Does the library manager always respond on the same port, or can it be made to? Is so you could open that port on the firewall. The rule could allow that IP using that port to pass through to the TSM server. That would mean that the timeout on the firewall would not be relevant. Another option might be a private network between the two.
Andy Huebner -----Original Message----- From: ADSM: Dist Stor Manager [mailto:[email protected]] On Behalf Of Thomas Denier Sent: Thursday, July 07, 2011 10:29 AM To: [email protected] Subject: [ADSM-L] TSM and keepalive packets We have a TSM 6.2.2.0 server configured as a library manager. One of the library manager clients is a TSM 5.5.4.0 server. Both run under mainframe Linux. TCP connections between the two TSM servers pass through a firewall. Some TCP connections involved in library management are idle for long periods. Sessions for tape mounting may wait a long time for a tape drive to become available. Sessions for ejecting tape volumes (triggered by 'move drmedia' commands with 'tostate=vault') may wait a long time for somebody to unload the library I/O station. Sessions that are inactive tend to fail with ANR3174E messages on the library manager. We suspect that this happens because the firewall drops TCP sessions that are idle for too long. We are hoping to prevent the session drops by having keepalive packets sent at sufficiently short intervals. As I understand the process, the program that opens a socket decides whether keepalive packets will be sent, and operating system parameters determine how often keepalive packets will be sent if a program requests them for a particular connection. Is this correct? Does TSM request keepalive packets for TCP connections involved in library management? Do we need to get the tcp_keepalive_time below the firewall time limit on the host system for the library manager, the host system for the library manager client, or both? This e-mail (including any attachments) is confidential and may be legally privileged. If you are not an intended recipient or an authorized representative of an intended recipient, you are prohibited from using, copying or distributing the information in this e-mail or its attachments. If you have received this e-mail in error, please notify the sender immediately by return e-mail and delete all copies of this message and any attachments. Thank you.
