Technical
Tips
Making
Changes To The Coms Configuration File
Activities
to Ensure Security
Sumlog Expansion
Complete Security
Too Many
TCP/IP Messages
NXServers and Disk Efficiency
MCP Security When Using a Network
Creating a Directory Listing
SystemsUpgrading TCP/IP from a
Software Level before 44.1
A Short Version of the Power
Up Sequence for the ClearPath Systems
Creating a Test Database Using
the Production Database
What is a MARC Directive?
Efficiency
in Disk Pack Subsystems
Non Coms
Program Opening a Remote File to a Coms Station
Database
Stack Priority
Assigning
Attributes To A Usercode
Suppression
of Headers, Trailers, and Banners
RAID Disk
Serial
Processing is Faster Than Multi-Tasking
Data Communications
Printers
Mirror
Disk Bennefits
Bad Habits of IS Buyers
Scheduled Tasks
Initial
Pbit vs Other Pbit
Archiving Backup Files
Data base Stack Priority
Interfacing
An A Series Computer To a LAN
What
is a Supervisor Program?
When
Do I Upgrade My Processor?
False Idle vs True Idle
Making
Changes To The Coms Configuration File
Normally
changes to the Coms configuration file (CFILE) are made through the
Coms Utility via the ‘On Utility’ command. Individual changes
can be made and they gointo effect immediately. To make one or a few
changes using this method is efficient use of time and effort. To make
wholesale changes with this methodology would be very time consuming.
The technique to make a large number of changes is to use Utility to
get to the appropriate group of items that need these changes and use
the dump command. If you had chosen ‘stations’ then all stations
and their attributes would be dumped to a file that can be accessed
by Cande.
Exit Utility and move to Cande under the same usercode. The file created
will have a name such as Coms/Dump/S/050202/091355 where the last two
nodes reference the date and time of day. With Cande you may get the
file as your workfile and perform one or more replace statements to
change all stations with the same values to a new value. An example
would be:
REP/SUPER_USER = Y//SUPER_USER = N/:T
This statement will change all stations that are superusers to not having
superuser status.
The ‘:T’ will list text. If you are making a lot of changes,
you may not want to use ‘:T’.
In that case only sequence numbers will be listed for the changed items.
If you want to look at things before you change them you may use the
Cande command, ‘Find’, instead of ‘Replace’. You
may make more changes, if desired. When you are finished making changes,
save the workfile. Whether you save it with the same name or a new name
does not matter.
Go back to Utility and use the load function. This is the opposite of
the dump function.
Type load on the action line, your file name where it is needed, and
Modify override may be needed in some cases. You do not need to use
the override unless you get error messages.
Then observe the changes being made as station names are displayed.
These are live changes and they go into effect immediately. You will
get a warning for each station because the add statement, in the dump
file, for existing stations is not valid. This completes the task.
Activities
to Ensure Security
With
recent statistics showing that 76% of security breaches are internal,
the best tools
for every organization are:
1. Education & Awareness
2. Technology
Keep current on all virus software definitions and have them active
on all work stations. In addition keep current on all software patches,
use encryption on all communication, and use digital signatures when
possible. Regularly backup all needed information. Password protect
access to all information. Do diligence in researching all applications
so that they
may be trusted.
Sumlog Expansion
When
the MCP determines that the System/Sumlog is almost full, it does a
transfer of the log (TL) automatically and begins a new Sumlog. For
reporting purposes, it is often more convient to process reports from
only one Sumlog in a given period of time, such as one day.
To do this it is now possible to change the Sumlog file size. If you
type TL* at the ODT it will display the current Sumlog size in rows
and records per row.
Example: Sumlog Factors: Rows = 140, Records per row = 1000
To expand the Sumlog size, you may change the number of rows, the records
per row, or both. An example ODT command follows.
Example: TL ROWS 500 RECORDS 20000
Complete
Security
Complete
Security should include analysis and proper controls for:
1. Data Privacy - Viewing
2. Data Security - Theft or loss
3. Data Integrity - Changing orcorrupting
Too Many TCP/IP Messages
When there is a flood
of messages concerning the TCP/IP network, reduce the messages significantly
by typing:
NW TCPIP DIS ICMPRED FIRST
NX Servers and Disk Efficiency
Recently
I was involved in performance evaluation of disk units on an NX4600.
