For many of you, most likely the majority of you, are using IBM i’s NetServer facility “server side” to present directories in your system’s Integrated File System (IFS) to clients on your network as normal network file shares using the SMB protocol standard. If you are using NetServer in this manner, you are also probably using the “client side” of NetServer called “QNTC” where your IBM i acts as an SMB “client” and reads/updates file shares on your network that are hosted by other servers (other IBM i systems, Windows servers, etc.).
Many shops use the QNTC functionality of NetServer as a nice easy way to get files to or get files from Windows servers in their environment, and the purpose of this article is to make you aware of some little-known system environment variables that control some basic fundamental behavior of QNTC on your system.
To determine what system-level environment variables that you have defined in your IBM i environment, simply enter the command WRKENVVAR *SYS on any command line and the screen below will appear showing all your system-level variables that you have (if any). System variables (e.g. WRKENVVAR) are very much like system values (e.g. WRKSYSVAL) in that they provide a “switch” of sorts to allow you to control all kinds of system behavior, here we will focus on system variables related to QNTC behavior.
Prior to version V5R4 of IBM i, the default QNTC functionality on your system would search for all SMB files shares on your network and only present them to your system if each file server that it discovered was accessible via TCP/IP. This would ensure that QNTC presented to the system a list of only shares that are accessible, but this accessibility “pre-check” caused a performance penalty whenever you tried to access the QNTC file system from IBM i (e.g. WRKLNK ‘/QNTC’ command).
To speed things up, IBM changed the QNTC default behavior as of V5R4 to not perform this accessibility pre-check and as a result, QNTC may present to you shares that cannot be accessed and this could be confusing in network environments where you have many file shares and this QNTC accessibility pre-check is helpful in automatically weeding through which SMB shares are accessible from your system. If you want to re-enable this accessibility pre-check, simply add the environment level variable QZLC_SERVERLIST and set it to a value of “2” and the network file shares accessibility pre-check will once again be in place for any SMB shares that QNTC discovers. Entering the following command will add the necessary variable to your system:
ADDENVVAR ENVVAR(QZLC_SERVERLIST) VALUE(2) LEVEL(*SYS)
After adding this (or any) environment variable, you can verify that it now exists by entering the WRKENVVAR *SYS command and the resulting display as shown below will appear.
This system variable controls whether or not QNTC will query your network for file shares and present them to you. Default system behavior (which will occur if this variable set to “1” is not found) will result in QNTC looking for all file shares on your network and then showing them to you. If you enter the WRKLNK ‘/QNTC’ command and it takes a while to show any output, this is exactly what’s happening, QNTC is automatically finding all file shares for you, and this can take a considerable amount of time if you have a lot of shares on your network. If you want to improve the performance of many operations against the QNTC file system (e.g. the WRKLNK ‘QNTC’ command), you can add the environment level variable QIBM_ZLC_NO_BROWSE and set it to a value of “1” and the automatic network file shares scan that occurs whenever you access QNTC will no longer occur.
Entering the following command will add the necessary variable to your system:
ADDENVVAR ENVVAR(QIBM_ZLC_NO_BROWSE) VALUE(1) LEVEL(*SYS)
The one caveat of adding the QIBM_ZLC_NO_BROWSE to your system is that all /QNTC directories that you need access to must be be manually created using the MKDIR/CRTDIR CL command, and those directories need to all be created every time your system goes through an IPL (e.g. added to your system startup program) as any directories manually created will be removed on an IPL. Note that with respect to QNTC, any MKDIR/CRTDIR CL command issued for a share on /QNTC is merely a “pointer” to that external file share, so when I say it’s “removed on an IPL” I don’t mean the actual share sitting on the external server is removed, just IBM i’s local pointer to it, thus that “pointer” must be recreated on each IPL.
This system variable controls specifically which SMB (Server Message Block) protocol version will be used when your system’s QNTC facility first connects to an external file share. There are currently 4 discrete SMB versions at V7R4 that IBM i can connect to an external file share with:
- SMB v1
- SMB v2
- SMB v2.1
- SMB v3
By adding the QIBM_ZLC_SMB_VERS environment variable you can exert precise control over QNTC on which SMB protocol to use when connecting to an external file share. The possible values are “0”, “1”, “2”, “2.1”, and “3” and the SMB protocol behavior that takes place for each value is as defined in this table:
|Value of QIBM_ZLC_SMB_VERS Variable||QNTC SMB Behavior|
|0||Suitable protocol version will be negotiated w/server|
|1||Only use the SMB/CIFS protocol (SMB v1)|
|2||Only use the SMB v2 protocol|
|2.1||Only use the SMB v2.1 protocol|
|3||Only use the SMB v3 protocol|
Please note that when the QIBM_ZLC_SMB_VERS environment variable does not exist or is set to “0”, the QNTC file system functionality will negotiate a mutually-suitable protocol version with the server that it is connecting to when accessing the external file share on that server.
As an example, entering the following command will add the necessary variable to your system that will instruct QNTC to always use the SMB v2 protocol when connecting to an external file share:
ADDENVVAR ENVVAR(QIBM_ZLC_SMB_VERS) VALUE(2) LEVEL(*SYS)
Whenever adding/changing/deleting any of the system variables discussed above, stop and then re-start NetServer on your system by using the ENDTCPSVR SERVER(*NETSVR) and STRTCPSVR SERVER(*NETSVR) commands respectively to fully activate the changes.
Being knowledgeable of the system environment variables that control QNTC behavior in your IBM i environment is crucial for effectively managing how your system will interact with external servers when accessing file shares on those servers.
More from this month:
- Getting to Know COBIT and IBM i System Administration
- Changing Your IBM Business Partner
- Load and Stress Testing for Security Concerns
- IBM i Security Resource Page
- iTech iTip Videos
- Sips & Tricks: Coffee with iTech
- iBasics: IBM i Education for the Beginner System Administrator
- Upcoming Events
- IBM i, FSP, and HMC release levels and PTFs (April 2021)