This post follows on from getting TCPIP to work with ADCD (zPDT and ZD&T) and allow me to FTP to z/OS from my Linux machine. There is a Q&A Has anyone configured z/OS running on ZD&T to support IPV6 protocol? but this was not enough information for me.
With IP V4 there is a limit of the number of IP addresses available. IP V6 has many addresses, and so this should not be a problem. There is no smooth migration from IP V4 to IPV6, it is more start with IP V4, run IP V4 and V6 at the same time, move stuff from IP V4 to IP V6, – and possibly (unlikely) run with just IP V6.
Wikipedia has many good articles
- IP V6 in general
- IP V4 uses addresses like 18.104.22.168. IP V6 uses addresses like 2001:0db8:0000:0000:0000:ff00:0042:8329 (=2001:db8::ff00:42:8329). See here.
- Each IP V6 has a local address (link-local) fe80::….
- An IP V6 address can have :: to mean replace with as many zeros as needed to make this a valid IP V6 address. So 2001:0db8:0000:0000:0000:ff00:0042:8329 can be written 2001:db8::ff00:42:8329. You can only have one :: in a value.
- TCPIP can support IPV4 and IP V6 at the same time (dual stack)
- You can wrap an IP V4 address into an IP V6. For example ::ffff:192.0.2.128
- For security clients often get a “temporary” (or randomised) IP address instead of a hard coded address. This uses a randomiser function with a secret key. This IP address can expire, and a new(different) IP address obtained. This can make it hard(impossible) for a server to do a reverse DNS lookup. This temporary IP address is useful, as it means you cannot be tracked by your IP address.
- Each IP node has a IP V4 address and an IP V6 address.
- When defining connections between systems, it looks like you need at least one IP V4 route, and at least one IP V6 route – I could be wrong.
- An IPV6 host usually has more than one IP address.
IPV6 has reserved IP ranges
- 2001:db8::/32 Addresses used in documentation and example source code.
- fe80::/10 are the link-local unicast [RFC4291] addresses. Addresses within this block should not appear on the public Internet. Your router should not externalise this.
- fd00::/7 for private internets. These are the unique-local addresses [RFC4193]. Addresses within this block should not appear by default on the public Internet. This means you can use them within your organisation.
- ffxx is for multicast to all links matching the address. For example ff02::5 is used by the dynamic routing protocol OSPF to say to all routers in the (local) network “hello – anyone there”.
The end of each connection needs at least one IP address. If you have 5 connections, you will have at least 5 IP addresses
What is my IP address on Linux ?
You can use hostname -I
which gave me
You can also use ifconfig or ip addr show.
You can also use the z109x find_io command.
What is my IP address on z/OS?
You can use TSO NETSTAT HOME, or the operator command V TCPIP,,NETSTAT,HOME .
This gives information like
LinkName: ETH1 Address: 172.26.1.2 Flags: Primary IntfName: IFPORTCP6 Address: fc00::67:1:1 Type: Global Flags: Address: fe80::a1:a101:a1:a1a1 Type: Link_Local Flags: Autoconfigured
- 172.26.1.2 an IP V4 address for use within a private network, for connection ETH1.
- fc00::67:1:1 an IP V6, unique local address, for interface IFPORTCP6.
- fe80::a1:a101:a1:a1a1a link-local address, for interface IFPORTCP6. The a1:a1… is based on the MAC address of the device. You can override this on z/OS by specifying the INTFID.
- Note: If you do not specify the INTFID, it will default to the MAC address. If you reconfigure the system, you may get different MAC address, and so the IP address via this interface will change. By specifying the INTFID you can specify what the IP address for this interface, which will not change if the system is reconfigured.
What are the routes on my machine?
