You can trace encrypted data to locate the source of the problem
by using trace connection. Trace connection is especially useful for connections,
such as virtual Ethernet and OptiConnect, that do not support the general
communications trace function.
The Trace connection (TRCCNN) command is a service function that provides
output similar to the general communications trace. The TRCCNN SET (*ON) TRCTYPE(*IP)
SIZE(128000) traces data at the Licensed Internal Code TCP/IP layer.
Trace connection is useful for situations in which the general communications
trace is not available or not effective. For example:
- You have TCP applications that use Secure Sockets Layer (SSL) or you use
IP security. In either case, the data that flows over the communications line
is encrypted. Therefore, the general communications trace might not be helpful
if you need to see the data. Trace connection traces the data before encryption
and after decryption and therefore, can be used when the general communications
trace is not effective.
- You are using TCP/IP over a connection that does not support the general
communications trace function, such as Loopback, OptiConnect, or Twinaxial.
In this situation, you can use the trace connection as an alternative method
for generating a trace.
To use the CL commands to perform a trace connection, you must have *SERVICE
special authority, or be authorized to the Service Trace function of i5/OS™ through iSeries™ Navigator.
See the chapter on user profiles in iSeries Security Reference for more information
about this type of authority.