HP OpenVMS Systems Documentation

HP TCP/IP Services for OpenVMS
Installation and Configuration

The following is sample output for configuring dynamic routing:

DYNAMIC ROUTING Configuration

 Dynamic routing has not been configured.

    You may configure dynamic ROUTED or GATED routing.
    You cannot enable both at the same time.  If you want
    to change from one to the other, you must disable the
    current routing first, then enable the desired routing.

    If you enable dynamic ROUTED routing, this host will use the
    Routing Information Protocol (RIP) - Version 1 to listen
    for all dynamic routing information coming from other
    hosts to update its internal routing tables.
    It will also supply its own Internet addresses to
    routing requests made from remote hosts.

    If you enable dynamic GATED routing, you will be able to
    configure this host to use any combination of the following
    routing protocols to exchange dynamic routing information
    with other hosts on the network:
        Routing Information Protocol (RIP) - Version 1 & 2
        Router Discovery Protocol (RDISC)
        Open Shortest Path First (OSPF)
        Exterior Gateway Protocol (EGP)
        Border Gateway Protocol (BGP-4)
        Static routes

* Do you want to configure dynamic ROUTED or GATED routing [NO]: YES [Return]
* Do you want to enable GATED routing configuration [NO]: [Return]

    ROUTED option

    If you enable the 'supply' option of dynamic routing,
    this host will supply dynamic routing information to
    other hosts on the network whether it is acting as an
    internetwork gateway or not.


* Do you want this host to supply its dynamic routing information [NO]: [Return]

DNS is implemented by the Berkeley Internet Name Domain (BIND) software. HP TCP/IP Services for OpenVMS implements a BIND server based on the Internet Software Consortium's (ISC) BIND Version 9.

The following is sample output for configuring the BIND resolver:

A BIND resolver has already been configured.

BIND Resolver Configuration

  Transport:  UDP
  Domain:     budget.acme.com
  Retry:         4
  Timeout:       4
  Servers:    island.budget.acme.com
  Path:       No values defined

* Do you want to reconfigure BIND [NO]: [Return]

In this example, no changes are made to the BIND resolver.

3.4.4.6 Time Zone Configuration

The following is sample output for configuring the time zone:

  TCPIP uses timezone information provided by the OpenVMS Operating
  System. No additional timezone configuration is needed for TCPIP
  when the operating system is configured correctly.

  This section verifies the current OpenVMS timezone configuration.
  A warning message (TCPIP-W-) indicates that corrective action should
  be taken. TCPIP will appear to operate but components may display
  either the wrong time or a time inconsistent with other applications.

%TCPIP-I-INFO, Logical name SYS$TIMEZONE_RULE found.
-TCPIP-I-INFO, Software for automatic Summer/Winter time (TDF) change
-TCPIP-I-INFO, is present.
-TCPIP-I-INFO, Further action to ensure TDF change is not necessary.

%TCPIP-I-NORMAL, timezone information verified

Press Return to continue ...

After you configure the core environment, press Return or choose option E to exit from the Core Environment menu. If you chose option A from the Main Configuration menu to configure all the TCP/IP Services components, the Client Components Configuration menu displays next; otherwise, the procedure returns to the the Main Configuration menu.

3.4.5 Configuring the Client Environment

To display the Client Components Configuration menu, choose option 2 (Client components) from the Main Configuration menu. If you chose option A from the Main Configuration menu to configure all the TCP/IP Services components, the Client Components Configuration menu displays automatically after you finish configuring the core environment services.

From the Client Components Configuration menu, choose option A to configure all the client services. Alternatively, you can configure one client service at a time. The sample output in the following sections show the progression of the procedure when you choose option A.

