Previous Page | Next Page

UNIX: TCP/IP Access Method

Prerequisites for Using TCP/IP under UNIX


Task List


Software Requirements

Ensure that the following requirements are met:


SAS/CONNECT and SAS/SHARE Network Security

Encryption is the process of transforming plaintext into a less readable form (called ciphertext) by using a mathematical process. The ciphertext is translated back to plaintext for anyone who can supply the appropriate key, which is necessary for decrypting (or unlocking) the ciphertext.

For details about setting up and using encryption, see Encryption in SAS. After an encryption service is set up in your environment, you set a SAS encryption option that is appropriate to the encryption service and to the requirements of the client or the server session.


SAS/CONNECT Options Only

TCPMSGLEN n

defines the size of the buffer (in bytes) that the TCP/IP access method uses for breaking up a message that it sends to or receives from the SAS/CONNECT application layer during a SAS/CONNECT session. The application layer uses a message size that is stored in the TBUFSIZE option (default 32768) that you can specify in the SIGNON statement or as a SAS option. For details, see the TBUFSIZE= system option in the SAS/CONNECT User's Guide.

If TBUFSIZE is larger than TCPMSGLEN, the TCP/IP access method breaks the message into a buffer whose size is defined by TCPMSGLEN and issues the number of send and receive messages that are necessary to complete the message transaction.

The value for TCPMSGLEN (default=32768) must be set at both the client and server. If the values that are set for TCPMSGLEN at the client and at the server are different, the smaller value of the two is used during the SAS/CONNECT session.

Example:

-set tcpmsglen 65536
TCPPORTFIRST=port-number (set at the server)
TCPPORTLAST=port-number (set at the server)

restrict the range of TCP/IP ports through which clients can connect to a server.

Within the range of 0 through 32767, assign a beginning value to TCPPORTFIRST and an ending value to TCPPORTLAST. To restrict the range of ports to only one port, set the values for TCPPORTFIRST and TCPPORTLAST to the same number. Consult with your network administrator for advice about setting these values.

At the server, you can set TCPPORTFIRST and TCPPORTLAST in a SAS startup command or in the SAS configuration file.

In the following example, the server is restricted to the TCP/IP ports 4020 through 4050:

-tcpportfirst 4020;
-tcpportlast 4050;
TCPTN3270 (set at the client)

supports connections to z/OS servers that use the full-screen 3270 Telnet protocol. The script file TCPTSO32.SCR is provided. See SAS/CONNECT Sign-on Scripts for TCP/IP under UNIX for a complete list of sign-on scripts.

You can set the TCPTN3270 option only in the SAS configuration file. If you do not set this option, the TCP/IP access method uses the Telnet line-mode protocol by default.

Example:

-set TCPTN3270 1

SAS/SHARE Options Only

TCPSEC=_SECURE_ | _NONE_ (set at the server)

specifies whether the TCP/IP access method verifies user access authority before allowing clients to access the server. The TCPSEC option must be set at the server before the server session is started. The default is _NONE_.

_SECURE_

requires that the TCP/IP access method verify the authority of clients that attempt to access the server. Each client must supply a user ID and a password that are valid at the server.

_NONE_

specifies that the TCP/IP access method does not verify the authority of SAS/SHARE clients that attempt to access the server.

Examples:

%let TCPSEC=_secure_;
%let TCPSEC=_none_;

Previous Page | Next Page | Top of Page