 |
|
| UNIX: TCP/IP Access Method |
Prerequisites for Using TCP/IP under UNIX
| Task List |
-
Verify that software requirements are met.
-
If using network security, set the appropriate SAS options.
-
Set the appropriate options for SAS/CONNECT and SAS/SHARE.
| Software Requirements |
Ensure that the following requirements are met:
-
Base SAS and either SAS/CONNECT or SAS/SHARE are installed on both the client and the server.
-
Any TCP/IP package that comes with the operating environment has been installed.
| SAS/CONNECT and SAS/SHARE Network Security |
Encryption is the process of transforming plaintext into a less readable form (called ciphertext) by using a mathematical process. The ciphertext is translated back to plaintext for anyone who can supply the appropriate key, which is necessary for decrypting (or unlocking) the ciphertext.
For details about setting up and using encryption, see Encryption in SAS. After an encryption service is set up in your environment, you set a SAS encryption option that is appropriate to the encryption service and to the requirements of the client or the server session.
| SAS/CONNECT Options Only |
- TCPMSGLEN n
-
defines the size of the buffer (in bytes) that the TCP/IP access method uses for breaking up a message that it sends to or receives from the SAS/CONNECT application layer during a SAS/CONNECT session. The application layer uses a message size that is stored in the TBUFSIZE option (default 32768) that you can specify in the SIGNON statement or as a SAS option. For details, see the TBUFSIZE= system option in the SAS/CONNECT User's Guide.
If TBUFSIZE is larger than TCPMSGLEN, the TCP/IP access method breaks the message into a buffer whose size is defined by TCPMSGLEN and issues the number of send and receive messages that are necessary to complete the message transaction.
The value for TCPMSGLEN (default=32768) must be set at both the client and server. If the values that are set for TCPMSGLEN at the client and at the server are different, the smaller value of the two is used during the SAS/CONNECT session.
Example:
-set tcpmsglen 65536
- TCPPORTFIRST=port-number
(set at
the server)
TCPPORTLAST=port-number (set at the server) -
restrict the range of TCP/IP ports through which clients can connect to a server.
Within the range of 0 through 32767, assign a beginning value to TCPPORTFIRST and an ending value to TCPPORTLAST. To restrict the range of ports to only one port, set the values for TCPPORTFIRST and TCPPORTLAST to the same number. Consult with your network administrator for advice about setting these values.
At the server, you can set TCPPORTFIRST and TCPPORTLAST in a SAS startup command or in the SAS configuration file.
In the following example, the server is restricted to the TCP/IP ports 4020 through 4050:
-tcpportfirst 4020; -tcpportlast 4050;
- TCPTN3270 (set at the client)
-
supports connections to z/OS servers that use the full-screen 3270 Telnet protocol. The script file TCPTSO32.SCR is provided. See SAS/CONNECT Sign-on Scripts for TCP/IP under UNIX for a complete list of sign-on scripts.
You can set the TCPTN3270 option only in the SAS configuration file. If you do not set this option, the TCP/IP access method uses the Telnet line-mode protocol by default.
Example:
-set TCPTN3270 1
| SAS/SHARE Options Only |
- TCPSEC=_SECURE_ | _NONE_ (set at the server)
-
specifies whether the TCP/IP access method verifies user access authority before allowing clients to access the server. The TCPSEC option must be set at the server before the server session is started. The default is _NONE_.
- _SECURE_
-
requires that the TCP/IP access method verify the authority of clients that attempt to access the server. Each client must supply a user ID and a password that are valid at the server.
- _NONE_
-
specifies that the TCP/IP access method does not verify the authority of SAS/SHARE clients that attempt to access the server.
Examples:
%let TCPSEC=_secure_; %let TCPSEC=_none_;
|
|
Copyright © 2008 by SAS Institute Inc., Cary, NC, USA. All rights reserved.