A fix is available
APAR status
Closed as program error.
Error description
When connecting FTP client to the local FTP server and using the target address of 127.0.0.1 (loopback), we receive the following SSL/TLS handshake timeout error: EZD1287I TTLS Error RC: 5005 Initial Handshake 621 LOCAL: ::FFFF:127.0.0.1..21 REMOTE: ::FFFF:10.1.1.1..1025 This combination fails: FTP -a TLS -s 10.1.1.1 127.0.0.1 These combinations work fine: FTP -a TLS -s 10.1.1.1 10.1.1.1 FTP -a TLS -s 127.0.0.1 127.0.0.1 FTP -a TLS -s 127.0.0.1 10.1.1.1 If either end of the FTP server or client, uses non AT-TLS then all of the above combinations work fine. The same problem could occur with any AT-TLS connection where the server is using 127.0.0.1 (loopback) and the client is any non-loopback address. For the failing connection the TLSX_fast_local bit is ON on one end and not the other which is what causes the timeout error to occur.
Local fix
Use another local IP address instead of 127.0.0.1 (loopback).
Problem summary
**************************************************************** * USERS AFFECTED: All users of the IBM Communications Server * * for z/OS Version 1 Release(s) 10, 11 and 12 * * IP: ATTLS * **************************************************************** * PROBLEM DESCRIPTION: Local ATTLS connections may fail. * **************************************************************** * RECOMMENDATION: * **************************************************************** Local connections using ATTLS between a server using a loopback address and a client using a non-loopback address will fail during the ATTLS handshake. +-------------------------------------------------------------+ + Please check our Communications Server for OS/390 homepages + + for common networking tips and fixes. The URL for these + + homepages can be found in Informational APAR II11334. + +-------------------------------------------------------------+
Problem conclusion
EZBTCRD has been modified to allow the ATTLS handshake between a server using a loopback address and a client using a non-loopback address to complete successfully. * Cross Reference between External and Internal Names
Temporary fix
Comments
APAR Information
APAR number
PM29181
Reported component name
TCP/IP V3 MVS
Reported component ID
5655HAL00
Reported release
1B0
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2010-12-17
Closed date
2011-01-17
Last modified date
2011-03-02
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UK64014 UK64015 UK64016
Modules/Macros
EZBTCRD
Fix information
Fixed component name
TCP/IP V3 MVS
Fixed component ID
5655HAL00
Applicable component levels
R1A0 PSY UK64014
UP11/02/18 P F102
R1B0 PSY UK64015
UP11/02/18 P F102
R1C0 PSY UK64016
UP11/02/18 P F102
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1B0","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSCY4DZ","label":"DO NOT USE"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1B0","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
02 March 2011