If queries from a client to an OpenVMS SNMP server are consistently timing out, consider solutions on either the client or server side. For information about checking the client side, refer to the Compaq TCP/IP Services for OpenVMS SNMP Programming and Reference guide.

On the server:

• Adjust the default timeout value for master agent/subagent communication by redefining the system logical TCPIP$ESNMP_DEFAULT_TIMEOUT, as described in Table 13-5.
• Analyze the performance of slow areas of subagent code to improve the speed of those areas.
• Split up one subagent into multiple subagents, each handling a subset of the original OID tree.
• Adjust the timeout for individual subagents using esnmp_init() , as described in the Compaq TCP/IP Services for OpenVMS SNMP Programming and Reference guide.

Before making extensive modifications to either the client or the server, consider analyzing the network load for congestion problems.

13.6.7 Disabling SNMP OPCOM Messages

To disable OPCOM messages for SNMP, enter the following command sequence:

TCPIP> SET SERVICE SNMP /LOG=NOALL TCPIP> DISABLE SERVICE SNMP TCPIP> ENABLE SERVICE SNMP

Be aware that when you disable OPCOM messages, you may be suppressing information that is useful for solving problems.

Part 4 describes how to set up popular networking end-user applications and includes the following chapters:

• Chapter 14, Configuring and Managing TELNET, describes how to set your host as a TELNET server, allowing users on remote hosts to establish login sessions.
• Chapter 15, Configuring and Managing FTP, describes how to set up your host as a FTP server, allowing users on remote hosts to transfer files.
• Chapter 16, Remote (R) Commands, describes how to set up the server implementations of the popular Berkeley Remote (R) commands that enable remote file copying (RCP), remote logins (RLOGIN), remote command execution (RSH and REXEC), and remote management of magnetic tape and CD-ROM (RMT/RCD) drives.
• Chapter 17, Configuring and Managing SMTP, and Chapter 18, Configuring and Managing the POP Server, describe how to configure and manage the components that allow users to send and receive internet electronic mail.
• Chapter 19, Configuring XDMCP-Compatible X Displays, describes how to configure an XDMCP-compatible X display using the TCP/IP Services XDM server.

The TCP/IP Services product includes and implementation of the TELNET end-user application.

This chapter describes how to set up your host as a TELNET server.

For information about using TELNET, see the DIGITAL TCP/IP Services for OpenVMS User's Guide guide. For information about using the TELNET print symbiont, see Chapter 23.

This chapter describes:

• How to manage the TELNET service ( Section 14.1)
• How to solve TELNET problems ( Section 14.2)

Managing TELNET includes the following tasks:

• Setting up user accounts
• Creating and deleting sessions
• Displaying login messages

The TELNET service can be shut down and started independently of TCP/IP Services. This is useful when you change parameters or logical names that require the service to be restarted.

The following files are provided:

• SYS$STARTUP:TCPIP$TELNET_STARTUP.COM allows you to start up TELNET independently.
• SYS$STARTUP:TCPIP$TELNET_SHUTDOWN.COM allows you to shut down TELNET independently.

To preserve site-specific parameter settings and commands, create the following files. These files are not overwritten when you reinstall TCP/IP Services:

• SYS$STARTUP:TCPIP$TELNET_SYSTARTUP.COM can be used as a repository for site-specific definitions and parameters to be invoked when TELNET is started.
• SYS$STARTUP:TCPIP$TELNET_SYSHUTDOWN.COM can be used as a repository for site-specific definitions and parameters to be invoked when TELNET is shut down.

Table 14-1 lists the logical names you can use in managing the TELNET service.

Table 14-1 TELNET Logical Names

Logical Name	Description
TCPIP$TELNET_VTA	Enables TELNET virtual terminals.

14.1.3 Setting Up User Accounts

Hosts typically run a TELNET server with TELNET client software. Users on client hosts need valid accounts on server hosts before using TELNET to establish a remote session.

If your local host is to be a TELNET server, create OpenVMS accounts for remote users. You can create several individual accounts or one account that many remote users will share.

