Rob,

1) Don't I need to add a new default route for the new IP.
CFGTCP 2. Work with TCP/IP routes

Route Subnet Next Preferred
Destination Mask Hop Interface

*DFTROUTE *NONE xx.x.xx.xxx xx.x.xx.x

2) There are some jobs binding to all IPS, but not on port 443.

Paul



-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob Berendt
Sent: Friday, November 11, 2016 10:19 AM
To: Midrange Systems Technical Discussion
Subject: RE: HTTP listening ports and URL questions

I would do the
NETSTAT *CNN
and ensure that it is being used correctly and that no particular job is binding to all (*) IP addresses or some such thing.


Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: "Steinmetz, Paul" <PSteinmetz@xxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Date: 11/11/2016 10:15 AM
Subject: RE: HTTP listening ports and URL questions
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



I've added the new IP
QSYS/ADDTCPIFC INTNETADR('XX.X.X.XX') LIND(ETHERLAN02)
SUBNETMASK('255.255.255.0')
Started the new IP - active.
Network folks changed the URL to use the new IP and opened the firewall
ports.
New IP is pingable.
Reconfigured the HTTP instance to use new IP listening on port 443.
Restarted the HTTP instance - running.

Page cannot be displayed.

Are there any other setting changes needed to enable a new IP?

Paul

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of
Welly@OCBCNISP
Sent: Wednesday, November 09, 2016 8:58 PM
To: 'Midrange Systems Technical Discussion'
Subject: RE: HTTP listening ports and URL questions

HI Paul,
1. Correct
2. Correct
3. do not know
4. It depends on how you want to treat your network


Thanks for your help

Br,
Welly Soegiantoro
EST Division

cug : 367090

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of
Steinmetz, Paul
Sent: Kamis, 10 November 2016 08.49
To: 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxx>
Subject: RE: HTTP listening ports and URL questions

Rob,

QSYS/ADDTCPIFC INTNETADR('XX.X.X.XX') LIND(ETHERLAN01)
SUBNETMASK('255.255.255.0')

1) When creating the additional interface, will the new interface will be
attached to an existing lind ETHERLAN01., correct?
2) All other values, use default, correct?
3) Is there any reason to use the PREFIFC option?
4) Will a static route be needed? This interface will only be used for a
new HTTP instance listening on port 443.

Paul

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob
Berendt
Sent: Wednesday, November 02, 2016 10:05 AM
To: Midrange Systems Technical Discussion
Subject: RE: HTTP listening ports and URL questions

Your first IP interface that you've ever done (not counting the local
loopback) was completed using
ADDTCPIFC 'x.x.x.x' LIND(MYLINE)
All the rest could be the same, just with a different IP address. On a
DMZ lpar supporting multiple sites all of the interfaces use
Virtual LAN identifier . . . . . . . . . . . . : *NONE

I even have a virtual ethernet set up from my hosting lpars to their
guests and they use
Virtual LAN identifier . . . . . . . . . . . . : *NONE

You may have to have your network guy do the firewall thing.He's probably
blocking external from getting to any new IP address assigned. But, if
he's worth his salt, he should have asked you enough questions to get
started on that.

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail
to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: "Steinmetz, Paul" <PSteinmetz@xxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Date: 11/02/2016 09:49 AM
Subject: RE: HTTP listening ports and URL questions
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



I'm assuming these additional IPs will all be virtual IPS.

1) Should these new virtual IPs be on the same VLAN as the physicals?
2) If there is a choice of a physical IP to bind to any suggestions on
which to choose?
3) Must also contact security guy to add new firewall rules for the new
IPs?

Paul

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob
Berendt
Sent: Wednesday, November 02, 2016 8:28 AM
To: Midrange Systems Technical Discussion
Subject: RE: HTTP listening ports and URL questions

Here it involves sacrificing two doves and an unblemished young ram to the
network administrator and asking him for another IP address.
Once you have that you can add it one of two ways

Add TCP/IP Interface (ADDTCPIFC)
Start TCP/IP Interface (STRTCPIFC)

CFGTCP
1. Work with TCP/IP interfaces

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail
to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: "Steinmetz, Paul" <PSteinmetz@xxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Date: 11/02/2016 08:19 AM
Subject: RE: HTTP listening ports and URL questions
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



Currently, I have two IPs, each physical, on each LPAR.
What would be required to set up additional IPs, which would only be used
for HTTP listening ports.

Paul

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob


Berendt
Sent: Wednesday, November 02, 2016 8:14 AM
To: Midrange Systems Technical Discussion
Subject: Re: HTTP listening ports and URL questions

I don't even pretend to be a web expert on TV but we use the multiple IP
address solution. We tend to "bind specific" and not bind to all IP
addresses.


Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail
to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: "Steinmetz, Paul" <PSteinmetz@xxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Date: 11/02/2016 08:09 AM
Subject: HTTP listening ports and URL questions
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



I have some questions related to HTTP listening ports and URLs.
I have a current instance listening on port 443, all IPS.

I have a new app going live that we prefer to listen on port 443. It can
listen on a different port, but I've been told that if 443 is not used,
then we must include the port number in the URL.
We would like to have the new app keep the same URL as the old current
app, which is listening on port 80.

So my issue is that I will have two http apps listening on port 443.
Options.
1) Create one http instance for both, using virtual host. The problem with



this option is that when one app needs to be shutdown, we don't wish to
shut down the other app.
2) Have both apps listen on 443, two http instances, different IPs. I'm
leaning towards this solution.
3) Are there others?



Thank You

_____

Paul Steinmetz

IBM i Systems Administrator



Pencor Services, Inc.

462 Delaware Ave

Palmerton Pa 18071



610-826-9117 work

610-826-9188 fax

610-349-0913 cell

610-377-6012 home



psteinmetz@xxxxxxxxxx<mailto:psteinmetz@xxxxxxxxxx>

http://www.pencor.com/



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.