). There is still a 256 CHPID limit per operating
system. (Note: The lowest Capacity Setting 110 can sup-
port up to 240 CHPIDs, dependent on channel type, and
up to a maximum of 15 LPARs.)
These are some of the signifi cant enhancements in the
zSeries 890 server that bring improved performance, avail-
ability and function to the platform. The following sections
highlight the functions and features of the server.
z890 Design and Technology
The z890 is designed to provide balanced system perfor-
mance. From server to the storage to the system’s I/O and
network channels, end-to-end bandwidth is provided and
designed to deliver data where and when it is needed. The
z890 is a scaled down version of the z990 using one of
the most advanced chip and packaging technology in the
industry. The z890 has more technology similarities to the
z990 than the z800 does to the z900. Both the z890 and
z990 use the latest MCM packaging and book package.
The z890 compared to the z800 provides a signifi cant
increase in system scalability and opportunity for server
consolidation by providing improved model granularity
while scaling to 2X the performance of the z800. The
z890’s processor cycle time has been improved to 1.0 ns
from the 1.6 ns of the z800. All z890’s have a single Mul-
tiChip Module (MCM) that is nearly identical to the z990’s
MultiChip module. The differences are minor. With fewer
functional processors and a slower cycle time less power
is required for the z890 MCM enabling air cooling. The
air cooled z890 MCM uses approximately 450 Watts
compared to the liquid cooled z990 MCM which requires
approximately 650 Watts. The z890 MCM can deliver 1 to
4-way confi gurations with a variety of engine sizes. The
z890 MCM, which measures approximately 95 x 95 mil-
limeters, is about 42% smaller than the z900’s 127 mm
x 127 mm MCM. The z890 MCM contains 5 Processor
Unit (PU) chips, four Storage Data (Level 2 cache) chips,
a Level 2 Cache Storage Controller chip and two main
Memory Storage Controller (MSC) chips which control the
main memory or Level 3 storage. The MCM contains 101
glass ceramic layers of which 23 layers are to provide
interconnection between the chips and the off-module
environment. In total, there are approximately 378 meters
of internal copper wiring on both the z890 and z990 MCMs
compared to the 997 meters of internal wiring needed
for the MCMs in the z900 190 and 290 models. The new
smaller MCM packaging delivers an MCM with many
shorter paths. The z890 MCM is 40% smaller than the
z900 MCM. It has over 20% more I/O connections and
over a 130% I/O density improvement compared to the
z900 MCM.
The z890’s MCM provides support for 5 PUs and 32 MB
level 2 cache which can be shared by all PUs. Each PU
chip contains approximately 122 million transistors and
measures 14.1 mm x 18.9 mm. The design of the MCM
technology on the z890 provides the fl exibility to confi g-
ure the PUs for different uses. One of the PUs is reserved
for use as dedicated I/O Processor (IOP), commonly
referred to as a System Assist Processor (SAP) enabling
the Central Processor to avoid the burden of I/O set
8
ups and operations. Any unused PUs can be utilized as
spares. The inactive PUs on the MCM are available to be
characterized as either Central Processors (CPs), Internal
Coupling Facility (ICF) processors for Coupling Facility
applications, Integrated Facility Linux (IFL) for Linux appli-
cations, or as IBM ^ zSeries Application Assist
Processor (zAAP) engines, providing enterprises with tre-
mendous fl exibility in confi guring the best system for run-
ning applications. Each model of the z890 must always be
ordered with at least one CP, IFL or ICF.
The PU, which uses the latest chip technology from IBM
semiconductor laboratories, is built on CMOS 9S-SOI with
copper interconnections. The 14.1 mm x 18.9 mm chip
has a cycle time of 1.0 nanoseconds and is identical to the
z990 PU except for the cycle time. Implemented on this
chip are leading edge functions as the z/Architecture with
its 64-bit capabilities including instructions, 64-bit General
Purpose Registers, SuperScalar function, translation facili-
ties, ability to use long displacement operations and on
board Cryptographic Assist functions.
The z890 is a single book design. The book can support
up to 32 GB of memory on a single memory card and 8
Self-Timed Interconnects (STIs) for I/O Connectivity. The
memory which can be purchased in 8 GB increments, is
delivered on 8 GB, 16 GB or 32 GB cards. The minimum
memory is 8 GB. The book has a 2 Memory Bus Adapters
(MBAs) and each MBA supports 4 STIs.
(CUoD), Customer Initiated Upgrades (CIU), and the ability
to add CPs, ICFs, IFLs and zAAPs dynamically provid-
ing nondisruptive upgrade of processing capability. Also,
the ability to add CPs lets a z890 with spare PU capacity
become a backup for other systems in the enterprise;
expanding the z890 system to meet an emergency outage
situation. This is called Capacity BackUp (CBU).
The I/O SubSystem has been enhanced to support two
Logical Channel SubSystems (LCSSs) which provide the
capability to defi ne up to 512 CHPIDs (256 CHPIDs per
operating system image). I/O improvements in the Parallel
Sysplex Coupling Link architecture and technology sup-
port faster and more effi cient transmission between the
™
Coupling Facility and production systems. HiperSockets
provides high-speed capability to communicate among
virtual servers and Logical Partitions; this is based on
high-speed TCP/IP memory speed transfers and provides
value in allowing applications running in one partition to
communicate with applications running in another without
dependency on an external network. Industry standard
and openness are design objectives for I/O in z890. The
improved I/O subsystem is delivering new horizons in I/O
capability and has eliminated the 256 limit to I/O attach-
ments for a mainframe.
The z890 supports LPAR mode only (basic mode is no
longer supported).
The MultiChip Module (MCM) is the technology corner-
stone for fl exible PU deployment in the z890 models. For
most models, the ability of the MCM to have inactive PUs
allows such features as Capacity Upgrade on Demand
9
z890 Family Models
The z890 offers a single model, the A04 and supports a
wide performance range from sub uni models up to a 4-
way multiprocessor. The z890 offers 7 general purpose CP
sizes (1 full performance plus 6 sub uni's). Each engine
size is available in 2-way, 3-way and 4-way multiproces-
sors. Seven engine sizes across 4 engines gives outstand-
ing capacity granularity over the 28 capacity settings.
The new model provides 1-4 confi gurable processor units
which can be characterized as either CPs, IFLs, ICFs, or
zAAPs.
A new easy-to-enable ability to “turn off” capacity is avail-
able on z890. The objective is to allow customers to pur-
chase capacity for future use with virtually no impact on
software billing. An MES feature will enable the capacity
for use where the customer requires the increased capacity.
There are a wide range of upgrade options available which
are indicated in the z890 Models chart. The introduction of
the capacity setting allows capacity upgrades and down-
grades between capacity settings independent of the CP
quantity.
Unlike other zSeries server offerings, it is no longer pos-
sible to tell by the hardware model A04, the number of PUs
or the capacity of the server that is being used as CPs.
The capacity setting is in the form xy0, where the X repre-
sents the number of CPs and Y represents the sub-capacity,
from 7 (most capacity) to 1 (least capacity). All IFL and ICF
confi gurations are software model 070. The capacity set-
ting will be returned by the Store System Information (STSI)
instruction for software billing purposes.
z890 Performance Comparison
Capacity
110 120 130 140 150 160 170 210 220 230 240 250 260 270 310 320 330 340 350 360 370 410 420 430 440 450 460 470
Settings*
Uni's
2-ways 4-ways (full capacity engines)
* Capacity Setting refers to number of installed CPs and capacity. Reported by STSI instruction.
Note: For MSU values, refer to: ibm.com/servers/eserver/zseries/library/swpriceinfo/
3-ways
Model A04
IBM ^ On/Off Capacity on Demand for z890
IBM ^ On/Off Capacity on Demand (On/Off CoD)
is offered with z890 processors to provide a temporary
increase in capacity to help meet customers' peak work-
load requirement.
On/Off CoD is designed to temporarily turn on Central
Processors (CPs), Internal Coupling Facilities (ICFs), Inte-
grated Facilities for Linux (IFLs), zSeries Application Assist
Processors (zAAPs), previously unassigned Processor
Units (not assigned as a CP, ICF, IFL, or zAAP), and, for
z890, unassigned CPs and unassigned IFLs, that are avail-
able within the current model confi guration. Temporary use
of CFs, memory and channels is not supported.
This is achieved by either increasing CP capacity through
changing the Capacity Setting of the CPs to a new Model
Capacity Indicator or by using unassigned/unowned PUs
available for use as CPs, IFLs, ICFs, or zAAPs. With On/Off
CoD, temporary capacity for CPs, cannot exceed more
than double the permanent CP capacity of the z890. IFL
and ICF capacity additions can only be done if an existing
10
IFL or ICF is installed on the permanent machine with the
restrictions that a) additional engines, of each type, cannot
exceed the number of installed permanent engines of
that same type and b) adding engines cannot exceed the
physical limit of the installed machine.
The maximum number of On/Off CoD zAAPs available for
z890 cannot exceed the number of zAAPs, with the addi-
tional restriction that the sum of zAAPs and On/Off CoD
zAAPs cannot exceed the number of CPs.
For example, capacity setting 110 is eligible for On/Off
CoD upgrades to only capacity settings 120 and 210. All
other target capacity settings would result in more than
two times the base capacity.
You will be billed for associated usage through one or
more of the following features: On/Off CoD Active CP-Day
(#9897), On/Off CoD Active IFL Day (#9888), On/Off Active
ICF-Day (#9889), or On/Off CoD Active zAAP-Day (#9893).
You will be billed for each On/Off CoD Active engine
turned on in any given 24-hour period, continuing until
such On/Off CoD Active engine is turned off. Each
month your bill will be calculated for the sum of all orders
installed within the prior month. Monitoring will occur
through the server call home facility and a bill will be gen-
erated if the hardware capacity has been enabled for any
given month. You will continue to be billed for the use of
temporary capacity until you return the server to its original
state. After concurrently returning to the original state, you
may choose to activate a new On/Off CoD upgrade, which
can be different from the previous upgrade. When you
dispose of the server, or decide that you want to disable
future temporary upgrades, you are required to remove the
enablement feature, On/Off CoD Enablement (#9896).
Although the hardware upgrade does not need a POR/
IML if there is a change in engine size, a z/OS IPL will be
required.
On/Off CoD is delivered through the Customer Initiated
Upgrade (CIU) facility. To participate in this offering,
customers must install CIU Enablement and On/Off CoD
Enablement, and must agree to specifi c terms and condi-
tions which govern the use of temporary capacity.
For z890, you may request and concurrently install tem-
porary capacity through the CIU application on Resource
™
, and use that additional capacity for as long as
Link
needed. Using this facility, you may increase a machine’s
capacity setting and add a quantity of temporary IFLs
and ICFs, up to the machine’s current capacity setting or
the number of IFLs and ICFs, respectively, on the same
machine. You may similarly request and concurrently
install a quantity of temporary zAAPs up to the quantity of
permanent zAAPs, with the limitation that the combined
quantity of temporary zAAPs plus permanent zAAPs may
not exceed the combined quantity of temporary CPs plus
permanent CPs. You will be billed for associated usage
through one or more of the following features: On/Off CoD
Use Days, (one of #6121 through #6471), On/Off CoD
Active IFL-Day (#9888), On/Off Active ICF-Day (#9889), or
On/Off CoD Active zAAP-Days (#9893).
Typically, On/Off Capacity on Demand will be ordered
through CIU, however there will be an RPQ available if no
RSF connection is present.
11
Although Capacity BackUp (CBU) and On/Off Capacity
on Demand can both reside on the server, the activation
of On/Off Capacity on Demand is mutually exclusive with
CBU and no physical hardware upgrade will be supported
while On/Off Capacity on Demand is active.
This important function for zSeries gives customers greater
control and ability to add capacity to meet the require-
ments of an unpredictable on demand application environ-
ment. On/Off CoD extends zSeries capacity on demand
offerings to the next level of fl exibility. It is designed to
help customers match cost with capacity utilization and
manage periodic business spikes. On/Off Capacity on
Demand is designed to provide a low risk way to deploy
new pilot applications, and it is designed to enable a cus-
tomer to grow capacity smartly and proportionately with
market demand.
Customers can also take advantage of the Capacity
Upgrade on Demand (CUoD), Customer Initiated Upgrade
(CIU), and Capacity BackUp (CBU) which are described
later in the document.
On/Off CoD Test
IBM continues to enhance On/Off CoD to be more respon-
sive to your on demand business requirements. On/Off
CoD has been enhanced to allow for a no-charge test.
No IBM charges are assessed for the test, including IBM
charges associated with temporary hardware capacity,
IBM software, or IBM maintenance. This test can be used
to validate the processes to download, activate, and deac-
tivate On/Off CoD capacity nondisruptively. Each On/Off
CoD-enabled server is entitled to one no-charge test, per
contract. This test may last up to a maximum duration of
24 hours commencing with the download and activation of
an On/Off CoD order. On/Off CoD tests which do exceed
24 hours in duration will be treated in their entirety as bill-
able On/Off CoD upgrades. In addition to validating the
On/Off CoD function within your environment, you may
choose to use this test as a training session for your per-
sonnel who are authorized to activate On/Off CoD.
On/Off CoD no-charge test can be requested and down-
loaded from the Web at Resource Link. Refer to: ibm.com/
servers/resourcelink.
On/Off CoD test is exclusive to z890 and z990.
The z890 is designed to offer an effi cient I/O structure
using the same I/O cages as the z990. The single I/O cage
z890, has the capability of plugging up to 28 I/O cards
®
which would support a maximum of 420 ESCON
chan-
nels. Seven of the eight available STIs on the z890 are
required to support the 28 channel slots in the I/O cage.
The following chart shows the upgrade paths from z800 to
z890 and from z890 to z990. The z800 Models 0X2, 0A2,
002, 003 and 004 can be upgraded to any capacity z890.
Any z890 with more than 220 MIPS can be upgraded to a
z990 Model A08. There are no upgrades from 9672 G5/G6
or z900 server.
z800 to z890 and z890 Model Upgrades
e-Config will default to the next closest
z800 z890
To Any Capacity Setting
0X2
0A2
002
003
004
A04
capacity setting models, but the user
may change to any capacity setting desired.
z800 z890
12
z890 Performance Comparisons
The IBM z890 is the latest member of the zSeries family.
The design of the z890 is a continuation of the major
change in the direction of the zSeries platform started with
the IBM ^ zSeries 990. The implementation of the
superscalar microprocessor provides for improvements
in the performance of new workloads as well as maintain-
ing excellent performance for traditional workloads. The
z890 provides a lower capacity entry point as compared to
the z800, an increase in total system capacity almost 2.1
times that of the z800 Model 004, doubling the number of
CHPIDs, doubling the number of LPARs, quadrupling the
number of HiperSockets, and increasing the number of
®
ESCON channels by 75%, the number of FICON
channels
by 25%, the number of ISC-3s by 100% and the number of
OSA-Express Network connections by 67%. This server is
designed to provide you with the ability to improve applica-
tion performance, increase the number of users supported,
support more transactions, increase scalability, and con-
solidate workloads beyond what is available on a z800.
performance levels, z890 offers from 1-4 Central Proces-
sors each with 7 different “dial points” (28 choices in all)
esource management within the system, it is expected
and r
that there will be a large performance variability than has
been previously seen by our traditional customer set. The
z890 supports an estimated performance range of 0.14 to
7.40 compared to a z800 Model 001. This variability may be
observed in several ways. The range of performance rat-
ings across the individual LSPR workloads is likely to have a
larger spread than past processors. There will also be more
performance variation of individual LPAR partitions as the
impact of fl uctuating resource requirements of other parti-
tions can be more pronounced with the increased number
of partitions available on the z890. The customer impact of
this increased variability will be seen as increased devia-
tions of workloads from single-number-metric based factors
such as MIPS, MSUs and CPU time chargeback algorithms.
It is important to realize the z890 has been optimized to run
many workloads at high utilization rates.
The performance design of the z/Architecture enables
the entire server to support a new standard of perfor-
mance for all applications through expanding upon a bal-
anced system approach. As CMOS technology has been
enhanced to support not only additional processing power,
but also more engines, the entire server is modifi ed to sup-
port the increase in processing power. The I/O subsystem
supports a great amount of bandwidth through internal
changes, thus providing for larger and quicker data move-
ment into and out of the server. Support of larger amounts
of data within the server required improved management
of storage confi gurations made available through integra-
tion of the software operating system and hardware sup-
port of 64-bit addressing. The combined balanced system
effect allows for increases in performance across a broad
spectrum of work. However, due to the wide range of
It is also important to notice that the LSPR workloads for
z890 and z990 have been updated to refl ect more closely
our customers’ current and growth workloads. The tradi-
tional TSO LSPR workload is replaced by a new, heavy
Java technology-based online workload referred to as
Trade2-EJB (a stock trading application). The traditional
®
/DB2® LSPR online workload has been updated to
CICS
have a Web-frontend which then connects to CICS. This
updated workload is referred to as WEB/CICS/DB2 and
is representative of customers who Web-enable access
to their legacy applications. Continuing in the LSPR for
z890/ z990 will be the legacy online workload, IMS, and
two legacy batch workloads CB84 and CBW2. The z890/
z990 LSPR will provide performance ratios for individual
workloads as well as a “default mixed workload” which is
used to establish single-number-metrics such as MIPS,
13
z890 I/O Subsystem
MSUs and SRM constants. The z990 default mixed work-
load will be composed of equal amounts of fi ve workloads,
Trade2-EJB, WEB/CICS/DB2, IMS, CB84 and CBW2. Addi-
tionally, the z890/z990 LSPR will rate all z/Architecture pro-
cessors running in LPAR mode and 64-bit mode. The existing
z900 processors have all been re-measured using the new
workloads – all running in LPAR mode and 64-bit mode.
Using the new LSPR ‘default mixed workload' for z/OS
1.4, and with all processors executing in 64-bit and LPAR
mode, the following results have been achieved:
• Comparing a one-way z800 Model 001 to a one-way
z890 Model A04 170, it is estimated that the z890 model
has 2.0 times the capacity of z800 Model 001.
• Comparing a two-way z800 Model 002 to a two-way
z890 Model A04 270, it is estimated that the z890 model
has 2.1 times the capacity of z800 Model 002.
• Comparing a three-way z800 Model 003 to a three-way
z890 Model A04 370, it is estimated that the z890 model
has 2.1 times the capacity of z800 Model 003.
• Comparing a four-way z800 Model 004 to a four-way
z890 Model A04 470, it is estimated that the z890 model
has 2.1 times the capacity of z800 Model 004.
The z890 contains an I/O subsystem infrastructure which
uses an I/O cage that provides 28 I/O slots. Each I/O
cage has seven I/O domains with four features in each I/O
domain, and each domain has one STI for connectivity to
support each I/O cage. ESCON, FICON Express, FICON
Express2, OSA-Express, OSA-Express2 and Crypto
Express2 features plug into the z890 I/O cage along with
any ISC-3s and STI-3 distribution cards, and PCICA and
PCIXCC cryptographic features. All I/O cards and their
support cards can be hot-plugged in the I/O cage. The
z890 provides approximately a 78 percent increase in I/O
bandwidth provided by the STIs when compared to the
z800.
z890 Cage Layout
A-Frame
CEC
z890's Positioning in the zSeries Family
z990
z900 and z990
z890
z800
MP3000
MP
2000
MIPs
Note: Expected performance improvements are based on hardware changes. Additional performance benefi ts may be obtained
as the z/Architecture is fully exploited.
z900
9672
> 2550 MIPs
I/O
Cage
14
z890 Logical Channel SubSystems (LCSSs) and support for
Greater than 15 Logical Partitions (LPARs)
The z890 I/O subsystem is a breakthrough in connectivity
by providing up to 2 LCSS per server, and each LCSS can
support up to 256 CHPIDs when exploitation software is
installed. As the z890 is a single I/O cage confi guration it
will support up to a maximum of 512 CHPIDs of which up
to 420 CHPIDs can be ESCON channels. This support is
provided in such a way that is transparent to the programs
operating in the Logical Partition (LP). Each Logical Chan-
nel SubSystem may have from 1 to 256 CHPIDs and may
in turn be confi gured with 1 to 15 Logical Partitions. Each
Logical Partition runs under a single LCSS. As with previ-
ous zSeries servers, Multiple Image Facility (MIF) channel
sharing as well as all other channel subsystem features
are available to each Logical Partition confi gured to each
Logical Channel SubSystem. The z890 supports up to 30
Logical Partitions. (Note: The lowest Capacity Setting 110
can support up to 240 CHPIDs and up to a maximum of 15
LPARs.)
feature in the I/O cage. CHPID numbers are no longer pre-
assigned and it is now a customer responsibility to do this
assignment via IOCP/HCD. CHPID assignment is done by
associating a CHPID number with a physical location, the
PCHID. It is important to note that although it is possible
to have 2 LCSSs, there is still a single IOCDS to defi ne the
I/O subsystem, each LCSS can support CHPID 00-FF, and
the CHPID must be unique within the LCSS. There is a new
CHPID mapping tool available to aid in the mapping of
CHPIDs to PCHIDs. The CHPID Mapping tool is available
from Resource Link at: ibm.com/servers/resourcelink.
IOCP - IOCDS
Partitions
LCSS0 LCSS1
CHPIDs CHPIDs
12 52 EF4F 12 2F EF00 02
Partitions
Up to 30 Logical Partitions
Up to 256
LCSS0 LCSS1
CHPIDs
Up to 256
CHPIDs
Physical Channel IDs (PCHIDs) SubSystem
In order to accommodate the support for up to a maximum
of 512 CHPIDs on z890 with the Logical Channel SubSys-
tem (LCSS) a new Physical Channel ID (PCHID) is avail-
able. The PCHID represents the physical location of an I/O
HCD - HSA or IOCDS - HSA
102 103 104 110 200 201 202 2B0 2C5
Physical Channels (PCHIDs)
Note: Crypto no longer requires a CHPID
Logical Channel SubSystem (LCSS) Spanning
The concept of spanning channels provides the ability for
a channel to be confi gured to multiple Logical Channel
SubSystems and therefore they may be transparently
shared by any/all of the logical partitions in those LCSSs.
15
z890 Channels and I/O Connectivity
Normal Multiple Image Facility (MIF) sharing of a chan-
nel is confi ned to a single LCSS. The z890 supports the
spanning of the channels types: IC, HiperSockets, FICON
Express, FICON Express2, OSA-Express, OSA-Express2,
ISC-3s and ICBs (ICB-3 and ICB-4). Note: Spanning of
ESCON channels is not supported.
Channel Spanning
ZOS2 ZOS3 ZOS4 ZOS5 LNX1ZOS1
HiperSockets
CHPID 22 CHPID 22
LCSS0 LCSS1
A z890 has a total of 28 I/O slots in one I/O cage. These
slots can be plugged with a mixture of cards providing
the I/O connectivity, networking connectivity, coupling and
cryptographic capability of the server.
Up to 420 ESCON Channels
The high density ESCON feature has 16 ports, 15 of which
can be activated for customer use. One port is always
reserved as a spare which is activated in the event of a
failure of one of the other ports. For high availability the ini-
tial order of ESCON features will deliver two cards and the
active ports will be distributed across those cards. After
the initial install the ESCON features are installed in incre-
ments of one. ESCON channels are available in four-port
increments and are activated using IBM Licensed Internal
Code, Confi guration Control (LIC CC). There is a 75%
increase in ESCON connectivity over z800.
Up to 40 FICON Express Channels
The z890 supports up to 40 FICON Express channels. It
offers a 25% increase in FICON Express channels over the
z800. FICON Express is available in long wavelength (LX)
and short wavelength (SX) features. Each FICON Express
feature has two independent ports which support two
channels per card. The LX and SX cannot be intermixed on
a single feature. The maximum number of FICON Express
features which can be installed in the I/O cage is 20.
The z890 supports up to 40 FCP channels for attach-
ment to Small Computer System Interface (SCSI) disks in
a Linux environment. The same two-port FICON Express
feature card used for FICON Express channels can also
be used for Fibre Channel Protocol (FCP) channels. FCP
channels are enabled on these existing features via a
Licensed Internal Code (LIC) with a unique mode of
operation and CHPID defi nition (FCP). FCP is available in
16
long wavelength (LX) and short wavelength (SX) features,
though the LX and SX cannot be intermixed on a single
feature. Note, the maximum quantity of FICON Express,
OSA-Express, PCICA, and PCIXCC features in combina-
tion cannot exceed 20 features per server.
Up to 80 FICON Express2 Channels
Up to 80 FICON Express2 channels are supported on the
z890. This offers a 100% increase in FICON channels over
the z800. FICON Express2 is available in long wave
(LX) and short wavelength (SX) features. Each FICON
Express2 feature has four independent ports which support
four channels per card. The LX and SX cannot be intermixed
on a single feature. The maximum number of FICON Express2
features that can be installed in the I/O cage is 20.
The z890 supports up to 80 FCP channels for attachment
to Small Computer System Interface (SCSI) disks in a Linux
environment. The same four-port FICON Express2 feature
card used for FICON Express2 channels can also be used
for Fibre Channel Protocol (FCP) channels. FCP channels
are enabled on these existing features via a Licensed Inter-
nal Code (LIC) with a unique mode of operation and CHPID
defi nition (FCP). FCP is available in long wavelength (LX)
and short wavelength (SX) features, though the LX and SX
cannot be intermixed on a single feature. Note, the maxi-
mum quantity of FICON Express, FICON Express2, OSA-
Express, OSA-Express2, PCICA, and PCIXCC features in
combination cannot exceed 20 features per server.
length
peer mode up to an unrepeated distance of 10 km (6.2 miles).
The mode is selected for each link via the CHPID type in the
IOCDS. ISC-3 links are ordered in increments of one. It is rec-
ommended that an initial order for ISC-3 include two links.
ISC-3 links in Compatibility Mode must be used for connec-
tivity to 9672s (ICB-2 links are not supported on the z890).
An RPQ card (8P2197) is available to allow ISC-3 dis-
tances up to 20 km. This card runs in Peer Mode at 1
Gbps and/or Compatibility Mode at 1 Gbps. A unique
daughter card with two links per card is shipped.
Integrated Cluster Bus-3 (ICB-3)
The ICB-3 feature is a coupling link used to provide high-
speed communication between z990 and z890 servers
and z900 and z800 General Purpose Servers and Cou-
pling Facilities over a short distance (less than 7 meters).
The ICB-3 is supported via an STI-3 card which resides in
the I/O cage and converts the 2.0 GBps input into two 1
GBps ICB-3s.
Integrated Cluster Bus-4 (ICB-4)
The ICB-4 feature is a coupling link used to provide
high-speed communication between a z990 and/or z890
servers over a short distance (less than 7 meters). The
ICB-4 consists of one link that attaches directly to a 2.0
GBps STI port on the server and does not require connec-
tivity to an I/O cage.
InterSystem Channel-3 (ISC-3)
A four link ISC-3 feature is provided on the z890 family of
servers. It consists of a mother card with two daughter cards
each with two links. Each link is capable of operating 1 giga-
bits per second (Gbps) in Compatibility Mode or 2 Gbps in
Internal Coupling Channel (IC)
IC links emulate the coupling links between images within
a single server. IC links are defi ned in the IOCP. There is no
physical channel involved. A z/OS image can connect to a
Coupling Facility on the same server using IC capabilities.
17
Fibre Channel Connectivity
The on demand operating environment requires fast data
access, continuous data availability, and improved fl exibil-
ity all with lower cost of ownership. zSeries Fibre Channel
Connectivity can help you achieve these goals.
Native FICON Channels
Native FICON channels and devices can help to reduce
bandwidth constraints and channel contention to enable
easier server consolidation, new application growth,
large business intelligence queries and exploitation of
e-business.
®
Currently, the IBM Enterprise Storage Server
(ESS)
models F20 and 800 have two host adapters to support
native FICON. These host adapters each have one port
per card and can either be FC 3021 for long wavelength
or FC 3032 for short wavelength on the F10/F20 or FC
3024 for long wavelength and 3025 for short wavelength
on the 800. All three models can support up to 16 FICON
ports per ESS. The Model 800 is 2 Gb link capable. The
®
IBM TotalStorage
Enterprise Tape Controller 3590 Model
A60 provides up to two FICON interfaces which can coex-
ist with ESCON on the same box. The IBM TotalStorage
Enterprise Tape Controller 3592-J70 which provides up to
four FICON interfaces which can exist with ESCON on the
same box. The 3592-J70 is designed to provide up to 1.5
times the throuput of the Model A60. Customers can utilize
IBM’s highest capacity, highest performance tape drive to
support their new business models.
Many Fibre Channel directors provide dynamic connec-
tivity to native FICON control units. The IBM 2032 models
001, 064 and 140 (resell of the McDATA ED-5000, and
Intrepid 6000 Series Directors) are 32-, 64- and 140-port
high availability directors. The IBM 2042 models 001, 128
and 256 (resell of the CNT (FC/9000 Directors) are 64-,
128- and 256-port high availability directors. All have fea-
tures that provide interface support to allow the unit to be
managed by System Automation for OS/390. The McDATA
Intrepid 6000 Series Directors and CNT (FC/9000 Direc-
tors) FC/9000-001/-128/-256 support 2 Gbps links as well.
The FICON Express features support attachment to the
IBM M12 Director (2109-M12). The IBM M12 Director sup-
ports attachment of FICON Express channels on the z890
via native FICON (FC CHPID type) and Fibre Channel
Protocol (FCP CHPID type) supporting attachment to SCSI
devices in Linux environments.
Wave Division Multiplexor and Optical Amplifi ers that sup-
port 2 Gbps FICON Express links are: Cisco Systems ONS
15530 and 15540 ESP (LX, SX) and optical amplifi er (LX,
SX), Nortel Networks Optera Metro 5100, 5200 and 5300E
and optical amplifi er, ADVA Fiber Service Platform (FSP)
2000 system, and the IBM 2029 Fiber Saver.
The raw bandwidth and distance capabilities that native
FICON end-to-end connectivity has to offer makes them of
interest for anyone with a need for high performance, large
data transfers or enhanced multi-site solutions.
FICON CTC function
Native FICON channels support CTC on the z990, z900,
z890 and z800. G5 and G6 servers can connect to a
zSeries FICON CTC as well. This FICON CTC connectivity
will increase bandwidth between G5, G6, z990, z900, z890
and z800 systems.
Because the FICON CTC function is included as part
of the native FICON (FC) mode of operation on zSeries,
FICON CTC is not limited to intersystem connectivity (as
18
is the case with ESCON), but will also support multiple
device defi nitions. For example, ESCON channels that are
dedicated as CTC cannot communicate with any other
device, whereas native FICON (FC) channels are not dedi-
cated to CTC only. Native can support both device and
CTC mode defi nition concurrently, allowing for greater con-
nectivity fl exibility.
FICON Connectivity
FICON
Bridge
ESCD
9032
Model 5
FICON
Bridge
ESCON
CU
ESCON
CU
ESCON
CU
ESS
F10, F20, 800
high availability, extended distance connectivity, and (par-
ticularly with the implementation of 2 Gbps Inter Switch
Links), has the potential for fi ber infrastructure cost sav-
ings by reducing the number of channels for interconnect-
ing the 2 sites.
