IBM Sterling


This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Add a new idea Subscribe
Status Future consideration
Workspace Sterling Connect:Direct for Z/OS
Created by Guest
Created on Jan 24, 2024

RELATED IDEAS

Target node alternate communication paths not retried when connected via Sterling Secure Proxy.

There appears to be a design flow within CD/Z when communicating via SSP and target CD node not being reachable via primary path, CD/Z initial SSL handshake times out and connection to target CD node not retried by CD/Z via ALT.COMM path(s).

  • Admin
    James Joseph
    Reply
    |     Apr 3, 2024

    Hello Alex, Matt

    From our call this week its understood that Alternate communication retry is getting failed only when SSP acts as intermediatory between CD Z (P & S Nodes) and alternate communication connection works perfectly when SSP is not in picture.

    Can you please confirm again to avoid ambiguity ?

    Thanks,

    James

    1 reply
  • Admin
    James Joseph
    Reply
    |     Mar 20, 2024

    We are accepting the idea and considering it future releases. we can revisit this once we see the traction from other customers and partners (via Voting or Comments). Thank you for your patience and co-operation.


    Thanks,

    Product Management

  • Guest
    Reply
    |     Feb 6, 2024

    @James Joseph

    We have tested your suggestion on our lab systems. All requisite monitoring options were enabled, and we created condition where target SNODE was not reachable. SSP adapter did not go down, and upon submitting a process from PNODE we still got CSPA202E error and process went to hold queue.

  • Guest
    Reply
    |     Feb 5, 2024

    We had a lengthy discussion with Lawrence Morland and Jeffry McGee on this, they should be familiar with the ask here.

  • Guest
    Reply
    |     Feb 5, 2024

    Interesting suggestion, but in our setup, our adapters are not unique to an SNODE, so if a heartbeat to one remote SNODE were to fail, taking out that adapter would impact our ability to talk to many other clients. This could be an option but we'd need to drastically re-engineer, which is not a great option. We'd still like the ability to determine this on the CDZ side.

  • Admin
    James Joseph
    Reply
    |     Feb 5, 2024

    The following suggestion came from SSP team,

    One suggestion is to use ‘failover’ feature in SSP. When failover is configured for the CD adapter in SSP, SSP monitors the SNode and if SSP could not connect to it , it will take the CD adapter down. This should make the PNode CD try the alternate node. This alternate node could be another SSP CD adapter which connects to another SNode.

    Of course if the Snode goes down just when SSP CD adapter tries to connect for a regular cd session, this will not result in CD Pnode trying the alternate path. However subsequent connections will be able to fall back to alternate nodes.

    FYI - failover can work in two modes: continuous mode – In this mode SSP monitors the SNode CD every 15 sec (configurable) and takes down the CD adapter if it fails to connect. not continuous mode – SSP starts monitoring only if the connection to the SNode CD fails as part of a regular CD session and stops monitoring once the Snode CD is up.

    Here is the documentation https://www.ibm.com/docs/en/secure-proxy/6.1.0?topic=definitions-connectdirect-adapter-definition-properties


    Thanks,

    Product Management

  • Admin
    James Joseph
    Reply
    |     Feb 5, 2024

    Thank you for taking the time to share your ideas to IBM. We truly value our relationship with you and appreciate your efforts and willingness to share details about your experience, your recommendations, and ideas. We will soon review the same in the coming weeks and shall get back with a response.

    Thanks,

    Product Management

  • Guest
    Reply
    |     Jan 25, 2024

    Specifically, when CD/Z is talking to a Secure Proxy host that is up, but the remote SNODE is down or unreachable, this is reported to CD/Z as a Secure Plus handshake timeout and no ALT.COMM paths are attempted. We would like to see this behavior changed, either by making the CSPA timeout message retriable, or by some other method.

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.