14.1.4 Creating and Deleting Sessions

You can create and delete TELNET sessions from within a command procedure or interactively. Enter the DCL command TELNET with the /CREATE_SESSION or /DELETE_SESSION qualifier. These qualifiers have the same function as the following commands:

TELNET> CREATE_SESSION host port dev-unit

TELNET> DELETE_SESSION dev-unit

For example:

$ TELNET /CREATE_SESSION TS405 2002 902

You can create a TELNET device that times out after a specified idle period then reconnects when data is written to it. Use the /TIMEOUT qualifier to specify the idle time and the reconnection interval, as described in the following table:

Qualifier	Description
/TIMEOUT	Creates a TELNET device that has the following connection attributes: NOIDLE---The connection is broken when the device is finally deassigned. The device will automatically reconnect when data is written to it. IDLE---Specifies the idle time for the device (in the format hh:mm:ss). Note that the time has a granularity of 1 second. If the device is idle for at least the specified amount of time, then the connection will be broken. "Idle" means that the device has neither received nor sent any data for the idle period. NORECONNECTION---The device does not automatically retry reconnections if they fail. RECONNECTION---When data is written to the device and it is not connected, this value determines the interval between reconnection attempts. For example, if an application writes to a TN with a RECONNECTION value of 0:1:00 and the first connection attempt fails, subsequent connection attempts will be made in 1-minute intervals.
/NOTIMEOUT	Creates a TELNET device that breaks the connection when the device is finally deassigned (the last channel assignment is deassigned).

14.1.5 Displaying Login Messages

To display login and logout messages at the operator's console and log file, enter:

TCPIP> SET SERVICE TELNET /LOG=(LOGIN,LOGOUT)

14.1.6 TELNET Client (TN3270)

IBM 3270 Information Display System (IDS) terminal emulation (TN3270) lets users make connections to hosts that use IBM 3270 model terminals.

TN3270 has default IBM 3270 IDS function assignments for DIGITAL keyboards. In addition, users can make their own assignments and might ask you for help. TCP/IP Services provides EBCDIC-to-DMCS and DMCS-to-EBCDIC translation tables you can customize. Appendix B describes how to customize and rebuild these translation tables.

For more information about using TN3270, enter the following DCL command:

$ HELP TN3270

14.2 Solving TELNET Problems

To improve TELNET performance, try modifying some of the internet parameters. These changes might also decrease the use of system resources.

14.2.1 TELNET Characteristics That Affect Performance

The settings for the TELNET systemwide characteristics might affect TCP/IP Services and TELNET performance. To display the TELNET systemwide characteristics, enter:

TCPIP> SHOW SERVICE TELNET /FULL

The command generates a display similar to the following:

Service: TELNET State: Enabled Port: 23 Protocol: TCP Address: 0.0.0.0 Inactivity: 1 User_name: Process: not defined Limit:30 Active: 1 Peak: 4 File: not defined Flags: Listen Priv Rtty Socket Opts: Keepalive Receive: 3000 Send: 3000 Log Opts: Actv Dactv Conn Error Logi Logo Mdfy Rjct Addr File: not defined Security Reject msg: not defined Accept host: 0.0.0.0 Accept netw: 0.0.0.0

14.2.2 Requests That Cannot Be Satisfied

The TELNET server sends the following error message for a TELNET login request that cannot be satisfied:

SS$_EXQUOTA

This error is due to insufficient local resources, such as:

• Too many sessions
  To determine whether this is the cause of the problem, check to see whether the maximum number of concurrent sessions has been exceeded. Enter the following TCP/IP management command:

  TCPIP> SHOW SERVICE TELNET

  
  If the maximum number of concurrent sessions has been exceeded, the display shows:

  PEAK=limit

  
  To increase the number of allowed sessions, enter the following command:

  TCPIP> SET SERVICE TELNET /LIMIT=n

• Insufficient OpenVMS nonpaged pool
  To determine whether this is the cause of the problem, check to see whether the OpenVMS nonpaged pool is insufficient for servicing a new TELNET connection. If so, monitor the server.
  To improve any of the parameters, redefine the logical names.
• Excessive OpenVMS login sessions
  To determine whether this is the cause of the problem, check to see whether the limit for maximum OpenVMS sessions has been exceeded. If the current value is not appropriate, redefine it.

Verify that the CHANNELCNT parameter (in SYSGEN) is larger than the number of simultaneous TELNET and RLOGIN sessions that you plan to support.

The File Transfer Protocol (FTP) software transfers files between "nontrusted" hosts. Nontrusted hosts require user name and password information for remote logins.

The TCP/IP Services product includes an implementation of the FTP end-user applications.

This chapter describes:

• How to manage the FTP service ( Section 15.1)
• How to solve FTP problems ( Section 15.2)

For information on using FTP, see the DIGITAL TCP/IP Services for OpenVMS User's Guide.

15.1 Managing FTP

Managing FTP consists of the the following tasks:

• Enabling and disabling FTP
• Configuring anonymous FTP
• Defining FTP logical names
• Monitoring FTP with FTP log files

After FTP is configured by TCPIP$CONFIG, the postinstallation configuration procedure, it is started automatically when TCP/IP Services is started.