FICON cascaded directors have the added value of high
integrity connectivity. New integrity features introduced
within the FICON Express channel and the FICON cas-
caded switch fabric to aid in the detection and reporting of
any miscabling actions occurring within the fabric during
and helps prevent data from being delivered to the wrong
end point.
FICON cascaded directors is offered in conjunction with
IBM, CNT, and McDATA Directors.
All FICON Channels =
100MB/s
= LX ONLY
= LX ONLY
= LX or SX
2032
2042
32, 64 or 140
64, 128 or 256
PORT
PORT
ESS
F10, F20, 800
Enterprise
Tape
Controller
3590 A60
Enterprise
Tape
Controller
3590 A60
FICON Support for Cascaded Directors
Native FICON (FC) channels support cascaded directors.
This support is for a single hop confi guration only. This
means that a Native FICON (FC) channel or a FICON CTC
can connect a server to a device or other server via two
(same vendor) FICON Directors in between. This type of
cascaded support is important for disaster recovery and
business continuity solutions because it can help provide
IBM
Two site non-cascaded director
topology. Each CEC connects to
directors in both sites.
With Inter Switch Links (ISLs),
less fiber cabling may be needed
for cross-site connectivity
topology. Each CEC connects to
IBM
Two Site cascaded director
local directors only.
FCP Channels
zSeries supports FCP channels, switches and FCP/SCSI
devices with full fabric connectivity under Linux on zSeries
and z/VM Version 4 Release 3 and later. Support for FCP
devices means that zSeries servers will be capable of
attaching to select FCP/SCSI devices and may access
these devices from Linux on zSeries. This expanded
19
attachability means that customers have more choices
for new storage solutions, or may have the ability to use
existing storage devices, thus helping to leverage exist-
ing investments and lower total cost of ownership for their
Linux implementation.
For details of supported FICON and FCP attachments
access Resource Link at: ibm.com/servers/resourcelink
and in the Planning section go to z890/z990 I/O Connec-
tion information.
The support for FCP channels is for Linux and z/VM 4.3
and later. Linux may be the native operating system on the
zSeries server (note z890 runs LPAR mode only), or it can
be in LPAR mode or, operating as a guest under z/VM 4.3
or later. The z890 provides support for IPL of Linux guest
images from appropriate FCP attached devices.
Now, z/VM V5.1, support for SCSI FCP disks enables the
deployment of a Linux server farm running under VM con-
fi gured only with SCSI disks. With this support you can
install, IPL, and operate z/VM from SCSI disks.
resources and infrastructure. Further savings may be real-
ized in the reduction of the number of fi ber optic cabling
and director ports.
When confi gured as FCP CHPID type, the z890 FICON
Express features support the industry standard interface
for Storage Area Network (SAN) managment tools.
FCP
Device
FCP
Device
Fibre Channel
Directors
FCP
Device
FCP
Device
FCP
Device
FCP
Device
FCP
Device
FCP
Device
FCP
Device
FCP
Device
FCP
Device
FCP
Device
FICON Express enhancements for Storage Area Networks
Preview - FCP LUN Access Control
The 2 Gbps capability on the FICON Express channel
cards means that 2 Gbps link data rates are available for
FCP channels as well.
FCP Full fabric connectivity
FCP full fabric support means that any number of (single
vendor) FCP directors/ switches can be placed between
the server and FCP/ SCSI device thereby allowing many
“hops” through a storage network for I/O connectivity. This
support along with 2 Gbps link capability is being deliv-
ered together with IBM and directors from IBM, CNT, and
McDATA. FCP full fabric connectivity enables multiple FCP
switches/ directors on a fabric to share links and there-
fore provide improved utilization of inter-site connected
IBM zSeries is previewing Fibre Channel Protocol (FCP)
Logical Unit Number (LUN) Access Control which is
designed to provide host-based control of access to storage
controllers and their devices as identifi ed by their logical unit
numbers (LUNs). It will allow read-only sharing of FCP SCSI
devices among multiple operating system images.
If a host channel is shared among multiple operating
system images, the access control mechanism would pro-
vide for either none or all of these images to have access
to a particular storage controller or device (logical unit).
FCP LUN Access Control will allow you to defi ne, via an
access control table, individual access rights to storage
controller ports and devices for each operating system
20
image. A system confi guration using FCP LUN Access
Control may signifi cantly reduce the number of FCP chan-
nels (FICON Express features) that are needed to provide
controlled access to the data on FCP SCSI devices. FCP
LUN Access Control complements the zoning and LUN
masking schemes that exist in open storage environments.
All of these types of access control can be used together.
FCP LUN Access Control will allow read-only sharing
of FCP SCSI devices among multiple operating system
images via a shared FCP Channel. A device to be used in
shared read-only mode must be defi ned accordingly in the
access control table.
Confi guration Utility: The Confi guration Utility for FCP LUN
Access Control is expected to be a Linux user space
application which will be used to confi gure the FCP LUN
Access Control.
To defi ne and activate LUN Access Control, you would
create an access control table that describes the access
rights in XML format. In this table, you would defi ne access
rights to storage controllers and devices in the SAN and
identify devices to be shared in read-only mode.
It is expected that the Confi guration Utility will be pro-
vided for download by registered users via Resource Link:
ibm.com/servers/resourcelink/.
When available, FCP LUN Access Control will be sup-
ported by the FICON Express2 features when confi gured
as CHPID type FCP, will be exclusive to z890 and z990,
and is planned to be available in the z/VM and Linux on
zSeries environments. This statement represents IBM’s
current intentions. IBM development plans are subject to
change or withdrawal without further notice.
IBM zSeries is interested in obtaining customers to par-
ticpate in an Early Support Program. We encourage you to
contact your IBM representative.
FICON purge path extended
The new purge path extended function provides enhanced
capability for FICON problem determination.
FICON purge path error-recovery function is extended so
that it transfers error-related data and statistics between
the channel and entry switch, and the control unit and its
entry switch to the host operating system.
The Confi guration Utility for FCP LUN Access Control is
required to process the access control table, verify proper
specifi cation of the rules, and activate the access control
functions in the FCP channel.
The Confi guration Utility for FCP LUN Access Control is
a package consisting of user documentation and sample
fi les with a skeleton to help you generate an XML-format
access control table, and the utility program itself. The
program is intended to provide a command line interface
(CLI) and be supported by Linux on zSeries.
z/OS 1.6 can now record this information so that it can
be used to more quickly isolate the source of link-related
errors by both channel and control unit fi eld personnel.
FICON purge path extended applies to the FICON
Express2 features when confi gured as CHPID type FC
(native FICON), is exclusive to z890 and z990, and is sup-
ported by z/OS and z/OS.e. Refer to the Hardware and
Software requirements sections for further information.
21
A New Generation for SANs –
FICON Express2
FICON Express2 offers new packaging with increased
connectivity in the same amount of physical space.
Increased performance is also possible with FICON
Express2. This refresh of technology can help to satisfy
your server consolidation connectivity requirements, and
may help to reduce the number of I/O features required for
consolidation. At the same time, you may be able to realize
a performance advantage.
FICON Express2 Doubles the Channel Capacity
As zSeries has increased its maximum number of I/O
features, so has FICON increased its channel maximums
to meet the ever increasing demands of Storage Area
Networks (SANs). You can now install up to a maximum of
80 channels on z890 (when all are FICON Express2). The
maximum number of FICON features per server (any com-
bination of FICON Express2 and FICON Express) remains
at up to 20 on z890. Each FICON Express2 offers 4 ports
per feature – a 100% increase in channels per feature in
the same amount of physical space.
On the smallest sub-uni the maximum quantity cannot
exceed 16 features per server.
FICON Express2 SX (short wavelength) (#3320) and
FICON Express2 LX (long wavelength) (#3319) occupy
a single I/O slot, utilizing one CHPID per channel (four
CHPIDs per feature). Each of the four independent ports/
channels is capable of 1 gigabit per second (1 Gbps) or
2 Gbps depending upon the capability of the attached
switch or device. The link speed is auto-negotiated, point-
to-point, and is transparent to users and applications. The
FICON Express2 feature does not support FICON Bridge
(CHPID type FCV).
FICON Express2 LX
• The unrepeated distance between FICON Express2 LX
channels is limited to 10 kilometers (6.2 miles). If greater
distances are desired, an RPQ request should be submitted.
• If reusing existing 50 or 62.5 micron fi ber optic cabling
with a pair of MCP cables, the unrepeated distance
between FICON Express2 channels cannot exceed 550
meters (1804 feet). MCP cables are only supported at 1
Gbps link data rates.
FICON Express2 SX
• When supporting a link data rate of 1 Gbps and using
50 micron multimode fi ber, the unrepeated distance
between FICON SX channels is limited to 500 meters
(1640 feet).
• When supporting a link data rate of 2 Gbps and using
50 micron multimode fi ber, the unrepeated distance
between FICON SX channels is limited to 300 meters
(984 feet).
• When supporting a link data rate of 1 Gbps and using
62.5 micron multimode fi ber, the unrepeated distance
between FICON SX channels is limited to 250 meters
(820 feet).
• When supporting a link data rate of 2 Gbps and using
62.5 micron multimode fi ber, the unrepeated distance
between FICON SX channels is limited to 120 meters
(394 feet). If greater distances are desired, an RPQ
request should be submitted.
Performance Increase
Your enterprise may benefi t from FICON Express2 with:
• Increased data transfer rates (bandwidth)
• Improved performance
• Increased number of start I/Os
• Reduced backup windows
• Channel aggregation to help reduce infrastructure costs
22
Concurrent Update
The FICON Express2 SX and LX features may be added
to an existing z890 concurrently. This concurrent update
capability allows you to continue to run workloads through
other channels while the new FICON Express2 features are
being added. This applies to CHPID types FC and FCP.
FICON Express2 Replaces FICON Express on z890
FICON Express2 SX and LX (#3320, #3319) replace the
FICON Express SX and LX features (#2320, #2319) cur-
rently offered on z890. When the FICON Express2 features
become available, the FICON Express features will no
longer be orderable.
Continued Support of Spanned Channels and LPARs
The FICON Express2, both FICON and FCP (CHPID types
FC and FCP) channel types, can be defi ned as a spanned
channel and can be shared among LPARs within and
across LCSSs.
Modes of Operation
There are two modes of operation supported by FICON
Express2 SX and LX. These modes are confi gured on a
channel-by-channel basis – each of the four channels can
be confi gured in either of two supported modes.
• Fibre Channel (CHPID type FC), which is native FICON
or FICON Channel-To-Channel (server-to-server)
• Fibre Channel Protocol (CHPID type FCP), which supports attachment to SCSI devices via Fibre Channel
switches or directors in z/VM and Linux on zSeries environments
Cascading
The FICON Express2 features also support cascading
(the connection of two FICON Directors in succession) to
minimize the number of cross-site connections and reduce
implementation costs for disaster recovery, business conti-
nuity, GDPS, and remote copy solutions.
CHPID Type FCV Not Supported on FICON Express2
FICON Bridge (CHPID type FCV) is not supported on
FICON Express2. CHPID type FCV was designed to be
used with the bridge feature in the ESCON Director Model
5, which was withdrawn from marketing December 31,
2004. If your customers continue to have a requirement
for CHPID type FCV, then they may wish to add FICON
Express2 for growth, supporting CHPID types FC and FCP,
and use FICON Express, supporting CHPID type FCV, for
connectivity to ESCON control units.
When the FICON Express2 features become available,
the FICON Express features are no longer orderable. For
customers requiring additional FICON Express features to
support CHPID type FCV an RPQ 8P2295 is available. For
existing infrastructures using FCV, FICON Express will con-
tinue to be supported on the z890.
The FICON Express2 features are exclusive to z990 and
z890, and are supported by z/OS, z/OS.e, z/VM, VSE/ESA,
TPF, and Linux on zSeries.
FICON Express2 is planned to be available on January 28,
2005 and June 30, 2005 in Argentina and Venezuela.
23
A New Generation of zSeries LAN Adapters
Open Systems Adapter-Express2
A new generation of zSeries LAN adapters is being deliv-
ered, as well as a 10 Gigabit Ethernet feature. This update of
technology, referred to as OSA-Express2, can help to satisfy
the bandwidth demands of your applications. Like their pre-
decessors, the OSA-Express2 features continue to be hot-
pluggable, support the Multiple Image Facility (MIF) – sharing
of channels across logical partitions (LPARs), and can be
defi ned as a spanned channel to be shared among LPARs
within and across LCSSs. The maximum combined number
of OSA-Express and OSA-Express2 features supported per
server is 20 on the z890 and 24 features on the z990.
1
Both OSA-Express2 Gigabit Ethernet (GbE) and 10 Gigabit
Ethernet (10 GbE) support the Queued Direct Input/Out
(QDIO) mode, carrying TCP/IP traffi c only. QDIO continues
to be the preferred architecture on zSeries for high-speed
communication, helping to reduce host interruptions and
improve response time.
2
Also like the predecessor features, OSA-Express2 GbE and
10 GbE support the direct SNMP subagent, all of the SNMP
enhancements previously announced, Virtual Local Area Net-
works3 (VLANs), Internet Protocol Version 4 (IPv4), IPv6 and
all of the functions previously announced for QDIO mode.
The OSA-Express2 GbE and 10 GbE features support
Checksum Offl oad and have the connector type, LC Duplex,
like the current OSA-Express Gigabit Ethernet features.
OSA-Express2 Gigabit Ethernet
The third generation of Gigabit Ethernet features is
designed to deliver improved latency and throughput up
to line speed – 1 Gbps in each direction or 2 Gbps full
duplex and support the following functions:
• 640 TCP/IP stacks per CHPID
• Large send, for TCP/IP traffi c and CPU effi ciency,
offl oading the TCP segmentation processing from the
host TCP/IP stack
• Concurrent LIC update
• Layer 2
OSA-Express2 Gigabit Ethernet (GbE) operates in QDIO
mode only, supports full duplex operation, and jumbo
frames (8992 byte frame size).
The improved latency is expected to support additional
Ethernet connections per second compared to the OSA-
Express GbE features and the improved throughput is
designed to support line speed in each direction up to 2
Gbps full duplex.
The new OSA-Express2 GbE features continue to be dual-
port features occupying a single I/O slot and utilize one
CHPID per port; two CHPIDs per feature. The new OSA-
Express2 Gigabit Ethernet SX and LX features are offered
on new builds and replace the current OSA-Express Giga-
4
bit Ethernet features currently offered on z890 and z990.
The OSA-Express2 GbE features are exclusive to z890 and
z990, require the October 2004 level of Licensed Internal
Code.
OSA-Express2 10 Gigabit Ethernet LR
The newest member of the OSA-Express2 family is the
5
OSA-Express2 10 Gigabit Ethernet long reach (LR).
It can
be use in an enterprise backbone, between campuses, to
consolidate fi le servers and to connect server farms with
zSeries 890 and 990 servers. The OSA-Express2 10 GbE
LR supports:
• Queued Direct Input/Output (QDIO)
• One port per feature
• A link data rate of 10 Gbps
• Full duplex mode
• Jumbo frames (8992 byte frame size)
• Checksum offl oad
• Layer 2 support
24
• 640 TCP/IP stacks
• Concurrent LIC update
• SC Duplex connector
• Single mode fi ber (9 micron)
• An unrepeated distance of up to 10 km (6.2 miles)
Checksum Offl oad is supported in the z/OS, z/OS.e and
Linux on zSeries environments.
The 10 Gigabit Ethernet (10 GbE) feature does not support
auto-negotiation to any other speed. The 10 GbE supports
64B/66B coding, whereas GbE supports 8B/10B coding.
The OSA-Express2 10 GbE feature is exclusive to the z890
and z990, and requires the October 2004 level of Licensed
Internal Code.
New functions in OSA-Express2
In a continuing effort to enhance the functions of the Open
Systems Adapters and respond to customer requirements,
IBM zSeries has enhanced the OSA-Express2 over OSA-
Express features with the following improvements:
Large send for TCP/IP traffi c
Large send, also referred to as TCP segmentation offl oad,
is designed to improve performance by offl oading TCP
packet processing from the z890 and z990 servers to the
OSA-Express2 features. This offl oad allows the zSeries
server to send large blocks of data (64 kilobytes), instead
of 1492 byte packets, to the OSA-Express2 feature. The
OSA-Express2 features then separate the 64 KB block into
standard Ethernet packets (1492 bytes) to be sent out on
the LAN. This applies only to outbound traffi c, IPv4 or IPv6,
and to unicasts. Large send support can help reduce host
processor utilization, returning CPU cycles for other appli-
cation use, while increasing network effi ciencies.
Large send support is exclusive to z890 and z990 servers
with the OSA-Express2 features, when in QDIO mode, and
is supported on Linux for zSeries (requires the October
2004 level of Licensed Internal Code).
OSA-Express2 large send for the z/OS environment –
preview
Previewing large send for TCP/IP traffi c
Improved virtualization – now 640 TCP/IP stacks
If you have a need to host more Linux images, increasing
the number of TCP/IP stacks may be a solution. The OSA-
Express2 features support up to 640 connections (TCP/IP
stacks) per logical partition (LPAR) per dedicated CHPID,
or up to 640 total stacks across multiple LPARs using a
shared or spanned CHPID. This is 4 times the number of
connections that could be supported on the previous OSA-
Express features which were limited to 160 total stacks.
This support is exclusive on z890 and z990 servers and
the OSA-Express2 features in QDIO mode. This support
requires the October 2004 level of Licensed Internal Code
and is supported by z/OS, z/OS.e, z/VM and Linux on
zSeries environments.
z/OS Communications Server plans to exploit OSA-
Express2 large send (also referred to as TCP segmenta-
tion offl oad). Large send can improve performance by
offl oading outbound TCP segmentation processing from
the host to OSA-Express2 by employing a more effi cient
memory transfer into OSA-Express2. The z/OS Communi-
cations Server support is planned for TCP/IP IPv4 traffi c
only and z/OS and z/OS.e 1.7. In addition, a z/OS and
z/OS.e 1.6 PTF is planned to be provided.
Large send support applies to the OSA-Express2 features
(Gigabit Ethernet SX and LX, 10 Gigabit Ethernet LR), sup-
ports QDIO mode only (CHPID type OSD), and is exclu-
sive to z990 and z890. Large send support was previously
announced for the Linux on zSeries environment.
25
OSA-Express2 concurrent LIC update – an availability
enhancement
The OSA-Express2 features have increased memory
in comparison to the OSA-Express features and are
designed to be able to facilitate concurrent application of
Licensed Internal Code (LIC) updates, allowing the appli-
cation of LIC updates without requiring a confi guration
off/on of the features. This can help minimize the disruption
to network traffi c during the update.
For example, applying a patch could have up to x minutes
of impact on the network traffi c for the affected adapters
prior to this enhancement.
OSA-Express2 concurrent LIC update is exclusive to the
z890 and z990 with the October 2004 level of Licensed
Internal Code and requires the OSA-Express2 features.
Layer 2 support – ideal for server consolidation
The OSA-Express26 Ethernet features with the Layer 2
support in z/VM for Linux images can be protocol inde-
pendence and simplify the communication with different
platforms when using IPX, NetBIOS, SNA, IPv4, or IPv6
protocols. In combination with the OSA-Express2 Ethernet
features, Layer 2 can assist in reducing: the effort to set
up Linux images in a guest LAN environment, the number
of router guests providing connection between guest
LANs and OSA, and the CPU consumption of these router
guests.
7
VLAN identifi cation
, and/or the Ethernet destination MAC
address. This fi ltering can help reduce both the amount of
inbound traffi c being processed by the operating system,
and z890 or z990 CPU requirements.
Another mechanism for reducing z890 or z990 CPU utiliza-
tion with the OSA-Express2 features and the Layer 2 sup-
port is the z/VM Virtual Switch (VSWITCH). The VSWITCH
can eliminate the requirement for router virtual machines.
With z/VM 5.1, VSWITCH exploits the Layer 2 support
within the z/VM Control Program. The z/VM Control Pro-
gram owns the connection to the OSA-Express2 feature
and manages the MAC addresses and VLAN connectivity
of the attached guests. Linux on zSeries can exploit the
Layer 2 support and the z/VM VSWITCH in z/VM 5.1.
8
Layer 2 support, reducing CPU consumption for non-IP
workloads, is exclusive to z890 and z990, requires the
May 2004 level of Licensed Internal Code with the October
2004 maintenance levels, and is supported by z/VM and
9
Linux on zSeries. It is available on the OSA-Express2
Eth-
ernet features supporting QDIO mode only.
With the Layer 2 interface, packet forwarding decisions
can be based upon Link Layer (Layer 2) information,
instead of Network Layer (Layer 3) information. Each oper-
ating system attached to the Layer 2 interface uses its own
Medium Access Control (MAC) address. Therefore traffi c
can be either IP (IPv4 or IPv6) or non-IP traffi c such as
IPX, NetBIOS, or SNA. Also, datagrams can be fi ltered by
26
Open Systems Adapter-Express Features
(OSA-Express)
With the introduction of the z890, the OSA-Express
Adapter family of Local Area Network (LAN) features is
offering a maximum of 20 features per system, versus
the maximum of 12 features per system on prior genera-
tions, expanding the z890 balanced solution to increase
throughput and responsiveness in an on demand oper-
ating environment. These features combined with z/OS
and z/OS.e, or OS/390, z/VM, Linux on zSeries, TPF, and
VSE/ESA can help deliver a balanced system solution to
increase throughput and decrease host interrupts to con-
tinue to help satisfy your business goals.
Each of the OSA-Express features offers two ports for con-
nectivity delivered in a single I/O slot, with up to a maxi-
mum of 40 ports per z890. Each port uses a single CHPID
and can be separately confi gured. For a new z890 build,
you can choose any combination of OSA-Express fea-
tures: the new OSA-Express Gigabit Ethernet LX or SX, the
new OSA-Express 1000BASE-T Ethernet or OSA-Express
Token-Ring. The prior OSA-Express Gigabit LX and SX, the
OSA-Express Fast Ethernet, and the OSA-Express Token-
Ring can be carried forward on an upgrade from z890.
TCP/IP stack utilization improvement for OSA-Express
The OSA-Express features support 480 devices and 160
TCP/IP stacks (480 devices / 3 = 160 stacks). Now the
OSA-Express features will allow a single LPAR to contain
all 160 stacks. Previously, in order to use all 160 stacks,
the CHPID had to be shared by multiple LPARs as the
number of stacks per LPAR was limited to 84.
This improvement is exclusive to the z890 and z990,
requires the May 2004 level of Licensed Internal Code,
is supported by z/OS and z/VM, and applies to the OSA-
Express features when in QDIO mode: GbE, 1000BASE-T
Ethernet, Fast Ethernet and Token-Ring.
z890 OSA-Express 1000BASE-T Ethernet
The new OSA-Express 1000BASE-T Ethernet feature
replaces the current Fast Ethernet (10/100 Mbps) feature.
This new feature is capable of operating at 10,100 or 1000
Mbps (1 Gbps) using the same copper cabling infrastructure
as Fast Ethernet, making the transition to this higher speed
Ethernet feature a straightforward process. It is designed to
support Auto-negotiation, QDIO and non-QDIO environments
on each port allowing you to make the most of your TCP/IP and
SNA/APPN® and HPR environments at up to gigabit speeds.
When this adapter is operating at gigabit Ethernet speed
it runs full duplex only. It also can support standard (1492
byte) and jumbo (8992 byte) frames.
non-QDIO mode
SNA Passthru
TCP/IP Passthru
HPDT MPC
10/100/1000 Mbps
Ethernet (copper)
Switch/
Hub/
Router
Server
IP WAN
Intranet
DLSw
Router
10/100 Mbps
Ethernet
Server
10/100 Mbps
Ethernet
DLSw Router
Remote Office
4/16 Mbps
Token-Ring
SNA DLSw
TCP/IP
Native SNA
10/100/1000
IP Router
Server
10/100/1000 Mbps
Ethernet (copper)
Mbps
Ethernet
Server
IP WAN
Intranet
10/100 Mbps
Ethernet
QDIO Mode - TCP/IP
IBM ^ pSeries®,
IBM ^ xSeries®,
®
RS/6000
®
Netfinity
Switch/
Hub/
Router
10/100 Mbps
Ethernet
IP Router
Internet or
extranet
Remote Office
4/16 Mbps
Token-Ring
TCP/IP
applications
TN3270 browser
access to SNA
applications
Enterprise
Extender for
SNA end points
27
The new Checksum offl oad support on the 1000BASE-T
Ethernet feature, when operating in QDIO mode at gigabit
speed, is designed to offl oad z/OS 1.5 and Linux TCP/IP
stack processing of Checksum packet headers for TCP/IP
and UDP.
OSA-Integrated Console Controller
The new Open Systems Adapter Integrated Console
Controller function (OSA-ICC) which is exclusive on the
IBM z890 and z990 servers since it is based on the OSA-
Express feature, supports the attachment of non-SNA 3270
terminals for operator console operations. Now, 3270 emu-
lation for console session connections is integrated as part
of the OSA-Express 1000BASE-T Ethernet feature of the
zSeries and can help eliminate the requirement for external
console controllers (2074, 3174) helping to reducing cost
and complexity. The OSA-ICC can use one or both ports
on an OSA-Express 1000BASE-T Ethernet feature with the
appropriate Licensed Internal Code (LIC). The OSA-ICC is
enabled using CHPID type OSC.
The OSA-ICC is designed to support up to 120 client con-
sole LAN attached sessions either locally or remotely.
Support for this new feature will be available for z/VM
Version 4 Release 4 with a PTF, z/OS 1.3, VSE/ESA 2.6
onwards and TPF.
Queued Direct Input/Output (QDIO)
The OSA-Express Gigabit Ethernet, 1000BASE-T Ethernet
and Token-Ring features support QDIO. QDIO was fi rst
introduced to the world on the z900, in Communication
Server for OS/390 2.7.
Queued Direct Input/Output (QDIO), a highly effi cient data
transfer architecture, allows an OSA-Express feature to
directly communicate with the server’s communications
program through the use of data queues in memory. QDIO
eliminates the use of channel programs and channel con-
trol words (CCWs), helping to reduce host interrupts and
accelerate TCP/IP packet transmission.
TCP/IP connectivity is increased with the capability to
allow up to a maximum of 160 IP stacks per OSA-Express
port and 480 devices. This support is applicable to all the
OSA-Express features available on the z890 and is pro-
vided through the Licensed Code (LIC).
Full Virtual Local Area Network (VLAN) support is available
on z890 in z/OS and z/OS.e 1.5 Communications Server
(CS) for the OSA-Express 1000BASE-T Ethernet, Fast
Ethernet and Gigabit Ethernet features when confi gured
in QDIO mode. Full VLAN support in a Linux on zSeries
environment was delivered for QDIO mode in April 2002
for z800 and z900.
z890 OSA-Express Gigabit Ethernet
The new OSA-Express Gigabit Ethernet LX and Gigabit
Ethernet SX features introduced on the z990 replace the
z900/z800 Gigabit Ethernet features for new build z890.
The new OSA-Express GbE features have a new connector
type, LC Duplex, replacing the current SC Duplex connec-
tors used on the prior z900/z800 Gigabit Ethernet features.
28
Switch /
Router
Server
Gigabit
Ethernet
Gigabit Ethernet
(fiber or copper)
Gigabit Ethernet
(fiber or copper)
Server
IP WAN
Intranet
4/16/100 Mbps
Token-Ring
10/100 Mbps
Ethernet
QDIO Mode - TCP/IP
pSeries, RS/6000
xSeries, Netfinity
Server
IP
Router
Internet or
extranet
z890 OSA-Express Token-Ring
The same OSA-Express Token-Ring feature is supported
on z890, z800, z990 and z900. This Token-Ring supports
a range of speed including 4, 16 and 100 Mbps, and can
operate in both QDIO and non-QDIO modes.
Note: Statement of Direction
OSA-Express Token-Ring not to be offered: The zSeries 890
and 990 are expected to be the last zSeries servers to offer
a Token-Ring feature. It is intended that the OSA-Express
Token-Ring feature will not be available for ordering on a
new build or upgraded server, or for carrying forward on
an upgrade. A migration from a Token-Ring to an Ethernet
environment should be a part of all strategic LAN planning.
TCP/IP applications
TN3270 browser
access to SNA appls.
Enterprise Extender
for SNA end points
4/16 Mbps
Token-Ring
IP Router
Server
Remote Office
10/100 Mbps
Ethernet
The new Checksum offl oad support on these z890 features
is designed to offl oad z/OS 1.5 and Linux TCP/IP stack pro-
cessing of Checksum packet headers for TCP, IP and UDP.
NON-QDIO operational mode
The OSA-Express 1000BASE-T Ethernet, Fast Ethernet and
Token-Ring also support the non-QDIO mode of operation.
The adapter can only be set (via the CHPID type parameter)
to one mode at a time. The non-QDIO mode does not pro-
vide the benefi ts of QDIO. This support includes native SNA/
APPN, High Performance Routing, TCP/IP passthrough, and
HPDT MPC. The new OSA-Express 1000BASE-T Ethernet
provides support for TCP/IP and SNA/APPN/HPR up to 1
gigabit per second over the copper wiring infrastructure.
All statements regarding IBM’s plans, directions, and intent
are subject to change or withdrawal without notice.
non-QDIO mode
SNA Passthru
TCP/IP Passthru
HPDT MPC
Switch/
Hub/
Router
Server
4/16 Mbps
Token-Ring
Server
DSLw
Router
IP WAN
Intranet
10/100 Mbps
Ethernet
4/16 Mbps
Token-Ring
Switch/
Hub/
Router
16/100 Mbps
Token-Ring
Remote Office
4/16 Mbps
Token-Ring
SNA DLSw
TCP/IP
Native SNA
100 Mbps
Token-Ring
Backbone
4/16 Mbps
Token-Ring
Switch/
Hub/
Router
4/16/100 Mbps
Token-Ring
Backbone
IP WAN
Intranet
10/100 Mbps
Ethernet
QDIO Mode - TCP/IP
Server
100 Mbps
Token-Ring
4/16 Mbps
Token-Ring
Server
IP Router
Internet or
extranet
Remote Office
4/16 Mbps
Token-Ring
TN3270 browser
access to SNA
appls.
Enterprise
Extender for
SNA end points
TCP/IP
applications
29
Note: OSA-Express 155 ATM and OSA-2 FDDI are no
longer supported. If ATM or FDDI support are still required,
a multiprotocol switch or router with the appropriate net-
work interface for example, 1000BASE-T Ethernet, GbE LX
or GbE SX can be used to provide connectivity between
the LAN and the ATM network or FDDI LAN.
Server to User connections
A key strength of OSA-Express and associated Com-
munications Server protocol support is the ability to
accommodate the customer’s attachment requirements,
spanning combinations of TCP/IP and SNA applications
and devices. Customers can use TCP/IP connections from
the remote site to either their TCP/IP or SNA applications
on zSeries and S/390 by confi guring OSA-Express with
QDIO and using either direct TCP/IP access or appropriate
SNA to IP integration technologies, such as TN3270 Server
and Enterprise Extender for access to SNA applications.
Customers who require the use of native SNA-based con-
nections from the remote site can use a TCP/IP or SNA
transport to the data center and then connect into zSeries
and S/390 using appropriate SNA support on OSA-Express
features confi gured in non-QDIO mode.
