Table 1 lists the TCP/IP applications that set IPv6 advanced socket API options. In a multilevel secure environment, APF and superuser authority are not sufficient; the security product resource name for the socket options appearing in Table 1 must be defined for every stack. Usage must be explicitly permitted by user ID, or conditional access lists, such as PERMIT WHEN(PROGRAM(...)) must be defined for the load module and alias names listed in the table. For more information about applications in a multilevel secure environment, see Required configuration in a multilevel secure environment.
Load module | Alias | Socket options set |
---|---|---|
EZACDOPN | z/OS® UNIX ping | IPV6_PKTINFO, IPV6_DONTFRAG |
EZACDTPN | TSO PING | IPV6_PKTINFO, IPV6_DONTFRAG |
EZACDTRT | z/OS UNIX traceroute | IPV6_HOPLIMIT, IPV6_PKTINFO |
EZACDTTR | TSO TRACERTE | IPV6_HOPLIMIT, IPV6_PKTINFO |
EZADNSVR | NAMED | IPV6_PKTINFO |
EZAORRTE | OMPROUTE | IPV6_HOPLIMIT, IPV6_PKTINFO |
EZASNTPD | SNTPD | IPV6_PKTINFO |
For more details on these IPv6 advanced socket API options, see z/OS Communications Server: IPv6 Network and Application Design Guide.
For examples of the security product definitions, see the EZARACF sample in data set SEZAINST.