Visara CNA-8000 Planning Guide
CNA-8000
Migration and Planning Guide
P/N 707156-002
CNA-8000 Migration and Planning Guide
Revision Information
Issue/Revision Schedule
Comments Revision Number Date
Initial Release 707156-001 06/11/2011
Second Release 707156-002 10/11/2013
707156-002 iii
CNA-8000 Migration and Planning Guide
Table of Contents
Revision History ................................................................................................................iii
Table of Contents.................................................................................................................v
Introduction....................................................................................................................... vii
Chapter 1. CNA-8000 Overview .....................................................................................1-1
Target Market..............................................................................................................1-1
The CNA-8000 Hardware Platform............................................................................1-1
TN3270 Gateway Server.............................................................................................1-2
SNA Gateway Feature ................................................................................................1-2
Migrating from Token Ring to Ethernet..................................................................... 1-2
Using Multiple CNA-8000 Platforms for SNA Disaster Recovery............................ 1-3
Providing Backup Strategies for OSA’s.....................................................................1-3
Token Ring Option when a Token Ring OSA is not Available.................................. 1-3
Integrated DLSw Support...........................................................................................1-3
SDLC PU2 Platform Support......................................................................................1-3
True Migration Strategies...........................................................................................1-4
CNA-8000 Features....................................................................................................1-4
Chapter 2. Support for PU2 Platforms.............................................................................2-1
CIP/CPA and IBM Replacement Considerations.......................................................2-2
3745 Replacement Considerations.............................................................................. 2-2
3174/1174/1374 Replacement Considerations ........................................................... 2-2
XCA Gateway Operation............................................................................................2-3
Using Multiple XCA Paths......................................................................................... 2-4
Migrating from a Mixed Ethernet/Token Ring Environment to Ethernet Only .........2-6
Bit-Swapping LAN Addresses.................................................................................... 2-7
IOCDS Gen Requirements.......................................................................................... 2-8
VTAM Switched Major Node Definition................................................................. 2-10
Chapter 3. Integrated Data Link Switching .....................................................................3-1
Directing Traffic Through the CNA-8000..................................................................3-3
Multiple Circuits from the Same DLSw Node ........................................................... 3-4
To be Promiscuous or Not ..........................................................................................3-4
DLSw Circuit Establishment ......................................................................................3-5
Configuration Aids for Downstream Cisco Routers...................................................3-7
Chapter 4. Migrating from Cisco CIP/CPA.....................................................................4-1
Host Gens....................................................................................................................4-2
Client Configurations..................................................................................................4-2
ESCON to FICON Migration .....................................................................................4-3
Chapter 5. Migrating from 1174 or 3174......................................................................... 5-1
Sample Network with 1174 ........................................................................................ 5-1
Transitioning to the CNA-8000..................................................................................5-4
New VTAM XCA Definitions.................................................................................... 5-5
New VTAM Switched PU Definitions.......................................................................5-6
Other Transition Considerations................................................................................. 5-7
Detailed Conversion from 1174 Configuration to CNA-8000 Configuration............ 5-8
707156-002 v
Appendix A. Frequently Asked Questions ..................................................................... A-1
vi 707156-002
CNA-8000 Migration and Planning Guide
Introduction
The Visara CNA-8000 platform allows the migration from a variety of channel attached
gateway products, many of them discontinued and unsupported. These gateways include
the Cisco CIP and CPA products, the IBM 3172 and 2216 products, the McData 6100
gateway, as well as IBM 3174, Memorex Telex 1174, and other similar controller
gateways, and PC gateways made by such companies as Novell and Microsoft.
This document can be used to help determine whether the current feature set of a
particular gateway product qualifies for replacement with the CNA-8000. The CNA-8000
consists of 2 main feature groups. These consist of:
• TN3270 Gateway Server: Support for the offloading of TN3270 clients support
from the mainframe, and from a variety of PC, thin client, Linux, UNIX,
platforms. The clients appear as SNA LU1, LU2, and LU3 devices to VTAM
while interfacing to the customer network using IP traffic only.