LPAR Support of OSA-Express
For z890 customers or customers who use the Processor
Resource/Systems Manager (PR/SM) capabilities of the z800,
z900 and the S/390 servers, IBM offers the Multiple Image
Facility (MIF), allowing the sharing of physical channels by
any number of LPARs. Since a port on an OSA-Express fea-
ture operates as a channel, sharing of an OSA-Express port
is done using MIF. The LPARs are defi ned in the Hardware
Confi guration Defi nition (HCD). Depending upon the feature,
and how it is defi ned, SNA/APPN/HPR and TCP/IP traffi c can
fl ow simultaneously through any given port.
IPv6 Support
IPv6 requires the use of an OSA-Express adapter running
in QDIO mode and is supported only on OSA-Express
features on zSeries at driver level 3G or above. IPv6 is
supported on OSA-Express for zSeries Fast Ethernet,
1000BASE-T Ethernet and Gigabit Ethernet when running
with Linux on zSeries, z/VM 5.1, and z/OS 1.4 and later.
Performance enhancements for virtual servers
Two important networking technology advancements are
announced in z/VM 4.4 and Linux on z990.
• The high performance adapter interrupt handling fi rst
introduced with HiperSockets is now available for OSA-
Express/OSA-Express2 in QDIO mode (CHPID=OSD)
and FICON Express/FICON Express2 (CHPID=FCP).
This advancement provides a more effi cient technique
for I/O interruptions designed to reduce path lengths
and overhead in both the host operating system and in
the adapter. This benefi ts OSA-
Express TCP/IP support in
both Linux for zSeries and z/VM.
• z990/z890 support of virtual machine technology has
been enhanced to include a new performance assist
for virtualization of adapter interruptions. This new z890/
z990 performance assist is available to V=V guests
(pageable guests) that support QDIO on z/VM 4.4 and
later. The deployment of adapter interruptions improves
effi ciency and performance by reducing z/VM Control
Program overhead.
OSA-Express2 large send for the z/OS environment –
preview
Previewing large send for TCP/IP traffi c
z/OS Communications Server plans to exploit OSA-
Express2 large send (also referred to as TCP segmentation
30
HiperSockets
offl oad). Large send can improve performance by offl oad-
ing outbound TCP segmentation processing from the host
to OSA-Express2 by employing a more effi cient memory
transfer into OSA-Express2. The z/OS Communications
Server support is planned for TCP/IP IPv4 traffi c only and
z/OS and z/OS.e 1.7. In addition, a z/OS and z/OS.e 1.6
PTF is planned to be provided.
Large send support applies to the OSA-Express2 features
(Gigabit Ethernet SX and LX, 10 Gigabit Ethernet LR), sup-
ports QDIO mode only (CHPID type OSD), and is exclu-
sive to z990 and z890. Large send support was previously
announced for the Linux on zSeries environment.
HiperSockets, a feature unique to the zSeries, provides a
“TCP/IP network in the server” that allows high-speed any-
to-any connectivity among virtual servers (TCP/IP images)
and LPARs within a zSeries system without any physical
cabling. HiperSockets decreases network latency and
increases bandwidth between combinations of Linux, z/OS
and z/VM virtual servers. These OS images can be fi rst
level (directly under an LPAR), or second level images
(virtual servers under z/VM).
With new support for up to 16 HiperSockets, the z890 and
z990 provides four times more HiperSockets, and up to
4,096 TCP/IP images (stack) connections, which is also
four times more capacity than the z800 and z900. The
increased HiperSockets capacity and expanded con-
nectivity provides additional fl exibility in designing the
networking to accommodate consolidated and multiple
partitioned systems. HiperSockets can be divided among
Logical Channel SubSystems for separation between vari-
ous LPARs, while at the same time a single LPAR could
have access to all 16 HiperSockets if the HiperSockets all
are assigned to the same LCSS.
A HiperSockets channel also supports spanned channels
in order to communicate between LPARs connected to
different LCSSs. HiperSockets (IQD CHPID type) can be
confi gured to Channel SubSystems and transparently
shared by any or all confi gured LPARs without regard to
the LCSS to which the LPAR is confi gured. This means
one HiperSockets could be common to all 30 z890 or
z990 LPARs. This support is exclusive to z890 and z990.
Different HiperSockets can be used for security (separa-
tion of traffi c, no external wire-tapping, monitoring) and
performance and management reasons (separate sysplex
traffi c Linux or non-sysplex LPAR traffi c).
31
z/VM
LPAR 1
z/OS
LPAR
LPAR
LCSS0 LCSS1
15
14
z/VM
LPAR
17
Linux
LPAR
18
LinuxLinux
LPAR
30
This support gives the user the fl exibility to optimize and
tune each HiperSockets to the predominant traffi c profi le,
for example to distinguish between “high bandwidth”
workloads such as FTP versus lower bandwidth interactive
workloads.
MIF-1 MIF-2 MIF-F MIF-1 MIF-2 MIF-3 MIF-F
CHPID00CHPID
CHPID
02
01
PCHID
010B
PCHID
PCHID
010D
010C
HiperSockets CHPID 03
CHPID
03
Share
CHPID
FF
PCHID
020A
CHPID
04
SPAN
CHPID
PCHID
0245
HiperSockets CHPID 05
CHPID
CHPID
00
01
Share
PCHID
0246
CHPID
CHPID
05
22
PCHID
0248
FF
PCHID
0249
HiperSockets CHPID 04
HiperSockets does not use an external network, therefore,
it can free up system and network resources, helping to
reduce attachment cost while improving availability and
performance. HiperSockets can have signifi cant value in
server consolidation, for example, by connecting multiple
Linux virtual servers under z/VM to z/OS LPARs within the
same z890. Furthermore, HiperSockets can be utilized by
TCP/IP in place of XCF for sysplex connectivity between
images which exist in the same server, thus z/OS TCP/IP
uses HiperSockets for connectivity between sysplex
images in the same server and uses XCF for connectiv-
ity between
images in different servers. Management and
administration cost reductions over existing confi gurations
are possible.
HiperSockets acts like any other TCP/IP network interface,
so TCP/IP features like IP Security (IPSec) in Virtual Private
Networks (VPN) and Secure Sockets layer (SSL) can be
used to provide heightened security for fl ows within the
same CHPID. HiperSockets supports multiple frame sizes,
which is confi gured on a per HiperSockets CHPID basis.
The HiperSockets function provides many possibilities for
improved integration between workloads in different LPARs,
bound only by the combinations of operating systems and
their respective applications. HiperSockets is intended to
provide the fastest zSeries connection between e-business
and Enterprise Resource Planning (ERP) solutions sharing
information while running on the same server. WebSphere
http and Web Application Servers or Apache http servers
can be running in a Linux image (LPAR or z/VM guest) and
will be able to use HiperSockets for very fast TCP/IP traffi c
transfer to a DB2 database server running in a z/OS LPAR.
System performance is optimized because this allows you to
keep your Web and transaction application environments in
close proximity to your data and helps eliminate any expo-
sure to network related outages, thus improving availability.
The z/OS HiperSockets Accelerator function can help
improve performance and cost effi ciencies when attach-
ing a high number of TCP/IP images via HiperSockets to a
“front end” z/OS system for shared access to a set of OSA-
Express adapters.
HiperSockets VLAN support in a Linux environment: Virtual
Local Area Networks (VLANs), IEEE standard 802.1q, is now
being offered for HiperSockets in a Linux for zSeries environ-
ment. VLANs can help reduce overhead by allowing networks
to be organized for optimum traffi c fl ow; the network is orga-
nized by traffi c patterns rather than physical location. This
enhancement permits traffi c to fl ow on a VLAN connection
between applications over HiperSockets and between appli-
cations on HiperSockets connecting to an OSA-Express Giga-
bit Ethernet, 1000BASE-T Ethernet, or Fast Ethernet feature.
32
Cryptography
HiperSockets broadcast support for IPv4 packets – Linux,
z/OS, z/VM: Internet Protocol Version 4 (IPv4) broadcast
packets are now supported over HiperSockets internal LANs.
TCP/IP applications that support IPv4 broadcast, such
as z/OS OMPROUTE when running Routing Information
Protocol Version 1 (RIPv1), can send and receive broad-
cast packets over HiperSockets interfaces. This support is
exclusive to z890 and z990. Broadcast for IPv4 packets is
supported by Linux for zSeries. Support is available in z/OS
1.5. Support is also offered in z/VM 4.4 and later.
HiperSockets Network Concentrator
HiperSockets Network Concentrator support, exclusive to
z890 and z990, can simplify network addressing between
HiperSockets and OSA-Express. You can now integrate
HiperSockets-connected operating systems into external
networks, without requiring intervening network routing
overhead, thus helping to increase performance and sim-
plify confi guration. With the HiperSockets Network Con-
centrator support, you can confi gure a special purpose
Linux operating system instance, which can transparently
bridge traffi c between a HiperSockets internal LAN and an
external OSA-Express network attachment, similar to a real
Layer 2 switch which bridges between different network
segments. This support can
network address connection
nected to the external network.
make the internal HiperSockets
appear as if it were directly con-
In the on demand era, security will be a strong require-
ment. The zSeries products will continue to address secu-
rity with announcements and deliveries of products and
features.
The main focus in cryptography will continue to be very
high and scalable performance for SSL algorithms, sec-
ondly, to provide security-rich, symmetric performance for
fi nancial and banking applications using PIN/POS type
encryption. As in the past zSeries will be designed to
deliver seamless integration of the cryptography facilities
through use of ICSF. Use of ICSF will enable applications
to be designed to work without change regardless of how
and where the cryptographic functions are implemented,
and also assure that the cryptography work to be load bal-
anced across the hardware resources. Finally we will be
focused on required certifi cations and open standards.
The existing PCICA card feature will continue to be avail-
able on the z890 and z990 – for SSL acceleration / clear
key operations. To support the increased number of LPARs
available on z890 and z990, the confi guration options
for the crypto PCICA adapter – introduced with the z900
– will be extended to allow sharing of a PCICA over the
whole range of LPARs with a max of 16 LPARs sharing one
PCICA adapter.
In addition to the PCICA, a new crypto adapter (PCIXCC)
is introduced as a functional replacement for the CMOS
Cryptographic Coprocessor and the PCI Cryptographic
Coprocessor. The PCIXCC adapter design introduces
a breakthrough concept which supports high security
demanding applications requiring a FIPS 140-2 level 4
tifi ed crypto module, and also as an execution environment
for customer written programs and a high performance
for Public Key / SSL operations. The PCIXCC hardware
cer-
path
33
and microcode design will support almost all of the past
Cryptographic functions that were provided on the zSeries
800 and 900 via the CMOS Cryptographic Coprocessor
(CCF) and the PCI Cryptographic Coprocessor (PCICC).
At the system software level the SSL-related operations will
be directed to the PCICA adapter and the Secure Crypto
operations to the PCIXCC adapter.
a method for key identifi cation, exchange, separation,
update, backup, and management. The TKE workstation
and 4.0 code level are designed to provide a security-rich,
remote, and fl exible method of providing Master Key Entry
and to remotely manage PCIX Cryptographic Coprocessors.
zSeries Security Certifi cation
The zSeries cryptography is further advanced with the
introduction of the Cryptographic Assist Architecture
implemented on every z890 and z990 processor (CPU).
With enhanced scalability and data rates the z890 and
z990 processor is designed to provide a set of symmetric
cryptographic functions, synchronously executed, which
enormously enhance the performance of the en/decrypt
function of SSL, VPN (Virtual-Private-Network) and data
storing applications which do not require FIPS 140-2 level
4 security. The on-processor crypto functions run at z890
or z990 processor speed, an order of magnitude faster
than the CMOS Crypto Coprocessor in the zSeries 800 or
900. As these crypto functions are implemented in each
and every CPU the affi nity problem of pre-z990/z890 sys-
tems (which had only two CMOS Crypto Coprocessors) is
virtually eliminated. The Crypto Assist Architecture includes
DES and T-DES data en/decryption, MAC message authen-
tication and SHA-1 secure hashing; all of these functions
are directly available to application programs (zSeries
Architecture instructions) and so will help reduce program-
ming overhead. To confi rm with US Export and Import
Regulations of other countries, an SE panel is provided for
proper enable/disable of ‘strong’ cryptographic functions.
Cryptography
• z890/z990 PCIXCC:
– Designed for FIPS 140-2 level 4 certifi cation
• Logical Partitions
– z900 and z800 servers are the fi rst and only to
receive Common Criteria certifi cation at EAL5
• Operating Systems Common Criteria Certifi cation
– SUSE LINUX on zSeries
– SUSE SLES 8 has been certifi ed at Controlled
Access Protection Profi le (CAPP) EAL3+
• z/OS 1.6
– z/OS 1.6 is under evaluation for Controlled Access
Protection Profi le (CAPP) EAL3+ and Labeled
Security Protection Profi le (LSPP) EAL3+
• z/VM
– IBM has applied for Common Criteria Controlled
(ISO/IEC 15408) certifi cation of z/VM V5.1 with the
®
RACF
for z/VM optional feature against the Con trolled Access Protection Profi le (CAPP) and the
Labeled Security Protection Profi le (LSPP), both at
the EAL3+ assurance level
The Trusted Key Entry (TKE) 4.1 code level workstation
is an optional feature that can provide a basic key man-
agement system and Operational Key Entry support. The
key management system allows an authorized person
34
A third generation Cryptographic feature – Crypto Express2
Crypto Express2 features support for on demand business
in a security-rich environment.
Crypto Express2 provides the functions of PCICA and
PCIXCC in a single feature that is expected to provide
improved secure key and system throughput. Like its prede-
cessors, the Crypto Express2 feature has been designed to
satisfy the security requirements of an enterprise server.
The Integrated Cryptographic Service Facility (ICSF),
a component of z/OS, is designed to transparently use
the available cryptographic functions, the CP Assist for
Cryptographic Function (CPACF) as well as the PCICA,
PCIXCC, and Crypto Express2 features to balance the
workload and satisfy the requirements of the applications.
The Crypto Express2 feature is designed for Federal Infor-
mation Processing Standard (FIPS) 140-2 Level 4 Certifi ca-
tion and has two coprocessors per feature for improved
system throughput. A performance benefi t is expected
with multitasking applications. A performance benefi t may
not be realized with single-threaded applications, which
can utilize only one of the two coprocessors.
The Crypto Express2 feature supports the following:
• Consolidation and simplifi cation via a single crypto
coprocessor feature on z890 and z990
• Compute-intensive public key cryptographic functions
designed to help reduce CP utilization and increase
system throughput
• Card Validation Value (CVV) generation and verifi cation
services for 19-digit Personal Account Number (PANs)
• Enabling use of less than 512-bit keys for clear key RSA
operations
• 2048-bit key RSA management capability
• Functions previously supported by the PCICA and
PCIXCC features offered on z890 and z990 including:
– Compute-intensive public key cryptographic func-
tions to help reduce CP usage and increase system
throughput
– Hardware acceleration for Secure Sockets Layer (SSL)
and Transport Layer Security (TLS) protocols to help
support security-rich on demand business applications and transactions
– SSL performance equivalent to the PCICA feature
– The functional enhancements announced in April
2004, namely: PKE MRP support, PKD zero pad support, TDES DUKPT, and EMV2000
User Defi ned Extension (UDX) Service Offering – pro-
–
grammable to deploy standard functions and algorithms
• Up to a maximum of eight features per server
– The combined maximum number of Crypto Express2,
PCICA, and PCIXCC features on a z890 and z990
cannot exceed eight features per server
10
– The z890 and z990 can support up to eight Crypto
Express2 features (16 coprocessors)
– The z890 and z990 can support up to six PCICA
features (12 accelerators)
– The z890 and z990 can support up to four PCIXCC
features (four coprocessors)
– With Crypto Express2, both the z890 and z990 can
have up to sixteen secure key coprocessors in comparison to the four coprocessors with the PCIXCC
features. This is expected to translate into increased
secure key and system throughput.
– With Crypto Express2, both the z890 and z990 servers
can utilize up to sixteen cryptographic coprocessors
for clear key SSL acceleration in comparison to twelve
accelerators with the PCICA features. The number
of SSL handshakes per second in a 16 CP z990 is
expected to remain at over 11,000 when running the
z/OS operating system*.
35
– A mixture of both secure and clear key applications
can run on the same Crypto Express2 feature
– Based on the increased throughput, the ability to con-
solidate both secure key and clear key crypto workloads and I/O slots on the same feature
* The SSL rate was achieved with a z990 with 16 proces-
sors and 6 PCICA features (12 accelerator cards). These
measurements are examples of the maximum transactions/
second achieved in a lab environment with no other pro-
cessing occurring and do not represent actual fi eld mea-
surements. Details available upon request.
All logical partitions (LPARs) in all Logical Channel Sub-
Systems (LCSSs) have access to the Crypto Express2
11
feature, up to 30 LPARs per feature.
Enabling use of less than 512-bit keys for clear key RSA
operations
The Crypto Express2 and PCIXCC features will now sup-
port applications that require clear key RSA operations
using keys less than 512-bits, including ICSF Callable
services and their corresponding verbs: Digital Signature
Verify (CSNDDSV), Public Key Encrypt (CSNDPKE), and
Public Key Decrypt (CSNDPKD). All other ICSF Callable
services that require a Crypto Express2 or PCIXCC feature
continue to require keys of more than 511-bits.
Enabling the lower limit for clear key RSA operations may
allow the migration of some additional cryptographic appli-
cations to z890 and z990 servers without requiring the
applications to be rewritten.
The Crypto Express2 feature is exclusive to z890 and
z990, requires the October 2004 level of Licensed Internal
Code, and is supported by z/OS, z/OS.e, z/VM, VSE/ESA,
and Linux on zSeries. z/VM, VSE/ESA and Linux on zSeries
offer support for clear key SSL transactions only.
Cryptographic support for 19-digit PANs
Crypto Express2 and PCIXCC now offer CVV generation
and verifi cation services for 19-digit PANs. Industry prac-
tices for use of Card Validation Value (CVV) are moving to
base CVV computations on a 19-digit PAN instead of the
13-digit and 16-digit PANs currently in use and supported
by ICSF and the PCIXCC feature. ICSF, Crypto Express2,
and PCIXCC now support use of the 19-digit PAN in the
CVV generation and verifi cation services (CSNBCSG and
CSNBCSV, respectively).
Support of CVV generation and verifi cation services for
19-digit PANs, an anti-fraud security feature, is supported
by the Crypto Express2 and PCIXCC features on the z890
and z990 and by z/OS and z/OS.e.
Support of applications that require clear key RSA operations
using keys less than 512-bits applies to the Crypto Express2
and PCIXCC features, is exclusive to z890 and z990, and is
supported by z/OS, z/OS.e, and z/VM. Refer to the Hardware
and Software requirements sections for more information.
2048-bit key RSA management for PCICC on z800, z900
2048-bit key (clear and secure) RSA management capabil-
ity for z800 and z900 servers, in support of new Automated
Teller Machine (ATM) standards, will be available via the
2048-bit key RSA management for PCICC (#0867) feature.
1024-bit key RSA management is available today via a
Functional Control Vector (FCV) on the PCI Cryptographic
Coprocessor (PCICC) Enablement diskette (#0865). This
capability is unique to PCICC and does not apply to the
CMOS Cryptographic Coprocessor Facility (CCF).
The 2048-bit functional control vector (FCV) will support
four ICSF services: Public Key Decrypt (PKD), Symmetric
Key Import (SYI), Symmetric Key Export (SYX) and Sym-
metric Key Generate (SYG). Applications that require 2048-
bit key RSA management will be able to migrate with ease.
36
2048-bit key RSA management support for the PCICC fea-
tures on z800 and z900 is transparent to the hardware and
is supported by z/OS, z/OS.e, z/VM, and Linux on zSeries.
z/VM and Linux on zSeries offer support for clear key oper-
ations only. Refer to the Software requirements section for
further information. This is an integrated capability on the
Crypto Express2 and PCIXCC features on z890 and z990.
There is no unique feature.
TKE 4.2 and Smart Card Reader Support
The Trusted Key Entry (TKE) capability is an optional
feature of zSeries that provides a basic security key man-
agement system. The key management system provides
authorized persons a method of security key identifi cation,
exchange, separation, update, and management. TKE 4.2
with optional smart card reader allows access to and use
of confi dential data on the smart card protected by a user
defi ned personal identifi cation number (PIN) code provid-
ing storage, access, transport and entry of master and
operational key parts into the TKE workstation in a secu-
rity-rich environment.
For example, the smart card is able to store one or more
4758 PCI Cryptographic Coprocessor master key parts.
The parts are stored in the “clear” on the smart card. The
master key parts are generated by the 4758 PCI Crypto-
graphic Coprocessor card within the TKE workstation and
are transferred to the smart card for storage and later read
back to the 4758 PCI Cryptographic Coprocessor card
for processing. The master key parts are encrypted, for
added security, during transport between the smart card
and the 4758 PCI Cryptographic Coprocessor card.
The TKE 4.2 Smart Card Reader supports all of the mech-
anisms available in the current TKE LIC. That is, with the
smart card support, it is still possible to store key parts on
diskettes, paper, or to use a TKE authority key stored on a
diskette, and to logon to the 4758 using a pass phrase.
The optional features associated with the TKE 4.2 Smart
Card Reader support are:
• TKE 4.2 code
• TKE 4.2 Smart Card Reader
• TKE 4.2 additional Smart Cards
Support for an optional Smart Card Reader attached to
the TKE 4.2 workstation allows access to and use of confi -
dential data on the smart card protected by a user defi ned
personal identifi cation number (PIN) code providing
secure storage, access, transport and entry of master and
operational key parts into the TKE workstation.
TKE 4.2 with Smart Card Reader and smart card has four
major functions:
• Storing ICSF key parts, specifi cally, master and operational key parts
• Storing 4758 PCI Cryptographic Coprocessor master
key parts
• Generating, storing, and using a TKE authority signature
key pair
• Generating, storing, and using a 4758 logon key pair
The optional Smart Card Reader, which can be attached to
a TKE workstation is available on the S/390 G6 servers as
well as zSeries z800, z900, z890 and z990.
TKE 4.2 code
The TKE 4.2 code is designed to provide a security-rich
local and remote method to enter operational and master
keys. The TKE 4.2 code also includes support for the
Smart Card Reader and provides support for crypto-
graphic hardware features available with S/390 G6 and
the zSeries 800, z900, z890 and z990 servers. Currently
installed TKE workstations can be upgraded to the TKE
4.2 code.
37
Availability
z890 Capacity Upgrade on Demand (CUoD)
Capacity Upgrade on Demand allows for the nondisruptive
addition of additional Central Processor (CP) Capacity,
Internal Coupling Facilities (ICFs), Integrated Facility for
Linux (IFLs) and/or IBM ^ zSeries Application
Assist Processor (zAAP). Capacity Upgrade on Demand
can quickly add processors up to the maximum number
of available inactive engines. This provides customers
with the capacity for much needed dynamic growth in an
unpredictable e-business world. The Capacity Upgrade
on Demand function, combined with Parallel Sysplex tech-
nology, can enable virtually unlimited capacity upgrade
capability.
The CUoD functions are:
• Nondisruptive CP, ICF, IFL, and zAAP upgrades within
minutes
• Dynamic upgrade of all I/O cards in the I/O Cage
• Dynamic upgrade of spare installed memory (24 - 32
GB only)
• Plan Ahead and Concurrent Conditioning
Plan Ahead and Concurrent Conditioning
Concurrent Conditioning confi gures a system for hot
plugging of I/O based on a future specifi ed target con-
fi guration. Concurrent Conditioning of the zSeries I/O is
minimized by the fact that all I/O cards plugging into the
zSeries I/O cage are hot pluggable. This means that the
only I/O to be conditioned is the I/O cage itself. The ques-
tion of whether or not to concurrently condition a cage is
a very important consideration, especially with the rapid
change in the IT environment (e-business) as well as the
technology. Migration to FICON Express/FICON Express2
or additional OSA-Express/OSA-Express2 networking is
exceptionally easy and nondisruptive with the appropriate
microcode load and if the cage space is available.
The z890 supports concurrent memory upgrade. This capa-
bility will allow a processor’s memory to be increased without
disrupting the processor operation. To take advantage of this
capability, a customer should not plan processor storage
on the 8 or 16 GB increments. A customer with a Model A04
with 24 GB of storage will be able to concurrently upgrade
to 32 GB as there is spare memory capacity on the card.
However, for a customer with 8 or 16 GB of memory installed
getting to the next increment would be disruptive.
The Plan Ahead process can easily identify the customer
confi guration that is required to meet future needs. The
result of concurrent conditioning is a fl exible IT infrastruc-
ture that can accommodate unpredictable growth in a low
risk, nondisruptive way. Depending on the required Con-
current Conditioning, there should be minimal cost associ-
ated with dormant z890 capacity. This creates an attractive
option for businesses to quickly respond to changing
environments, bringing new applications online or growing
existing applications without disrupting users.
z890 Server Capacity BackUp (CBU)
Capacity BackUp (CBU) is offered with the z890 servers
to provide reserved emergency backup CPU capacity for
situations where customers have lost capacity in another
part of their establishment and want to recover by adding
reserved capacity on a designated z890 server. A CBU
system normally operates with a “base” CP confi guration
and with a preconfi gured number of additional Processor
Units (PUs) reserved for activation in case of an emergency
The z890 technology is suited for providing capacity backup.
The reserved CBU processing units are on the same technol-
ogy building block, the MCM, as the regular CPs.
The “base” CBU confi guration must have suffi cient
memory and channels to accommodate the potential
.
38
needs of the larger CBU target machine. When capacity is
needed in an emergency, the primary operation performed
is activating the emergency CBU confi guration with the
reserved PUs added into the confi guration as CPs.
Customers who have an active Remote Support Facility
connection can perform a CBU upgrade automatically and
within a matter of minutes, right from their CBU machine’s
Hardware Management Console. For more information
on how a CBU upgrade can be activated automatically,
please refer to the
found on IBM Resource Link.
The z890 supports concurrent CBU downgrade. This func-
tion enables a Capacity BackUp server to be returned to
its normal confi guration without an outage (i.e. PowerOn
Reset).
z890 Capacity Backup Users Guide
Automatic Enablement of CBU for GDPS
The intent of GDPS support for CBU is to enable auto-
matic management of the reserved PUs provided by the
CBU feature in the event of a processor failure and/or a
site failure. Upon detection of a processor failure or site
failure, GDPS will activate CBU to dynamically add PUs
to the processors in the takeover site to acquire process-
ing power required to restart mission-critical production
workloads. GDPS-CBU management helps to minimize
manual customer intervention and the potential for errors,
thereby reducing the outage time for critical workloads
from hours to minutes. Similarly, GDPS-CBU management
can also automate the process of dynamically returning
the reserved CPs when the temporary period has expired.
z890 Customer Initiated Upgrade (CIU)
Customer Initiated Upgrade (CIU) is the capability to initi-
ate a processor and/or memory upgrade when spare PUs
installed unused memory are available via the Web using
IBM Resource Link. Customers will be able to download
and apply the upgrade using functions on the Hardware
Management Console via the Remote Support Facility.
This unique and important function for zSeries gives the
customer greater control and ability in adding capacity to
the system to meet resource requirements for unpredictable
e-business workloads and for applications which are dif-
fi cult to size. CIU is a low-risk, well tested-and-tried facility
for ordering capacity on demand.
On/Off CoD Testing
On/Off CoD has been enhanced to allow for a test at
no charge for temporary IBM hardware capacity, IBM
software, or IBM maintenance. This test can be used to
validate the processes to download, activate, and deac-
tivate On/Off CoD capacity nondisruptively. One free test
per serial number can have a maximum duration of 24
hours commencing with the download and activation of an
On/Off CoD order. This test can also be used as a train-
ing session for personnel who are authorized to activate
On/Off CoD. IBM continues to enhance On/Off CoD to help
enable customers to become more adaptive to their on
demand business requirements.
Order Staging for CIU-Express and On/Off CoD
All CIU-Express and On/Off CoD orders may now be
staged for greater than 30 days. In fact, the orders may be
staged for an extended period of time, unless one of the
following conditions occurs:
• Order is canceled by customer
• Machine is no longer under warranty or IBM Maintenance Service Agreement
• Permanent PU and/or memory confi gurations is
changed outside of CIU process
39
Advanced Availability Functions
Transparent Sparing
z890 offers a 5 PU MCM in the case of processor failure. If
there is a spare PU available it will be used for transparent
sparing. Note this can only be achieved on 1-way, 2-way
and 3-way models.
Enhanced Dynamic Memory Sparing
The z890 has enhanced this robust recovery design with
16 times more chips available for sparing. This will virtually
eliminate the need to replace a memory card due to DRAM
failure.
Enhanced Storage Protect Keys: z890 has enhanced the
memory storage protect key design by adding a third key
array to each memory card. The arrays are parity checked
and employ a Triple Voting strategy to assure accuracy.
This will reduce the need for memory card replacement
due to key array failure.
ESCON Port Sparing: The ESCON 16-port I/O card is
delivered with one unused port dedicated for sparing in
the event of a port failure on that card. Other unused ports
are available for nondisruptive growth of ESCON channels.
• Cryptographic Cards: The PCIXCC and PCICA cards
plug in the I/O cage and can be added or replaced
concurrently with system operation.
• Redundant Cage Controllers: The Power and Service
Control Network features redundant Cage Controllers for
Logic and Power control. This design enables nondis-
ruptive service to the controllers and virtually eliminates
customer scheduled outage.
• Auto-Switchover for Service Element: The z890 has two
Service Elements. In the event of failure on the Primary
SE, the switchover to the backup is handled automati-
cally. There is no need for any intervention by the cus-
tomer or Service Representative.
Concurrent Capacity BackUp Downgrade (CBU Undo)
This function allows the customer to downgrade the disas-
ter backup machine to its normal confi guration without
requiring the PowerOn Reset (POR).
Fault Tolerant Interconnect Design: The memory design of
the z890 provides a fault tolerant dual interconnect fabric.
The z890 is designed to prevent a single failure within the
fabric from disrupting full memory access.
Concurrent Maintenance
• Concurrent Service for I/O Cards: All the cards which
plug into the new I/O Cage are able to be added and
replaced concurrent with system operation. This virtually
eliminates any need to schedule outage to service or
upgrade the I/O subsystem on this cage.
• Upgrade for Coupling Links: z890 has concurrent main-
tenance for the ISC-3 adapter card. Also, Coupling links
can be added concurrently. This virtually eliminates a
need for scheduled downtime in the demanding sysplex
environment.
Concurrent Capacity Upgrade: A z890 can be upgraded
via the concurrent addition of additional Processor Units
(PUs) and I/O and limited memory upgrades (24 Gb to 32
Gb increment) with no disruption to current operations.
However, while capacity upgrades to the processor itself
are concurrent, your software may not be able to take
advantage of the increased capacity without performing
an Initial Programming Load (IPL).
40
Parallel Sysplex Cluster Technology
Sparing for Storage Protect Keys: The robust confi guration
of the Storage Protect Keys has been enhanced with chip
sparing. Already a triple-array with parity protection and
voting, the Key structure for z890 has added sparing, simi-
lar to Main Memory chip sparing, to further enhance the
availability of this critical function.
