24.1 zSeries virtual connections

z/VM provides two major TCP/IP connectivity options for Linux guests: Linux can be given access to a real connection, or to a virtual connection. The virtual connections are described in this section. They are generally used to connect Linux to another Linux guest on the same z/VM system. The other Linux guest might have access to a real network connection and act as an IP router or gateway.

zSeries virtual connections include HiperSockets, virtual channel-to-channel (CTC), and the Inter-User Communication Vehicle (IUCV).

24.1.1 HiperSockets

The zSeries HiperSockets function (HiperSockets) is a microcode function supported by the operating systems z/OS V1R2, z/VM V4R2, VSE/ESA 2.7, Linux for zSeries (64-bit mode), and Linux for S/390 (31-bit mode). Functions of HiperSockets include the following:

• Provides the fastest TCP/IP communication between consolidated Linux, z/VM, and z/OS virtual servers in a zSeries by allowing virtual machines and logical partitions (LPARs) to communicate internally over the memory bus using the internal-queued- direct (IQD) channel type in the z900.

• Provides a higher level of network availability, security, simplicity, performance, and cost-effectiveness than an external single server solution communicating across an external TCP/IP network.

The HiperSockets (IQDIO) support is an extension to the OSA-Express QDIO support.

Linux supports up to four real HiperSockets, which is the microcode limit. Linux uses the QETH device driver to support HiperSockets, as described in 20.4.8, "Network device drivers and adapters."

HiperSockets advantages

The zSeries HiperSockets function uses an adaption of the Queued-Direct Input/Output (QDIO) high-speed I/O protocol. HiperSockets operates with minimal system and network overhead. It also eliminates the need to utilize I/O subsystem operations and the need to traverse an external network connection to communicate between LPARs. HiperSockets offers significant value in server consolidation by connecting many virtual servers.

HiperSockets is transparent to applications. To an operating system, it looks like any other TCP/IP interface.

Because Hipersockets has no external components (cables or cards), it provides a very secure connection. For security purposes, servers can be connected to different HiperSockets. All security features, such as firewall filtering, are available for HiperSockets interfaces as they are with other TCP/IP network interfaces.

Management and administration cost reductions over existing configurations are possible. Since HiperSockets does not use an external network, it can free up system and network resources, eliminating attachment costs while improving availability and performance.

Implementing the HiperSockets function on Guest LANs

In addition to supporting the HiperSockets microcode function, z/VM also supports the HiperSockets function on Guest LANs, for interconnecting virtual machines. That is, VM simulates the HiperSockets function for communication among virtual machines without the need for HiperSockets microcode supporting IQD (internal-queued-direct) channel path identifiers.

The VM Guest LAN support works similar to the way that VM emulates channel-to-channel adapters for communication among virtual machines without the need for the physical media (such as ESCON, FICON, or other channel-to-channel connections).

Each Guest LAN can be used by a group of virtual machines to communicate among themselves, independent of other groups of virtual machines on other Guest LANs. The z/VM Guests connecting to a Guest LAN must have HiperSockets support. These are currently z/OS V1R2, z/VM V4R2 TCP/IP, VSE/ESA, Linux for zSeries, and Linux for S/390.

VM Guest LAN support is available for zSeries, S/390 G5 and G6, and for S/390 Multiprise 3000.

The VM Guest LAN function performs a complete emulation of HiperSockets hardware, providing connectivity within a single z/VM image.

HiperSockets usage example

There are many possibilities for applying the HiperSockets technology. Figure 24-1 shows the use of both virtual and real HiperSockets with Linux in a zSeries.

The three HiperSockets illustrated in Figure 24-1 are used as follows:

• Guest LANs: Serves multiple Linux servers running under z/VM in LPAR-C.

• Real HiperSockets: Exclusively serves the z/VM and z/OS systems running in LPAR-C and LPAR-B.

24.1.2 Virtual channel-to-channel

A virtual channel-to-channel (CTC) connection is a software connection between two VM guests on the same VM system. In Figure 24-2, a virtual CTC connection is used to connect the first two Linux guests of Mainframe-B, in which Linux for zSeries systems are installed. A virtual CTC connection is much faster than an equivalent physical connection.

Virtual CTC devices are created using the CP DEFINE command and are connected using the COUPLE command.

24.1.3 Inter-user communication vehicle

The Inter-User Communication Vehicle (IUCV) is a VM/ESA virtual connection that enables a Linux program running in one VM guest to communicate with another Linux program running in another VM guest, or with a control program, or even with itself. The communication takes place over a predefined linkage called a path. IUCV has now largely been replaced by HiperSockets (described in 24.1.1, "HiperSockets").

IUCV provides high-speed cross-memory data transfer without using virtual device I/O functions. CP directory authorization is required if you want to use IUCV to connect two Linux guests. No authorization is required to connect to the VM TCP/IP stack.

IUCV provides functions, through the IUCV macro, to create and dismantle paths, send and reply to messages, receive or reject messages, and control the sequence of IUCV events. Communicators receive information about IUCV events by handling IUCV external interrupts.

The following IUCV features are supported by Linux for S/390:

• Multiple output paths from a Linux guest.

• Multiple input paths to a Linux guest.

• Simultaneous transmission and reception of multiple messages on the same or different paths.

• Network connections via a TCP/IP service machine gateway.