I was surprised to find that the external disk drives were at least
three times faster than the internal disk drives. Both internal and
external drives were the same model and had the same transfer rate.
This reminded me of a statement made a couple of years ago by an I/O
specialist from one of the Unisys plants. He stated that Unisys never
intended that any customer run production work from the internal disk
units. My investigation into this matter revealed that the external
disk units interface to the system via channel adapters, but the internal
units interface to the system via emulation of the MLI interface. This
is not even a hardware interface.
The implication is that the internal disk drives are only useful for
test and historical information. I hardily endorse this use of external
disks.
MCP Security When Using a Network
With
internet commerce and internet banking solutions practiced today there
are those who promote a network firewall as the best security measure.
If your database of proprietary information resides on an LX, NX, or
A Series computer, then the best security solution is to use the MCP
security facilities and secure from within.
Although every piece of software needed is not available from Unisys,
there is software available to tighten MCP security so that it is the
best in the industry. There are so many objectives that cannot be met
with external security: what a user does after gaining clearance to
use the system, monitoring and auditing internal activities, and database
security are just a few.
Remember that a network is just a means to gain access to the MCP environment.
Security must be established from within to select those who may have
access to the MCP environment and monitor and audit what they do after
they gain entrance. Don't be fooled by rhetoric from pursuasive people
who no not understand the details of the MCP environment.
Creating a Directory Listing
The
system utility, System/Filecopy may be used to create a directory listing.
Create a WFL such as the following:
BEGIN JOB DIRECTORY;
RUN *SYSTEM/FILECOPY on {packname};
EBCDIC CARD
ACCESSED BEFORE TODAY
FILES ((usercode)= FROM {packname}(KIND=PACK))
NOSUMMARY JOBSYMBOL
DECKLABEL (usercode){filename} on {packname}
LOCKDECK NOZIP
?END JOB
The WFL will create a WFL output deck with a list of all file names
under that usercode on that disk pack. The output deck can now be edited,
listed or printed using your favorite method such as a Cande Write or
the System/Dumpall utility.
Upgrading TCP/IP from a Software Level
before 44.1
There
is a major difference in the current TCP/IP implementation in 44.2 and
45.1 software releases. In older software releases BNA was central in
supporting other network implementations. Now, Unisys has introduced
CNS (Core Network System) as the central implementation hub for all
network protocols.
The Software Installation Manual (4198 4840-003) gives a fair view of
the overall installation of CNS and TCP/IP; but it neglects to include
TELNET, which is now required for TCP/IP. You must install CNS, Telnet,
and TCP/IP software for TCP/IP to function correctly on 44.2 and 45.1.
In addition, you must add an MCS for Telnet to the datacominfo file.
Make sure that you create the CNS init file with NAU or the split program
included with the release. If you don't use CP2000s then the split program
works fine.
A Short Version of the Power Up Sequence
for the ClearPath Systems
This
is a sample article from the:
NX, LX, and A Series Users
Planning and Operations Reference Manual,
published by Integrity Services
____________________________________________
ClearPath
Power Up Procedures
To
power on the ClearPath system, perform the following steps:
1. Power on the mainframe hardware in the following order:
1. Apex Box..............................................6. Disk drivesMonitor
2. Monitor.................................................7. External
disk drivesMain breakers
3. Main breakers......................................8. IO channelsCisco
Hub main breaker
4. Cisco Hub main breaker......................9. MCP processorIO cabinet
5. IO Cabinet..........................................10. NT box
2. At the system PC, after Unix loads up into Desktop, minimize it.
3. Enter the NT password.
4. Bring up the SYCON Screen:
a. Verify that there is a 1 in the Partition Field. If not enter a 1
and press the + key.
b. Tab over to Load and press Specfy.It will take 5 - 10 minutes to
load. After it is done loading, it will say Running.
5. After SYCON is done loading, switch over to ODT A by clicking on
the gray area.
6. You can now proceed with normal Halt/Load procedures after the system
is transferred to the MCP. Be patient, this may take a few minutes.
7. Verify the time by clicking OK.
8. Reply to the waiting entry for Job GET_HL_INFO.
Creating a Test Database Using the
Production Database
Use
the following steps to create a test database from the current production
database:
1. Copy the production DASDL, Description file, and DMSUPPORT as new
files with the test database names. Bring down the production database.
Copy the control file and all structure files (such as data and key
files) from the production database to the new name and disk pack family
you have chosen for the test database using library maintenance.