Failure Containment for the Memory Bus Adapter (MBA):
Memory Bus Adapters are designed to provide the critical
link between the z890 Processor Units and the I/O subsys-
tem. The Model A04 has two MBAs. In the unlikely event of
a catastrophic failure of an MBA chip, the z890 is designed
to isolate the failure of that chip such that the remaining
MBA chips continue to operate. This helps minimize the
impact of a failure and allows for scheduling maintenance.
Enhanced Firmware Simulation: The z890 process for
design, development, and test of Licensed Internal Code
(LIC) has been signifi cantly enhanced with the use of
simulation to improve quality and early availability. Virtu-
ally every action/reaction of the code can be tested with
the simulated hardware/code of the rest of the server. The
result is to discover and correct design errors much earlier
in the process.
These new features, together with legacy features such
as high levels of recovery, concurrent processor upgrade,
concurrent memory upgrade, concurrent I/O upgrade, and
concurrent maintenance for hardware and LIC give the
z890 a very impressive RAS structure.
Parallel Sysplex clustering was designed to bring the
power of parallel processing to business-critical zSeries
and S/390 applications. A Parallel Sysplex cluster consists
of up to 32 z/OS and/or OS/390 images coupled to one or
more Coupling Facilities (CFs or ICFs) using high-speed
specialized links for communication. The Coupling Facili-
ties, at the heart of the Parallel Sysplex cluster, enable
high speed, read/write data sharing and resource sharing
among all the z/OS and OS/390 images in a cluster. All
®
images are also connected to a Sysplex Timer
time synchronization.
to address
CF
Parallel Sysplex Resource Sharing enables multiple
system resources to be managed as a single logical
resource shared among all of the images. Some examples
of resource sharing include JES2 Checkpoint, GRS “star,”
and Enhanced Catalog Sharing; all of which provide sim-
plifi ed systems management, increased performance
and/or scalability. For more detail, please see
of Resource Sharing White Paper
Parallel Sysplex home page at ibm.com/servers/eserver/
zseries/pso.
– GF22-5115 on the
S/390 Value
41
Although there is a signifi cant value in a single footprint
and multi-footprint environment with resource sharing,
those customers looking for high availability must move
on to a database data sharing confi guration. With the
Parallel Sysplex environment, combined with the Workload
Manager and CICS TS or IMS TM, incoming work can
be dynamically routed to the z/OS image most capable
of handling the work. This dynamic workload balancing,
along with the capability to have read/write access data
from anywhere in the Parallel Sysplex cluster, provides the
scalability and availability that businesses demand today.
When confi gured properly, a Parallel Sysplex cluster has
no single point of failure and can provide customers with
near continuous application availability over planned and
unplanned outages. For detailed information on IBM’s
Parallel Sysplex technology, visit our Parallel Sysplex home
page at ibm.com/servers/eserver/zseries/pso.
Coupling Facility Confi guration Alternatives
IBM offers different options for confi guring a functioning
Coupling Facility:
• Standalone Coupling Facility: z900 Model 100 and z800
Model 0CF servers provide a physically isolated, totally
independent CF environment. Like the z990, there is no
unique standalone coupling facility model offered with
the z890. Customers can achieve the same physically
isolated environment as on prior mainframe families by
ordering a z890 or z990 with PUs characterized as ICFs
and general purpose PUs. There are no software charges
associated with such confi guration. An ICF or CF partition
sharing a server with any operating system images not in
the sysplex acts like a logical standalone CF.
• Internal Coupling Facility (ICF): Customers considering clustering technology can get started with Parallel
Sysplex technology at a lower cost by using an ICF
instead of purchasing a standalone Coupling Facility.
An ICF feature is a processor that can only run Coupling
Facility Control Code (CFCC) in a partition. Since CF
LPARs on ICFs are restricted to running only CFCC,
there are no IBM software charges associated with
ICFs. ICFs are ideal for Intelligent Resource Director and
resource sharing environments as well as for data sharing environments where System-Managed CF Structure
Duplexing is exploited.
• Coupling Facility partition on a zSeries server using
standard LPAR: A CF can be confi gured to run in
either a dedicated or shared CP partition. IBM software
charges apply. This may be a good alternative for test
confi gurations that require very little CF processing
resource or for providing hot-standby CF backup using
the Dynamic Coupling Facility Dispatching function.
A Coupling Facility can be confi gured to take advantage of
a combination of different Parallel Sysplex capabilities:
• Dynamic CF Dispatch: Prior to the availability of the
Dynamic CF Dispatch algorithm, shared CF partitions
could only use the “active wait” algorithm. With active
wait, a CF partition uses all of its allotted time-slice,
whether it has any requests to service or not. The
optional Dynamic CF Dispatch algorithm puts a CF partition to “sleep” when there are no requests to service and
the longer there are no requests, the longer the partition
sleeps. Although less responsive than the active wait
algorithm, Dynamic CF Dispatch will conserve CP or ICF
resources when a CF partition has no work to process
and will make the resources available to other partitions
sharing the resource. Dynamic CF Dispatch can be
used for test CFs and also for creating a hot-standby
partition to back up an active CF.
• Dynamic ICF Expansion: Dynamic ICF expansion provides value by providing extra CF capacity when there
are unexpected peaks in the workload or in case of loss
of CF capacity in the cluster.
42
– ICF Expansion into shared CPs. A CF partition running
with dedicated ICFs needing processing capacity
beyond what is available with the dedicated CP ICFs,
can “grow” into the shared pool of application CPs
being used to execute zSeries applications on the
same server.
– ICF Expansion into shared ICFs. A CF partition run-
ning with dedicated ICFs can “grow” into the shared
pool of ICFs in case the dedicated ICF capacity is not
suffi cient. The resulting partition, an “L-shaped” LPAR,
will be composed of both shared ICF and dedicated
ICF processors, enabling more effi cient utilization of
ICF resources across the various CF LPARs.
System-Managed CF Structure Duplexing
System-Managed Coupling Facility (CF) Structure Duplex-
ing provides a general purpose, hardware-assisted, easy-
to-exploit mechanism for duplexing CF structure data. This
provides a robust recovery mechanism for failures such as
loss of a single structure or CF or loss of connectivity to a
single CF, through rapid failover to the backup instance of
the duplexed structure pair.
• Reliability
A common framework provides less effort on behalf of
the exploiters, resulting in more reliable subsystem code.
• Cost Benefi ts
Facilitates the use of non-standalone CFs (e.g. ICFs) for
data sharing environments in addition to resource sharing environments.
• Flexibility
The diagram below represents creation of a duplexed
copy of the structure within a System-Managed CF
Duplexing Confi guration server using standard LPAR.
A CF can be confi gured to run in either a dedicated or
shared CP partition. IBM software charges apply. This
may be a good alternative for test confi gurations that
require very little CF processing resource or for providing hot-standby CF backup
Facility Dispatching function.
using the Dynamic Coupling
ICF z/OSz/OS ICF
Benefi ts of System-Managed CF Structure Duplexing
include:
• Availability
Faster recovery of structures by having the data already
there in the second CF dramatically reducing the time
and processing required for structure rebuilds. SystemManaged Duplexing also provides basic recovery for
many structures that have no simple means to recover
data for failed structures, failed CFs, and losses of CF
connectivity.
• Manageability and Usability
A consistent procedure to duplexing does not “set
up” structures and manage structures across multiple
exploiters.
z800/z890/z900/z990/G5/G6
A robust failure recovery capability
z800/z890/z900/z990/G5/G6
Note: An example of two systems in a Parallel Sysplex with
CF Duplexing
Customers who are interested in testing and/or deploying
System-Managed CF Structure Duplexing in their sysplex,
please review GM13-0103,
ture Duplexing
at ibm.com/server/eserver/zseries/pso
System-Managed CF Struc-
or ibm.com/server/eserver/zseries/library/techpapers/
gm130103.html to understand the performance and other
considerations of using this feature.
43
Parallel Sysplex Coupling Connectivity
CPC CPC
D
W
D
M
D
W
D
M
D
W
D
M
D
W
D
M
D
W
D
M
D
W
D
M
Route A
Route B
ETR
ETR
ETR
ETR
ETR
ETR
ETR
CLO
CLO
1
12
2
3
4
5
6
7
8
9
10
11
1
12
2
3
4
5
6
7
8
9
10
11
9037
9037
1 ETR link
per CPC
hut with
amplifiers
1ETR
link per
CPC
1ETR
link per
CPC
2CLO
links
40 km max 40 km nom
up to
100 km
Site 1 Site 2
Note: Midspan 9037 can also be located within 40 km of site 2 or on Route B.
All ETR and CLO links are provisioned as 1 channel per wavelength.
The Coupling Facilities communicate with z/OS images
in the Parallel Sysplex environment over specialized
high-speed links. For availability purposes, it is recom-
mended that there be at least two links connecting each
z/OS image to each CF in a Parallel Sysplex cluster. As
processor performance increases, it is important to also
use faster links so that link performance does not become
constrained. The performance, availability and distance
requirements of a Parallel Sysplex environment are the key
factors that will identify the appropriate connectivity option
for a given confi guration.
Parallel Sysplex Coupling Links on the zSeries have been
enhanced with the introduction of Peer Mode. When con-
necting between zSeries servers, the links can be confi g-
ured to operate in Peer Mode. This allows for higher data
transfer rates to and from the Coupling Facilities. In Peer
Mode, the fi ber optic single mode coupling link (ISC-3)
provides 200 Gbps capacity, up to 12 km, 100 Gbps up
to 20 km, the ICB-3 link with 1 GB/s peak capacity, the
ICB-4 supported on z890s and z990s connection at 2.0
GBps, and the IC-3 link with 3.5 GBps capacity. Additional
Peer Mode benefi ts are obtained by enabling the link to
be MIFed between z/OS (or OS/390) and CF LPARs. The
peer link acts simultaneously as both a CF Sender and
CF Receiver link, reducing the number of links required.
Larger and more data buffers and improved protocols
also improve long distance performance. For connectiv-
ity to 9672s, zSeries ISC-3 CF links can be confi gured to
run in Compatibility Mode with the same characteristics
as links on the 9672 of 100 Gbps. The ICB coupling link
speeds described above are theoretical maximums. Note:
The z890 does not support ICB-2 links for connectivity to
9672s. ISC-3 links in compatibility mode must be used.
GDPS/PPRC Cross Site Parallel Sysplex distance Extended to
100 km
When using a Dense Wave Division Multiplexer (DWDM),
it will be possible via an RPQ to confi gure GDPS/PPRC or
a multi-site Parallel Sysplex with up to 100 km between
the two sites. The immediate advantage of this extended
distance is to potentially decrease the risk that the same
disaster will affect both sites, thus providing the ability
for customers to recover their production applications at
another site. Support for the External Timer Reference
(ETR) links and the Inter System Channel (ISC-3) links
has been increased from the current capability of 50 km
to an extended capability of up to 100 km. The extended
distance support for ETR and ISC-3 links is now consis-
tent with other cross site technologies that already sup-
port 100 km (such as FICON, Peer-to-Peer Remote Copy
(PPRC), and Peer-to-Peer Virtual Tape Server (PtP VTS)).
It should be noted that the maximum distance between a
pair of 9037 Sysplex Timers in an Expanded Availability
confi guration remains at 40 km. Therefore, to achieve the
extended distance of 100 km between the two sites, one of
the options to be considered is locating one of the Sysplex
Timers in an intermediary site that is less than 40 km
from one of the two sites (as can be seen in the diagram
below). Other potential options can be evaluated when the
RPQ is ordered.
44
Connectivity
Options
G5/G6 ISC
z800/z900 ISC-3
z890/z990 ISC-3
G5/G6 ICB n/a n/a n/a
z900 ICB-2 n/a n/a n/a
z990 ICB-2 n/a n/a n/a
z900 ICB-3 n/a
z890/z990 ICB-3 n/a
z890/z990 ICB-4 n/a n/a
z890 ISC-3 z890 ICB-3 z890 ICB-4
1 Gbps
Compatibility
2 Gbps
Peer Mode
2 Gbps
Peer Mode
n/a n/a
n/a n/a
n/a n/a
1 GBps
Peer Mode
1 GBps Peer Mode
Recommendation
use ICB-4s
n/a
n/a
2 GBps
Peer Mode
z890 and z990 Theoretical Maximum Coupling Link Speed
• ISC-3. InterSystem Coupling Facility-3 channels provide
the connectivity required for resource or data sharing
between the Coupling Facility and the systems directly
attached to it.
• ISC-3 channels are point-to-point connections that
require a unique channel defi nition at each end of the
channel. ISC-3 channels operating in Peer Mode provide connection between zSeries (z800/z890/z900/z990)
general purpose models and zSeries Coupling Facilities.
ISC-3 channels operating in Compatibility Mode provide connection between zSeries and HiPerLink (ISC-2)
channels on 9672 G5 and G6 and the 9674 R06 Models.
A four port ISC-3 card structure is provided on the z890
processors. It consists of a mother card with two daughter cards which have 2 ports each. Each daughter card
is capable of operation at 1 Gbps in Compatibility Mode
or 2 Gbps in peer mode up to a distance of 10 km.
From 10 to 20 km, an RPQ card which comes in 2 port
increments is available which runs at 1 Gbps in both
Peer and Compatibility Modes. The mode is selected
for each port via CHPID type in the IOCDS. The ports
are activated in one port increments. The z890 supports
a maximum of 48 links (12 features, 4 links per feature).
Note: A maximum of 32 ISC-3s can be defi ned in Compatibility Mode.
• ISC-2. HiPerLinks. HiPerLinks, based on single-mode CF
links, are available on 9672s (G3 - G6) and 9674s only.
ISC-3s replace HiPerLinks on zSeries 800, 900, 890 and
990 models.
• ICB-2. The Integrated Cluster Bus-2 is used to provide
high-speed coupling communication between a zSeries
server or CF and a 9672 G5/G6 server or CF over short
distances (~7 meters). For longer distances, ISC links
must be used. The z990 features the STI-2 card which
resides in an I/O cage and provides 2 ICB-2 ports each
capable of up to 333 MBps. The ports are activated in
one port increments. Up to 4 STI-2 cards, 8 ICB-2 links
are available on the z990. ICB-2 is not offered on the
z890.
• ICB-3. The Integrated Cluster Bus-3 is used to provide
high-speed coupling communication between a z990
server or CF and a z800/z900 server or CF or between
two z800/z900s over short distances (~7 meters). For
longer distances, ISC-3 links must be used. The z890/
z990 features the STI-3 card which resides in an I/O
cage and provides 2 ICB-3 ports each capable of up to
1 GBps. The ports are activated in one port increments.
Up to 8 STI-3 cards, 16 ICB-3 links are available on the
z890. ICB-3 links operate in “peer mode.”
• ICB-4. The Integrated Coupling Bus-4 is a “native” coupling connection available for connecting a z890/z990
server or CF to another z890/ z990 server or CF over
short distances. Capable of up to 2.0 GBps, the ICB-4
is the fast external coupling connection available for the
z890/z990. The ICB-4 connection consists of one link
that directly attaches to an STI port on the system and
does not require connectivity to a card in the I/O cage.
One feature is required for each end of the link. Up to 8
ICB-4 features can be confi gured on a z890.
45
•
/
/
IC. The Internal Coupling channel emulates the Coupling
links providing connectivity between images within
a single server. No hardware is required, however a
minimum of 2 CHPID numbers must be defi ned in the
IOCDS. IC links provide the fastest Parallel Sysplex connectivity. The z890 supports up to a maximum of 32 ICs.
IRD has three major functions: LPAR CPU Management,
Dynamic Channel Path Management, and Channel Sub-
system Priority Queuing.
zSeries IRD Scope
Intelligent Resource Director
Exclusive to IBM’s z/Architecture is Intelligent Resource
Director (IRD), a function that optimizes processor and
channel resource utilization across Logical Partitions
(LPARs) based on workload priorities. IRD combines the
strengths of the zSeries LPARs, Parallel Sysplex clustering,
and z/OS Workload Manager.
s
/
B
G
2
x
e
4
I
g
a
T
S
C
/O
I
3
IT
S
I
T
S
X
U
M
I
T
S
I
T
S
3
I
-
I
T
T
S
S
MUX
M
B
A
STI
M
STI
B
STI
A
STI
4 x 2.0 GBps
STIs
STI-3
MUX
I/O Cage
ICB-4 (2.0 GBps)
ICB-3 (1 GBps)
ICB-3 (1 GBps)
z990
z890
z900
z800
Intelligent Resource Director uses the concept of an LPAR
cluster, the subset of z/OS systems in a Parallel Sysplex
cluster that are running as LPARs on the same zSeries
server. On a z890/ z990, systems that are part of the same
LPAR cluster may be in different LCSSs. In a Parallel
Sysplex environment, Workload Manager directs work to
the appropriate resources based on business policy. With
IRD, resources are directed to the priority work. Together,
Parallel Sysplex technology and IRD provide the fl exibility
and responsiveness to on demand e-business workloads
unrivaled in the industry.
LPAR Cluster
z/OS
z/OS
Linux
OS/390
ICF
LPAR CPU Management
LPAR CPU Management allows WLM working in goal
mode to manage the processor weighting and logical
processors across an LPAR cluster. CPU resources are
automatically moved toward LPARs with the greatest need
by adjusting the partition’s weight. WLM also manages the
available processors by adjusting the number of logical
CPs in each LPAR. This optimizes the processor speed
and multiprogramming level for each workload, helps
reduce MP overhead, and helps give z/OS more control
over how CP resources are distributed to help meet your
business goals.
z/OS 1.2 enhances the LPAR CPU management capa-
bilities and will allow the dynamic assignment of CPU
resources to non-z/OS partitions outside the z/OS LPAR
cluster such as Linux or z/VM.
Dynamic Channel Path Management
In the past, and on other architectures, I/O paths are
defi ned with a fi xed relationship between processors and
46
devices. With z/OS and the zSeries, paths may be dynami-
cally assigned to control units to refl ect the I/O load. For
example, in an environment where an installation normally
requires four channels to several control units, but occa-
sionally needs as many as six, system programmers must
currently defi ne all six channels to each control unit that
may require them. With Dynamic Channel Path Manage-
ment (DCM), the system programmer need only defi ne the
four channels to the control units, and indicate that DCM
may add an additional two. As the control unit becomes
more heavily used, DCM may assign channels from a pool
of managed channels, identifi ed by the system program-
mer, to the control unit. If the work shifts to other control
units, DCM will unassign them from lesser utilized control
units and assign them to what are now the more heavily
used ones. DCM is for ESCON and FICON Bridge chan-
nels can help reduce the number of channels required to
effectively run a workload. DCM can also help reduce the
cost of the fi ber infrastructure required for connectivity
between multiple data centers. On a z890/z990 with Logi-
cal Channel SubSystems (LCSSs), the scope of DCM man-
agement is within a Logical Channel SubSystem. Although
an LPAR cluster can span LCSSs, when DCM is used it will
only consider systems in the same LPAR cluster and the
same LCSS.
Channel Subsystem Priority Queuing
The notion of I/O Priority Queuing is not new; it has been in
place in OS/390 for many years. With IRD, this capability
is extended into the I/O channel subsystem. Now, when
higher priority workloads are running in an LPAR cluster,
their I/Os will be given higher priority and will be sent to
the attached I/O devices (normally disk but also tape and
network devices) ahead of I/O for lower priority workloads.
LPAR priorities are managed by WLM in goal mode.
Channel Subsystem Priority Queuing provides two advan-
tages. First, customers who did not share I/O connectivity
via MIF (Multiple Image Facility) out of concern that a
lower priority I/O intensive workload might preempt the I/O
of higher priority workloads, can now share the channels
and reduce costs. Second, high priority workloads may
even benefi t with improved performance if there were I/O
contention with lower priority workloads. Initially, Channel
Subsystem Priority Queuing is implemented for Parallel
OEMI and ESCON, FICON Bridge and native FICON
channels.
On a z890/z990, the scope of Channel Subsystem I/O
Priority Queuing is a Logical Channel SubSystem.
Channel Subsystem Priority Queuing complements the
IBM Enterprise Storage Server capability to manage I/O
priority across CECs.
With IRD, the combination of z/OS and zSeries working in
synergy extends the world-class workload management
tradition of S/390 and OS/390 so that the most important
work on a server meets its goals, to increase the effi ciency
of existing hardware, and to reduce the amount of inter-
vention in a constantly changing environment.
Parallel Sysplex Professional Services
IBM provides extensive services to assist customers
with migrating their environments and applications to
benefi t from Parallel Sysplex clustering. A basic set of
IBM services is designed to help address planning and
early implementation requirements. These services can
help you reduce the time and costs of planning a Parallel
Sysplex environment and moving it into production. An
advanced optional package of services is also available
and includes data sharing application enablement, project
management and business consultation through advanced
47
capacity planning and application stress testing. For more
information on Parallel Sysplex Professional Services, visit
IBM’s Web site at ibm.com/servers/eserver/zseries/pso/
services.html.
GDPS
GDPS supports both the synchronous Peer-to-Peer
Remote Copy (PPRC) as well as the asynchronous
Extended Remote Copy (XRC) forms of remote copy.
The GDPS solution, based on Peer-to-Peer Remote Copy
(PPRC), referred to as GDPS/PPRC, is designed with the
attributes of a continuously availability solution. PPRC is a
hardware solution that is designed to synchronously mirror
data residing on a set of disk volumes, called the primary
volumes in site 1, to secondary disk volumes on a second
system in site 2. Only when the primary storage subsystem
receives “write complete” from the secondary storage sub-
system is the application I/O signaled completed. GDPS/
PPRC complements a multisite Parallel Sysplex environment
by providing a single, automated solution to dynamically
manage disk and tape storage subsystem mirroring, pro-
cessors, and network resources designed to allow a busi-
ness to attain “continuous availability” and near transparent
business continuity/disaster recovery without data loss.
GDPS/PPRC provides the ability to perform a controlled
site switch for both planned and unplanned site outages,
while maintaining data integrity across multiple storage
subsystems. GDPS/PPRC is designed to be application
independent and therefore is expected to be able to cover
the customer’s complete application environment. GDPS/
PPRC is designed to allow a customer to meet a Recovery
Time Objective (RTO) of less than an hour, a Recovery Point
Objective (RPO) of no data loss, and protects against met-
ropolitan area disasters (up to 40 km between sites). On the
other hand, the GDPS solution based on Extended Remote
Copy (XRC), referred to as GDPS/XRC, has the attributes
of a Disaster Recovery solution. XRC is a combined hard-
ware and software asynchronous remote copy solution.
The application I/O is signaled completed when the data
update to the primary storage is completed. Subsequently,
™
a DFSMSdfp
component called System Data Mover (SDM),
typically running in site 2, is designed to asynchronously
offl oad data from the primary storage subsystem’s cache
and updates the secondary disk volumes.
In GDPS/XRC, the production system(s) located in site 1
can be a single system, multiple systems sharing disk, or
a base or Parallel Sysplex cluster. GDPS/XRC is designed
to provide a single, automated solution to dynamically
manage storage subsystem mirroring (disk and tape)
to allow a business to attain “near transparent” disaster
recovery with minimal data loss. GDPS/XRC is designed to
provide the ability to perform a controlled site switch for an
unplanned site outage, maintaining data integrity across
multiple volumes and storage subsystems. GDPS/XRC is
designed to allow a customer to meet a RTO of one to two
hours, an RPO of less than a minute, and helps protect
against metropolitan as well as regional disasters, since
the distance between sites is unlimited. XRC can use
either common communication links and channel extender
technology or dark fi ber as the connectivity between sites.
GDPS/XRC is designed to be application independent and
therefore is capable of covering the customer’s complete
application environment.
®
GDPS requires Tivoli
NetView® for z/OS, Tivoli System
Automation for z/OS, and remote copy technologies.
Note: Dark fi ber refers to dedicated strands of fi ber optic
cable with no electronics between the ends (source and
destination).
48
GPDS/PPRC HyperSwap
™
The GDPS/PPRC HyperSwap function is designed to
broaden the continuous availability attributes of GDPS/
PPRC by extending the Parallel Sysplex redundancy to
disk subsystems. The HyperSwap function is enabled to
mask planned and unplanned disk and site reconfi gura-
tions by transparently switching to use the secondary
PPRC volumes. The HyperSwap function is designed to be
controlled by complete automation, allowing all aspects
of the site switch to be controlled via GDPS. Large con-
fi gurations can be supported, as HyperSwap has been
designed to provide capacity and capability to swap large
numbers of disk devices very quickly. The important ability
to re-synchronize incremental disk data changes, in both
directions, between primary/secondary PPRC disks is pro-
vided as part of this function.
The planned HyperSwap function provides the ability to
transparently switch all primary PPRC disk subsystems
with the secondary PPRC disk subsystems for a planned
switch confi guration. It enables disk confi guration mainte-
nance and planned site maintenance without requiring any
applications to be quiesced. The unplanned HyperSwap
function contains additional function designed to transpar-
ently switch to use secondary PPRC disk subsystems, in
the event of unplanned outages of the primary PPRC disk
subsystems or a failure of the site containing the primary
PPRC disk subsystems. With unplanned HyperSwap func-
tion, disk subsystem failures no longer constitute a single
point of failure for an entire sysplex. If applications are
cloned and exploiting data sharing across the two sites,
the GDPS/PPRC unplanned HyperSwap capability, lays
the foundation for continuous availability, even in the event
of a complete site failure. In the event of a complete failure
of the site where the primary disk resides, the systems in
the site with the secondary disks can continue to remain
active even though workload running on these systems
needs to be restarted. An improvement in the Recovery
Time Objective (RTO) can be accomplished.
With the release of GDPS/PPRC V3.2, the HyperSwap
function was enhanced to exploit the PPRC Failover/
Failback function. For planned reconfi gurations, PPRC
Failover/Failback can help reduce the overall elapsed time
to switch the disk subsystems, which can then reduce the
time that applications may not be available to users. For
unplanned reconfi gurations, PPRC Failover/Failback allows
the secondary disks to be confi gured in the suspended
state after the switch, thus eliminating the need to per-
form a full copy of the data when reestablishing the PPRC
mirror in the reverse direction. The window during which
critical data is left without PPRC protection following an
unplanned reconfi guration is thereby minimized.
GDPS/PPRC management for open systems LUNs (Logi-
cal Unit Numbers): GDPS/PPRC technology has been
extended to manage a heterogeneous environment of
z/OS and open systems data. If installations share their
disk subsystems between the z/OS and open systems
platforms, GDPS/PPRC, running in a z/OS system, can
manage the PPRC status of devices that belong to the
other platforms and are not even defi ned to the z/OS
platform. GDPS/PPRC can also provide data consistency
across both z/OS and open systems data.
GDPS supports PPRC over Fiber Channel links: GDPS/
PPRC supports Enterprise Storage Server (ESS) PPRC
over Fiber Channel Protocol (FCP). It is expected that the
distance between sites can be increased while maintain-
ing acceptable application performance, since PPRC over
FCP requires only one protocol exchange compared to
two or three exchanges when using PPRC over ESCON.
The effi ciency of the FCP protocol is also expected to help
lower the total cost of ownership, since two PPRC FCP
links are considered suffi cient for most workloads, which
can allow a reduction in cross-site connectivity.
49
GDPS/PPRC and GDPS/XRC FlashCopy Support
FlashCopy is a point-in-time copy technology that allows
point-in-time copies of disk volumes to be made very
quickly, with the copies immediately available for read
or write access. FlashCopy can operate in either of two
modes, the COPY mode which runs a background copy
process and the NOCOPY mode that suppresses the
background copy. Previously GDPS/PPRC and GDPS/XRC
have provided support for both COPY and NOCOPY. With
the release of GDPS/PPRC V3.2 and GDPS/XRC V3.2,
an enhancement now available, called NOCOPY2COPY,
allows changing an existing FlashCopy relationship from
NOCOPY to COPY. This allows you the option of always
selecting the NOCOPY option of FlashCopy and then con-
verting it to the COPY option when you want to create a full
copy of the data in the background at a non-peak time.
LSS to a target in a different LSS within the same disk sub-
system. This new fl exibility can help simplify administration
and capacity planning for FlashCopy.
GDPS/PPRC Multiplatform Resiliency for zSeries
GDPS/PPRC has been enhanced to include a new func-
tion: GDPS/PPRC Multiplatform Resiliency for zSeries.
This function is especially valuable for customers who
share data and storage subsystems between z/OS and
Linux on zSeries – for example, a SAP application server
running on Linux on zSeries and a SAP DB server running
on z/OS. With a multi-tiered architecture, there is a need to
provide a coordinated Disaster Recovery solution for both
z/OS and Linux on zSeries. GDPS/PPRC can now provide
that.
Another enhancement now available with GDPS V3.2
is support for Incremental FlashCopy. This provides the
capability to refresh a volume in a FlashCopy relationship
and reduce background copy time when only a subset
of data has changed. With Incremental FlashCopy, the
initial relationship between a source and target is main-
tained after the background copy is complete. When a
subsequent FlashCopy establish is initiated, only the data
updated on the source since the last FlashCopy is copied
to the target. This reduces the time needed to create a
tertiary copy thus giving customers the option to perform a
FlashCopy on a more frequent basis.
In 2003, IBM TotalStorage Enterprise Storage Server
announced support of FlashCopy V2. Refer to Hardware
Announcement 103-141, dated May 13, 2003. Prior to this
announcement, both source and target volumes had to
reside on the same LSS within the disk subsystem. Since
this constraint has been removed with FlashCopy V2,
GDPS can now allow a FlashCopy from a source in one
z/VM 5.1 provides a new HyperSwap function so that
the virtual device associated with one real disk can be
swapped transparently to another. HyperSwap can be
used to switch to secondary disk storage subsystems mir-
rored by Peer-to-Peer Remote Copy (PPRC). HyperSwap
can also be helpful in data migration scenarios to allow
applications to use new disk volumes without requiring
them to be quiesced.
GDPS/PPRC can provide the reconfi guration capabili-
ties for the Linux on zSeries servers and data in the same
manner as for z/OS systems and data. To support planned
and unplanned outages, GDPS is designed to provide the
following recovery actions:
• Re-IPL in place of failing operating system images
• Site takeover/failover of a complete production site
• Coordinated planned and unplanned HyperSwap of
storage subsystems transparently to the operating
system images and applications using the storage
50
This innovative disaster recovery solution requires GDPS,
IBM Tivoli System Automation for Multiplatforms, Linux on
zSeries, and z/VM 5.1 and is designed to help anticipate
and rapidly respond to business objectives and technical
requirements while maintaining high system availability.
Performance enhancements for GDPS/PPRC and GDPS/XRC
confi gurations
• Concurrent activation of Capacity Backup Upgrade
(CBU) can now be performed in parallel across multiple
servers, which may result in an improved RTO. This
improvement may apply to both the GDPS/PPRC and
GDPS/XRC confi gurations.
• In a GDPS/XRC confi guration, it is often necessary to
have multiple System Data Movers (SDMs). The number
of SDMs is based on many factors, such as the number
of volumes being copied and the I/O rate. Functions are
now capable of being executed in parallel across multiple SDMs, thus helping to provide improved scalability
for a coupled SDM confi guration.