HP TCP/IP Services for OpenVMS Client Components Configuration Menu

Configuration options:

        1  - DHCP Client      Disabled Stopped
        2  - FTP Client       Enabled  Stopped
        3  - NFS Client       Enabled  Started
        4  - REXEC and RSH    Enabled  Started
        5  - RLOGIN           Enabled  Started
        6  - SMTP             Enabled  Started
        7  - SSH Client       Enabled  Stopped
        8  - TELNET           Enabled  Started
        9  - TELNETSYM        Disabled Stopped

        A  - Configure options 1 - 9
       [E] - Exit menu

Note that the sample Client Components Configuration menu shows most clients enabled and all of them stopped. Clients are enabled for startup if they have been enabled in the TCP/IP Services configuration database (TCPIP$CONFIGURATION.DAT). The enabled services are started the next time TCP/IP Services is started. You can also start (or stop) a specific service, without having to restart TCP/IP Services, by choosing the "Start service" option from that service's configuration menu. In addition, you can use command procedures to start or stop a specific service, as explained in Section 3.11.3.

The initial status of the services depends on whether you have other TCP/IP Services installations in place on the system, and whether the software or individual services have been started. On a new system, all the services would be disabled (the default). The status of services is also affected by the selections you made from the Core Environment menu.

To minimize resource consumption, enable and start only those services that you are sure to use. Disable those you do not plan to use.

To configure all the client services, choose option A.

The following is an example of the output for configuring an FTP client. The configuration output for other clients might vary. Note that after you configure a client (such as FTP) that has an associated server, the configuration prompts you about whether to configure the corresponding server.

Enter configuration option: 2 [Return]

FTP CLIENT Configuration

Service is enabled on specific node.
Service is stopped.

         FTP CLIENT configuration options:

                 1 - Disable service on this node

                 2 - Start service on this node

                [E] - Exit FTP_CLIENT configuration

Enter configuration option: 1 [Return]

The FTP SERVER is enabled.

* Do you want to configure the FTP SERVER [NO] ? [Return]

In the preceding example, the FTP client was originally enabled, and option 1 disables it. The configuration procedure indicates that the FTP server is enabled and asks whether you want to configure it as well.

The following example shows the configuration output that you might see if you want to enable an FTP client that had been disabled.

FTP CLIENT Configuration

Service is not enabled.
Service is stopped.

        FTP CLIENT configuration options:

                 1 - Enable service on this node

                 2 - Enable & Start service on this node

                [E] - Exit FTP_CLIENT configuration

Enter configuration option: 2 [Return]

In this example, as with the previous one, the TCP/IP Services software has already been started, so you have the choice of starting the client as well as enabling it. If you choose option 1, the FTP service is enabled and FTP starts the next time TCP/IP Services is started. If you choose option 2, the FTP service is started immediately and then every time the TCP/IP Services is started.

If the TCP/IP Services software is not already started, then the FTP Client Components Configuration menu gives you only the option of enabling the service, as in the following example:

                1 - Enable service on this node

               [E] - Exit FTP_CLIENT configuration

After you configure the client service environment, press Return or choose option E to exit from the Client Components menu. If you chose option A from the Main Configuration menu to configure all the TCP/IP Services components, the Server Components Configuration menu displays next; otherwise, the procedure returns to the the Main Configuration menu.

3.4.6 Configuring the Server Environment

To display the Server Components Configuration menu, choose option 3 (Server components) from the Main Configuration menu. If you chose option A from the Main Configuration menu to configure all the TCP/IP Services components, the Server Components Configuration menu displays automatically after you finish configuring the client services.

HP TCP/IP Services for OpenVMS Server Components Configuration Menu

  1 - BIND         Enabled  Started    12 - NTP         Enabled  Started
  2 - BOOTP        Disabled Stopped    13 - PC-NFS      Enabled  Started
  3 - DHCP         Disabled Stopped    14 - POP         Enabled  Started
  4 - FINGER       Enabled  Started    15 - PORTMAPPER  Enabled  Started
  5 - FTP          Enabled  Started    16 - RLOGIN      Enabled  Started
  6 - IMAP         Disabled Stopped    17 - RMT         Disabled Stopped
  7 - LBROKER      Disabled Stopped    18 - SNMP        Enabled  Stopped
  8 - LPR/LPD      Disabled Stopped    19 - SSH         Enabled  Started
  9 - METRIC       Enabled  Started    20 - TELNET      Enabled  Started
 10 - NFS          Enabled  Started    21 - TFTP        Enabled  Started
 11 - LOCKD/STATD  Disabled Stopped    22 - XDM         Enabled  Started