2. Make all taylored changes to the test DASDL for the test database
file location.
3. Ensure that the UPDATE card is in the test DASDL. Optionally you
may specify DMCONTROL and ZIP.
4. Do a DASDL compile update to update the test Description file with
the new test database attributes. Make sure that the Control files and
DMSUPPORT get updated.
You should now have a production and test version of the DASDL, Description
file, Reconstruct, control file, and all database files.
What is a MARC Directive?
A
MARC Directive is a program that can be installed and un-installed by
a MARC administrator. The functions that are available are:
1. Adding new commands with appropriate functionality.
Example: A Calc command is implemented to allow the station to function
as a calculator.
2. Eliminating commands for all or selected users.
Example: The Go command, which is available even to non-commandcapable
users, may be eliminated for all users.
3. Making commands that are available to selected users available to
all users.
Example: The News command may be made available to non-commandcapable
users.
Efficiency in Disk Pack Subsystems
Efficiency in disk
packs can be accomplished in three ways:
1. Spreading files across as many disk pack units as possible. The MCP
is more efficient in using multiple pack families than any person can
be in designing pack file layouts to single family units. Use multiple
pack families as much as possible. The benefit is that files spread
among many packs can do multiple I/Os almost simultaneously. Large disk
packs with many files slow processing down because of single-threading
I/Os.
2. Cache buffering speeds up I/Os because the more buffering that is
available, the more data that can be read at micro seconds instead of
milli seconds (IC chip speed versus magnetic disk speed). Large (256MB)
cache memory makes disk subsystems operate with a high number of I/O
operations.
3. Mirror disk. It is hard to say too much about
the benefits of mirrored disk.
Benefits of Mirrored Disk
A disk pack susbsystem should be evaluated by the number of I/Os per
second, not the transfer rate of individual disk packs. Don't buy disk
from people who try to sell by transfer rates; they are demonstrating
their ignorance.
Non Coms Program Opening a Remote File to a Coms Station
When a program not
defined to Coms opens a remote file to a Coms station, Coms will respond
by opening a dynamic remote file window for that station. The user must
enter:
?ON REM0001
to get to the dynamic remote file window.
If the myuse attribute of the station is set to output, then Coms will
automatically log the station on and assign it to the dynamic remote
file window.
Remotespo is an example of a program that uses this remote interface.
A user written program could accomplish the same function.
Database Stack Priority
The DMSII accessroutines
(ACR) act like a library, in that they wait for a progran to request
services. Just like a library the priority of the function being serviced
inherits its priority from the program being serviced. The accessroutines
will only use their own priority in the following situations:
1. At BOJ when it is building its own stack.
2. When executing visible database stack (DBS) commands. These commands
are made directly to the ACR; and, thereby, use the ACR priority.
Because of this limited use of ACR priority, there is a limited value
in changing the ACR priority. Should you desire to do so, use the following
command:
WFL MODIFY [ACR title]; PRIORITY=[desired priority]
Example: MODIFY *SYSTEM/ACCESSROUTINES ON PROD; PRIORITY = 85
Assigning Attributes To A Usercode
There are a limited number of attributes that can be assigned and changed
for a usercode in the forms mode available with MARC. In order to assign
other attributes such as a menugraph to a usercode follow the form of
the following example:
Using CANDE command mode or the MARC run screen type:
RUN $SYSTEM/MAKEUSER
After BOT, home the curser and type: $LIST IGNORE
Then home the curser and type your statement such as:
USER = {usercode} MENUFILENAME = {menugraph file name};
At this point you may use any number of makeuser commands. You must
home the curser or do a single line transmit for each command and terminate
it with a ;. When you are finished with makeuser type: END, and it will
terminate.
Suppression of Headers, Trailers, and Banners
In order to suppress
one, two, or all three of the Headers, Trailers, or Banners for a print
job the following common methods may be used:
1. For a usercode in the userdatafile, update the userdatafile by entering:
USER TEST PRINTDEFAULTS = "HEADER=SUPPRESSED, TRAILER=SUPPRESSED"[xmit]
USER TEST PRINTDEFAULTS = "BANNER=FALSE"[xmit]
2. At run time enter:
RUN MYTASK; PRINTDEFAULTS (HEADER = SUPPRESSED, TRAILER = SUPPRESSED,
BANNER = FALSE)
3. In WFL add:
PRINTDEFAULTS = (HEADER=SUPPRESSED, TRAILER=SUPPRESSED, BANNER=FALSE)
4. In MARC, go to the Printdefaults (PRDEF) menu from the Printing System
(PS) menu and enter:
HEADER = SUPPRESSED, TRAILER = SUPPRESSED, BANNER = FALSE
5. In CANDE you may enter the command:
PD (HEADER = SUPPRESSED, TRAILER = SUPPRESSED, BANNER = FALSE)
or add the command to your START file.
