CA CSM uses a Java-based FTP client. This FTP client has several options that control how the session operates. These options are not considered to be related to FTP proxies that provide authentication services when logging in to the FTP server.
FTP session options are specified in the installed CA CSM data set RunTimeMVSHLQPrefix.SAMPLIB(PASADVOP). This data set is an XML file and has an FTPOPTIONS section defining all the available FTP session options. Each option is set to the FTP client default.
The <FTPOPTIONS> XML tag is read for every FTP connection that CA CSM establishes. If the tag is not defined or empty, then the CA CSM FTP client uses the defaults as described in this section.
The following example is a code syntax sample for FTP session settings:
<FTPOPTIONS>key_1=value_1, key_2=value_2</FTPOPTIONS>
You can use the following keys:
The firewall.friendly FTP option is set to true by default:
<FTPOPTIONS>firewall.friendly=true</FTPOPTIONS>
You only specify this option if you want to override it.
The firewall.friendly option refers to FTP operating in passive mode. Passive mode causes the FTP server to open a listening port for the FTP data connection. If this option is set to false, then the FTP client opens the listening port for the server.
You can ask your network administrator if passive mode is supported. Alternatively, you can test if the default is acceptable by running a batch FTP program. After the statements that log you in to the FTP server as anonymous, insert QUOTE PASV.
The job output displays a message that contains the following text:
227 Entering Passive Mode (IP_address,FTP_server_code)
200 PORT command successful.
If you see this message, set firewall.friendly to false.
The verify.pasv.ip FTP option is set to true by default:
<FTPOPTIONS>verify.pasv.ip=true</FTPOPTIONS>
You only specify this option if you want to override it.
Important! We recommend that you do not override this option unless your firewall support absolutely requires it.
Some firewall implementations may intercept and alter the IP address that is returned from the FTP server in response to the PASV command. In this case, you may see the following message in CA CSM application server logs:
Host attempting data connection ip_address_1 is not same as server ip_address_2
Identifies the altered IP address from the firewall server.
Identifies the IP address of the FTP server.
The default.timeout FTP option is set to zero (0) by default:
<FTPOPTIONS>default.timeout=0</FTPOPTIONS>
You only specify this option if you want to override it.
The value of this option represents time in milliseconds. The default value 0 is interpreted as an infinite timeout. Some environments can encounter timeout issues when downloading large files that are 200 MB or more.
For example, a large file is downloaded using an FTP command line session in OMVS. When the data transfer is complete, a subsequent FTP command, for example, ls, is entered. A timeout condition can result with a message, for example:
Connection to server interrupted or timed out. Waiting for reply.
In this case, a value of 10000 (representing 10 seconds) resolves this situation if CA CSM encounters it.
The default.port option is set to 21 by default. This port is the industry standard default port that FTP uses. There may be some firewall implementations that alter this default port, even if there are no FTP proxy authentication methods.
<FTPOPTIONS>default.port=21</FTPOPTIONS>
You can change the port number 21 to the required port number.
Note: This option has no affect if you enable FTP proxy settings.
Keepalive packets (no-operation packets) prevent routers from closing a control connection during large file transfers after a certain period of inactivity. The control.keep.alive.timeout option specifies how often (every x seconds) a keepalive packet is sent.
The control.keep.alive.timeout option is not specified by default (no keepalive packet is sent). You can set this option to the required frequency of sending keepalive packets (in seconds). For example, to force the file download methods to send a keepalive packet every five minutes (300 seconds), add the following statement in the RunTimeMVSHLQPrefix.SAMPLIB(PASADVOP) data set:
<FTPOPTIONS>control.keep.alive.timeout=300</FTPOPTIONS>
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|