  A  -  Configure options 1 - 22
 [E] -  Exit menu

Enter configuration option:

Servers are enabled for startup if they have been added to the TCP/IP Services configuration database (TCPIP$CONFIGURATION.DAT), and they are started the next time TCP/IP Services is started. You can also start (or stop) a specific server, without having to restart TCP/IP Services, by choosing the "Start service" option from that server's configuration menu. In addition, you can use command procedures to start or stop a specific server, as explained in Section 3.11.3.

The initial status of the servers depends on whether you have other TCP/IP Services installations in place on the system, and whether the software or individual servers have been started. To minimize resource consumption, enable and start the specific servers you plan to use, and disable those you do not plan to use. You can choose option A to configure all the servers.

For servers that have associated client services (such as the FTP server and client), when you configure the server you are prompted about whether to configure the corresponding client.

The following is an example of an XDM server configuration output. The configuration displays for other servers might vary.

Enter configuration option: 21 [Return]

XDM Configuration

Service is defined in the SYSUAF.
Service is not defined in the TCPIP$SERVICE database.
Service is not enabled.
Service is stopped.

 XDM configuration options:

   1 - Enable service on this node

  [E] - Exit XDM configuration

Enter configuration option:

XDM requires DECwindows components that are not installed.
Attempts to activate XDM will fail.

Type C to continue with XDM configuration, or E to exit [ E ]:

After you configure the servers, press Return or choose option E to exit from the Server Components Configuration menu. If you chose option A from the Main Configuration menu to configure all the TCP/IP Services components, the Optional Components Configuration menu displays next; otherwise, the procedure returns to the Main Configuration menu.

3.4.7 Configuring the Optional Components

You may need to configure optional product components if you plan to do one or more of the following:

• Run the PATHWORKS for OpenVMS (Advanced Server), the Advanced Server for OpenVMS, or DECnet over TCP/IP software.
• Run or develop applications that use the Stanford Research Institute's (SRI) QIO application programming interface (API).
• Allow Anonymous FTP access.
• Initialize Kerberos authentication for the TELNET server.
• Where a node or cluster has multiple interfaces, enable failSAFE IP to monitor the health of network interface cards and, when an interface fails, to perform a failover to another interface to maintain network connectivity.

To display the Optional Components Configuration menu, choose option 4 (Optional components) from the Main Configuration menu. If you chose option A from the Main Configuration menu to configure all the TCP/IP Services components, the Optional Components Configuration menu displays automatically after you finish configuring the servers.

The Optional Components Configuration menu displays the following menu options:

HP TCP/IP Services for OpenVMS Optional Components Configuration
Menu

Configuration options:

        1 - Configure PWIP Driver (for DECnet-Plus and PATHWORKS)
        2 - Configure SRI QIO Interface (INET Driver)
        3 - Set up Anonymous FTP Account and Directories
        4 - Configure Kerberos Applications
        5 - Configure failSAFE IP

        A - Configure options 1 - 5
       [E] - Exit menu

Enter configuration option:

Choose the options that are appropriate for your system: the PWIP Driver, the SRI QIO Interface, Anonymous FTP Accounts and Directories, Kerberos authentication for TELNET, and failSAFE IP (provides IP address failover capability for multiple interfaces on a host or cluster).