6. In a program, such as an Algol program, add the statement:
REPLACE MYJOB.PRINTDEFAULTS BY "HEADER=SUPPRESSED, TRAILER=SUPPRESSED,
BANNER=FALSE.";
RAID Disk
For many computer
professionals RAID disk is the top of the line in disk technology. It
is very expensive and was designed for redundancy of data. One must
keep in mind that redundancy, and not performance, is the benefit of
RAID disk. In fact, RAID disk implements redundance at the expense of
performance. See article by Rich Goodsell of Unisys in Unisys World
(July 1996).
Knowing that RAID disk is not performance disk allows those needing
performance disk to look elsewhere without being deceived that RAID
disk will boost performance.
The second issue is that redundancy of information is accomplished much
more efficiently and at a lower cost by using mirrored disk. Mirrored
disk will normally improve performance as well as redundancy of data.
Serial Processing is Faster Than Multi-Tasking
A problem expressed to me as a concern by users from time to time is
"What causes multiple tasks, using different sets in a data base,
that access the same data sets to run faster serially than when multi-tasking?"
To facilitate using multiple DMSII data base tasks using different sets
to access the same data sets you must:
1. Eliminate disk contention. Multiple pack families and mirrored disk
should accomplish this. Spread your data bases across as many packs
as possible.
2. Raise the allowedcore in the data base. Most default settings are
way too low.
3. Establish resident sets - at least put the coarse tables in memory.
4. All of the above.
Data Communications Printers
When a printer device
is declared in a data communications environment as an input/output
(IO) device, then in order for it to function properly it must have
a Default Usercode declared for the station in COMS Utility. This requirement
applies whether it is a standard data communications network (NDLII
or IDC) or CP2000 network. If the device is declared as output only,
this requirement is not needed.
Mirror
Disk Bennefits
System Availability,
Data Integrity, Performance Improvements
Bad
Habits of IS Buyers
1.
IS personnel are untrained, part-time buyers; which makes them easy
prey for wily vendors.
2. They are driven by current needs and often overlook flexible planning
that will take new technologies into consideration. Five year plans
do not work anymore. Two to three years is the maximum for which IS
professionals can make reasonable forecasts. In the interim, technology
innovations make it necessary to change strategy. Buyers must be alert
for the application of new technology to their needs duing the span
of the business forecast.
3. They may not understand what drives the business and, therefore,
cannot distinguish between business issues and technical requirements.
A faster graphical driver may not be the answer to increasing a time
to market problem.
4. RFPs may be filled with misguided requests. RFPs should not be laundry
lists of "bells and whistles" that are not related to real
business needs. These may mask the real needs of the business and cause
you to reject viable solutions. Personal bias and undue vendor influence
may also mask the real needs of the business.
5. They may be deceived in planning for business needs. Fancy functionality
on a PC application is not necessarily easily transportable to a large
data communications environment. People time and technical equipment
costs may not be understood.
6. They fail to consider all factors in buying new technology. A mainframe
user may move to a client/server system without realizing that the cost
will probably be greater than what they spent on the mainframe. Studies
have shown this to be a fact. Network costs, a larger staff of network
people for maintenance, upgrades to hardware and software infrastructure,
training, and other items need to be considered.
Scheduled
Tasks
Occasionally
tasks get scheduled and there appears to be no apparent reason. All
tasks go through the scheduling mechanism on their way to active. The
situation is usually caused by one of the following:
1. The system is running out of available memory. Use the CU ODT command
to verify that memory is or is not available for additional tasks (programs)
to run. Each task has a memory requirement assigned to it, and the MCP
verifies that the required amount of memory is available before the
task is allowed to move from scheduled to active. Generally speaking,
if the available memory is below 50,000, then scheduling will occur
for some programs. The lower the memory available, the higher the probability
that scheduling will occur. You may use the FS command to force programs
from the schedule to the active, but there is memory management overhead
to do this. It may be minimal and it may be serious. If the situation
is a regular issue then setting memory factors will help until more
memory is purchased or job scheduling uses the system more efficiently.