• SNA PU2 Gateway: Supports a variety of downstream PU2 platforms such as
controllers, PC gateways, AS/400, RS6000, APPN networks, and other platforms
that primarily communicate using SNA protocols over LLC, SDLC, or DLSw.
This manual addresses how the CNA-8000 appears to the host, what the host gens should
be, and what tools are available to transition from existing products to the CNA-8000,
usually without having to touch existing downstream clients and SNA platforms. The
CNA-8000 may also provide additional support options beyond the existing gateway
products, allowing for improved networking and security. This document will also
attempt to identify any issues that may arise to minimize surprises.
707156-002 vii
CNA-8000 Migration and Planning Guide
Chapter 1. CNA-8000 Overview
The CNA-8000 is an enterprise class server providing gateway functions targeted at
replacement of several existing products, many of which have been discontinued and
unsupported by their respective vendors. Through careful implementation, it is possible
in many cases to deploy the CNA-8000 with little or no impact on the end users.
Target Market
Although the product platforms that the CNA-8000 can replace are many, you should
carefully compare the functions currently supported on your existing product platform to
the feature set of the CNA-8000 to ensure that it will be a complete and successful
replacement. Among the products that the CNA-8000 may replace are:
Cisco CIP: TN3270 Server, PU2 Gateway
Cisco CPA: TN3270 Server, PU2 Gateway
IBM 3172: PU2 Gateway
IBM 2216: PU2 Gateway
IBM 3745: Token Ring PU2 Gateway
IBM 3174: PU2 Gateway
Memorex Telex or Visara 1174: TN3270 Server, PU2 Gateway
McData 1374: PU2 Gateway
McData 6100: PU2 Gateway
Microsoft SNA Server: TN3270 Server
Numerous Other Non-Named TN3270 Servers
The CNA-8000 Hardware Platform
The CNA-8000 consists of an enterprise class 3U rack-mountable server with four PCI-x
slots and one PCI-Express slot. The base unit includes 2 independently sourced power
supplies that can be hot swapped as needed. Each power supply is capable of carrying the
complete load of a fully loaded CNA-8000 platform. Multiple redundant fans provide
cooling and may also be swapped without powering down. Two 10/100/1000 Mbps
Ethernet interfaces are included on the motherboard and do not consume any of the
available slots. A pair of Hard Drives in a Mirrored RAID 1 configuration provides
completely redundant code storage.
The CNA-8000 supports up to two ESCON interfaces, each capable of supporting up to
16 CU images and 256 subchannels. Each ESCON interface supports EMIF on the host
and ESCON directors, allowing communication with up to 16 LPARs through each
interface.
707156-002 1-1
Chapter 1. CNA-8000 Overview
The CNA-8000 also supports one FICON interface card for use in the PCI-Express slot.
Each interface on this card is capable of operating at maximum FICON speeds. Each
interface will support up to 16 CU images and 256 subchannels. This card comes in three
versions:
• Single FICON interface
• Dual FICON interface
• Quad FICON interface
Both Long Wave FICON and Short Wave FICON interfaces are supported. The
transceiver used by each environment is different so it will be necessary to determine
which is used in your environment and the appropriate interface ordered.
Up to three 4/16/100 Mbps Token Ring adapters or two Quad 10/100/1000 Mbps
Ethernet adapters may be installed to provide network access depending on available
slots.
A Quad Serial Interface (QSI) is also available for supporting remote SDLC PU2
platforms through four RS-232 or V.35 interfaces at speeds up to T1/E1.
TN3270 Gateway Server
The CNA-8000 functions as a TN3270 gateway capable of supporting as many as 16,384
TN3270E clients spread over as many PUs (Host Circuits) as necessary. These PUs may
be directed to any of the upstream LPARs configured. Host connectivity is established
through configuration of Host Circuits that will appear as if they were downstream PU2
nodes communicating through the SNA Gateway feature.