• Analysis has shown that PPRC commands issued by
GDPS will generate a large number of Write to Operator
messages (WTOs) that may cause WTO buffer shortages and temporarily adversely impact system performance. The Message Flooding Automation function is
expected to substantially reduce the WTO message
traffi c and improve system performance by suppressing
redundant WTOs.
GDPS/Global Mirror – preview
IBM Global Services plans to make available a new
service, GDPS/Global Mirror, to support the recently
announced IBM TotalStorage Enterprise Storage Server
(ESS) remote copy function called IBM TotalStorage Global
Mirror. Global Mirror is included in Peer to Peer Remote
Copy (PPRC) Version 2, and is designed to enable a two-
site disaster recovery and backup solution for the zSeries
and open systems environments.
Using asynchronous technology, Global Mirror operates
over high-speed communication links and is designed to
maintain a consistent and restartable copy of the data at a
recovery site that can be located at virtually unlimited dis-
tance from the application site.
GDPS/Global Mirror executes in both the application and
the recovery sites. It manages the Global Mirror remote
copy function, and automates the restart of the workload
in the recovery site in case of a disaster in the application
site. GDPS/Global Mirror has the capability of managing
multiple Global Mirror sessions. The multiple sessions
could be the data mirroring of multiple sysplexes or Open
systems or even single image z/OS systems.
The initial delivery of GDPS/Global Mirror will support
zSeries data. A future release will provide support for open
systems data.
These GDPS enhancements are applicable to z800, z900,
z890, and z990. For a complete list of other supported
hardware platforms and software prerequisites, refer to
the GDPS executive summary white paper, available at:
ibm.com/server/eserver/zseries/pso.
Automatic Enablement of CBU for GDPS
The intent of the GDPS (CBU) is to enable automatic man-
agement of the reserved PUs provided by the CBU feature
in the event of a processor failure and/or a site failure.
Upon detection of a site failure, GDPS will dynamically add
PUs to the confi guration in the takeover site to restore pro-
cessing power for mission-critical production workloads.
GDPS-CBU management helps to minimize manual cus-
tomer intervention and the potential for errors, thereby
helping to reduce the outage time for critical workloads
from hours to minutes. Similarly, GDPS-CBU management
can also automate the process of dynamically returning
the reserved CPs when the temporary period has expired.
51
GDPS is discussed in a white paper available at ibm.com/
server/eserver/zseries/pso/library.html. GDPS is a service
offering of IBM Global Services. For IBM Installation Ser-
vices for GDPS, refer to the IBM Web site.
Message Time Ordering (Sysplex Timer Connectivity to Coupling
Facilities)
As processor and Coupling Facility link technologies have
improved over the years, the requirement for time synchro-
nization tolerance between systems in a Parallel Sysplex
environment has become ever more rigorous. In order to
enable that any exchanges of timestamped information
between systems in a sysplex involving the Coupling Facil-
ity observe the correct time ordering, time stamps are now
included in the message-transfer protocol between the sys-
tems and the Coupling Facility. Therefore, when a Coupling
Facility is confi gured as an ICF on any z890, z990 or z900
Models 2C1 through 216, the Coupling Facility will require
connectivity to the same 9037 Sysplex Timer that the sys-
tems in its Parallel Sysplex cluster are using for time syn-
chronization. If the ICF is on the same server as a member
of its Parallel Sysplex environment, no additional connectiv-
ity is required, since the server already has connectivity to
the Sysplex Timer. However, when an ICF is confi gured on
any z890, z990 or z900 Models 2C1 through 216 which do
not host any systems in the same Parallel Sysplex cluster, it
is necessary to attach the server to the 9037 Sysplex Timer.
z900 Turbo or z890/z990 Model with ICF
and non-Parallel Sysplex LPARs
CF01
ICF
ICB-3 / ICB-4/ ISC-3
ICB-3/ ICB-4 / ISC-3
IBM ^ z900
or z890/z990
Sysplex
LPARs
IC
z/OS
CF02
CF02
ICF
ICF
New Connection to Sysplex Timer
Non-Sysplex
LPARs
12
11
1
10
2
3
9
4
8
5
7
6
z/OS
11
10
9
8
7
IBM ^ z900
or z890/z990
Sysplex
z/OS
12
1
2
New Connection to Sysplex Timer
3
4
5
6
LPARs
Continuous Availability Recommended Confi guration for Parallel
Sysplex
Dedicated (External)
z890 or
Coupling Facility
z990 with
CFs only,
z900 Model 100
9674, 9672 R06,
or z800 Model 0CF
Internal Coupling
IC
ICF
Facility
z/OSz/OS
Sysplex Timers
ESCON/FICON Express Channels
Note: z890/z990 will attach to 9037-001 or 9037-002. Ser-
vice for 9037-001 discontinued end of 2003.
Components and assumptions
• Two Coupling Facilities; at least one external or else
using System-Managed CF Structure Duplexing
• Two Sysplex Timers
• Two z/OS or OS/390 servers with redundant backup
capacity
• Two links from each CF to each image
• Two hardware management consoles
• Two ESCON or FICON Directors with cross-connected
disks
• Dual electrical power grids
• Cloned OS/390 images, latest available software levels
• Automation capabilities for recovery/restart
• Critical data on RAID and/or mirrored disks
52
z890 Support for Linux
Key attributes can include
• No single point of failure
• Fast, automatic recovery
– CF: rebuild in surviving CF
– CEC, z/OS, OS/390: restart subsystems on surviving
image
– TM/DBMS: restart in place
• Surviving components absorb new work
• No service loss for planned or unplanned outages
• Near unlimited, plug-and-play growth capacity
Linux on zSeries
Linux and zSeries are a great team. Linux has the same
appearance and application programming interfaces no
matter what platform it is running on, since it is designed
to be platform-independent. When Linux is run on a
zSeries server it inherits the legendary qualities of service
that businesses world-wide rely on for hosting their most
important workloads. Linux is open standards-based, sup-
porting rapid application portability and can be adapted
to suit changing business needs. The fl exibility and open-
ness of Linux make it very popular with developers, whose
contributions endow Linux with an extensive and diverse
application portfolio. zSeries servers enable massive scal-
ability within a single server, either horizontally or vertically.
Hundreds of Linux images can run simultaneously, provid-
ing unique server consolidation capabilities while aiding in
reducing both cost and complexity.
Of course, no matter which Linux applications are brought
to the zSeries platform, they can all benefi t from high-
speed access to the applications and corporate data that
reside on zSeries.
IBM developed the code that enables Linux to run on
zSeries servers, and made it available to the Open Source
community. The term used to describe this enabling code
is “patches.”
To help eliminate the need for an external 2074 Console
controller and associated consoles, an administrator may
utilize the Hardware Management Console (HMC) func-
tions “Integrated 3270 Console Support” for operating
z/VM images, and “Integrated ASCII Console Support” to
operate Linux images.
53
The support is implemented using an internal commu
tions method – SCLP – which enables the operating
nica-
system
to communicate with the HMC. The software support was
made available in z/VM Version 4 Release 4. An update
for Linux will be made available to IBM Linux Distribution
Partners.
Linux on zSeries supports the 64-bit architecture available
on zSeries processors. z/Architecture eliminates the exist-
ing main storage limitation of 2 GB. Linux on zSeries pro-
vides full exploitation of the architecture in both real and
virtual modes. Linux on zSeries is based on the Linux 2.4
kernel. Linux on S/390 is also able to execute on zSeries
and S/390 in 32-bit mode:
IBM Middleware
• Connectors
– DB2 Connect
™
Version 8.1
– DB2 Connect Enterprise Edition Version 7.2
– DB2 Connect Unlimited Edition Version 7.2
– CICS Transaction Gateway Version 5.0
– IMS Connect Version 1.1 and 1.2
• WebSphere Family
– WebSphere Application Server Version 5.0
– WebSphere Application Server for Developers
Version 5.0
– WebSphere Application Server Network Deployment
Version 5.0
– WebSphere Application Server Advanced Edition 4.0
– WebSphere Application Server Advanced Single
Server Edition Version 4.0
– WebSphere Application Server Advanced Developer
Edition Version 4.0
– WebSphere Application Server Advanced Edition
Version 3.5
– WebSphere Commerce Business Edition Version 5.4
– WebSphere Host On-Demand Version 7.0 and 6.0
– WebSphere MQ Everyplace Version 2.0 and 1.2
– WebSphere MQ Version 5.3
– WebSphere Personalization Server for Multiplatforms
Version 4.0
– WebSphere Personalization Server Version 3.5
– WebSphere Portal Server for Multiplatforms Version
4.1 and 4.2
• Data Management
– DB2 Universal Database Enterprise Server Edition
Version 8.1
– DB2 Universal Developers Edition Version 8.1
– DB2 Personal Developers Edition Version 8.1
®
– DB2 Net.Data
Version 8.1
– DB2 Runtime Client Version 8.1
– DB2 Spatial Extender Version 8.1
™
– DB2 Intelligent Miner
Modeling Version 8.1
– DB2 Intelligent Miner Scoring Version 8.1
– DB2 Intelligent Miner Visualization Version 8.1
– DB2 Net Search Extender Version 8.1
DB2 Universal Database Enterprise Edition Version 7.2
–
–
DB2 Universal Database Developers Edition Version 7.2
– DB2 Intelligent Miner Scoring Version 7.1
– DB2 Net Search Extender Version 7.2
• Tivoli
Tivoli Access Manager for e-business Versions 3.9
–
and 4.1
–
Tivoli Access Manager for Operating Systems Version 4.1
– Tivoli Confi guration Manager Version 4.2
– Tivoli Decision Support for OS/390 Version 1.5.1
– Tivoli Distributed Monitoring Version 4.1
– Tivoli Enterprise Console Version 3.8 and 3.7.1
– Tivoli Identity Manager Version 1.1
Tivoli Monitoring for Transaction Performance Version 5.1
–
– Tivoli Monitoring Version 5.1.1 and 5.1
54
– Tivoli NetView for z/OS Version 5.1
– Tivoli Remote Control Version 3.8
– Tivoli Risk Manager Version 4.1 and 3.8
– Tivoli Software Distribution Version 4.0
™
– Tivoli Storage Manager
Versions 5.1.5 and 5.1
– Tivoli Storage Manager Client Version 4.2
– Tivoli Switch Analyzer Version 1.2
– Tivoli User Admin Version 3.8
– Tivoli Workload Scheduler Version 8.1
• Informix
– Informix C-ISAM
• U2
– IBM UniData Version 5.2x
• Other IBM Software Products
– IBM Application Workload Modeler Version 1.1 and
Release 1
– IBM Developer Kit Versions 1.4 and 1.3.1
– IBM Directory Integrator Version 5.1
– IBM Directory Server Versions 5.1 and 4.1
– IBM HTTP Server Version 1.3.19.3
– IBM Object RE90 Version 2.2
– IBM Screen Customizer Versions 2.0.7 and 2.0.6
Linux Distribution Partners
• SUSE LINUX
Product Information at suse.de/en/produkte/susesoft/S390/
• Turbolinux
Product Information at turbolinux.com/products/s390
• Red Hat Linux
Product Information at redhat.com/software/S390
z/VM Version 4 and Version 5
z/VM supports Linux on the mainframe. Within the VM
environment, Linux images benefi t from the ability to
share hardware and software resources and use internal
high-speed communications. While benefi ting from the
reliability, availability and serviceability of IBM ^
zSeries servers, both z/VM V4 and V5 offers an ideal
platform for consolidating Linux workloads on a single
physical server which allows you to run tens to hundreds
of Linux images. z/VM V4 is priced on a per-engine basis
(one-time charge) and supports IBM Integrated Facility for
Linux (IFL) processor features for Linux based workloads,
as well as standard engines for all other zSeries and S/390
workloads. Engine-based Value Unit Pricing for z/VM V5.1
is replacing the pricing model available with z/VM V4.
Engine-based Value Unit Pricing is designed to provide a
lower entry point and a decreasing price curve which will
help provide improved price/performance as hardware
capacities and workload grow. Value Unit Pricing helps
you to add capacity and workload with an incremental
and improved price and the ability to aggregate licenses
acquired across machines that are part of your enterprise.
Integrated Facility for Linux (IFL)
The Integrated Facility for Linux feature of the zSeries
servers provides a way to add processing capacity, exclu-
sively for Linux workloads, with minimal or no effect on the
model designation. Operating systems like z/OS, TPF, and
VSE/ESA will not execute on Integrated Facility for Linux
engines. Consequently, these engines will not necessarily
affect the software charges for workload running on the
other engines in the system.
OSA-Express Ethernet for Linux
Driver support is provided for the functions of the new
OSA-Express Gigabit Ethernet and 1000BASE-T Ethernet
features.
55
OSA-Express Enhancements for Linux
A new function, Checksum Offl oad, offered for the new
OSA-Express GbE and 1000BASE-T Ethernet features,
is being introduced for the Linux on zSeries and z/OS
environments. Checksum Offl oad provides the capability
of calculating the Transmission Control Protocol (TCP),
User Datagram Protocol (UDP), and Internet Protocol (IP)
header checksums. Checksum verifi es the correctness of
fi les. By moving the checksum calculations to a Gigabit
or 1000BASE-T Ethernet feature, host CPU cycles are
reduced and performance is improved. When checksum
is offl oaded, the OSA-Express feature performs the check-
sum calculations for Internet Protocol Version 4 (IPv4)
packets.
Two important networking technology advancements are
announced in z/VM 4.4 and Linux on z990:
• The high performance adapter interrupt handling fi rst
introduced with HiperSockets is now available for OSA-
Express/OSA-Express2 in QDIO mode (CHPID=IQD)
and FICON Express/FICON Express2 (CHPID=FCP).
This advancement provides a more effi cient technique
for I/O interruptions designed to reduce path lengths
and overhead in both the host operating system and in
the adapter. This benefi ts OSA-
Express TCP/IP support in
both Linux for zSeries and z/VM.
• The z990’s support of virtual machine technology has
been enhanced to include a new performance assist
for virtualization of adapter interruptions. This new
z990 performance assist is available to V=V guests
(pageable guests) that support QDIO on z/VM 4.4. The
deployment of adapter interruptions improves effi ciency
and performance by reducing z/VM Control Program
overhead when handling Linux guest virtual servers.
HiperSockets
HiperSockets can be used for communication between
Linux images and Linux or z/OS images, whether Linux is
running in an IFL LPAR, natively or under z/VM.
Virtual Local Area Networks (VLANs), IEEE standard
802.1q, is now being offered for HiperSockets in a Linux
on zSeries environment. VLANs can reduce overhead
by allowing networks to be organized for optimum traffi c
fl ow; the network is organized by traffi c patterns rather
than physical location. This enhancement permits traffi c
to fl ow on a VLAN connection both over HiperSockets
and between HiperSockets and an OSA-Express GbE,
1000BASE-T Ethernet, or Fast Ethernet feature.
Internet Protocol Version 4 (IPv4) broadcast packets are
now supported over HiperSockets. TCP/IP applications
that support IPv4 broadcast, such as OMPROUTE when
running Routing Information Protocol Version 1 (RIPv1),
can send and receive broadcast packets over HiperSockets
interfaces. This support is exclusive to z990.
You can now transparently bridge traffi c between a
HiperSockets and an external OSA-Express network
attachment. New Linux Layer 2 Switch (Linux L2S)
support can help simplify network addressing between
HiperSockets and OSA-Express. You can now seamlessly
integrate HiperSockets-connected operating systems into
external networks, without requiring intervening network
routing overhead, thus increasing performance and simpli-
fying confi guration.
The currently available distributions; SUSE SLES 7, SUSE
SLES 8, Red Hat 7.1 and Red Hat 7.2 support z990
compatibility and exploitation of 30 LPARs and 2 Logical
Channel SubSystems. Support to further exploit z990 func-
tions will be delivered as an Open Source Contribution
56
via www.software.ibm.com/developerworks/opensource/
linux390/index.shtm. IBM is working with its distribution
partners to provide these functions in future distribution
releases.
Fibre Channel Protocol (FCP channel) Support for Linux
Support for FCP channels enables zSeries servers to
connect to select Fibre Channel Switches and FCP/SCSI
devices under Linux on zSeries. This expanded attachabil-
ity provides a larger selection of storage solutions for Linux
implementations.
Cryptographic Support for Linux
Linux on zSeries running on standard z990, z900, and
z800 engines is capable of exploiting the hardware cryp-
tographic feature provided by the PCICA feature (PCI
Cryptographic Accelerator). This enables customers
implementing e-business applications on Linux on zSeries
to utilize this enhanced hardware security.
Network devices
• Virtual CTC
• ESCON CTC
•
OSA-Express (Gigabit Ethernet, 1000BASE-T Ethernet,
Fast Ethernet, Token-Ring) up to 24 features/48 ports on
z990
• HiperSockets (up to 4096 TCP/IP stacks on up to 16
HiperSockets on z990)
• 3172
• IUCV
• Character devices
• 3215 console
• Integrated console
Additional information is available at ibm.com/linux/ and at
ibm.com/zseries/linux/.
Linux Support
Environment
• z990, z900, z800 or z890 single image
• zSeries LPAR
• z/VM guest
Block devices
• VM minidisks
• ECKD
™
3380 or 3390 DASDs
• VM virtual disk in storage
57
zSeries 890 Family Confi guration Detail
Maximum of 512 CHPIDs; One I/O cages: 28 I/O slots
Per System
Feature Minimum Maximum Maximum Ports/ Purchase
Features I/O Slots Connections Channels/ Increments
used by Increments
Features per Feature
ESCON, 0
1
16 port channels channels
FICON 0
Express2
STI-35 0 8 N/A 2 outputs N/A
ICB-3 link 0
1 204
1
ICB-4 link 01 N/A7 8 links6 N/A 1 link
ISC-3 0
OSA- 0 204 40 2 1 feature
Express
1
OSA- 0 20
Express2 ports GbE has 1)
Crypto 0 16
Express2 coprocessors coprocessors
PCICA
0 24 4 accelerator 2 accelerator 1 feature
cards cards
010
PCIXCC
coprocessor coprocessor
1) A minimum of one I/O feature (ESCON, FICON Express/FICON Express2)
or one Coupling Link (ICB, ISC-3) is required.
2) Each ESCON feature has 16 channels of which 15 channels may be activated. One channel is always reserved as a spare.
3) ESCON channels are purchased in increments of four and are activated
via Licensed Internal Code, Confi guration Control (LIC CC). Channels
are activated equally across all installed 16-port ESCON features for
high availability.
4) The maximum quantity of FICON Express, FICON Express2, OSAExpress, OSA-Express2, PCICA, and PCIXCC in combination cannot
exceed 20 features per server. When the FICON Express2 feature
becomes available, the FICON Express (feature codes 2319 and 2320)
will no longer be orderable.
5) Each STI-3 distribution card, which supports the ICB-3s, resides in the
I/O cage, occupying one I/O slot.
6) The maximum number of Coupling Links combined (ICs, ICB-3s, ICB-4s,
and active ISC-3 links) cannot exceed 64 per server.
7) ICB-4s do not require connectivity to a card in the I/O cage. ICB-4s are
not included in the maximum feature count for I/O slots.
8) A maximum of 32 ISC-3s can be defi ned in compatibility mode (operating at 1 Gbps, instead of 2 Gbps).
9) It is recommended that an initial order for ISC-3 include two links. When
two links are purchased, two ISC-3 features are shipped and activated
links are balanced across ISC-3 features for high availability.
10) PCIXCC feature increments are 0, 2, 3, or 4.
Note: The Capacity Model 110 has an I/O cage with 16 I/O slots maximum
which will support up to 240 channels which can be any mix of the following as long as it does not exceed 240 channels — maximum of 240
ESCON channels, 32 FICON Express channels, 24 OSA-Express ports.
28 420 16 4
80 4 1 feature
channels
channels
2
channels
N/A 16 links6 N/A 1 link
12 48 links
6, 8
4 links 1 link
ports ports
2, 4
40 2 or 1 (10 1 feature
2, 4
16 2 1 feature
44 4 1 1 feature
3
9
10
Processor Unit Assignments
Model Total PUs Characterized PUs* SAP Standard Spares
A04***
1-way** 5 1 1 3
2-way** 5 2 1 2
3-way** 5 3 1 1
4-way** 5 4 1 0
*PU can be characterized as CP, IFL, ICF, or zAAP
**These values are for all machines including the sub-uni, sub 2-way
models, etc.
***Customer will be required to purchase at least one CP, IFL, ICF or zAAP
Processor Memory
z890 Model Minimum Maximum
A04 8 GB 32 GB
Single memory card. Memory cards 8 GB, 16 GB or 32 GB. Memory increments 8 GB.
Channels
Model ESCON Min **ESCON Max *FICON Min *FICON Max
A04 0 420 0 40
*FICON Express and FCP confi gured on the same FICON Express features.
Max FICON Express channels total 40, max FICON Express2 channels
total 80.
**ESCON increments of 4 channels
Coupling Links
Links IC ICB-3* ICB-4 ISC-3 Max Links
0-32 0-16 0-8 0-48 Max combined IC,
ICB-3, ICB-4, active
ISC-3 = 64
*requires STI-3 card
Note: At least one I/O channel (FICON, ESCON) or one coupling link (ISC,
ICB) must be present.
58
Cryptographic Features
PCICA
Minimum 0 0
Maximum 23 4
1. Max two PCICA features per system
2. Max eight PCICA and PCIXCC features per system
3. Two accelerator cards per PCICA feature
4. One coprocessor per PCIXCC feature (minimum orderable 2 features)
1, 2
PCIXCC2
4
OSA-Express Features
OSA-Express* Features
Minimum 0
Maximum 20
*Any combination of GbE LX, GbE SX, 1000BASE-T Ethernet, Token-Ring
z890 Frame and I/O Confi guration Content: Planning for I/O
The following diagrams show the capability and fl exibility
built into the I/O subsystem. All machines are shipped with
a single frame, the A-Frame has a single I/O cage with 28
I/O slots.
A-Frame
Single
CEC
I/O
Cage
I/O cage
General Information:
• ESCON confi gured in 4-port increments. Up to 28 channels in 2 cards, 60 channels in 4 cards, 88 channels in 6
cards, etc. up to a maximum 420 channels on 28 cards
• OSA-Express/OSA-Express2 can be Gigabit Ethernet,
1000BASE-T Ethernet or Token-Ring
• Total number of PCIXCC / PCICA is 8 per system
• If ICB-3 are required on the system, these will use up a
single I/O slot for each ICB-3 to accommodate the STI-3
cards. The fi rst ICB-3 required a slot. The second to the
fourth required another slot. The fi fth to the sixth required
another slot. (STI-3 cards each provide two ICBs)
Channels and channel adapters no longer supported on z890
The following channels and/or channel adapters are no
longer supported:
• Parallel channels - an ESCON converter is required; IBM
9034 or Optica 34600 FXBT
• OSA-2 adapters - use equivalent OSA-Express adapters, for FDDI migrate to Ethernet as soon as possible
• OSA-Express ATM - use 1000BASE-T or Gigabit Ethernet with appropriate multi-protocol switch or router
• 4 Port ESCON cards - will be replaced with 16-port
ESCON cards during upgrade
• PCICC - replaced with PCIXCC for most functions
• ICB-2 - replace with ISC-3 links in compatibility mode.
I/O Feature Type Features Maximum
ESCON 28 cards 420 channels
FICON Express 20 40 channels
FICON Express2 20 80 channels
OSA-Express 20 40 ports
OSA-Express2 20 40 ports
PCIXCC 4 4 ports
PCICA 2 4 ports
Maximum combined FICON Express, OSA-Express, PCICA/PCIXCC features is 20
59
Physical Characteristics
Coupling Facility — CF Level of Support
z890 Power/Heating/Cooling
System Power Consumption (50/60 Hz, KVA)
Model / Confi g 1 I/O Cage
A04 1.5 - 4.7
Note: Assumes 60 amp cords
System Cooling (Air Flow Rate - CFM)
Model / Confi g 1 I/O Cage
A04 640
Note: Assumes chilled underfl oor temperature of 24OC
Heat Output (kBTU/hr)
Model / Confi g 1 I/O Cage
A04 5.12 - 16.06
z890 Dimensions
z890
# of Frames 1 Frame
IBF contained within the single frame
Height (w/ covers) 194.1 cm / 76.4 in (40 EIA)
Width (w/ covers) 78.5 cm / 30.9 in
Depth (w/ covers) 157.7 cm / 62.1 in
Height Reduction 178.5 cm / 70.3 in (38 EIA)
Width Reduction None
Machine Area 1.24 sq. meters / 13.31 sq. feet
Service Clearance 3.03 sq. meters / 32.61 sq. feet
(IBF contained within the frame)
CF Level Function
14 Contains modifi cations to the CF dispatcher and
internal serialization mechanisms to better
manage coupled workloads in all environments.
CFCC Level 14 with CFCC Dispatcher Modifi ca tions is exclusive to z890 and z990
13 Parallel Sysplex performance enhancements
for DB2 castout processing and receives the
benefi ts of CFCC enhanced patch apply
12 64-bit support for Coupling Facility, CF Duplexing
Toleration for >15 LPAR ID on z990, z890
Enhanced Storage Protect
DB2 Performance
Message Time Ordering
11 9672 G5/G6 CF Duplexing
Toleration for >15 LPAR ID on z990, z890
10 z900 GA2 support
®
9 MQSeries
shared message queues
WLM Multi-system Enclave Support
Intelligent Resource Director**
IC-3/ISC-3/ICB-3 Peer Mode**
8 Dynamic ICF expansion into shared ICF pool
Systems-Managed Rebuild
7 Shared ICF partitions on server models
DB2 Delete Name optimization
6 ICB & IC
TPF support
5 DB2 cache structure duplexing
DB2 castout performance improvement
Dynamic ICF expansion into shared CP pool*
4 Performance optimization for IMS & VSAM RLS
Dynamic CF Dispatching
Internal Coupling Facility*
IMS shared message queue extensions
3 IMS shared message queue base
2 DB2 performance
VSAM RLS
255 Connectors/1023 structures for IMS Batch
DL1 (non-BMP)
1 Dynamic Alter support
CICS temporary storage queues
System Logger
Notes:
–
G5 base CF level code is CF Level 6 and can be upgraded to CF Level 11
–
G6 base CF level code is CF Level 8 and can be upgraded to CF Level 11
– z900 base CF level code is CF Level 9
– z800, z890 and z990 base CF level code is CF Level 12
–
Detailed information regarding CF Levels can be found in Coupling Facility
Level (CF LEVEL) Considerations at ibm.com/s390/pso/cftable.html
*G3, G4, G5 and G6 only
**zSeries required
Please note that although a particular back level machine may be updated
to a more current CFCC level, NOT all the functions of that CFCC level may
be able to run on that hardware platform, i.e., G3/G4 can be upgraded to
CF Level 8 but it cannot use dynamic ICF expansion into shared ICF pool.
60
Fiber-Optic Cabling and System Connectivity
In the world of open systems and Storage Area Networks
(SANs), the changing requirements for fi ber-optic cabling
are directly related to the system hardware confi guration.
As industry-standard protocols and higher data rates
continue to be embraced in these environments, the fi ber-
optic cabling options can become numerous and complex.
Today’s marketplace is evolving towards new Small Form
Factor (SFF) fi ber-optic connectors, short wavelength (SX)
and long wavelength (LX) laser transceivers, and increas-
ing link speeds from one gigabit per second (Gbps) to 10
Gbps. New industry-standard SFF fi ber-optic connectors
and transceivers are utilized on the zSeries ESCON and
FICON Express features, on the ISC-3 feature, and on the
zSeries ETR feature. These new features must coexist with
the current infrastructure that utilizes a different “family” of
fi ber-optic connectors and transceivers.
As a result of this complex and continually changing land-
scape, IBM is providing you with multiple fi ber cabling
services options to provide fl exibility in meeting your fi ber
cabling needs.
IBM Network Integration and Deployment Services for
zSeries fi ber cabling (zSeries fi ber cabling services)
enables businesses to choose the zSeries confi guration
that best matches their computing environment without
having to worry about planning and implementing the
fi ber-optic cabling. By teaming with IBM, businesses can
receive a world class solution for their zSeries fi ber con-
nectivity requirements, including consulting and project
management, as well as the fi ber-optic jumper cables and
installation to complete the zSeries integration.
zSeries fi ber cabling now offers three options to address
a solution for your fi ber cable installation. Enterprise fi ber
cabling offers two additional options to help meet your
structured (trunking) environments requirements.
zSeries fi ber cabling options:
• Fiber-optic jumper cabling package
will analyze your zSeries channel confi guration and your
existing fi ber-optic cabling to determine the appropriate
fi ber-optic jumper cables required, then supply, label
and install the fi ber-optic jumper cables and complete
the installation with a detailed connection report.
• Fiber-optic jumper migration and reuse for a zSeries
upgrade will plan, organize, re-label, re-route and replug your existing fi ber-optic jumper cables for reuse
with the upgraded zSeries server
• Fiber-optic jumper cables and installation
will supply the fi ber-optic jumper cables you specify,
then label and install the fi ber-optic jumper cables.
Enterprise fi ber cabling options
• zSeries fi ber-optic trunk cabling package
will analyze your zSeries channel confi guration and your
existing fi ber-optic infrastructure to determine the appropriate fi ber-optic harnesses, fi ber-optic trunk cables and
the fi ber optic patch panel boxes required, then supply,
label and install the fi ber-optic components to connect
your new zSeries server to your existing structured fi ber
cabling infrastructure.
• Enterprise fi ber cabling package
will analyze your entire data center confi guration and
existing fi ber-optic infrastructure to determine the appropriate end-to-end enterprise solution for connectivity.
This is a customized offering that includes trunk cables,
zone cabinets, patch panels and direct attach harnesses for servers, directors and storage devices.
These tailored zSeries fi ber cabling options use the same
planning and implementation methodologies as IBM’s cus-
tomized enterprise fi ber cabling services, only focused on
your zSeries fi ber cabling needs.
61
z/OS
Fiber Quick Connect (FQC): FQC, a zSeries confi guration
option, helps reduce the cable bulk associated with the
installation of potentially 240 (z800) to 256 (z900) to 420
(z890/z990) ESCON channels in one I/O cage. Fiber har-
nesses, which are factory-installed, enable connection
to IBM’s Fiber Transport System (FTS) direct-attach fi ber
trunk cables. Each trunk can have up to 72 fi ber pairs.
Four trunks can displace the 240 to 256 fi ber optic cables
on the z800 or z900.
In planning for zSeries systems, refer to Planning for:
S/390 Fiber Optic Links (ESCON, FICON, Coupling Links,
and Open System Adapters), GA23-0367, and the Installa-
tion Manual Physical Planning (IMPP) manual. Refer to the
services section of Resource Link for further details on the
zSeries Fiber Cabling Service options and the Fiber Quick
Connect confi guration option.
Access Resource Link at ibm.com/servers/resourcelink.