IP V4 On Linux ip route or ip -4 route
default via 192.168.1.254 dev wlp4s0 proto dhcp metric 600 10.1.1.0/24 dev tap0 proto kernel scope link src 10.1.1.1 169.254.0.0/16 dev wlp4s0 scope link metric 1000 172.25.1.0/24 dev tap2 proto kernel scope link src 172.25.1.6 172.26.1.0/24 dev tap1 proto kernel scope link src 172.26.1.6 172.27.1.0/24 via 172.25.1.6 dev tap2 192.168.1.0/24 dev wlp4s0 proto kernel scope link src 192.168.1.223 metric 600
IP V6 on Linux ip -6 route gives
:1 dev lo proto kernel metric 256 pref medium 2a00:xxx:xxxx:xxxx::/64 dev wlp4s0 proto ra metric 600 pref medium fe80::/64 dev tap0 proto kernel metric 256 pref medium fe80::/64 dev tap1 proto kernel metric 256 pref medium fe80::/64 dev tap2 proto kernel metric 256 pref medium fe80::/64 dev wlp4s0 proto kernel metric 600 pref medium default via fe80::966a:b0ff:fe85:54a7 dev wlp4s0 proto ra metric 20600 pref medium
On z/OS, TSO NETSTAT route or V tcpip,,netstat,route gives
IPv4 Destinations Destination Gateway Flags Refcnt Interface ----------- ------- ----- ------ --------- Default 172.25.1.6 GS 0000000000 IFPORTCP 127.0.0.1/32 0.0.0.0 UH 0000000000 LOOPBACK 172.26.1.2/32 0.0.0.0 UH 0000000000 ETH1 IPv6 Destinations DestIP: ::1/128 Gw: :: Intf: LOOPBACK6 Refcnt: 0000000000 Flgs: UH MTU: 65535 DestIP: fc00::67:1:1/128 Gw: :: Intf: IFPORTCP6 Refcnt: 0000000000 Flgs: UH MTU: 9000 DestIP: fe80::a1:a101:a1:a1a1/128 Gw: :: Intf: IFPORTCP6 Refcnt: 0000000000 Flgs: UH MTU: 9000
FIND_IO for "colinpaice@colinpaice" Interface Current MAC IPv4 IPv6 Path Name State Address Address Address ----- ---------- ------- ------- ---------- -------------- A0 tap0 UP, RUNNING ea:... 10.1.1.1 fe80::e8e8:69ff:fe20:435b%tap0 A1 tap1 UP, RUNNING 22:... 172.26.1.6 fe80::2090:14ff:fee0:5f20%tap1 A2 tap2 UP, RUNNING 22:... 172.25.1.6 fe80::2047:afff:fef7:1caf%tap2
Joining it all up
To FTP from Linux to z/OS, I use
The fe80::a1:a101:a1:a1a1 came from the z/OS NETSTAT HOME, and is the z/OS end of the connection.
Using another interface (defined with the INTFID 7:7:7:7) I could use
The ip -6 route command gave me
fe80::/64 dev tap0 proto kernel metric 256 pref medium fe80::/64 dev tap1 proto kernel metric 256 pref medium fe80::/64 dev tap2 proto kernel metric 256 pref medium fe80::/64 dev wlp4s0 proto kernel metric 600 pref medium
So the request for FE80…. can be routed to any of these. I know that it was configured using tunnel interface tap1, so the address to use is fe80::a1:a101:a1:a1a1%tap1.
Once the connection to FTP was established, z/OS TSO NETSTAT CONN gave me
FTPD1 0000003D ESTBLSH LOCAL SOCKET: FE80::A1:A101:A1:A1A1..21 FOREIGN SOCKET: FE80::2090:14FF:FEE0:5F20..42572
The request is processed by z/OS address FE80::A1:A101:A1:A1A1 (port 21)
This ties up with DestIP: fe80::a1:a101:a1:a1a1/128 … Intf: IFPORTCP6 which shows the request came in on interface IFPORTCP6
The request came from FE80::2090:14FF:FEE0:5F20, which ties up with fe80::2090:14ff:fee0:5f20%tap1. The request came in over the tap1 interface.