• If you want to run PATHWORKS for OpenVMS (Advanced Server), Advanced Server for OpenVMS, or DECnet over TCP/IP, configure the PWIP driver by choosing option 1. In addition, refer to the appropriate documentation for the layered product.
• If you run or develop applications that use the SRI QIO API, choose option 2.
• If you want to allow Anonymous FTP access, choose option 3 to set up an Anonymous FTP account and directories. Make sure you obtain the necessary user information code (UIC) (see Section 1.2.8) and determine guest user privileges.
• If you want to provide the security benefits of Kerberos authentication for the TELNET server, choose option 4 to configure Kerberos. For details about configuring Kerberos support, see Section 3.4.7.1.
• If you want to provide IP address failover capability for multiple interfaces on a host or cluster, choose option 5 to configure failSAFE IP. For details about configuring failSAFE IP support, see Section 3.4.7.2. More information is available also in the HP TCP/IP Services for OpenVMS Management manual.

The following example shows the output for configuring the PWIP driver:

Enter configuration option: 1 [Return]

TCPIP Transport for DECnet and Pathworks Service Configuration

Service is enabled on specific node.
Service is stopped.

 TCPIP Transport for DECnet and Pathworks Service configuration options:

    1 - Disable service on this node

   [E] - Exit PWIP_DRIVER configuration

Enter configuration option:

To configure the TELNET service to support Kerberos, follow these steps. For more details about Kerberos features, including prerequisites and instructions for using Kerberos, refer to the HP TCP/IP Services for OpenVMS Management manual.

1. From the the TCPIP$CONFIG.COM procedure Main Configuration menu, choose option 2 (Client components).
2. From the list of client services, choose option 6 (TELNET).
3. From the TELNET Configuration menu, choose option 1 (Enable service on all nodes). This step creates the TCPIP$TELNET user account and directory.
4. Return to the Main Configuration menu.
5. From the Main Configuration menu, choose option 4 (Optional components).
6. From the Optional Components Configuration menu, choose option 4 (Configure Kerberos Applications). The following menu is displayed:

   Kerberos Applications Configuration Menu TELNET Kerberos is not defined in the TCPIP$SERVICE database. Configuration options: 1 - Add Kerberos for TELNET server 2 - Remove Kerberos for TELNET server [E] - Exit menu Enter configuration option:

7. From the Kerberos Applications Configuration menu, choose option 1 (Add Kerberos for TELNET Server).
8. Exit the command procedure.
9. When you are prompted to start the TELNET service, enter N.
10. Start the TELNET service by executing the TELNET startup procedure, as shown in the following example:

    $ @SYS$STARTUP:TCPIP$TELNET_STARTUP.COM %TCPIP-I-INFO, image SYS$SYSTEM:TCPIP$TELNET_SERVER.EXE installed %TCPIP-I-INFO, image SYS$SYSTEM:TCPIP$TELNET.EXE installed %TCPIP-I-INFO, logical names created %TCPIP-I-INFO, telnet service enabled %TCPIP-I-INFO, telnet (kerberos) service enabled %TCPIP-S-STARTDONE, TCPIP$TELNET startup completed

    
    The information message confirms that the TELNET Kerberos service has been enabled.

Two steps are necessary to configure failSAFE IP:

1. Configure the standby IP address on the interfaces for which failover is desired, as explained in Section 3.4.4.3; these are the failover target interfaces for each home interface.
2. Configure failSAFE IP support by choosing option 5 (Configure failSAFE IP) from the Optional Components Configuration menu.

In addition, you can configure failSAFE IP IPv6 addresses. Information about this is in Section 4.3.

Choosing option 5 from the Optional Components Configuration menu displays the following menu. Note that in this menu, Option 1 (Enable service on all nodes) appears only in a cluster configuration. Choose Option 1 to enable failSAFE IP on all nodes in the cluster, or choose option 2 to enable failSAFE IP on the local node only.

        failSAFE configuration options:

                 1 - Enable service on all nodes
                 2 - Enable service on this node

                 3 - Enable & Start service on this node

                [E] - Exit FAILSAFE configuration

Enter configuration option:

For more details about failSAFE IP, refer to the HP TCP/IP Services for OpenVMS Management manual.