While zSeries servers are supported by a number of dif-
ferent operating systems, their most advanced features
are powered by z/OS. z/OS is the foundation for the future
of zSeries, an integral part of the z/Architecture designed
and developed to quickly respond to the demanding qual-
ity of service requirements for on demand businesses.
z/OS is the fl agship mainframe operating system based
on the 64-bit z/Architecture. It is designed to deliver the
highest qualities of service for enterprise transactions
and
data, and extends these qualities to new applications using
the latest software technologies. It provides a highly secure,
scalable, high-performance base on which to deploy Inter-
net and Java technology-enabled applications, providing a
comprehensive and diverse application execution environ-
ment. z/OS takes advantage of the latest software technolo-
gies: new object-oriented programming models that permit
the rapid design, development and deployment of applica-
tions essential to on demand businesses. It helps protect
your investment in your present mainframe applications
by providing options for modernizing existing applications
and integrating them with new on demand applications,
all within a single image of z/OS. It provides a solid base
for applications, supporting new technologies such as
™
Enterprise JavaBeans
, XML, HTML, and Unicode, Parallel
Sysplex clustering, highly available TCP/IP networking and
dynamic workload and resource balancing.
Integrated system services
z/OS helps make critical data and processing functions
accessible to end users regardless of their location in the
heterogeneous on demand world. The z/OS base includes
z/OS Communications Server, which enables world class
TCP/IP and SNA networking support, including mainframe
dependability, performance, and scalability; highly secure
connectivity; support for multiple protocols; and effi cient
use of networking assets.
62
This integrated set of system services in z/OS can help a
customer to focus on extracting the maximum business
value from the z/OS installation. The system manages the
workload, program libraries and I/O devices. Complexities
are designed to be minimized and problem determina-
tion is facilitated with the sophisticated recovery, reporting
and debug facilities of z/OS. The z/OS operating system
combines many features that change the playing fi eld of IT
infrastructure design:
• Support for zSeries Application Assist Processors
(zAAP), an attractively priced special processing unit
that provides an economical z/OS Java language-based
execution environment
• Intelligent Resource Director expands the capabilities of
z/OS Workload Manager to react to changing conditions
and prioritize critical business workloads
•
Support for 64-bit real memory and 64-bit virtual storage
• A new installation and confi guration infrastructure that
simplifi es the installation and confi guration of z/OS and
related products
• Software pricing models designed to support on
demand reality
• z/OS 1.6 is the fi rst release of z/OS that requires the
z/Architecture. This release will only run on zSeries
servers (z890, z990, z800, z990) or equivalent servers.
z/OS.e
z/OS.e unique for the z890 and z800 providing select func-
tion at an exceptional price. z/OS.e is intended to help
customers exploit the fast growing world of on demand
business by making the deployment of new application
workloads on the z890 and z800 very attractively priced.
z/OS.e uses the same code base as z/OS with custom
parameters and invokes an operating environment that is
comparable to z/OS in service, management, reporting,
and reliability. In addition, z/OS.e invokes zSeries hard-
ware functionality just as z/OS does. No new z/OS skills
and service procedures are required for z/OS.e.
z/OS.e is specifi cally for Java, Enterprise Java, C/C++,
and Web-based data transaction processing applications,
giving these workloads a price/performance customers
expect. z/OS.e disables traditional workloads. z/OS.e will
not execute CICS, IMS, COBOL, or FORTRAN applica-
tions. However, precompiled COBOL DB2 stored proce-
dures and other precompiled COBOL applications using
®
the Language Environment
preinitialization interface
(CEEPIPI) are supported. You cannot use the following
®
compilers: COBOL, PL/I, VisualAge
PL/I, and FORTRAN.
However, z/OS.e supports execution of precompiled PL/I
and VisualAge PL/I applications.
At only a fraction of the cost of z/OS, z/OS.e makes the
decision to run new workloads on the mainframe easy
due to its reduced total cost of ownership and exceptional
robustness and functionality. z/OS.e and z890 or z800
server help reduce the total cost of ownership of hardware,
software, people, and environments, making the combina-
tion very cost-effective for new applications.
With very few exceptions, z/OS.e has the same features
and functionality as z/OS. As a result, unless otherwise
specifi ed, z/OS features described herein are applicable
to z/OS.e running on a z890 or z800 server.
Intelligent Resource Director
Intelligent Resource Director (IRD) is a key feature of the
z/Architecture which extends the Workload Manager to
work with PR/SM on zSeries servers to dynamically manage
resources across an LPAR cluster. An LPAR cluster is the
subset of the z/OS systems that are running as LPARs on the
same CEC in the same Parallel Sysplex. Based on business
63
goals, WLM can adjust processor capacity, channel paths,
and I/O requests across LPARs without human intervention.
IRD assigns resources to the application; the applica-
tion is not assigned to the resource. This capability of a
system to dynamically direct resources to respond to the
needs of individual components within the system is an
evolutionary step. It enables the system to continuously
allocate resources for different applications, and this helps
to reduce the total cost of ownership of the system. IRD is
made up of three parts that work together to help optimize
the utilization of zSeries resources:
• LPAR CPU Management
• Dynamic Channel Path Management
• Channel Subsystem Priority Queuing
The z/OS Intelligent Resource Director (IRD) Planning
Wizard helps to plan your IRD implementation by asking
questions about your enterprise setup, and produces a
worksheet that describes the issues on each of your systems
that you must consider before you can implement IRD. The
z/OS IRD Planning Wizard supports z/OS 1.2 and higher.
zSeries Application Assist Processor
The IBM ^ zSeries Application Assist Processor
(zAAP), available on the z990 and z890 servers, is an
attractively priced specialized processing unit that pro-
vides an economical Java execution environment for z/OS
for customers who desire the traditional qualities of service
and the integration advantages of the zSeries platform.
When confi gured with general purpose processors within
logical partitions running z/OS, zAAPs may help increase
general purpose processor productivity and may contrib-
ute to lowering the overall cost of computing for z/OS Java
technology-based applications. zAAPs are designed to
operate asynchronously with the general processors to
execute Java programming under control of the IBM Java
Virtual Machine (JVM). This can help reduce the demands
and capacity requirements on general purpose proces-
sors which may then be available for reallocation to other
zSeries workloads.
The IBM JVM processing cycles can be executed on the
confi gured zAAPs with no anticipated modifi cations to
the Java application(s). Execution of the JVM processing
cycles on a zAAP is a function of the Software Developer’s
Kit (SDK) 1.4.1 for zSeries, z/OS 1.6, and the Processor
Resource/Systems Manager (PR/SM).
z/OS Scalability
z/OS is a highly scalable operating system that can sup-
port the integration of new applications with existing
mainframe applications and data. z/OS can scale up in a
single logical partition, or scale out in a Parallel Sysplex for
higher availability. With z/OS V1.6, up to 24 processors are
supported in a single logical partition on the z990 server.
In previous releases, z/OS supported up to 16 processors.
In a Parallel Sysplex, up to 32 z/OS images can be confi g-
ured in single-image cluster, with access to shared data.
64-bit Support
z/OS scale is extended with support for 64-bit real and
virtual storage on zSeries servers, while continuing to sup-
port 24-bit and 31-bit applications.
The 64-bit real support is intended to eliminate expanded
storage, helps eliminate paging and may allow you to
consolidate your current systems into fewer LPARs or to
a single native image. z/OS 1.5 delivers 64-bit shared
memory support to allow middleware to share large
amounts of 64-bit virtual storage among multiple address
spaces. This is expected to provide a signifi cant capacity
enhancement for relieving shared virtual storage constraints.
64
Applications that can be written to 64-bit virtual storage
have signifi cantly larger addressability to data. With z/OS
1.2, assembler programs can obtain virtual storage above
2 GB for storing and manipulating data. This 64-bit support
is used by DB2 V8 and other middleware. z/OS 1.6 includes
C/C++ support for the development of 64-bit applications,
including debug and runtime support. In addition, the Java
SDK 1.4.1 is also available with 64-bit support.
Automation Support
z/OS Managed System Infrastructure for Operations (msys
for Operations) provides automation for single system and
sysplex operations to help simplify operations and improve
availability. msys for Operations plays an important role in
outage avoidance.
Functions msys for operations provides control and
manage both hardware and software resources making
fully automated solutions possible. The focus is on simpli-
fying complicated operator interaction, detecting failure
situations and reacting to them quickly and precisely. This
is achieved through panel driven operator dialogs and
automated recovery routines that run in the background.
Simplifi ed Confi guration z/OS Managed System Infrastruc-
ture for Setup (msys for setup) is the strategic solution for
product installation, confi guration and function enable-
ment. msys for Setup allows usage of consistent interfaces
with wizard-like confi guration dialogs. In z/OS 1.4, the
msys for Setup Framework was enhanced to provide multi-
user capability and improved multisystem support.
Also, with z/OS 1.5 msys for Setup can use the IBM Direc-
tory Server, OpenLDAP, on any IBM platform including
®
OpenLDAP on z/OS UNIX
System Services. This can sim-
plify the initialization of msys for setup, and can make the
Management Directory virtually transparent to the user.
The following functions can be confi gured using msys for
Setup: Parallel Sysplex clustering, TCP/IP, UNIX System
Service, Language Environment, LDAP, RMF, ISPF, FTP,
and DB2 UDB for z/OS V8.
System Services
z/OS Version 1 Release 6 base elements
Base Control Program (BCP)
4
JES2
ESCON Director Support
MICR/OCR Support
Bulk Data Transfer base
DFSMSdfp
EREP/MVS High Level Assembler ICKDSF
ISPF
3
TSO/E
3270 PC File Transfer Program V1R1
FFST™/ESA
TIOC
z/OS Version 1 Release 6 optional priced features
DFSMSdss
DFSMShsm
DFSMSrmm
DFSMStvs
JES3
Bulk Data Transfer (BDT) File to File
Bulk Data Transfer SNA NJE
1. Disabled on z/OS.e
2. Not licensed on z/OS.e
3. TSO usage is limited to 8 concurrent users on z/OS.e
4. z/OS.e only supports the latest JES that ships with the product
™
2
1
™
™
The msys for setup dialogs use defaults and best practices
values whenever possible and derive low-level values from
answers to high-level questions. After the confi guration param-
eters have been specifi ed, msys for Setup can automatically
update the system confi guration directly. The user can see in
detail what the changes will be before they are made.
The backbone of the z/OS system is the Base Control
Program (BCP) with JES2 or JES3. These provide the
essential services that make z/OS the system of choice
when workloads must be processed reliably, securely,
with complete data integrity and without interruption. The
65
BCP includes the I/O confi guration program (IOCP), the
workload manager (WLM), systems management facilities
(SMF), the z/OS UNIX Systems Services kernel, and sup-
port for Unicode.
Sense and Respond with Workload Manager
Workload Manager (WLM) addresses the need for manag-
ing mixed workload distribution, load balancing and the
distribution of computing resources to competing work-
loads. It does this while providing fewer, simpler system
externals. Performance management goals are expressed
in Service Level Agreement terms. All this is done with a
single policy that can be used across the sysplex to pro-
vide a single control point, eliminating the need to manage
each individual image.
Dynamic balancing of JES2 batch initiators across a sys-
plex has been enhanced in z/OS 1.4 to provide better utili-
zation of processor resources. WLM is designed to check
every 10 seconds to see if re-balancing is required. WLM
is more aggressive in reducing initiators on constrained
systems and starting new ones on less utilized systems
helping to ensure that processors are more evenly utilized.
Data Management with DFSMS
DFSMS comprises a suite of related data and storage
management functions for the z/OS system. DFSMSdfp is
a base element of z/OS which performs the essential data,
storage and device management functions of z/OS. One
function of DFSMSdfp is the Storage Management Subsys-
tem (SMS). SMS helps automate and centralize the man-
agement of storage based on the customer’s policies for
availability, performance, space, and security. Using SMS,
the storage administrator defi nes policies that can auto-
mate the management of storage and hardware devices.
These policies describe data allocation characteristics,
performance and availability goals, backup and retention
requirements, and storage requirements for the system.
The other elements of DFSMS – DFSMSdss, DFSMShsm,
DFSMSrmm, and DFSMStvs, complement DFSMSdfp to
provide a comprehensive approach to data and storage
management. In a system-managed storage environment,
DFSMS can automate and centralize storage manage-
ment based on the policies that your installation defi nes for
availability, performance, space, and security. With these
optional features enabled, you can take full advantage of
all the functions that DFSMS offers.
WLM Improvements for WebSphere
z/OS 1.5 can simplify WLM control for WebSphere.
Customers now have the choice to manually defi ne
WebSphere application environments for WLM or have
WebSphere defi ne them as and when required.
Performance block reporting for enclaves and multi-period
classes are designed to provide improved workload bal-
ancing for middleware applications such as WebSphere.
WLM Enqueue Management establishes a new interface to
allow reporting of resource contention. The priority of the
task holding the enqueue can be increased to allow the
resource to be released more quickly.
DFSMShsm can perform space management functions
along with disaster recovery functions such as Advanced
Copy Services and aggregate backup and recovery sup-
port (ABARS). DFSMSdss can provide backup, restore
and copy services. DFSMSrmm provides tape manage-
ment services. Finally, DFSMStvs can provide coordinated
updates to multiple VSAM data sets at a transaction level,
providing high availability for CICS/VSAM by allowing con-
current access by batch applications.
66
z/OS 1.5 can help signifi cantly enhance application
backup with enhancements to DFSMShsm to utilize
volume level fast replication. The fast backup is designed
to exploit FlashCopy and the virtual concurrent copy capa-
bility of IBM TotalStorage Enterprise Storage Server and
IBM RAMAC Virtual Array (RVA) respectively. DFSMShsm
Fast Replication in z/OS 1.5 is also intended to provide a
fast, easy to use point-in-time backup and recovery solu-
tion specifi cally designed for DB2 Universal Database
(UDB) for z/OS V8. It is designed to allow fast, nondisrup-
tive backups to be taken at appropriate events when there
is minimum activity at the application level or when a fast
point-in-time backup is desired.
Parallel Sysplex
zSeries Parallel Sysplex technology provides world-class
availability by allowing z/OS workloads to be balanced
across multiple servers to provide near continuous avail-
ability. This form of clustering, known as single system
image, also provides tremendous scale. Up to 32 zSeries
servers with z/OS can appear as a single image for
data sharing applications (see previous section, Parallel
Sysplex Clustering Technology).
CICS/VSAM enabled for 24x7 availability
DFSMS Transactional VSAM Services (DFSMStvs) allows
you to share VSAM data sets across CICS, batch, and
object-oriented applications on z/OS or distributed sys-
tems. DFSMStvs can enable concurrent shared updates
of recoverable VSAM data sets by CICS transactions and
multiple batch applications and 24-hour availability of
CICS and batch applications. DFSMStvs is built on top of
VSAM record-level sharing (RLS), which permits sharing of
recoverable VSAM data sets at the record level.
System-Managed CF Structure Duplexing
System-Managed Coupling Facility (CF) Structure Duplex-
ing is designed to signifi cantly enhance Parallel Sysplex
availability. It can provide a robust failure recovery capa-
bility via CF structure redundancy, and it can enhance
Parallel Sysplex ease of use by helping to reduce the
complexity of CF structure recovery. These benefi ts can
be achieved by creating a duplicate (or duplexed) copy
of a CF structure and then maintaining the two struc-
ture instances in a synchronized state during normal CF
operation. In the event of a CF related failure (or even a
planned outage of a CF), failover to the remaining copy of
the duplexed structures can be initiated and quickly com-
pleted transparent to the CF structure user and without
manual intervention.
JES2 and JES3
JES2 and JES3 handle the submission of work and the
distribution of output for the Base Control Program. JES2
exercises independent control over its job processing
functions, whereas JES3 exercises centralized control.
• In z/OS 1.2, JES2 and JES3 allow an installation to have
up to 999,999 jobs managed at any single point in time.
In addition, both provide the installation the ability to
obtain (spinoff) their JESlog data sets prior to job completion.
• The JES2 Health monitor, in z/OS 1.4, provides improved
diagnostics. Even when JES2 is not responding to commands, the JES2 monitor, running in a separate address
space, will be able to provide information about JES2’s
status. JES2 also provides enhanced recovery from corrupted checkpoint data to prevent multisystem outages
• In z/OS 1.4, JES3 provides additional tolerance for initialization errors and the MAINPROC refresh function
which enables the dynamic addition of systems to the
sysplex
67
System Management Services
z/OS Version 1 Release 6 base elements and components
HCD
SMP/E V3
Managed System Infrastructure for Setup
Managed System Infrastructure for Operations
z/OS Version 1 Release 6 optional priced features
RMF
SDSF
HCM
z/OS provides systems management functions and fea-
tures to manage not only host resources, but also distrib-
uted systems resources. These capabilities have a long,
successful history of usage by S/390 customers. z/OS has
enhanced many of these systems management functions
and features to provide more robust control and automa-
tion of the basic processes of z/OS.
Console Enhancements
z/OS 1.5 includes consoles enhancements which are
designed to improve system availability by enhancing
the capacity and reliability of message delivery. Major
changes to the message production and consumption
fl ow can help reduce the possibility of bottlenecks which
can cause a backlog of undelivered messages. These
enhancements are available with z/OS 1.4 as an optional
no-charge Console Enhancements Feature. msys for Setup
has been enhanced in z/OS 1.4 to allow multiple users
to log on and work concurrently from different worksta-
tions. Furthermore, as part of the user enrollment process,
the msys for Setup user administrator can control which
msys for Setup workplace functions a user can access.
The graphical user interface (msys for Setup workplace)
has been redesigned and is now easier to learn and use.
These valuable ease-of-use enhancements make working
with msys for Setup more intuitive.
z/OS msys for Operations is a base element in z/OS 1.2
that incorporates automation technology into z/OS. It pro-
vides self-healing attributes for some critical system and
sysplex resources and can simplify the day-to-day opera-
tion of a single z/OS image or of a Parallel Sysplex cluster.
msys for Operations enhancements in z/OS 1.3 include
automation to handle enqueue contention and auxiliary
storage shortages. msys for Operations can also interface
with the Hardware Management Console (HMC) to provide
hardware functions such as deactivating LPARs.
RMF
RMF is IBM’s strategic product for z/OS performance mea-
surement and management. It is the base product to col-
lect performance data for z/OS and sysplex environments
to monitor systems’ performance behavior and allows
customers to optimally tune and confi gure their system
according to business needs. RMF provides its benefi ts
through the operation of Postprocessing and Online Moni-
toring functions. They are based on a set of data gatherers
and data services which enable access to all performance
relevant data in a z/OS environment. The four components
are RMF Data Gatherer, RMF Sysplex Data Services, His-
torical Data Reporting and Online Monitoring with RMF.
Enhancements
• RMF can show the contention for Cryptographic Coprocessors, including a description of which workloads are
using or are delayed in access to the cryptographic
coprocessors
• Application State Recording, a new feature of z/OS 1.4
provides more granular performance reporting for middleware such as WebSphere
• In z/OS 1.5, RMF Monitor II and Monitor III performance
data is now RACF protected
68
SMP/E
Security Services
SMP/E provides the ability to install software products
and service either from DASD or tape, or directly from a
network source, such as the Internet. By installing directly
from a network source, SMP/E is enabling a more seam-
less integration of electronic software delivery and instal-
lation.
Advanced System Automation
The unique and rich functions of IBM Tivoli System Auto-
mation for OS/390 (SA OS/390) Version 2.2 (separately
orderable) can ease z/OS management, help reduce
costs, and increase application availability. SA OS/390
automates I/O, processor, and system operations, and
includes “canned” automation for IMS, CICS, Tivoli OPC,
and DB2. Its focus is on Parallel Sysplex automation,
including multi- and single-system confi gurations, and on
integration with end-to-end Tivoli enterprise solutions. With
the new patented manager/agent design, it is now pos-
sible to automate applications distributed over a sysplex
by virtually removing system boundaries for automation.
System Services benefi ts can include:
• Increased system availability
• Improved productivity of system programmers
• A more consistent approach for confi guring z/OS components or products
• System setup and automation using best practices
which can greatly improve availability
z/OS Version 1 Release 6 base elements and components
Integrated Security Services include:
- Public Key Infrastructure Services
- DCE Security Server
- Open Cryptographic Enhanced Plug-ins
- Firewall Technologies
- LDAP Services
- Network Authentifi cation Service
- Enterprise Identity Mapping
Cryptographic Services:
-
Integrated Cryptographic Service Facility
- System SSL
- Open Cryptographic Services Facility
z/OS Version 1 Release 6 optional priced features
Security Server includes:
- RACF
z/OS Version 1 Release 6 optional no-charge features
z/OS Security Level 3 which includes:
- LDAP Security Level 3
- Network Authentication Service Level 3
- System SSL Security Level 3
- Open Cryptographic Services Facility Security Level 3
z/OS extends its robust mainframe security features to
address the demands of on demand enterprises. Tech-
nologies such as LDAP, Secure Sockets Layer (SSL),
Kerberos V5, Public Key Infrastructure, and exploitation of
zSeries cryptographic features are available in z/OS.
RACF
Resource Access Control Facility (RACF) provides the
functions of authentication and access control for z/OS
resources and data, including the ability to control access
to DB2 objects using RACF profi les. Using an entity known
as the RACF user ID, RACF can identify users requesting
access to the system. The RACF user password (or valid
substitute, such as a RACF PassTicket or a digital certifi -
cate) authenticates the RACF user ID.
69
Once a user is authenticated, RACF and the resource
managers control the interaction between that user
and the objects it tries to gain access to. These objects
include: commands, datasets, programs, tape volumes,
terminals and objects that you defi ne. RACF supports fl ex-
ibility in auditing access attempts and changes to security
controls. To audit security-relevant events, you can use the
RACF system management unload utility and a variety of
reporting tools.
With one command, a security administrator can update
remote RACF databases without logging on to remote sys-
tems. Throughout the enterprise, RACF commands can be
sent automatically to synchronize multiple databases. In
addition, RACF can automatically propagate RACF data-
base updates made by applications. With RACF, users can
keep passwords synchronized for specifi c user IDs. When
you change one password, RACF can change passwords
for your user ID on different systems and for several user
IDs on the same system. Also, passwords can be changed
automatically for the same user ID on different systems.
This way, several RACF databases can be kept synchro-
nized with the same password information.
• RACF facilitates enterprise password synchronization
through RACF password enveloping and notifi cation of
password changes using z/OS LDAP
• Improved user accountability through RACF’s enforcement of unique z/OS UNIX UIDs and GIDs
• Improved access control fl exibility and granularity for
z/OS UNIX fi les with access control lists
• Multilevel security support
Multilevel Security
z/OS 1.5 is the fi rst and only IBM operating system to pro-
vide multilevel security. This technology can help improve
the way government agencies and other organizations
share critical classifi ed information. Combined with IBM’s
DB2 UDB for z/OS Version 8, z/OS provides multilevel
security on the zSeries mainframe to help meet the strin-
gent security requirements of government agencies and
fi nancial institutions, and can help open up new hosting
opportunities. Multilevel security technology allows IT
administrators to give users access to information based on
their need to know, or clearance level. It is designed to pre-
vent individuals from accessing unauthorized information
and to prevent individuals from declassifying information.
RACF enhancements:
• Digital Certifi cates can be automatically authenticated
without administrator action
• Administrative enhancements enable defi nition of profi les granting partial authority. Handling of new passwords and removal of class authority are simplifi ed.
• On demand applications require a way to associate
more users under a RACF Group defi nition, so RACF
allows the creation of a new kind of Group that can contain an unlimited number of users
• RACF now allows you to perform RACF installation class
updates without an IPL, which can help improve availability
With multilevel security support in IBM’s z/OS 1.5 and DB2
V8, customers can enable a single repository of data to
be managed at the row level and accessed by individuals
based on their need to know.
SSL
Secure Socket Layer (SSL) is a public key cryptography-
based extension to TCP/IP networking which helps to
enable private communications between parties on the
Internet. z/OS provides fast and highly secure SSL sup-
port, with increased performance when coupled with
zSeries server cryptographic capabilities.
70
z/OS SSL support includes the ability for applications to
create multiple SSL environments within a single process.
An application can now modify environment attributes
without terminating any SSL sessions already underway.
• IPv6 Support: This support allows System SSL to be
used in an IPv6 network confi guration. It also enables
System SSL to support both IPv4 and IPv6 Internet protocol addresses.
• Performance is improved with CRL Caching: Today,
SSL supports certifi cate revocation lists (CRLs) stored
in an LDAP server. Each time a certifi cate needs to be
validated, a request is made to the LDAP server to get
the list of CRLs. CRL Caching enables applications to
request that the retrieved list of CRLs be cached for a
defi ned length of time.
• Support for the AES Symmetric Cipher for SSL V3 and
TLS Connections: System SSL supports the Advanced
Encryption Standard (AES), which provides data encryption using 128-bit or 256-bit keys for SSL V3.0 and TLS
V1.0 connections.
Support for DSS (Digital Signature Standard) Certifi cates:
•
System SSL has been enhanced to support Digital Signature Standard certifi cates defi ned by the FIPS (Federal
Information Processing Standard) 186-1 Standard.
• System SSL of RSA Private Keys Stored in ICSF: With
z/OS 1.4, support is introduced that is designed to allow
a certifi cate’s private key to reside in ICSF thus lifting
a restriction where the private key had to reside in the
RACF database.
• Failover LDAP provides greater availability: You can
now specify a list of Security Server-LDAP servers to be
used for storing certifi cate revocation lists (CRLs). When
certifi cate validation is being performed, this list will be
used to determine which LDAP server to connect to for
the CRL information.
• Simplifi ed administration with the ability to export and
import certifi cate chains using PKCS#7 format fi les
LDAP
z/OS provides industry-standard Lightweight Directory Pro-
tocol (LDAP) services supporting thousands of concurrent
clients. Client access to information in multiple directories
is supported with the LDAP protocol. The LDAP server
supports thousands of concurrent clients, increasing the
maximum number of concurrently connected clients by an
order of magnitude.
Enhancements:
• Mandatory Authentication Methods (required by IETF
RFC 2829) are supported in z/OS 1.4: The CRAM-MD5
and DIGEST-MD5 authentication methods have been
added. The methods avoid fl owing the user’s password
over the connection to the server. The LDAP Server, the
C/C++ APIs, and the utilities are updated with this support. Interoperability is improved for any applications
that make use of these methods.
• TLS: z/OS LDAP now provides support for TLS (Transport Layer Security) as defi ned in IETF RFC 2830 as an
alternative to SSL support. It also provides support, via
an LDAP extended operation, that allows applications to
selectively activate TLS for certain LDAP operations at
the application’s discretion.
• Support for IPv6 and 64-bit addressing
• Peer-to-peer replication provides failover support for
server availability. If a primary
master server fails, there
is now a backup master to which LDAP operations can
be directed.
• Large group support helps improve LDAP server performance when maintaining large access groups containing many members.
ICSF
Integrated Cryptographic Service Facility (ICSF) is a part
of z/OS which provides cryptographic functions for data
security, data integrity, personal identifi cation, digital
71
signatures, and the management of cryptographic keys.
These functions are provided via APIs intended to deliver
the highly scalable and available security features of z/OS
and the zSeries servers. Together with cryptography
features of the IBM zSeries servers, z/OS is designed to
provide high performance SSL, which can benefi t applica-
tions that use System SSL, such as the z/OS HTTP Server
and WebSphere, TN3270, and CICS Transaction Gateway
server.
ICSF provides support for the z990 and z890 PCIX Cryp-
tographic Coprocessor (PCIXCC), a replacement for the
PCICC and the CMOS Cryptographic Coprocessor Facility
that were found on the z900 and z800. All of the equivalent
PCICC functions offered on the PCIXCC are expected to
be implemented with higher performance. In addition,
PCIXCC implements the functions on the CMOS Crypto-
graphic Coprocessor Facility used by known applications.
PCIXCC supports secure cryptographic functions, use of
secure encrypted key values and user-defi ned extensions.
PKI Services
PKI Services is a z/OS component that provides a com-
plete Certifi cate Authority (CA) package for full certifi cate
life cycle management. Customers can be their own Cer-
tifi cate Authority, with the scale and availability provided by
z/OS. This can result in signifi cant savings over third party
options.
• User request driven via customizable Web pages for
browser or server certifi cates
• Automatic or administrator approval process administered via same Web interface
• End user / administrator revocation process
• Certifi cate validation service for z/OS applications
Firewall
• Firewall Technologies provide sysplex-wide Security
Association Support: This function is designed to enable
VPN (virtual private network) security associations to
be dynamically reestablished on a backup processor in
a sysplex when a Dynamic Virtual IP Address (DVIPA)
takeover occurs. When the Dynamic Virtual IP Address
give-back occurs, the security association is designed
to be reestablished on the original processor in the
sysplex. When used in conjunction with z/OS Communications Server’s TCP/IP DVIPA takeover/give-back capability, this function provides customers with improved
availability of IPSec security associations.
Network Authentication Service
• Network Authentication Services, provide authentication, delegation and data confi dentiality services that
are interoperable with other industry implementations
based on the MIT Kerberos V5 reference implementation. Network Authentication Service, administered with
RACF commands, supports both the native Kerberos
API functions as well as the GSS-API Kerberos security
mechanism and does not require DCE.
• IPv6 supported by Kerberos with z/OS 1.4 for improved
network security scalability
• Kerberos in z/OS 1.4 provides an alternative database to
RACF by offering support for its own registry database
using the UNIX System Services NDBM (New Database
Manager) support. NDBM provides full Kerberos administration support.
72
Application Enablement Services
z/OS Version 1 Release 6 base elements
Language Environment
Run-Time Library Extensions
z/OS Version 1 Release 6 optional priced features
C/C++ without Debug Tool
DFSORT
GDDM®-PGF V2R1.3
GDDM-RE90 V3R2
HLASM Toolkit V1R4
1. Disabled on z/OS.e
2. z/OS.e only supports the latest Language Environment that ships with this product.
See LE limitations for z/OS.e.
2
1
1
z/OS provides a solid infrastructure on which you can build
new applications, extend existing applications, and run
existing transactional and batch processes.
• Enhanced ASCII support provides the ability to produce
code that contains ASCII string literals and character
constants. This allows ASCII dependent logic to continue working on ASCII platforms, thus eliminating the
need to fi nd all such places in the code and converting
hem to EBCDIC when porting UNIX applications to z/OS.
t
•
Performance enhancements: A new higher optimization
level, OPTIMIZE(3), provides the compiler’s highest and
most aggressive level of optimization. OPTIMIZE(3) is
suggested when the desire for run-time improvement outweighs the concern for minimizing compilation resources.
• DB2 preprocessor integration: The C/C++ compiler has
been enhanced to integrate the functionality of the DB2
precompiler. A new SQL compiler option enables the
compiler to process embedded SQL statements.
Language Environment
Language Environment is a base element of z/OS and
provides the run-time environment for programs generated
with C, C++, COBOL, Fortan, and PL/1.
C/C++
• Extra Performance Linkage (XPLINK) is provided in z/OS
1.2 -
A C or C++ application has overhead associated with
each function call. The more highly functionalized a program, the more overhead. XPLINK helps cut down on
the overhead associated with these function calls and
can improve the performance of these applications. In
order to exploit the bulk of “high-performance linkage”
customers must recompile their C and C++ programs
under the new XPLINK environment. The new IBM SDK
for z/OS Java 2 Technology Edition 1.4 has been rewritten to take advantage of this unique z/OS function,
which can result in performance improvements.
