Day: April 28, 2021

System Environment Variables for Controlling QNTC Behavior

For many of you, most likely the majority of you, are using IBM i’s NetServer facility “server side” to present directories in your system’s Integrated File System (IFS) to clients on your network as normal network file shares using the SMB protocol standard.  If you are using NetServer in this manner, you are also probably using the “client side” of NetServer called “QNTC” where your IBM i acts as an SMB “client” and reads/updates file shares on your network that are hosted by other servers (other IBM i systems, Windows servers, etc.). 


Many shops use the QNTC functionality of NetServer as a nice easy way to get files to or get files from Windows servers in their environment, and the purpose of this article is to make you aware of some little-known system environment variables that control some basic fundamental behavior of QNTC on your system.


To determine what system-level environment variables that you have defined in your IBM i environment, simply enter the command WRKENVVAR *SYS on any command line and the screen below will appear showing all your system-level variables that you have (if any).  System variables (e.g. WRKENVVAR) are very much like system values (e.g. WRKSYSVAL) in that they provide a “switch” of sorts to allow you to control all kinds of system behavior, here we will focus on system variables related to QNTC behavior.



QZLC_SERVERLIST


Prior to version V5R4 of IBM i, the default QNTC functionality on your system would search for all SMB files shares on your network and only present them to your system if each file server that it discovered was accessible via TCP/IP.  This would ensure that QNTC presented to the system a list of only shares that are accessible, but this accessibility “pre-check” caused a performance penalty whenever you tried to access the QNTC file system from IBM i (e.g. WRKLNK ‘/QNTC’ command).


To speed things up, IBM changed the QNTC default behavior as of V5R4 to not perform this accessibility pre-check and as a result, QNTC may present to you shares that cannot be accessed and this could be confusing in network environments where you have many file shares and this QNTC accessibility pre-check is helpful in automatically weeding through which SMB shares are accessible from your system.  If you want to re-enable this accessibility pre-check, simply add the environment level variable QZLC_SERVERLIST and set it to a value of

Load and Stress Testing for Security Concerns

Continuing our discussion of security testing infrastructure, we are up to Denial of Service attacks. Since this focuses on resource depletion, load and stress testing is the primary proactive technique to counter.

 

Interestingly, it is easy to confuse these two, or at least it was for me.

 

Load testing is evaluating the behavior of the system with increasing load, looking at parallel users and transactions. There are 2 ways to look at this type of testing. First, we can steadily increase what we are simulating mimicking peak usage. Second, it can be very difficult to load tests given the differences between test and production environments and the limitations of testing. Especially sans automation tools.

 

Think realistically about the ebb and flow of users and processes on your systems. There are excellent performance tools on IBM i that can indicate this for you. From there, scale your tests to the size of your environments in an equal ratio test to production. Again, for Load Testing, we want to simulate both the user/transaction LOAD and the increases you see in production in relevant percentages. Stress testing on the other hand is conducted to evaluate a system or component at or beyond the limits of its anticipated or specified workloads, or with reduced resources.

 

Now with LPARs being common and the ability to have separate but equal environments, this type of testing has become far easier in the last 15 years. However, the tests need to be designed to push the infrastructure to the limit of both their intended use and what could happen if your business goes crazy. I doubt companies making PPE thought they would need to ramp up the way they did in 2020. Another way to differentiate between these 2 test types, both of which are important, is load testing looks at what the system does via application development and stress testing looks at how it is done from a configuration/admin POV.

 

Of course, DoS attacks range from the prank variety to governmental or business espionage. It is easy to see how disruption can hurt a business or reputation. However, we also know that at times of responding to chaos, organizations are less likely to catch malevolent behavior, back door insertion, unauthorized access, modifications that haven’t gone through proper change management, etc.

 

This can be frustrating for quality assurance professionals. Having an exact replication of the production system and

April 2021 Newsletter

This newsletter includes:

The results are in and the iTech Spring iAdmin educational event held April 20th & 21st was a huge success. We had over 700 people at the event, representing 48 US States, and 58 Countries. We packed the two days with IBM i education, breakout sessions, happy hours, live Q&A, and much more.  Wow, there was so much effort by the iTech team to pull this off, and we received so many thank you notes from attendees.  It was a full company event, and I am so thankful to the iTech team for doing such a great job.  Did you know we have done 112 webinar-styled events since January 2020, and already 30 webinar events in 2021?  Who else is helping you this much with your IBM i?  Oh, by the way, if you missed the event, you can catch the replays of each session here.

 

If you are reading this, it is probably because you are familiar with iTech at some level.  First, if iTech is your current IBM i business partner, we want to thank you for your trust in us. Some of you may know us at a limited level.  Maybe you read our informative technical blogs written by our IBM Champions, or tune in to our no-charge educational webinars.  Maybe you have contracted with iTech for our best in the industry technical support and services to help make IBM products that you purchased from another organization work more effectively.  We would like to thank you for showing this level of interest and confidence.