To stop any new connections without losing existing connections, disable the FTP server interactively using the SET NOSERVICE command. To disable FTP when TCP/IP Services starts, use the SET CONFIGURATION NOSERVICE command.

See the Compaq TCP/IP Services for OpenVMS Management Command Reference for descriptions of the SET SERVICE and SET CONFIGURATION SERVICE commands.

15.1.2 Configuring Anonymous FTP

Anonymous FTP is an FTP session in which a user logs in to the remote server using the user name ANONYMOUS and, by convention, the user's real user name as the password.

On the local FTP server, local users can access files without password authentication. Remote users do not require an account. File access is controlled by regular OpenVMS access restrictions.

When you use TCPIP$CONFIG to establish an ANONYMOUS account, a new account is created with the UIC [TCPIP,ANONYMOUS] (numeric [3375,xx]), user name ANONYMOUS, account ANONY, default directory SYS$SYSDEVICE:[ANONYMOUS], and the following types of login access:

network	full access
batch	no access
local	no access
dialup	no access
local	no access

The usual OpenVMS file protection codes restrict file access for inbound anonymous FTP sessions to this directory, its subdirectories, and files with an owner attribute of [TCPIP,ANONYMOUS].

When the ANONYMOUS account has been created, a remote FTP client can:

• Copy files to and from GUEST$PUBLIC.
• From the ANONYMOUS$USER directory:
  • Delete files
  • Create directories
  • Delete directories
  • Rename files
  • Rename directories

You can set up guest and public directories for bulletin board or group interest. Make sure the directory protections are set to read-only or read/write, as needed.

In the following example, UNIX user ubird connects to the ANONYMOUS account on OpenVMS host TRAGOPAN. TRAGOPAN asks for ubird 's password, which is not echoed. In response to this request, the user should supply the local system user name for identification purposes.

% ftp tragopan Connected to tragopan.asian.pheasant.edu. 220 tragopan.asian.pheasant.edu FTP Server (Version 5.1) Ready. Name (tragopan:wings): ANONYMOUS 331 Guest login ok, send ident as password. Password: CARIBBEAN 230 Guest login ok, access restrictions apply. Welcome to Compaq TCP/IP Services for OpenVMS on internet host TRAGOPAN Date 24-JUN-2000 FTP>

15.1.2.1 Concealed File Systems

The FTP server processes each command individually as it receives the command and displays a reply based on the command parameters. A reply can include a file specification that displays part of the server file system.

For security, anonymous FTP masks file system devices and directories in FTP replies. The following messages show the difference between an unmasked file structure, shown in the first reply, and the less-specific, masked structure in the second reply.

220 opening data connection for USER8$:[HIDEME.PROJECT.TASK]PLAN.PS 220 opening data connection for SYS$LOGIN:[PROJECT.TASK]PLAN.PS

15.1.2.2 Setting Up Anonymous FTP

Complete the following steps to set up anonymous FTP access on your system:

1. Use the TCPIP$CONFIG procedure to create an account named ANONYMOUS with the password GUEST.
   To create the ANONYMOUS user account, select Optional Components from the main menu, then select Setup Anonymous FTP Account and Directories.
2. Set account access restrictions NOLOCAL, NOBATCH, NOREMOTE, and NODIALUP.
3. Create a welcome banner.
   When a user logs in, FTP displays a welcome that you can specify by entering the text into a text file and defining the TCPIP$FTP_SERVER_ANNOUNCE logical to point to the text file. Make sure the protection on the file is world readable (W:R). For example:

   $ DEFINE/SYSTEM/EXEC TCPIP$FTP_SERVER_ANNOUNCE - _$ "@SYS$SYSDEVICE:[TCPIP$FTP]ANNOUNCE.TXT"

   
   When an anonymous user logs in, FTP informs the user of the account's restrictions. Enter the text you want to display into a text file. Then define the TCPIP$FTP_ANONYMOUS_WELCOME logical name to point to the text file. Make sure the text file protection is world readable (W:R). For example:

   $ DEFINE/SYSTEM/EXEC TCPIP$FTP_ANONYMOUS_WELCOME - _$ "@SYS$SYSDEVICE:[TCPIP$FTP]WELCOME.TXT"

4. Specify a location for the log files generated by FTP sessions.
   Use the TCPIP$FTP_ANONYMOUS_LOG logical name. If you do not define TCPIP$FTP_ANONYMOUS_LOG, FTP puts the files in SYS$SYSDEVICE:[TCPIP$FTP]TCPIP$FTP_ANONYMOUS.LOG.
5. Specify a user name for the anonymous FTP account. Define the logical name TCPIP$FTP_ANONYMOUS_ALIAS. See Table 15-1 for more information.