SNA Gateway Feature
The CNA-8000 provides SNA gateway functionality to SNA PU2 platforms using XCA
(External Communications Adapter) technology. Through this technology, SNA PU2
platforms are defined on the host to VTAM using Switched Major Nodes. Each XCA
definition allows up to 255 downstream PU2 platforms and all of their associated LUs to
communicate with the host through their switched PU2 definitions. Each XCA definition
provides a communication pipe between one of the ESCON or FICON interfaces and one
of the network interfaces of the CNA-8000. Additional XCA definitions may be created
to allow communication between an ESCON or FICON interface and a different, or even
the same network interface. Multiple (up to 8) XCA definitions may be made to
communicate through a single network adapter. ESCON and FICON resources are
allocated to use one subchannel per XCA defined. Using this technology thousands of
downstream PUs can be supported through a single CNA-8000.
Migrating from Token Ring to Ethernet
The CNA-8000 supports SNA communication (LLC) through Ethernet as well as through
Token Ring. This may allow you to easily migrate from Token Ring environments to
Ethernet environments, especially if you are currently using a router to provide DLSw
communications to remote sites.
1-2 707156-002
CNA-8000 Migration and Planning Guide
Using Multiple CNA-8000 Platforms for SNA Disaster Recovery
Using switched SNA definitions on the host with multiple XCA definitions across one or
more CNA-8000 platforms allows you to provide redundant data paths for critical
operations. For example using two different CNA-8000 platforms, the same downstream
SNA platform could reach its host definition through either of the SNA gateways,
providing that the downstream platform can be configured to take advantage of this.
Another possible arrangement would be to provide redundant paths on the upstream
ESCON or FICON connection by using two interfaces in the same CNA-8000, or
multiple Ethernet or Token Ring interfaces to the same or different upstreams. Some
products such as the Visara 1174 are capable of supporting an alternate SNA gateway as
a standard feature, making communication through redundant CNA-8000s seamless.
Providing Backup Strategies for OSAs
The CNA-8000 can provide a redundant pathway for an existing OSA, through an
ESCON or FICON interface. SNA traffic that would normally pass through an OSA to
access the host can typically be directed to pass through the CNA-8000 as an alternative.
Token Ring Option when a Token Ring OSA is not Available
The CNA-8000 can be used to provide direct access to the host for Token Ring platforms,
without having to deploy a router. The CNA-8000 can be equipped with as many as 3
Token Ring adapters to provide functions similar to an OSA through an ESCON or
FICON channel.
Integrated DLSw Support
The CNA-8000 is capable of providing integrated DLSw support. When DLSw is
configured on the CNA-8000 for the downstream connection, the data passing through
the Ethernet interface is in IP format instead of LLC. This option can be used to keep
LLC traffic off the local backbone completely. At the downstream location it is necessary
to have another DLSw capable device to strip the IP shell from the SNA traffic and
present the SNA traffic in a native SNA format (LLC, SDLC, etc) to the downstream
SNA platforms. The Visara 1174 product supports a form of DLSw allowing you to keep
LLC traffic off the remote LAN as well.
SDLC PU2 Platform Support
The CNA-8000 is capable of communicating with downstream PU2 platforms over an
SDLC serial link. The upstream connection utilizes the SNA Gateway feature to interface
to a switched VTAM PU2 definition. Both PU2.0 and PU2.1 platforms can be supported
through the SDLC lines. Communications speeds up to T1/E1 are possible, and multidrop
as well as point-to-point connections are supported.
707156-002 1-3
Chapter 1. CNA-8000 Overview
True Migration Strategies
The CNA-8000 can be configured and operated in parallel with existing products that it is
to replace to provide a safe means to migrate at your own pace, moving individual
connections to the new platform without having to move every connection at once.