C/C++ IBM Open Class® Library: As previously announced
in Software Announcement 203-131, dated May 13, 2003,
the application development support (that is, the headers,
source, sidedecks, objects, and samples from the Applica-
tion Support Class and Collection Class libraries) is with-
drawn from the C/C++ IBM Open Class Library (IOC) in
z/OS V1.5. Applications that use these IOC libraries cannot
be compiled nor linked using z/OS V1.5. Run-time support
for the execution of existing applications which use IOC
libraries is provided with z/OS V1.5, but is planned to be
removed in a future release.
z/OS 64-bit C/C++ environment: z/OS V1.6 delivers the
capability to exploit 64-bit virtual in developing and
deploying new applications that require a signifi cantly
larger addressability of data. This capability is provided
with enhanced UNIX System Services, 64-bit Language
Environment (LE) run-time developed with the C/C++ com-
piler 64-bit support, and the Program Management Binder
64-bit support. The availability of this support completes
the major steps of the z/OS 64-bit virtual roadmap.
73
Java
Unicode
SDK for z/OS, Java 2 Technology Edition, 1.4 provides a
full-function Software Development Kit (SDK) at the Java
2 technology level, compliant with the Sun SDK 1.4 APIs.
With SDK for z/OS, Java 2 Technology Edition, V1.4, cus-
tomers can:
• Test and deploy Java applications at the Java 2 SDK 1.4
API level
• Continue the “write once, run anywhere” Java paradigm
at the Java 2 API level
• Take advantage of the new Java 2 function, including
XML and Web services
• Continue to take advantage of:
– Common cross platform programming Security APIs
within Java framework
– Java Record Input/Output (JRIO) APIs to provide
record-oriented access to VSAM datasets, System
catalogs, and PDS directory
– Persistent reusable JVM technology for CICS, IMS,
and DB2
• Leverage traditional zSeries software and server benefi ts: scalability, reliability, availability, performance and
serviceability
IBM 64-Bit SDK for z/OS, Java 2 Technology Edition, 1.4
(5655-I56) provides a full-function Software Development
Kit (SDK) at the Java 2 technology level, compliant with
the Sun SDK 1.4 APIs. With 64-bit SDK for z/OS, Java 2
Technology Edition, 1.4, you can run Java applications that
were previously storage constrained.
The Java SDK for z/OS is available via download from the
IBM ^ zSeries Java Web site and by tape from IBM
Software Delivery and Fulfi llment (SDF) in SMP/E format.
For additional information about zSeries Java products, go
to: ibm.com/servers/eserver/zseries/software/java/.
z/OS provides Unicode Callable System Services – code
page and case conversions from EBCDIC to Unicode:
• DB2 V7 is the fi rst exploiter
• New hardware instruction on zSeries servers has been
implemented to provide superior performance
• Unicode Normalization Services allows programmers to
decompose or compose characters from another code
page and can apply normalization forms to have the
same meaning.
REXX Functions
• z/OS V1.4 extends the REXX language on z/OS when
used in a UNIX System Services zSeries REXX environment. It includes functions for standard REXX I/O and to
easily access some common fi le services and environments variables.
Communication Services
z/OS Version 1 Release 6 base elements
z/OS Communications Server (Multiprotocol/HPR Services, TCP/IP
Services, SNA/APPN Services)
OSA Support Facility
z/OS Version 1 Release 6 optional no-charge features
z/OS Communications Server Security Level 3
The z/OS base includes z/OS Communication Server,
which enables: world class TCP/IP and SNA networking
support, including enterprise class dependability; perfor-
mance and scalability; highly secure connectivity; sup-
port for multiple protocols; and effi cient use of networking
assets.
z/OS can provide near continuous availability for TCP/IP
applications and their users with two key features in z/OS:
Sysplex Distributor and Dynamic VIPA.
74
Dynamic Virtual IP Address Takeover
VIPA represents an IP address that is not tied to a specifi c
hardware adapter address. The benefi t can be that if an
adapter fails, the IP protocol can fi nd an alternate path to
the same software, be it the TCP/IP services on a zSeries
server or an application.
In case of a failure of the primary IP stack, VIPA Takeover
introduced in OS/390 V2.8 can support movement to a
backup IP stack on a different server in a Parallel Sysplex
cluster. Dynamic VIPA Takeover can enhance the initial
V2.8 functions, providing VIPA takeback support. This can
allow the movement of workload back from the alternate to
the primary IP stack.
With Sysplex-Wide Security Associations (SWSA) in z/OS
V1.4, IPSec protected workloads are expected to now
realize all the benefi ts derived from workload balancing,
such as optimal routing of new work to the target system
and server application based on QoS and WLM advice,
increased availability by routing around failed components
and increased fl exibility in adding additional workload in a
nondisruptive manner.
Sysplex Distributor
Introduced in OS/390 2.10, Sysplex Distributor is a soft-
ware-only means of distributing IP workload across a
Parallel Sysplex cluster. Client connections appear to be
connected to a single IP address, yet the connections are
routed to z/OS images on servers on different zSeries 800/
900 or S/390 servers. In addition to load balancing, Sys-
plex Distributor simplifi es the task of moving applications
within a Parallel Sysplex environment.
In z/OS we have taken the functions provided by the
Cisco MNLB Workload Agent and Systems Manager, and
integrated them into Enhanced Sysplex Distributor. This
can eliminate the need for separate Cisco LocalDirector
machines in the network and the need for MNLB work-
load agents to be run on the zSeries servers. It can also
improve performance, while allowing the Sysplex Distribu-
tor to decide, based on priority supplied by WLM, the
Service Policy Agent and the TCP/IP stack status, on the
application instance the packet is sent to.
z/OS supports Enterprise Identity Mapping (EIM). EIM
defi nes a user’s security context that is consistent through-
out an enterprise, regardless of the User ID used and
regardless of which platform the user is accessing. RACF
commands are enhanced to allow a security administrator
to defi ne EIM information for EIM applications to use. The
EIM information consists of the LDAP host name where the
EIM domain resides, the EIM domain name, and the bind
distinguished name and password an application may use
to establish a connection with the domain.
Intrusion Detection Services (IDS)
Introduced in z/OS V1.2 and enhanced in V1.5, IDS
enables the detection of attacks on the TCP/IP stack and
the application of defensive mechanisms on the z/OS
server. The focus of IDS is self-protection. IDS can be used
alone or in combination with an external network-based
Intrusion Detection System. IDS is integrated into the z/OS
Communications Server stack.
IPv6
• IPv6 (Internet Protocol version 6) is supported in z/OS
and can dramatically increase network addressability
in support of larger internal and multi-enterprise networks. z/OS provides compatibility with existing network
addressing and mixed-mode addressing with IPv4.
75
HiperSockets
• HiperSockets, introduced in z/OS 1.2, provides very
high-speed, low latency TCP/IP data communications
across LPARs resident within the same zSeries server.
HiperSockets acts like a TCP/IP network within the server.
• HiperSockets Accelerator provides an “accelerated
routing path” which concentrates traffi c between OSAExpress external network connections and HiperSockets
connected LPARs. This function can improve performance, simplify confi guration, and increase scalability
while lowering cost by reducing the number of networking adapters and associated I/O cage slots required for
large numbers of virtual servers.
Communications Services highlights:
• A single high-performance TCP/IP stack providing support for both IPv4 and IPv6 applications
• High Performance Native Sockets (HPNS) for TCP/IP
applications
• Support for the latest security protocols - SSL & TLS
• Multinode Persistent Sessions for SNA applications running in a Parallel Sysplex environment
• Simple Network Time Protocol Support (SNTP) for client/
server synchronization
• New confi guration support for Enterprise Extender (EE)
XCA major nodes allows activation and inactivation at
the GROUP level. In addition, the EE XCA major node
now supports confi guration updates when the major
node is active. This provides fl exibility and can help
improve availability by allowing updates to occur without
necessarily affecting existing sessions.
• Alternate route selection for SNA and Enterprise
Extender (EE): VTAM allows alternate route selection for
sessions using Enterprise Extender (EE) connection networks when connectivity fails due to temporary conditions in the underlying IP network. This can help improve
availability for sessions using EE connection networks.
• Separate address space for TN3270 servers
• TCP/IP Sysplex health monitoring
Network Services benefi ts can include:
•
Function for on demand Internet and intranet applications
• Multivendor, multiplatform connectivity
• Mainframe class of service over IP networks
• Dramatic improvements in TCP/IP performance include
optimization of the TCP/IP stack, and inclusion of a
number of performance related capabilities
z/OS
UNIX
z/OS Version 1 Release 6 base elements
z/OS UNIX
z/OS UNIX is an integral element of z/OS and is a key ele-
ment of the zSeries’ open and distributed computing strat-
egy. Many middleware and application products that run
on z/OS use z/OS UNIX.
z/OS contains the UNIX application services (shell, utilities
and debugger) and the UNIX System Services (kernel and
runtime environment). The shell and utilities provide the
standard command interface familiar to interactive UNIX
users. z/OS includes all of the commands and utilities
specifi ed in the X/Open Company’s Single UNIX Specifi ca-
tion, also known as UNIX 95 or XPG4.2. The z/OS UNIX
Services Debugger provides a set of commands that
allow a C language program to be debugged interactively.
The command set is familiar to many UNIX users. With
Language Environment, z/OS supports industry standards
for C programming, shell and utilities, client/server appli-
cations, and the majority of the standards for thread man-
agement and the X/Open Single UNIX Specifi cation. The
combination of open computing and z/OS allows the trans-
parent exchange of data, easy portability of applications,
76
cross-network management of data and applications, and
the exploitation of traditional zSeries system strengths in
an open environment.
Highlights
• X/Open UNIX 95 Branded
• Permanent z/OS UNIX Kernel (restart capability provided in z/OS 1.3)
• Integrated/converged z/OS UNIX Sockets
• Web application and UNIX C program performance
improvements
• Improved z/OS UNIX setup
• Multiprocess/Multiuser Kernel Support
• Performance enhancements include recompiled and
optimized functions within the kernel, and shell and utilities; addition of Socket Functions; use of Communication Storage Management buffer transfer instead of data
movement; and optimized NFS Logical File System.
• Multiprocess/Multiuser can allow faster process creation
for customers and reduced storage usage for servers
• Semaphores without contention using the hardware Perform Locked Operation (PLO) instruction
• Shared memory (captured storage) can reduce real storage when sharing large amounts of virtual storage
• UNIX System Services and UNIX debugger add support
for IEEE-fl oating point
• UNIX System Services provides greater security granularity for HFS and zFS fi le systems with support for
Access Control Lists (ACLs)
• More fi le descriptors per UNIX process are provided in
z/OS 1.6, which supports up to 64K per process
• Additional support for 64-bit programming, conditional
variables in shared memory, Euro symbol, and superkill
support, along with enhancements to the automount
daemon and Unicode
UNIX System Services benefi ts can include:
• Development and execution of UNIX applications —
z/OS is a UNIX platform
• Increased application portfolio on z/OS as Independent
Software Vendors can use USS to port their applications
to z/OS
• Portability of applications to and from other platforms
• Use of UNIX development skills in a z/OS environment
• Consolidate multiple UNIX systems
• Scalability for high growth UNIX applications
•
Parallel Sysplex support to share UNIX fi le systems ben-
efi ts with Web server applications and others who access
the hierarchical fi le system. This support can make your
data and information that reside in the HFS available to
your customers at any time, no matter where the applica-
tions are running in the Parallel Sysplex environment.
Distributed Computing Services
z/OS Version 1 Release 6 base elements
Network File System (NFS)
DCE Base Services
Distributed File Service (including zFS and SMB)
z/OS UNIX supports hierarchical fi le systems that use
UNIX APIs. Applications can work with data in both UNIX
hierarchical fi le systems and traditional zSeries data sets.
zSeries File System (zFS)
zFile System (zFS) is the strategic UNIX fi le system for
z/OS and complements the z/OS Hierarchical File System
(HFS). zFS uses the same APIs as HFS.
zFS can provide the following benefi ts over HFS:
• Improved performance
• Additional function
– Disk space can be shared between fi le systems in the
same data set
77
– File system quota (maximum fi le system size). With
zFS the fi le system quota can be increased with a
simple administrative command.
– Can improve failure recovery. zFS performs asynchro-
nous writes to disk and does not wait for a synch interval to begin writes.
zFS or zFS-related administration, system management,
performance, confi guration support, and scalability have
been further enhanced in z/OS 1.4:
• Dynamic reconfi guration for fi le system confi guration
options
• Dynamic use of secondary allocation for a zFS aggregate (data set) or fi le system
• Improvements in the UNIX System Services automount
support for zFS
• Addition of ISHELL support for zFS
• Ability to perform I/O operations in parallel for a zFS
aggregate that spans multiple DASD volumes. This is
designed to provide improved performance when using
multi-DASD volume aggregates.
• Support for 64-bit user virtual buffer addresses
The Hierarchical File System (HFS) functionality has been
stabilized. HFS is expected to continue shipping as part of
the operating system and will be supported in accordance
with the terms of a customer’s applicable support agree-
ment. IBM intends to continue enhancing zFS functional-
ity, including RAS and performance capabilities, in future
z/OS releases. All requirements for UNIX fi le services are
expected to be addressed in the context of zFS only.
z/OS to share HFS, zFS, Sequential fi les and Record Files
Systems (RFS) such as PDS, PDS/E or VSAM data sets
with Windows workstations. SMB can automatically handle
the conversion between ASCII and EBCDIC making full
use of USS fi le tagging Access Control Lists (ACLs) sup-
port. This enhances the ability to develop applications on
Windows and deploy on z/OS. z/OS also supports printing
of SMB fi les without requiring that code be installed on the
clients and without requiring unique printer setup on the
workstations.
SMB Support has been further enhanced in z/OS 1.4 by:
• Simplifi ed user administration with Windows Domain ID
mapping
• Performance improvements with RFS and large PDS or
PDS/E fi le systems
• Exploitation of zFS performance
• Network File System (NFS) acts as a fi le server to workstations, personal computers, or other authorized systems in a TCP/IP network. It also provides a z/OS client.
The remote data sets or fi les are mounted from the
mainframe (z/OS) to appear as local directories and fi les
on the client system. NFS also provides access to the
Hierarchical File System (HFS) and zSeries File System
(zFS).
Internet Services
z/OS Version 1 Release 6 base elements
IBM HTTP Server
z/OS Version 1 Release 6 optional no-charge features
IBM HTTP Server North America Secure
Distributed File Services (DFS) Server Message Block
(SMB)
Microsoft Windows networking compatible fi le and print
serving is available in z/OS with Native SMB File and Print
Serving for Windows Clients. SMB fi le serving enables
78
The IBM HTTP Server offers HTTP 1.1 compliance, support
for Java technology, and the ability to manage Internet
processing through the Workload Manager (WLM). Ben-
efi ts can include:
• Utilization of large storage capacity
• Single point of entry and control
• Consolidation of multiple Web sites
• Exploitation of z/OS WLM
Print Services
IP PrintWay extended mode: Infoprint Central is backed
by a new architecture in the component that delivers print
or e-mail output to printers, servers or users over TCP/IP
or Internet Printing Protocol (IPP). IP PrintWay extended
mode uses the SYSOUT Application Programming Inter-
face (SAPI) to access print jobs and job information from
the JES spool. The advantage of this change can be
higher availability and throughput, more fl exibility for han-
dling print-related tasks, and scalability of Infoprint Server
for very large distributed print environments.
z/OS Version 1 Release 6 optional priced features
Infoprint Services:
- IP Printway
- NetSpool
- z/OS Print Interfaces
™
™
Infoprint Server provides a reliable, high availability, secu-
rity-rich and scalable foundation for customer’s enterprise
printing infrastructure. Infoprint Server and its compan-
ion product, Infoprint Server Transforms, include a print
interface, printer inventory, application output capture
program, and print drivers and management tools that let
you manage any print job to any printer defi ned to Infoprint
Server, including electronic distribution for presentation
over the Web.
Infoprint Central
Infoprint Central is a Web-based, GUI for managing print
jobs and printers throughout the enterprise from anywhere
in the enterprise using a Web browser. Intended primar-
ily for help desk operators, it lets users query the status
of jobs and printers, see job and printer messages, stop
and start printers, move jobs from one printer to another,
cancel or hold jobs, and many other functions. Infoprint
Central can use integrated z/OS security services so that
users can be authorized to perform only certain tasks, or
to perform tasks only on designated devices.
Common message log: A new common message log helps
to improve productivity of help desk operators for print
problem diagnosis and resolution, thus helping to increase
system availability and user satisfaction. Messages can
easily be accessed from Infoprint Central for a particular
job or printer.
These capabilities give you the fl exibility to deliver output
on demand, anywhere you need it:
• Legacy CICS and IMS applications that generate SNA
Character String (SCS) or 3270 output formats can print
to LAN-attached PCL printers, without changes to the
application program
• Output can be sent as e-mail instead of, or in addition to
print
• A consolidated printer inventory lets you defi ne all printers used with Infoprint Server, and printers driven by
Print Services Facility (PSF) in one place. Printers can
be defi ned and modifi ed from a single easy-to-use interface.
• IP PrintWay provides support for printers attached to the
®
network using TCP/IP, VTAM
-controlled coax printers,
and for printers and servers over the Internet using the
industry-standard Internet Printing Protocol (IPP). Easy
to use ISPF menus also enable management of distributed printers.
79
• The Print Interface supports print submission from applications running in UNIX System Services (USS), from
Windows users via native Windows SMB, from applications on other servers, and over the Internet using IPP.
™
• Data stream transforms let you print AFP
applications
on printers using PCL, PostScript or PDF. You can also
print PCL, PostScript and PDF output on AFP printers.
A transform from SAP to AFP and a certifi ed SAP Output
•
Management System lets you print SAP application output
on your fast, reliable AFP printers, and receive print completion notifi cation back at the SAP Application Server.
Benefi ts of consolidating your enterprise printing onto z/OS
using Infoprint Server can include:
• Reduced total cost of ownership for distributed print
operations
• Improved productivity with simplifi ed print operations
and management
• Investment protection and leverage for your AFP applications and printers
• Faster deployment of on demand initiatives with fl exible
output delivery options
Library Server converts BookManager documents to HTML
for display through a Web browser.
Library Center
IBM is providing an alternative way to navigate our z/OS
library on the Internet. Beginning with z/OS 1.5, the Library
Center for z/OS provides a Microsoft Windows Explorer-like
view of the contents of the entire z/OS and Software Prod-
ucts DVD Collection. The Library Center uses the new IBM
Library Server with new advanced search functions to help
users fi nd information “on demand.”
The Library Center offers easier navigation and new
advanced search features.
• An IBM Redbook™ bookshelf lets the user perform a
BookManager search and locate a corresponding Redbook in PDF format. The search scope pull-down lets the
user launch searches in other repositories such as the
WebSphere Application Server for z/OS or Google.
• The Library Center also provides a handheld mode to
support both connected and disconnected handhelds
Softcopy Publications Support
z/OS Version 1 Release 6 base elements
BookManager® READ V31
Library Server
1
GDDM
Library Center
z/OS Version 1 Release 6 optional no-charge features
BookManager Build
1. Disabled on z/OS.e
1
BookManager READ is used to display, search,
and manage online documents and bookshelves.
BookManager BUILD is an optional feature that allows
the creation of softcopy documents that can be used
by any of the BookManager products.
Integrated Testing
z/OS is system-integration tested using a production-like
environment. The z/OS environment includes subsystems,
such as CICS, IMS, DB2 and WebSphere. This additional
testing supplements existing functional tests, with a focus
on tasks performed by customers in the production envi-
ronment, thus helping establishments move more quickly
to new functions.
Publications
For a list of the publications available for z/OS, visit the
z/OS library Web site at: ibm.com/servers/eserver/zseries/
zos/bkserv.
80
Installation Considerations
CustomPac is a suite of services designed to help you
effi ciently install, migrate and maintain a z/OS system. It
can also help with migrating and maintaining z/OS system-
related products and/or third parties’ software vendor
products. Options include:
• RefreshPac®, which includes preventative software
services
®
• ProductPac
• SystemPac
for custom-built products
®
for installation or system replacement
z/OS 1.6 is supported on the following IBM servers:
• IBM
^
zSeries 800, 890, 900 and 990 servers (or
compatible servers in z/Architecture mode)
Migration/Coexistence
General coexistence, release migrations, and fallback:
z/OS continues to deliver compatibility and fl exibility as
the user migrates systems in a multisystem confi guration
by allowing several releases of z/OS, OS/390, and z/OS.e
to coexist. This includes Parallel Sysplex and non-Parallel
Sysplex multisystem confi gurations.
Highlights
• Customized services and products to help meet customer specifi c needs
• Effi cient and effective exploitation of new z/OS functions
• A solution for businesses that lack skilled system programmers
• Installation of IBM and selected third-party software
vendor products in one package
z/OS.e can be ordered by ServerPac and SystemPac only.
ServerPac is a software package, available free of charge
with a z/OS license, that creates or replaces a z/OS,
OS/390, or z/OS.e system.
CBPDO is a no-charge software package for adding or
upgrading products or services or both, on an existing
z/OS systems.
z/OS 1.4 and 1.5 are supported on the following IBM servers:
• S/390 Parallel Enterprise Server™ G5/G6 (or compatible
server) (ESA/390 mode)
®
• Multiprise
3000 Enterprise Server (or compatible
server) (ESA/390 mode)
• IBM
^
zSeries 800, 890, 900 and 990 servers (or
compatible servers in z/Architecture mode)
Coexistence allows systems within a multisystem confi gu-
ration to be upgraded to a new release level of the operat-
ing system one system at a time. This is contingent on the
fact that the release the user is migrating to can coexist
with the lowest release running in the user’s multisystem
confi guration.
IBM has a consistent coexistence, migration, and fallback
policy. Migration forward as well as backward should be
made within the same releases supported by the coexis-
tence policy.
This consistent coexistence, migration and fallback policy
applies to release migrations for:
• Single system confi gurations
• Individual systems within a multisystem confi guration
• Cases where a simultaneous IPL is used to migrate all
systems in a multisystem confi guration at the same time
Customers are able to upgrade to z/OS 1.6 from z/OS 1.3,
1.4 or 1.5 in a single step.
For additional information on coexistence and release
migration information, refer to z/OS Planning for Installation
(GA22-7504) at: ibm.com/servers/eserver/zseries/zos/
bkserv/fi nd_books.html.
81
The following table describes the migration/coexistence
supported releases. The release shown in column 1 is the
highest release running in a multisystem confi guration.
Migration/Coexistence Supported Releases (OS/390 & z/OS)
Release Migration/Coexistence Release
z/OS R4 {z/OS.e R4, z/OS R4}, {z/OS.e R3, z/OS R3}, z/OS R2,
{z/OS R1, OS/390 R10}
z/OS.e R4 {z/OS.e R4, z/OS R4}, {z/OS.e R3, z/OS R3}, z/OS R2,
{z/OS R1, OS/390 R10}
z/OS R5 {z/OS.e R5, z/OS R5}, {z/OS.e R4, z/OS R4}, {z/OS.e R3,
z/OS R3}, z/OS R2
z/OS.e R5 {z/OS.e R5, z/OS R5}, {z/OS.e R4, z/OS R4}, {z/OS.e R3,
z/OS R3}, z/OS R2
z/OS R6 {z/OS.e R6, z/OS R6}, {z/OS.e R5, z/OS R5}, {z/OS.e R4,
z/OS R4}, {z/OS.e R3, z/OS R3}
z/OS.e R6 {z/OS.e R6, z/OS R6}, {z/OS.e R5, z/OS R5}, {z/OS.e R4,
z/OS R4}, {z/OS.e R3, z/OS R3}
2
z/OS R7
z/OS.e R7 {z/OS.e R7, z/OS R7}, {z/OS.e R6, z/OS R6}, {z/OS.e R5,
z/OS R5}, {z/OS.e R4, z/OS R4}
1. OS/390 R10 and z/OS R1 treated as one coexistence level
2. z/OS R7 is planned to be available September 2005
z/OS R7, z/OS R6, z/OS R5, z/OS R4
Migration, installation and customization enhancements
For information on migration to the latest z/OS releases,
see the z/OS Migration Web page ibm.com/zseries/zos/
migration. The publications, z/OS V1.6 Migration are avail-
able from this site for helping to plan the migration to z/OS
V1.6.
zSeries Bimodal Support for z/OS
IBM provides the z/OS Bimodal Migration Accommoda-
tion Offering to assist customers in migrating from OS/390
to z/OS. This addresses many customer requests to have
a “fallback” option to 31-bit mode when fi rst migrating to
z/OS in 64-bit mode on a z/Architecture server. IBM has
reconsidered the investment in 31-bit support on a zSeries
server to encourage our customers to move forward. This
offering is available for 6 months for each z/OS license
(5694-A01) starting from the registration of a z/OS license
to a z/Architecture server. This offering only applies to
z/OS Version 1 Releases 2, 3, and 4, and will not be pro-
vided for z/OS 1.5 or for any z/OS.e releases.
This information is being provided to you to facilitate
release planning and to help ensure appropriate position-
ing for future software migrations.
Note: Specifi c functions might only be available on the
up-level systems, or it might be necessary to up-level all
systems to enable some functions.
For additional information on z/OS planning, refer to z/OS
and z/OS.e Planning for Installation, available on the z/OS
Web site in the z/OS Library at: ibm.com/servers/eserver/
zseries/zos.
For the latest information regarding z/OS and OS/390
marketing and service withdrawal dates visit: ibm.com/
servers/eserver/zseries/zos/support/zos_eos_dates.html.
Wizards
z/OS wizards are available on the Internet to help to set
up some of the z/OS functions. These wizards are interac-
tive assistants that ask a series of questions about the
task to be performed (for example, setting up a Parallel
Sysplex environment). The wizards can simplify planning
and confi guration by exploiting recommended values and
by building customized checklists. For confi guration tasks,
these wizards also generate outputs like jobs, policies, or
parmlib members that can be uploaded to z/OS.
For more information about wizards visit the Web site at:
ibm.com/servers/eserver/zseries/zos/wizards/.
82
z/VM
Order z/OS through the Internet
ShopzSeries (formerly SHOPS390) provides an easy way
to plan and order your z/OS ServerPac or CBPDO. It will
analyze your current installation, determine the correct
product migration, and present your new confi guration
based on z/OS. Additional products can also be added to
your order (including determination of whether all product
requisites are satisfi ed).
IBM Service is available through ShopzSeries as an Inter-
net-based, strategic software tool available to fulfi ll orders
24x7 (365 days a year). Through Service in ShopzSeries,
customers can quickly and easily order and receive cor-
rective or preventive service electronically over the Internet
or by standard physical media. For preventive service,
customers can order just critical service (HIPERs and PTFs
that resolve PE PTFs), the latest recommended service
(which includes all critical service), or all available service.
Service in ShopzSeries reduces customers’ research time
and effort by using their uploaded SMP/E Consolidated
Software Inventory (CSI) so that all applicable service,
including reach ahead service, for the installed FMIDs in
the target zones is selected. ShopzSeries also uses the
CSI information to limit the size of the service order, only
sending applicable service that has not already been
processed by SMP/E. IBM Technical Support is available
through RETAIN for problems and Q&A.
ShopzSeries is available in the U.S. and several countries
in Europe. In countries where ShopzSeries is not available
yet, please contact your IBM representative (or Business
Partner) to handle your order via the traditional IBM order-
ing process.
For more details and availability, visit the ShopzSeries Web
site at: ibm.com/software/shopzSeries.
The infrastructure for on demand environments can be
deployed with visionary technology on z/VM, including
advanced virtualization, support for open-source soft-
ware, and autonomic computing enhancements. With
virtualization technology as its foundation, z/VM continues
to provide new function and technology exploitation on
the mainframe that enables you to virtualize processor,
communication, memory, storage, I/O, and networking
resources, with the potential to help reduce the need to
plan for, purchase, and install hardware to support new
workloads.
z/VM supports Linux, one of the world’s leading Open
Source operating system, on the mainframe. Within the VM
environment, Linux images can share hardware resources
and use internal high-speed communications. While ben-
efi ting from the reliability, availability and serviceability of
zSeries servers, z/VM V4 offers an ideal platform for con-
solidating select UNIX, Windows, and Linux workloads on
a single physical zSeries server, which allows you to run
tens to hundreds of Linux images. z/VM V4 is priced on a
per-engine basis and supports IBM Integrated Facility for
Linux (IFL) engines for Linux-based workloads, as well as
standard engines for all other zSeries and S/390 workloads.
z/VM V4 is the follow-on product for VM/ESA® and z/VM V3.
It provides additional support and exploitation opportuni-
ties for the thousands of users who have built enterprise-
wide automation and infrastructure enhancements on the
VM platform in support of their applications, database
systems, and on demand business solutions.
z/VM V5 offers new levels of price/performance, functional
capabilities, and hardware exploitation that increase the
attractiveness of deploying Linux solutions on the main-
frame. You can add capacity to existing zSeries systems
for hosting Linux on z/VM workloads by confi guring their
server with IFL engines. z/VM V5 is the follow-on product
to z/VM V4.
83
z/VM Version 3 (V3)
z/VM offers a new technology base for customers look-
ing to use IBM Virtual Machine technology on one of the
industry’s best-of-breed server platform, zSeries. When
z/VM is running on a zSeries server, it’s possible to run 64-
bit capable OS/390 2.10, z/OS, and Linux on zSeries as
guest systems of z/VM, in addition to ESA/390 guest oper-
ating systems such as OS/390, VSE/ESA, TPF, and Linux
on S/390. To operate z/OS as a guest of z/VM on a zSeries
server, z/VM must be operating in 64-bit mode. z/VM will
allow customers to develop and test their 64-bit Parallel
Sysplex applications in a guest environment before putting
them into production. This may help reduce the need to
invest in separate standalone confi gurations.
z/VM can also reduce storage constraints by eliminating
the 2 GB central storage limitation, providing plenty of
headroom for increasing on demand business require-
ments and growing back-offi ce applications within a single
machine image. Customers experiencing real memory
constraints can experience relief by running z/VM in 64-bit
mode on a zSeries server. This constraint relief is provided
for ESA/390 guest operating systems. Support for large
real memory with z/VM may benefi t customers running a
large number of Linux on zSeries and S/390 guest systems.
• Capability and usability improvements to FTP server for
Web browsers
• Reduced load on hosts with support for IP Multicasting
• Improved data transfer performance with QDIO supporting Gigabit Ethernet, Fast Ethernet, and 155 ATM (Ethernet LAN Emulation)
®
• Support for the DFSMS/MVS
Program Management
binder and loader functionality to enhance application
affi nity between CMS and OS/390 or z/OS
Note: z/VM V3.1 has been withdrawn from marketing effec-
tive August 27, 2004.
z/VM Version 4 (V4)
With z/VM and the IBM Integrated Facility for Linux (IFL), a
low-cost, fl exible environment is created to test and develop
on Linux while running Linux production applications on
IBM z990, z890, z900, z800, S/390 Parallel Enterprise
Server Generation 5 and 6, S/390 Multiprise 3000, or
equivalent servers. Support for IFL processor features by
z/VM V4 or later is designed to run Linux workloads with-
out increasing the IBM software charges for z/OS, z/OS.e,
OS/390, VM, VSE/ESA, or TPF operating systems and
applications running on standard engines of the z990, z890,
z900, z800, and S/390 servers in other logical partitions.