Table 15-1 lists the logical names that you can use to manage the FTP server.

Table 15-1 FTP Logical Names

Logical Name	Description
TCPIP$FTP_ANONYMOUS_ALIAS	Defines an equivalence list (up to 10 entries) of the login names of users with access to the ANONYMOUS account. These users share the same access rights and restrictions. If you do not define this logical name, the default is ANONYMOUS as the only login name. The following command shows how to create an equivalence list with the names THOMAS, JONES, and SMITH. These users can log in to the ANONYMOUS account without a password. $ DEFINE/SYSTEM/EXEC TCPIP$FTP_ANONYMOUS_ALIAS - _$ THOMAS,JONES,SMITH
TCPIP$FTP_SERVER_ANNOUNCE	Defines location and file name for the announcement text displayed to users when they connect, before the login sequence. The following example shows a prelogin announcement: "Compaq TCP/IP Services for OpenVMS FTP Server Ready."
TCPIP$FTP_ANONYMOUS_WELCOME	Defines location and file name for the welcome text displayed to anonymous users at connect time, after the login sequence.
TCPIP$FTP_CONVERT_FILE	Define this logical name as TRUE or FALSE. If defined as TRUE, the FTP server converts files to variable with fixed-length control (VFC) formatted files before transfer. With the VFC file, users retain the Record Management Services (RMS) formatting information of their files. For more information about RMS, refer to the OpenVMS Record Management Services Reference Manual. If TCPIP$FTP_CONVERT_FILE is defined as FALSE, there is no conversion, and RMS formatting information is lost after the file transfer.
TCPIP$FTP_ANONYMOUS_DIRECTORY	Displays public directories accessible by the anonymous FTP user.
TCPIP$FTP_FILE_ALQ	Specifies the number of blocks to be preallocated by Record Management Services (RMS) to a disk when a file is created.
TCPIP$FTP_FILE_DEQ	Specifies the number of blocks to be added when RMS automatically extends the file.
TCPIP$FTP_ANONYMOUS_LOG	Defines the location of the anonymous log file. The default is SYS$SYSDEVICE:[TCPIP$FTP].
TCPIP$FTPD_IDLETIMEOUT	Defines the maximum time interval that FTP child processes can remain idle before FTP closes them. TCP/IP Services terminates the FTP process if no control or data connection activity exists for the specified time. The default idle time is 15 minutes. This feature can help to improve system performance. Specify the value as hh:mm:ss.
TCPIP$FTP_KEEPALIVE	Detects idle and broken FTP connections. Define it on the client host as TRUE or FALSE.
TCPIP$FTPD_KEEPALIVE	Detects idle and broken FTP connections. Define it on the server host by entering: TCPIP> SET SERVICE FTP /SOCKET_OPTIONS=KEEPALIVE
TCPIP$FTP_NO_VERSION	If defined, FTP does not send file version numbers when you enter the mget and the ls commands to a host that is not an OpenVMS host. Define this logical name in the system logical name table, as follows: $ DEFINE /SYSTEM/EXEC TCPIP$FTP_NO_VERSION 1
TCPIP$FTP_RAW_BINARY	With this logical name turned on, FTP transfers files in block I/O mode if the server and client are in binary (image) mode. To activate this feature, define the logical name as TRUE. An FTP end-user can override your FALSE definition with the FTP PUT /RAW command.
TCPIP$FTP_STREAMLF	If defined, the FTP server and client create files as RMS STREAM_LF files. The default is variable-length files.
TCPIP$FTP_WNDSIZ	Sets the size of the TCP send and receive transmission windows. Specify a decimal number for the number of bytes.
TCPIP$FTP_SERVER_LOG_CLIENT_BY_ADDRESS	Specifies that the FTP server will be using IP addresses instead of host names.
TCPIP$FTP_SERVER_NAME_SERVICE_TIMEOUT	Specifies the number of seconds for the timeout interval. For more information, refer to the description of the SET NAME_SERVICE/TIMEOUT command in the Compaq TCP/IP Services for OpenVMS Management Command Reference manual. This logical name has no effect if the FTP server is using IP addresses instead of host names (that is, the logical name TCPIP$FTP_SERVER_LOG_CLIENT_BY_ADDRESS is defined).
TCPIP$FTP_SERVER_NAME_SERVICE_RETRY	Specifies the number of times the BIND resolver should attempt to contact a BIND server if the first attempt fails. This logical name has no effect if the FTP server is using IP addresses instead of host names (that is, the logical name TCPIP$FTP_SERVER_LOG_CLIENT_BY_ADDRESS is defined).