CNA-8000 Features
Features supported by the CNA-8000 include:
• FICON to Ethernet SNA gateway for LLC PU2 traffic
• FICON to Token Ring gateway for LLC PU2 traffic
• FICON to Ethernet DLSw gateway for IP PU2 traffic
• ESCON to Ethernet SNA gateway for LLC PU2 traffic
• ESCON to Token Ring gateway for LLC PU2 traffic
• ESCON to Ethernet DLSw gateway for IP PU2 traffic
• TN3270 gateway support (IP offloaded) for up to 16,384 concurrent clients
• Support for hundreds of TN3270 PUs
• FICON to Ethernet IP connectivity
• ESCON to Ethernet IP connectivity
• XCA “No-Connect List” – provides list of nodes attempting to connect through
the CNA-8000 to VTAM that were unsuccessful to provide simpler
troubleshooting of network problems and visibility to unauthorized attempts to
access the SNA network
• Support for Ethernet LLC-attached PU 2.0 Platforms
• Support for Ethernet LLC-attached PU 2.1 Platforms
• Support for Token Ring LLC-attached PU 2.0 Platforms
• Support for Token Ring LLC-attached PU 2.1 Platforms
• Support for SDLC-attached PU 2.0 and PU 2.1 Platforms
• Remote management of the platform through a browser connection
• Support for a directly attached monitor, keyboard, and mouse to provide a direct
console to the CNA-8000
• Easy configuration through a browser interface
• Built in SNA trace facility
• Built in FICON driver trace facility
• Built in ESCON driver trace facility
• Built in event logs
• Email alerts for hardware and other critical problems
• Redundant power supplies with independent AC sources
• Hot swappable power supplies
• Hot swappable fans
• RAID 1 mirrored SETA drives
• Automatically boots into online ready condition (may still require VTAM
activation)
1-4 707156-002
CNA-8000 Migration and Planning Guide
• Built-in SSL encryption capability for supporting TN3270 clients
• User ID and password support for TN3270 clients
• TN3270 user access controller
• Support for both pooled and for dedicated sessions to TN3270 clients
• IP address nailing capability for TN3270 clients
• Easy migration to CNA-8000 from other products without having to reconfigure
user desktops
• Dynamic changes to TN3270 client configurations without requirement for reboot
of the server
A more detailed explanation of each of these features will be described in subsequent
chapters.
707156-002 1-5
CNA-8000 Migration and Planning Guide
Chapter 2. Support of PU2 Platforms
The CNA-8000 supports PU2 platforms by means of a XCA-styled PU2 Gateway
function. With FICON and/or ESCON as the upstream connection, PU2 platforms are
supported on Ethernet and Token Ring. Both PU 2.0 and PU 2.1 platforms are supported.
Use of XCA technology makes the CNA-8000 a perfect replacement for Cisco CIP and
CPA products as well as a replacement for the 3745 Token Ring Gateway function.
Existing switched VTAM definitions and XCA definitions should be able to be used “as
is”.
IBM 3174 gateways, Memorex Telex/Visara 1174 gateways, and McData/ Memorex
Telex 1374 gateways can also be replaced easily but with a few more gen changes on the
host.
The following illustration shows what the network may look like with a CNA-8000.
IBM z10
IBM z990
PU 2.0
SDLC
CNA-8000
AS400/PU2.1
Director
PU 2.0
DLSw DLSw
LLC2
PU 2.0
IPIP
LLC2
PU 2.0
PU 2.0 traffic
Via LLC2 or DLSw
1174
PU 2.0
Router
707156-002 2-1
Chapter 2. Support of PU 2 Platforms
CIP/CPA and IBM 3172 Replacement Considerations
The CNA-8000 offers a near perfect replacement option for the Cisco CIP/CPA products
and for the IBM 3172. In this instance, XCA and Switched PU definitions should already
be in place and available for use by the CNA-8000. Likewise, if the LAN interfaces of
the CNA-8000 are configured to use the same hardware MAC addresses formerly used
by the CIP/CPA or 3172, remote nodes should not require any reconfiguration either.
3745 Replacement Considerations
If you are migrating from a 3745 with Token Ring attached PU2 traffic to the CNA-8000,
the migration can be made relatively transparent as well. In this case the PUs should
already be defined to VTAM using Switched Major Node definitions, and no change in
these definitions should be required. The CNA-8000 will require an XCA definition in
VTAM for each Token Ring interface to be used. To make the conversion completely
transparent it will be necessary to configure the same hardware MAC addresses for use
by the CNA-8000 that was being used by the 3745. The CNA-8000 also provides the
ability to support PU2 traffic through Ethernet connections. If a bridge is currently being
used to convert Ethernet LLC traffic to run on Token Ring (to communicate through the
3745), the CNA-8000 should be able to accept the Ethernet traffic directly, perhaps
allowing retirement of the bridge as well.
