Jim,
Two questions.
1) On my existing LPARs, I already have a virtual line and interface for internal LPAR to LPAR communications, such as BRMS, SAVRST*, STRPASTHR, etc.
172.16.*.* using CMNXX (268C)
ETHVIRT00 ACTIVE
ETHVINET ACTIVE
ETHVITCP ACTIVE QTCPWRK QSYS 370752
Could I use this line, interface, resource for the bridge, or do need to create a 2nd CMNXX (268C) and a 2nd Virtual Ethernet line?
2) On the host, how does this work if there is no interface and no IP.
I'd also have to cable this new port to the switch, which then will need firewall rules, etc., correct.
Or am I missing something in this picture.
Paul
-----Original Message-----
From: midrangel@xxxxxxxxxxxxxxxxx <midrangel@xxxxxxxxxxxxxxxxx>
Sent: Monday, June 01, 2020 11:24 AM
To: Steinmetz, Paul <PSteinmetz@xxxxxxxxxx>; 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: RE: Ethernet options for IBM i client LPAR with no physical resources, all virtual
New line description yes. Interface address no.
See:
https://www.ibm.com/support/pages/ethernet-bridging-between-ibm-i-host-and-i
bm-i-guest
Add the virtual ethernet to each of the guest partitions and the host partition, and set a similar vlan number on them say: 1021
On the Host
On the available physical interface:
CRTLINETH LIND(ETHLINE) RSRCNAME(CMNxx) BRIDGE(MYBRIDGE) CRTLINETH LIND(VETHLINE) RSRCNAME(CMNxx) BRIDGE(MYBRIDGE)
Now add your IP interfaces to VETHLINE, the virtual device.....
The "BRIDGE(MYBRIDGE)" ties them together.
On the guest:
On the each of the guests:
CRTLINETH LIND(VETHLINE) RSRCNAME(CMNxx)
IBM's Warning, take it seriously:
Important Note: IBM suggests that the selected Ethernet resources be used for only layer-2 bridging and not for IBM i TCP/IP configuration. There is a significant increase in processor usage for any host traffic that uses bridged resources. In addition, any line description that is used for bridging receives many frames that are not useful to the TCP/IP stack. These frames use unnecessary processing resources. The virtual Ethernet line on the host does not require an interface. You only need the physical and virtual lines active for the bridge function to work. You should not have an interface on the physical line used for the bridge either. Create a separate physical line & interface for network traffic on the Host.
--
Jim Oberholtzer
Agile Technology Architects
-----Original Message-----
From: Steinmetz, Paul <PSteinmetz@xxxxxxxxxx>
Sent: Monday, June 1, 2020 9:54 AM
To: 'midrangel@xxxxxxxxxxxxxxxxx' <midrangel@xxxxxxxxxxxxxxxxx>; 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: RE: Ethernet options for IBM i client LPAR with no physical resources, all virtual
I'm not following you.
If I use another port on the NIC, I still would need to create a new interface and line, which would also include a new IP.
Paul
-----Original Message-----
From: midrangel@xxxxxxxxxxxxxxxxx <midrangel@xxxxxxxxxxxxxxxxx>
Sent: Monday, June 01, 2020 10:43 AM
To: Steinmetz, Paul <PSteinmetz@xxxxxxxxxx>; 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: RE: Ethernet options for IBM i client LPAR with no physical resources, all virtual
No you do not want to put a bridge on that interface. Use one of the other three on the NIC card. If you put ANY ip addresses on the physical side of the bridge, you will not enjoy the results.
CPU pegged at max, no console interaction, no work no nuttun..... IPL is the only way out at that point. IBM goes out of their way to tell you not to do that. So being inquisitive, I tried it on my test system (that's what
it's for afterall) Yep, just as IBM predicted, bad things.....
--
Jim Oberholtzer
Agile Technology Architects
-----Original Message-----
From: Steinmetz, Paul <PSteinmetz@xxxxxxxxxx>
Sent: Monday, June 1, 2020 9:03 AM
To: 'midrangel@xxxxxxxxxxxxxxxxx' <midrangel@xxxxxxxxxxxxxxxxx>; 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: RE: Ethernet options for IBM i client LPAR with no physical resources, all virtual
Currently, no bridge.
I had a bridge on another LPAR back on my P7, but none currently.
I have the docs that I used to create the bridge.
The problem is, on my host, my main line, ETHAGG01, would have to be varied off to add/change the Bridge identifier.
Bridge identifier . . . . . . . . : *NONE
Paul
-----Original Message-----
From: midrangel@xxxxxxxxxxxxxxxxx <midrangel@xxxxxxxxxxxxxxxxx>
Sent: Monday, June 01, 2020 9:48 AM
To: 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxxxxxxxx>
Cc: Steinmetz, Paul <PSteinmetz@xxxxxxxxxx>
Subject: RE: Ethernet options for IBM i client LPAR with no physical resources, all virtual
I had indicated earlier I would use the bridge. In your environment you already have one do you not? So adding the new partition to the bridge is a simple as making sure you create the guest ethernet adapter in the HMC to be on the same VLAN as the other partitions that participate as clients on the bridge network.
--
Jim Oberholtzer
Agile Technology Architects
-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Steinmetz, Paul via MIDRANGE-L
Sent: Sunday, May 31, 2020 7:48 PM
To: 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxxxxxxxx>
Cc: Steinmetz, Paul <PSteinmetz@xxxxxxxxxx>
Subject: Ethernet options for IBM i client LPAR with no physical resources, all virtual
Power9.
V7R3.
I hosting i
I'm creating a new client LPAR for testing.
I created one years back on a Power7 client, had to create a an Ethernet bridge on the I host.
Does the Ethernet need to be bridged or are there other options?
Thank You
_____
Paul Steinmetz
IBM i Systems Administrator
Pencor Services, Inc.
462 Delaware Ave
Palmerton Pa 18071
610-826-9117 work
610-826-9188 fax
610-349-0913 cell
610-377-6012 home
psteinmetz@xxxxxxxxxx
http://www.pencor.com/
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives at
https://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.
Help support midrange.com by shopping at amazon.com with our affiliate link:
https://amazon.midrange.com
As an Amazon Associate we earn from qualifying purchases.