The TN3270E server function enables you to configure your network as shown in Figure 30 or Figure 31.
Figure 30. Communications Server Configured as a TN3270E Server with Wide Area SNA Network
Figure 31. Communications Server Configured as a TN3270E Server with Wide Area TCP/IP Network
The TN3270E server function supports:
TN3270E server allows the configuration of multiple ports with specifications for pool name, security, client authentication, the level of security, and Certificate Revocation List (CRL) support for each port configured.
TN3270E server supports LU 2, which enables users to run interactive 3270 display application programs.
The Telnet 3270 standard extensions (TN3270E) enable users to print from host applications to printers attached to their workstation. These printers may be locally attached or network-attached. LU 1 and LU 3 sessions are supported.
TN3270E server implements the protocols outlined in RFC 1646 and RFC 1647, enabling the server to pass LU 1 and LU 3 session data to TN3270E-enabled clients, wait for client confirmation of the print request, and respond to the host.
Communications Server supports the specification of TCP/IP client filters, using IP addresses, subnetworks, hostnames, or domain names. This function enables central administration of the clients allowed to connect into the TN3270E server and specification of the LU names and pools clients can access.
TN3270E-enabled clients can send both positive and negative responses, which TN3270E server sends on to the host. TN3270E server generates request responses for standard TN3270 clients.
TN3270E server can convert and forward information to the host when the
client sends an ATTN or SYSREQ key. Although clients that are not
TN3270E-enabled have no explicit definition for ATTN and SYSREQ, the TN3270E
server uses the following Telnet commands to implement these functions:
Communications Server categorizes user connection with LU classes. Classes consist of LUs configured with common characteristics; those that require a specific host connection, for example. This simplifies user access, groups users by application needs, and maximizes host resources.
You can specify that a TN3270E server port is secure, indicating that SSL Version 3 be used for connections on the port to provide data encryption and server authentication using digital certificates. Additional configuration parameters are supported to specify the level of security for connections on the port, whether client authentication should be processed, and whether a certificate revocation list (CRL) should be checked before accepting the client connection.
Refer to Quick Beginnings for instructions on how to configure a TN3270E server.
TN3270E server supports any TN3270E or TN3270 client that is fully compliant with RFC 1576, 1646, 1647 or 2355.
This section provides more information about some of the features you can configure for TN3270E server.
You can configure the ports your server uses for new connections from the TN3270E Ports configuration panel. The default port number is 23, but other Telnet applications, such as the TN5250 server support, may also use this port. If other Telnet applications are using port 23, you must use another port.
If you change the port number, avoid numbers that you know are used by other applications. If two applications use the same port number, one of the applications will fail.
If you change the port number, use a number greater than 1 024. Numbers less than 1 024 are reserved. For more information about reserved port numbers, see the following location on the Internet:
At the time of publication of this document, the most recent RFC for assigned numbers is RFC 1700.
Notify TN3270E client users when you change the port number, because they will have to configure their emulator applications to match.
There are three ways to control how often unused connections are disconnected: keepalive processing, automatic logoff, and LU takeover processing.
By default, TN3270E server does not use keepalive processing. If you use keepalive processing, you can choose either NOP or timing mark.
Timing mark processing causes more traffic on the system than NOP processing, but frees unused connections more quickly.
If you choose automatic logoff, the server disconnects any session that has no traffic for the specified period. Traffic from keepalive processing does not keep the connection open; data must be sent to or from the host. Printer sessions are not automatically logged off.
If your client emulators are configured to do keepalive processing, you might want to turn it off at the server, and if keepalive processing is done at the server, you might want to turn it off at the client to reduce network traffic.
If you choose LU takeover processing, the server will disconnect the session if certain conditions are satisfied. For example, when a new TN3270E session request specifies an LU that is in use at the server, the TN3270E server sends a timing mark to the client of that connection. If the client does not respond to the timing mark within the number of seconds that you specify, the server disconnects the session and assigns the LU to the new connection request. LU takeover processing enables you to disconnect unused sessions when they are needed, without the network traffice generated by keepalive detection. Keepalive detection enables you to free unused connections more frequently, but generates more network traffic.
Communications Server enables you to configure TN3270E filters to specify which TCP/IP clients can connect into the server. Clients can be specified using individual IP addresses, IP subnetworks, or TCP/IP host names or domain names.
When you configure a new TN3270E server port, you can specify that the port be used for secure connections. More than one port can be specified as secure.
To enable security, Communications Server provides a Key Management utility to generate the certificate and keys required by SSL. Refer to Chapter 10, Planning for Secure Sockets Layer-based Security for more information.
When you have configured and enabled security, TN3270E clients supporting SSL Version 3 can connect into a secure port number and establish secure connections.
You need to configure your host connection and host LUs before you use the TN3270E server function. For a table that describes and explains host parameters, refer to Quick Beginnings.
There are four classes of LU definitions specific to TN3270E server: implicit workstation, explicit workstation, implicit printer, and explicit printer. These classes correspond to the terminal-generic, terminal-specific, printer-generic, and printer-specific classes specified in RFC 1647.
Implicit workstation definitions are defined in a pool that the TN3270E server uses to satisfy requests for connections. The default workstation pool can be configured to satisfy requests where the client does not specify a workstation LU or workstation pool name. All other workstation pools must be requested by name.
You can also define a set of LU definitions used to satisfy requests for a specific LU name. These explicit workstation definitions ensure that a terminal device needed by a host application is not assigned to a client that does not specifically request it.
Similarly, you can define a pool of printer definitions that will be used to satisfy request for connections that do not require specific LU names (implicit printer) and a set used to satisfy requests for a specific LU name (explicit printer). The default printer pool can be configured to satisfy requests where the client does not specify a printer LU or printer pool name. All other printer pools must be requested by name.
Implicit and explicit workstation definitions can have printers that are associated with them. Each terminal definition can have a printer that is assigned to it and each printer can have an associated terminal definition. These printers are not included in the explicit or implicit printer definitions.
Associated printer definitions can only be accessed by referencing the terminal LU name. They reduce the amount of information the client user needs, because he or she only needs to know the LU name of the terminal to connect to both the terminal and the printer sessions.
Communications Server also supports load balancing of TN3270 clients across multiple TN3270E servers. Refer to Chapter 11, Planning for Load Balancing for more information.