3174/1174/1374 Replacement Considerations
Migration from IBM 3174, Visara 1174, and Memorex Telex 1174 or 1374 SNA gateway
technology to the XCA technology of the CNA-8000 requires conversion of Local
Channel PU2 definitions to Switched PU2 definitions. For the most part LUs defined
under the Local Channel definitions should be able to be reused under the Switched PU2
definitions. Converting to Switched PU2 definitions has the added advantage of
providing a common definition, should it be possible for the downstream PU to connect
through a different path to gain access to the host. Note that downstream nodes such as
the Visara (formerly Memorex Telex) 1174 can be configured to support an alternate
gateway to make use of this capability.
2-2 707156-002
CNA-8000 Migration and Planning Guide
XCA Gateway Operation
Setting up an XCA (External Communication Adapter) gateway is quite easy and is more
advantageous for LAN attached PUs than previous gateway types. Introduced with the
IBM 3172, a single subchannel is associated with a network adapter on the CNA-8000. If
multiple network adapters are to be used for the XCA function, then a minimum of one
subchannel for each network adapter is required. Up to 255 downstream PUs can connect
through each XCA gateway. If you need more than 255 downstream PUs to connect
through an adapter, you can define an additional XCA gateway. Up to eight XCA
gateways may be assigned to a single network adapter. Note that for performance
reasons, you would likely want to limit the number of downstream PUs through a single
adapter to a smaller number.
IBM S390 IBM z990
Director
Appears to the host as if the channel where
directly attached to a LAN (Token Ring or
Ethernet)
Downstream PUs are typically set up to dynamically connect through the XCA to request
connection to their Switched Major Node definition in VTAM. Each downstream PU is
expected to provide a unique ID to VTAM (XID) which VTAM uses to match to the
appropriate Switched definition (matched to the IDBLK and IDNUM parameters). If no
such match is found, then the attempted connection will be rejected. Successful matches
707156-002 2-3
Chapter 2. Support of PU 2 Platforms
should result in a successful connection unless another node has already an established
connection to it. Once a connection is established VTAM will commence to activate the
SNA PU (PU type 2.0) and associated LUs. If the PU type is 2.1, then a peer session
activation occurs.
The CNA-8000 maintains a list of failed XID attempts. This list can be used to help
identify misconfigured nodes on the network and to identify failed attempts to hack the
network.
If multiple XCA gateways are defined to the same VTAM, the downstream PU can
connect through any of them to establish its session with VTAM. VTAM maintains a
connection through only one of the XCAs to a specific PU at a time. All communication
between VTAM and the LUs supported by that PU travel over the same established path.
If connection is lost, the downstream PU can establish a new connection through a
different XCA. The CNA-8000 supports XCA traffic between the FICON or ESCON
channel and Ethernet (LLC), Token Ring (LLC), and SDLC.
The CNA-8000 can also direct XCA traffic to its internal DLSw feature. When routed
through the DLSw feature, the SNA packets are encapsulated into IP and presented to the
configured Ethernet interface where it can be routed through the IP network to its
destination, another DLSw capable platform.
Using Multiple XCA Paths
One of the big advantages of using XCA technology is the ability for a node to be able to
access VTAM through multiple paths. In order for a downstream PU to establish a host
connection through multiple XCA gateways, one of two things must happen. Either the
downstream PU must have the ability to communicate with multiple upstream network
addresses, or there must be a way for the network address to exist in two different
locations. Token Ring provides an environment that allows for the same network address
to exist in two different places when source route bridging is used. Refer to the diagram
below.
When source route bridging is used, a downstream node will initially attempt to contact a
session partner using a Test frame, first with Source Route Bridging turned off, and if
unsuccessful in making contact another Test frame is sent using source route bridging.
Nodes are allowed to have identical MAC addresses as long as they are separated by a
Source Routing Bridge. Once a response is received from the target node a session is
established and the same route is used for the duration of the session.
2-4 707156-002
Loading...