2. A pending CM command has been issued either on purpose or by accident.
A CM- will restore the system to a normal status.
3. An operational error may have occurred that changed the memory factor
3 value. Most systems should run with a value of 100%. An accidental
message such as SF 1 will set the factor to 1% and the scheduling algorithm
will be adjusted to consider 1% of the available memory as being available
for tasks. Type SF and read the memory factors. If memory factor 3 is
less than 100%, then set it by typing SF 3 100.
Initial Pbit vs Other Pbit
Use of the
U (Utilization) command displays the current processor usage for the
last ten seconds. It is broken down into eight categories. Two of these
categories are Initial Pbit and Other Pbit.
Pbit is a shortened form of the term, Presence bit. The presence bit
is a bit contained in each descriptor on the A Series computer. A descriptor
is a word of memory that points to a memory address that contains specific
data. If the pbit is turned on then the data is present in memory. If
the pbit is turned off then the data is on disk.
The Initial Pbit component of the 'U' display shows the percentage of
processor time used to bring initial program code and data from disk
for the first time and allocating memory space for the data. When a
program is first initialized, all of the program code and data is on
disk and all presence bits are turned off. This is the normal process
to initiate or boot all programs on the A Series computers.
The Other Pbit component shows the percentage of processor time that
is used to overlay and retrieve information that at one time was present
in memory and has been overlaid to disk. It is this overlay process
that implements the virtual memory capability on the A Series computers.
The overlay process is actually the act of writing to disk and reading
from disk. It is called overlay because it is using a disk overlay file.
If any of the three categories (Other pbit, Search time, or False idle)
have values greater than zero, then memory management is occurring and
there is processor overhead used to manage the memory of the computer.
Archiving Backup Files
Most computer
sites back up the disk files to tape on a regular basis, and well they
should. Those who do not are flirting with disaster.
One option that should be considered on the A Series computer is the
archiving system. It was added to the standard disk subsystem file handling
of the system on the 3.8 release and there is no additional charge for
it. The archive copy statement works the same as the standard copy statement
with the addition that it also records the information on where the
files are in an archive record for the disk pack family.
If a file is removed (by accident or on purpose) and a program tries
to access the file encountering a "no file" condition, then
the system knows where the most recent version of the file resides.
It will either tell the operator where the file is or copy it from the
proper tape, depending on an option. The program is suspended until
the file is present, and then it continues as if the file had been present
all along.
Archiving requires a unique identification of each magnetic tape. The
standard provision is the serial number. Many people have been taught
to put a date in the serial number. The date is already on the tape
label and doesn't need to be there twice. In fact, it is a poor operational
practice to put anything except a serial number in the place for serial
number. Archiving is only one issue that reveals the problem with this
practice.
The archive system also has utilities to consolidate files on tapes,
restore files, etc. The archive rollout statement can be used to free
up needed disk space. Every site should consider using the archive system.
You have already paid for it in you system software license.
Data base Stack Priority
In order
to perform a DMSII function the data base accessroutines (ACR) are invoked
when a program issues a request for data base services. The ACR functions
in the same manner as a library, in that the ACR inherits the priority
of the program requesting services.
There are only two cases where the ACR functions at its own priority.
A data base open or close causes the data base stack to be built or
torn down. Therefore this priority is used when a data base stack is
being created or extended.
The second case for ACR to use its own priority is when a visible data
base stack (DBS) command is executed. An example of this type of use
is the data base status command
([mix #]SM STATUS).
Many are misled into thinking that raising the data base stack priority
will cause data base programs to run faster. The above discussion should
help to explain why this is a common misunderstanding and not factual.
A benefit of this implementation is that the flexibility of DMSII priority
usage goes down to the individual programs.
False Idle vs True Idle
When you
use the U command at the ODT or elsewhere the average processor usage
for the last ten seconds is displayed. It is broken down into eight
categories followed by I/O information. Two of those categories are
true idle and false idle.
True idle means just that; for the displayed percentage of use, there
is no work for the processor. False idle is a display stating that the
processor was not used for the indicated percentage of use, but could
have been used if overlaying of data were not needed. The false idle
time is the time the processor is waiting and could do work except that
overlay is taking place.