Additional enhancements in z/VM V3 include:
• Native FlashCopy for Enterprise Storage Server (ESS) for
high-speed data copy
• Guest support enhancements for 3494 VTS and FICON
attached 3590 A60 Tape Controller
Connectivity enhancements for TCP/IP Feature for z/VM:
• Improved security with the inclusion of a Secure Socket
Layer (SSL) server
• Transparent data access to remote systems data with an
NFS Client
Engine-based pricing for z/VM V4 and its optional features
allows customers the opportunity to exploit the zSeries
and S/390 servers more cost effectively than a discrete
server implementation. With engine-based pricing, cus-
tomers pay a one-time software license charge (OTC) for
each processor engine. This can be for standard proces-
sor engines or IFL engines. Traditional operating systems
such as z/OS, z/OS.e, OS/390, TPF, VSE/ESA, z/VM V3.1,
or VM/ESA are not supported nor can they operate on IFL
engines. Only Linux workloads in an LPAR or Linux guests
of z/VM V4 or later can operate on the IFL engine.
84
z/VM provides the capability to account for the use of
system resources by virtual machines, including those run-
ning Linux. Accounting records are produced that track a
virtual machine’s use of processor, paging, I/O, and virtual
network resources, including virtual channel-to-channel
adapters (CTCAs), inter-user communication vehicle (IUCV)
or advanced program-to-program (APPC) connections, and
virtual (guest LAN) network interface cards (NICs).
z/VM V4.4 extends its virtualization technology in support of
Linux and other guests while providing some enhancements
that enable z/VM to be self-optimized and self-managed:
• Reducing contention for the z/VM Control Program (CP)
scheduler lock may help increase the number of Linux
and other guest virtual machines that can be managed
concurrently.
• Enhancing the Virtual Machine Resource Manager
(VMRM) to provide the infrastructure necessary to support more extensive workload and systems resource
management features by providing:
– monitor data showing actual workload achievement
– an interface to dynamically change users in work-
loads, workload characteristics, and goals
– more fl exibility using the VMRM confi guration fi le when
managing multiple users
– improvements in the reliability and performance of the
VMRM service virtual machine’s monitor data handling
– serviceability enhancements including improved mes-
sages, logfi le entries, and new server options
• Simulating virtual FICON CTCA devices for guest operating systems enhances previous virtual-CTCA support
by adding the FICON protocol as an option for guest
operating systems. Guests use virtual CTCAs to communicate among themselves within a single z/VM system
image, without the need for real FICON CTCAs.
• Supporting real and virtual integrated 3270 console
devices. Real support enables this device, provided by
the Hardware Management Console (HMC) to be used
as the system operator console. Virtual support enables
testing of guest operating systems and utilities such as
Stand-Alone Program Loader (SAPL) and standalone
DASD Dump-Restore (DDR), that support the integrated
3270 console device.
Delivering the Performance Toolkit for VM™ to process
•
performance data obtained from the Resource
Linux
Management Facility (RMF) Performance Monitoring
(PM) client
application, rmfpms. Linux performance data
obtained from RMF is presented on display screens and in
printed reports
similar to the way VM data is viewed and
presented.
With corresponding function available in Linux on zSeries
and S/390, z/VM V4.4 provides:
• The attachment of Small Computer System Interface
(SCSI) devices to guest Linux images using Fibre Channel Protocol (FCP) channels on zSeries processors
• IPL from FCP-attached disks for Linux and other guest
operating systems with necessary SCSI support, when
z/VM is running on a z990, z890, z900, or z800 server
equipped with the SCSI IPL Feature Enabler
• Enhanced page-fault handling
• Clear-key RSA functions of the IBM PCI Cryptographic
Coprocessor (PCICC) or the IBM PCI Cryptographic
Accelerator (PCICA).
Exploiting New Technology
z/VM provides a highly-fl exible test and production environ-
ment for enterprises deploying the latest on demand busi-
ness solutions. Enterprises that require multi-system server
solutions will fi nd that z/VM helps them meet the demands
of their businesses and IT infrastructures with a broad
range of support for such operating system environments
85
as z/OS, z/OS.e, OS/390, TPF, VSE/ESA, CMS, and Linux
on zSeries and S/390. The ability to support multiple
machine images and architectures enables z/VM to run
multiple production and test versions of zSeries and S/390
operating systems, all on the same system. z/VM can help
simplify migration from one release to another, facilitate
the transition to newer applications, provide a test system
whenever one is needed, and consolidate several systems
onto one physical machine. z/VM can also be used to pro-
vide virtual access to the latest DASD and processor archi-
tecture for systems that lack such support.
New technological enhancements in z/VM V4.4 provide
:
• Exploitation of the zSeries 890 and 990 server
– extending Dynamic-I/O confi guration support allows
channel paths, control units, and devices to be
dynamically added, changed, and deleted in a Logical Channel SubSystem (LCSS) environment
– support for extended I/O-measurement facilities
provides improved capacity planning and I/O performance measurement
– handling I/O-confi guration defi nition and dynamic-I/O
confi guration in an environment of up to 30 LPARs, an
increase from the previous limit of 15
• Support for the zSeries capability to cascade two FICON
directors within a Fibre-Channel fabric. z/VM and its
guests can take advantage of this enhanced and simplifi ed connectivity, which is particularly useful in disasterrecovery and business continuity situations.
• Support for the IBM TotalStorage Enterprise Storage
Server (ESS) FlashCopy V2 providing increased fl exibility for improved capacity management and utilization.
• Support for the IBM ESS Peer-to-Peer Remote Copy
Extended Distance (PPRC-XD) function, extending the
distance well beyond the 103 km supported with PPRC
synchronous mode. PPRC-XD is suitable for data migration, backup, and disaster recovery procedures. PPRC
Version 2 (V2) is also supported for guest operating
systems, offering an asynchronous cascading solution
providing a complete, consistent, and coherent copy of
data at a remote site.
• Support for IBM TotalStorage Enterprise Tape Controller
3592 Model J70 and Tape Drive 3592 Model J1A, this
including support of Write Once Read Many (WORM)
data cartridges.
Systems Management
Improvements in systems management some of which
help to provide self-confi guring, self-managing, and self-
optimization facilities in z/VM V4.4 include:
• Functions that may be called by client applications to
allocate and manage resources for guests running i
n
z/VM virtual machines (virtual images). Use of the appli-
ca
tion programming interfaces (APIs) through an application provided by a customer or solution provider are
designed so that such applications can allow administra-
tors who lack in-depth VM knowledge to manage a large
number of virtual images, running in a single z/VM system.
• Hardware Confi guration Manager (HCM) and Hardware
Confi guration Defi nition (HCD) components to create
and manage your I/O confi guration. This new support
provides a comprehensive, easy-to-use I/O-confi guration-management environment similar to that available
with the z/OS operating system.
• Performance Toolkit for VM that provides enhanced
capabilities for a z/VM systems programmer, operator, or
performance analyst to monitor and report performance
data. The toolkit is an optional, per-engine-priced feature
derived from the FCON/ESA program (5788-LGA), providing:
– full-screen mode system console operation and man-
agement of multiple z/VM systems
– post-processing of Performance Toolkit for VM history
fi les and of VM monitor data captured by the MONWRITE utility
86
– viewing of performance monitor data using either Web
browsers or PC-based 3270 emulator graphics
The toolkit also provides the capability to monitor TCP/IP
for z/VM, as well as to process Linux performance data.
Application Enablement
• C/C++ for z/VM Compiler (5654-A22)
CMS will host the new C/C++ for z/VM compiler (5654-
A22). This environment allows C/C++ programs to be
compiled and executed on CMS and creates portability
between z/VM and z/OS C/C++ programs. C/C++
source fi les can be read from a CMS minidisk, the SFS,
or the Byte File System (BFS) and output can be written
to any of these fi le systems. C/C++ will only execute on
z/VM V4.4 and can only be licensed to operate on standard processor engines. In order to support the C/C++
for z/VM compiler, the C/C++, the Language Environment has been updated to the level shipped with z/OS
V1.4 and is integrated into the base of z/VM V4.4.
• IBM Debug Tool for z/VM V4.1 (5654-A23)
IBM Debug Tool for z/VM V4.1 (5654-A23) is an IBM inter-
active source-level debugging tool for compiled applica-
tions. It helps you increase debugging effi ciencies and aids
in reducing application-development cycle times. This pro-
gram testing and analysis aid helps you examine, monitor,
and control the execution of application programs written
in C, C++, COBOL, or PL/I on a z/VM system. By using the
disassembly view, Debug Tool can also supports programs
compiled with the NOTEST compiler option and applications that include other languages such as Assembler.
Networking with z/VM
TCP/IP for z/VM delivers expanded Internet/intranet
access, improved on demand business performance
and extended function. Performance of the TCP/IP stack
was enhanced by redesigning algorithms to reduce path
lengths, recoding procedures to optimize high-use paths,
identifying and implementing performance improvement
items, and adding virtual multiprocessing capabilities.
TCP/IP is designed to support the z/Architecture
HiperSockets function for high-speed communication
among virtual machines and logical partitions within the
same zSeries server. The HiperSockets function allows vir-
tual machines and logical partitions to communicate inter-
nally over the memory bus using the internal-queued-direct
(IQD) channel type in the z990, z890, z900, and z800. TCP/
IP broadcast support is now available for the HiperSockets
environment when utilizing Internet Protocol version 4 (IPv4)
with z/VM V4.4. Applications that use the broadcast function
can now propagate frames to all TCP/IP applications.
The z890 and z990 servers include an important perfor-
mance enhancement that virtualizes adapter interruptions
and can be used with V=V guests (pageable guests) on
z/VM V4.4. With the enhancement of the TCP/IP stack in
z/VM V4.4 to use adapter interruptions for OSA-Express,
TCP/IP for VM can benefi t from this performance assist for
both HiperSockets and OSA-Express adapters.
z/VM V4.4 exploits the Virtual Local Area Network (VLAN)
technology. VLANs ease the administration of logical
groups of users so that they can communicate as if they
were on the same physical LAN. VLANs help increase
traffi c fl ow and may help reduce overhead to allow the
organization of networks by traffi c patterns rather than by
physical location. To support VLAN, z/VM V4.4 provides:
• Enhancements to TCP/IP for z/VM to enable membership in a VLAN for QDIO and HiperSockets adapters
• Enhancements to z/VM guest-LAN simulation to allow
virtual QDIO and HiperSockets adapters to participate in
a VLAN
• Management and control of VLAN topology by the z/VM
virtual switch
87
The guest LAN support provided in z/VM V4.2 simulates
the HiperSockets function for communication among
virtual machines without the need for real IQD channels,
much as VM simulates channel-to-channel adapters for
communication among virtual machines without the need
for ESCON, FICON, or other real channel-to-channel con-
nections. With the guest LAN capability, customers with
S/390 servers can gain the benefi ts of HiperSockets com-
munication among the virtual machines within a VM image,
since no real IQD channels are required.
z/VM V4.4 further enhances its virtualization technology by
providing the capability to deploy virtual IP switches in the
guest LAN environment. The z/VM virtual switch replaces
the need for virtual machines acting as routers to provide
IPv4 connectivity to a physical LAN through an OSA-
Express adapter. Routers consume valuable processor
cycles and require additional copying of data being trans-
ported. The virtual-switch function alleviates this problem
and also provides centralized network confi guration and
control. These controls allow the LAN administrator to
more easily grant and revoke access to the network and to
manage the confi guration of VLAN segments.
TCP/IP for z/VM provides numerous self-protection func-
tions. A Secure Sockets Layer (SSL) server is available to
facilitate secure and private conversations between z/VM
servers and external clients. The upgraded SSL server in
z/VM V4.4 provides appropriate RPM format packages for
the SUSE LINUX Enterprise Server 8 (SLES 8). Security
of the TCP/IP stack has been improved to help prevent
additional types of Denial of Service (DoS) attacks includ-
ing: Smurf, Fraggle, Ping-o-Death, Kiss of Death (KOD),
KOX, Blat, SynFlood, Stream, and R4P3D. The overall
security and auditability of the TCP/IP for z/VM stack and
the integrity of the z/VM system have been improved by
providing
better controls, monitoring, and defaults. An IMAP
user authentication exit has been added that removes prior
user ID and password length restrictions and eliminates the
need for every IMAP client to have a VM user ID and pass-
word.
TCP/IP for z/VM, formerly a priced, optional feature of
VM/ESA and z/VM V3, is packaged at no additional charge
and shipped enabled for use with z/VM V4 and V5. The
former priced, optional features of TCP/IP — the Network
File System (NFS) server and TCP/IP source — are also
packaged with TCP/IP for z/VM at no additional change.
In addition to the new function provided by the Performance
Toolkit for VM, RealTime Monitor (RTM), and Performance
Reporting Facility (PRF) are still available in z/VM V4.4 to
support new and changed monitor records in z/VM. RTM
simplifi es performance analysis and the installation man-
agement of VM environments. PRF uses system monitor
data to analyze system performance and to detect and
diagnose performance problems. RACF for z/VM is avail-
able as an priced, optional feature of z/VM V4 and provides
improved data security for an installation. RTM, PRF, and
the Performance Toolkit are also priced, optional features of
z/VM V4 as is the Directory Maintenance Facility (DirMaint).
z/VM Version 5 (V5)
z/VM continues the evolution of its premier world-class
zSeries virtualization technology with a new version z/VM Ver-
sion 5 Release 1, offering traditional capabilities to manage
zSeries operating systems, including Linux, on a single main-
frame as guests of z/VM. z/VM V5.1 is designed to operate
only on zSeries servers that support the z/Architecture (64-
bit) including the z990, z890, z900, and z800 or equivalent.
88
Engine-based Value Unit Pricing
z/VM V5 introduced engine-based Value Unit Pricing which
replaces the per-engine pricing model that is available
with z/VM V4 as well as providing a lower entry price.
Engine-based Value Unit pricing is designed to provide a
decreasing price curve which may help provide improved
price/performance as hardware capacities and work-
load grow. Value Unit pricing for z/VM V5 can provide for
a lower price per processor engine as more processor
engines are licensed with z/VM V5.1 across the enterprise.
Value Unit Pricing helps you to:
• Add capacity and workload with an incremental and
improved price
• Manage software costs better
• Aggregate licenses acquired across machines that are
part of your enterprise
Engine-base Value Unit Pricing of z/VM V5 should not be
tied to, or associated with, MSU-based Value Unit Pricing.
Enhancements in z/VM V5.1 include:
Virtualization Technology and Linux Enablement
• Support for SCSI FCP disks enable the deployment of a
Linux server farm on z/VM using only SCSI disks. SCSI
disks can be used as such by guests through dedicated
FCP subchannels, and are also supported as emulated
9336 Fixed-Block Architecture (FBA) devices for use by
guests, CMS, and CP. With this support, you can install,
IPL, and operate z/VM from SCSI disks. The z/VM SCSI
support for system disks is based on emulation of the
IBM FB-512 disk architecture and this emulation is also
available for guest use. VM supports an individual emulated FBA disk up to 381 GB in size. However, directory,
paging, and spooling allocations must reside within the
fi rst 64 GB of a CP-formatted volume. Other kinds of CP
allocations may be defi ned beyond the fi rst 64 GB.
• z/VM V5.1 includes the capability to install z/VM both
from a DVD to an ESS SCSI disk emulated as a FBA
device and a 3390 DASD. Installing from a DVD can
signifi cantly reduce the required installation media and
allows you to install to a zSeries server using only SCSI
disks. This is expected to be most benefi cial in a z/VM
environment with Linux guests and without traditional
installation devices such as IBM TotalStorage tape
drives attached to the IBM zSeries server.
• Coordinated near-continuous availability and disaster
recovery for Linux guests by providing a new HyperSwap
function so that the virtual devices associated with one
real disk can be swapped transparently to another.
HyperSwap can be used to switch to secondary disk
storage subsystems mirrored by Peer-to-Peer Remote
Copy (PPRC). HyperSwap is exploited by GDPS 3.1 to
provide a coordinated near-continuous
availability and
disaster recovery solution for distributed applications,
such as WebSphere, that span z/OS images running
natively and Linux guests running under z/VM.
• PCIX Cryptographic Coprocessor (PCIXCC) support provides z/OS and Linux guest support for the
PCIXCC Feature available with the z990 and z890
severs. Delivery of the z/VM PCIXCC support satisfi es
the Statement
of Direction made on May 13, 2003. z/VM
V5.1 supports the third-generation cryptographic feature,
Crypto Express2, which replaces the PCICA and PCIXCC
features. Crypto Express2 combines the functions of both
PCICA and PCIXCC in one feature providing improved
secure-key operations. Coincident with the availability of
this new cryptographic hardware feature, z/VM V5.1 pro-
vides support for Crypto Express2 clear-key cryptographic
functions for Linux for zSeries guests and clear-key and
secure-key cryptographic functions for z/OS guests.
• The Systems Management APIs, introduced in z/VM
V4.4, provided a basic set of functions that may
be called by applications to allocate and manage
resources for guests running in z/VM virtual machines
89
(virtual images). Although these APIs are primarily
intended for managing Linux virtual images, they can be
used to manage many types of z/VM virtual machine. All
enhancements to the APIs in z/VM V5.1 have been implemented using Version 2 (V2) of the RPC server. In addition to usability enhancements, new functions include:
– DASD volume management for virtual images
– VMRM confi guration fi le management
– Query status of active images
– Query VMRM measurement data
– Removal of user ID entries in an authorization fi le
with a single request
– Query all shared storage segments instead of
one at a time
• A new programming service is provided by an emulated
DIAGNOSE instruction that helps enable a guest virtual
machine to specify an action to be taken by CP when
the guest becomes unresponsive. A time interval and
action are specifi ed by the guest. If the guest fails to
reissue the DIAGNOSE instruction within the specifi ed
time interval, CP performs the action.
• A new publication, Getting Started with Linux on zSeries,
describes z/VM basics and how to confi gure and use
z/VM functions and facilities to create and manage Linux
servers running on zSeries processors. The publication
is designed to help systems personnel (system programmers, administrators, and operators) with limited
knowledge of z/VM deploy Linux servers on z/VM more
quickly and more easily.
Network Virtualization and Security
• The virtual IP switch, introduced in z/VM V4.4, was
designed to improve connectivity to a physical LAN for
hosts coupled to a guest LAN. The virtual switch has
been enhanced to provide enhanced failover support
for less disruptive recovery for some common network
failures helping to provide business continuity as well
as infrastructure reliability and availability. With the PTFs
for APARs VM63538 and PQ97436, z/VM V5.1 supports
Layer 2 mode for OSA-Express and OSA-Express2. The
enhanced virtual switch support provides a new transport option to allow the virtual switch to operate in Layer
2 mode. In this mode, each port on the virtual switch is
referenced by its Media Access Control (MAC) address
instead of by an Internet Protocol (IP) address. Data is
transported and delivered in Ethernet frames, providing
the ability to send and receive protocol-independent
traffi c for both IP (IPv4 or IPv6) and non-IP, such as IPX,
NetBIOS, or SNA.
• Authorization capabilities have been enhanced for z/VM
guest LANs and virtual switches by using Resource
Access Control Facility (RACF) or any equivalent External Security Manager (ESM) that supports this function.
It is designed to provide ESM centralized control of
authorizations and Virtual LAN (VLAN) assignment.
• More Device Connections for TCP/IP for z/VM
TCP/IP stack utilization improvements for OSA-Express
–
For the z890 and z990 servers, the number of TCP/IP
stacks that can share an OSA-Express increases per
logical partition (LPAR) from 84 to 160 on October 29,
2004. This increase provides additional connections
to enable more virtual machines to be connected to
an external network and is supported with the PTFs for
APARs PQ91421 and VM63524 for z/VM 3.1, 4.3, 4.4,
and 5.1.
– Improved virtualization supporting more TCP/IP stacks
with OSA-Express2
With the new OSA-Express2 feature on the z890 and
z990, available January 28, 2005, the number of connections (TCP/IP stacks) allowed can be increased up
to 640. Support for 640 TCP/IP stacks is applicable
to the OSA-Express2 features (Gigabit Ethernet SX,
Gigabit Ethernet LX, 10 Gigabit Ethernet LR) running in
QDIO mode only. z/VM V5.1 supports this new capability to allow additional connections to virtual machines,
particularly Linux images, with the PTFs for APARs
PQ91421 and VM63524.
90
Technology Exploitation
• z/VM 5.1 supports the z890 and the z990 including:
– Four Logical Channel SubSystems (LCSSs) on the
z990 and two on the z890
– Transparent sharing of internal and external channel
types across LCSSs
– Open Systems Adapter-Express Integrated Console
Controller (OSA-ICC) function
– Crypto Express2 for z/OS and Linux guests
– OSA-Express2 Gigabit Ethernet (GbE) and 10 GbE
– FICON Express2 requires PTF for HCM/HCD APAR
VM63610
– FCP LUN Access Control for added control of SCSI
devices and is supported by z/VM V5.1 on the z990
and z890 with the PTF for APAR VM63328.
– Up to 24 real processor engines in a single z/VM
image on a z990 satisfi es the Statement of Direction
made on May 13, 2003.
• IPv6 support for guest LANs has been enhanced to
allow the z/VM TCP/IP stack to be confi gured for IPv6
networks connected through an OSA-Express and OSAExpress2 operating in QDIO mode. The stack can be
confi gured to provide static routing of IPv6 packets and
to send IPv6 Router Advertisements. In addition, support is being provided to help application developers to
develop socket applications for IPv6 communications.
(PRF and RealTime Monitor (RTM)) to help manage your
performance more effi ciently. Other new function includes
• High-level Linux reports based on application monitor
records created by SUSE LINUX Enterprise Server 8
(SLES 8)
• New reports for SCSI disks
• Support for application monitor records created by SLES
9 with the PTF for APAR VM63580
Note: Delivery of equivalent function to PRF in the
Performance Toolkit for VM satisfi es the Statement of
Direction made on May 13, 2003 to remove the RTM and
PRF features in a future release of z/VM. The RTM and
PRF features have been withdrawn from z/VM V5.1. These
features are still available with z/VM V4.4 but cannot be
licensed with z/VM V5.1.
For further information see the
GM13-0137.
z/VM Reference Guide
,
Systems Management Improvements
The Performance Toolkit for VM has been enhanced in
z/VM V5.1 to provide functional equivalence to the Perfor-
mance Reporting Facility (PRF) priced, optional feature,
thereby virtually eliminating the need for separate products
91
VSE/ESA
VSE/ESA
VSE clients with growing core VSE workloads, growing
Linux workloads, or both will fi nd the z890 to be a robust,
cost-effective server solution and a unique opportunity to
reduce IT cost though infrastructure simplifi cation.
VSE/ESA is designed to protect extensive customer invest-
ments in existing core VSE applications, data, IT skills,
equipment, business processes, and end user training.
Standards-based, no-charge connectors provide fl exible
interoperability between VSE and Java technology-capable
platforms such as Linux on zSeries. Connectors enable
Linux-based applications to access core VSE applications
and data. In addition, optional priced IBM middleware such
as CICS Transaction Gateway, DB2 UDB or DB2 Connect,
and WebSphere MQ complement VSE connectors.
VSE, Linux (exploiting IFLs), z/VM, and z890 are a compelling
combination for VSE clients seeking a competitive IT advan-
tage. New, state-of-the-art Linux-based Web applications and
existing VSE applications and data can form comprehensive,
integrated solutions that combine the best of on demand
business with traditional transaction and batch processing.
z/OS remains an attractive migration target for some VSE
clients. Affi nity between VSE and z/OS has been an endur-
ing part of IBM’s strategy for VSE. One objective of affi nity
is to help ensure that clients can adapt their core VSE
assets and skills to z/OS.
combination of VSE and Linux even more effec
encryption assist, and OSA-Express adapter
VSE/ESA 2.6 and 2.7 operate in 31-bit mode in
a 31-bit guest under z/VM. Linux for zSeries is
new applications requiring 64-bit capability.
z/VSE
z/VSE will be the replacement product for VSE/ESA and
is anticipated to be the basis for future VSE development.
z/VSE will continue the VSE tradition of providing robust,
cost-effective mainframe solutions. z/VSE is designed to
bring the value of innovative zSeries technologies to VSE
clients. It will continue to emphasize investment protection,
network integration, and infrastructure simplifi cation. z/VSE
will focus on exploiting synergies with Linux on zSeries.
When available, z/VSE 3.1 plans to add support for FCP-
attached SCSI disks to the z890 items already included
in VSE/ESA 2.7. z/VSE can execute in 31-bit mode only. It
does not implement z/Architecture, and specifi cally does
not implement 64-bit mode capabilities. z/VSE is designed
to exploit selected features of IBM zSeries hardware. Linux
for zSeries is available for new on demand business appli-
cations requiring 64-bit capability.
Note: All statements regarding IBM’s plans, directions, and
intent are subject to change or withdrawal without notifi ca-
tion. For more information on VSE, see the VSE Web site at
ibm.com/servers/eserver/zseries/os/vse.
tive), PCICA
interrupts.
LPARs, or as
available for
z890 is supported by VSE/ESA Version 2 Release 6 or later.
VSE/ESA 2.6 support includes zSeries features such as
FICON Express, FICON Express2, OSA-Express, OSA-
Express2, OSA-Integrated Console Controller, up to 30
LPARs, and up to two Logical Channel SubSystems (4
on z990). VSE/ESA 2.7 adds HiperSockets
(to make the
92
To learn more
Visit the zSeries World Wide Web site at ibm.com/eserver/
zseries or call IBM DIRECT at 1 800 IBM-CALL in the U.S.
and Canada.
Australia 132 426
Austria 0660.5109
Belgium 02-225.33.33
Brazil 0800-111426
China (20) 8755 3828
France 0800-03-03-03
Germany 01803-313233
Hong Kong (20) 2825 6222
Hungary 165-4422
India (80) 526 9050
Indonesia (21) 252 1222
Ireland 1-850-205-205
Israel 03-6978111
Italy 167-017001
Japan 0120 300 426
Korea (02) 781 7800
Malaysia (03) 717 7890
Mexico 91-800-00316
Netherlands 020-513.5151
New Zealand 0800-801-800
Philippines (02) 819 2426
Poland (022) 878-6777
Singapore 1800 320 1975
South Africa 0800-130130
Spain 900-100400
Sweden 020-220222
Switzerland 0800 55 12 25
Taiwan 0800 016 888
Thailand (02) 273 4444
Vietnam Hanoi (04) 843 6675
Vietnam HCM (08) 829 8342
United Kingdom 0990-390390
93
Endnotes:
1) The GbE features support two ports per feature and the 10 GbE feature
supports one port per feature.
2) For SNA traffi c in QDIO mode use Enterprise Extender or TN3270E.
3) IEEE 802.1q,
4) When the OSA-Express2 GbE features become available, the OSAExpress Gigabit Ethernet features will no longer be orderable.
5) The OSA-Express2 10 Gigabits per second (Gbps) link data rate does
not represent the actual throughput of the OSA-Express2 10 GbE feature. Actual throughput is dependent upon many factors, including traffi c
direction, the pattern of acknowledgement traffi c, packet size, the application, TCP/IP, the network, disk subsystem, and the number of clients
being served.
6) and OSA-Express
7) VLAN id, IEEE 802.1q
8) As of December 3, 2004, z/VM VSWITCH support exploits the Layer 2
support within the z/VM Control Program
9) and OSA-Express (GbE, 1000BASE-T Ethernet and Fast Ethernet)
10) The PCICA and PCIXCC features are no longer orderable upon the
availability of the Crypto Express2 feature.
11) Crypto Express2, PCIXCC and PCICA features occupy a card slot but
they do not use CHPIDs.
Copyright IBM Corporation 2005
Integrated Marketing Communications, Server Group
Route 100
Somers, NY 10589
U.S.A.
Produced in the United States of America
01/05
All Rights Reserved
References in this publication to IBM products or services do not imply that
IBM intends to make them available in every country in which IBM operates.
Consult your local IBM business contact for information on the products,
features, and services available in your area.
IBM, IBM eServer, IBM ^,the IBM logo, the e-business logo, AFP,
APPN, BookManager, CICS, DB2, DB2 Connect, DB2 Universal Database,
DFSMSdfp, DFSMSdss, DFSMShsm, DFSMSrmm, DFSMS/MVS, DFSORT,
DirMaint, EKCD, Encina, Enterprise Storage Server, ESCON, FICON, FlashCopy, FFST, GDDM, GDPS, HiperSockets, Hiperspace, HyperSwap, IMS,
InfoPrint, Intelligent Miner, IP PrintWay, Language Environment, MQSeries,
Multiprise, MVS, Net.Data, Netfi nity, NetSpool, NetView, Open Class, OS/2,
OS/390, Parallel Sysplex, Performance Toolkit for VM, PR/SM, Processor
Resource/Systems Manager, ProductPac, pSeries, RACF, RAMAC, RefreshPac, Resource Link, RMF, RS/6000, S/390, S/390 Parallel Enterprise Server,
Sysplex Timer, SystemPac, Tivoli, Tivoli Storage Manager, TotalStorage,
VisualAge, VM/ESA, VSE/ESA, VTAM, WebSphere, xSeries, z/Architecture,
z/OS, z/VM, and zSeries are trademarks or registered trademarks of the
International Business Machines Corporation in the United States and other
countries or both.
Java and all Java-based trademarks are trademarks or of Sun
Microsystems, Inc. in the United States or other countries.
Linux is a registered trademark of Linus Torvalds in the United States, other
countries, or both.
UNIX is a registered trademark of The Open Group in the Unites States and
other countries.
Microsoft, Windows and Windows NT are registered trademarks of Microsoft
Corporation In the United States, other countries, or both.
Intel is a trademark of Intel Corporation in the United States, other countries
or both.
Other trademarks and registered trademarks are the properties of their
respective companies.
IBM hardware products are manufactured from new parts, or new and used
parts. Regardless, our warranty terms apply.
Performance is in Internal Throughput Rate (ITR) ratio based on measurements and projections using standard IBM benchmarks in a controlled
environment. The actual throughput that any user will experience will vary
depending upon considerations such as the amount of multiprogramming
in the user’s job stream, the I/O confi guration, the storage confi guration,
and the workload processed. Therefore, no assurance can be given that an
individual user will achieve throughput improvements equivalent to the performance ratios stated here.
Photographs shown are engineering prototypes. Changes may be incorporated in production models.
This equipment is subject to all applicable FCC rules and will comply with
them upon delivery.
Information concerning non-IBM products was obtained from the suppliers
of those products. Questions concerning those products should be directed
to those suppliers.
All customer examples described are presented as illustrations of how
these customers have used IBM products and the results they may have
achieved. Actual environmental costs and performance characteristics may
vary by customer.
All statements regarding IBM’s future direction and intent are subject to
change or withdrawal without notice, and represent goals and objectives only.
Prices subject to change without notice. Contact your IBM representative or
Business Partner for the most current pricing in your geography.
ZSO00525-USEN-03
GM13-0522-03
94
Loading...