MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » March 2014

Re: Logical Partitions and TCP/IP over virtual ethernet



fixed

Anna,

You *DO NOT* want to do this this way! The use of ANY IP at all on the bridge is not recommended because of severe potential performance issues. Also NAT is not required or desired on the bridge.

Also just to be clear this is not a service partition, to people like Pete and Jim and others here that term describes a partition that is used to update firmware on the server without using the HMC. While we also don't recommend service partitions, we do reserve the name for it.

What you have is a 'Host Partition'. No matter what else it might be hosting it is at least hosting network traffic.

The short course is this:

1) Connect an Ethernet cable from an available port on this host partition to your network switch. You want to identify an available port that currently has NO Line description associated with it. Identify the CMNnn number for this port.
2) Create a line description using this CMNnn that matches the speed and duplex of the switch. Put a name in the BRIDGE parameter and remember it as we'll be using it again in a moment. Be SURE to include TEXT on this line. Vary on the line.
3) Using "Dynamic LPAR - Virtual Adapters" Create a new virtual Ethernet Adapter for this host partition. Critical pieces are two: First assign the Port VIrtual Ethernet (VLAN ID) as the VLAN you wish the client partitions to be on. Typically this is 1. Second, check the box "Access external network." Once created identify the CMNnn number for this new adapter.
4) Create a line description using this CMNnn that designates *FULL and 1G for the line speed. Use THE SAME Bridge name from step 2 above. Add text to the line! Vary it on.
5) Verify that the two lines are Varied On.

Here is an example of two lines that form a bridge:

Description Status
ETHBRIDGEE VARIED ON
ETHBRIDGEI VARIED ON

Note that they should NEVER go past VARIED ON. If they do, you have done a bad thing and assigned an IP address to one or the other. As I mentioned before you do not want to do this. The reason is that the bridge, in order to self-learn which devices are on which side of the bridge, must put itself in promiscuous mode. This means it will see every packet not just packets the switch thinks it should see. If there was an IP interface on the line then EVERY PACKET gets handed to IP to see if it's destined for this host partition. The VAST Majority of them will not and thus will be thrown away but they ALL must be checked thus burning value CPU resource. Note this is also why you don't want to try Proxy ARP or NAT on this line - same problem.

6) Next on the guest partition(s) create a virtual Ethernet adapter in the same VLAN as the Host. *DO NOT* check the 'Access external network' box here.
7) On the Guest create a typical Ethernet line description using the CMNnn number for this new Virtual Ethernet Adapter. DO NOT specify a bridge name. Do use 1G and *FULL duples. Do add text! Vary it on.
8) Add a TCP/IP Interface to this new line and start the interface. This interface should be in the same IP subnet as the host partition. The bridge will work it's magic carrying the traffic from the inside to the outside of the system.
Note: The ROUTE for this guest partition is THE SAME as it is for the Host partition. The host is NOT routing, rather it is merely a bridge. ROUTING is a Layer 3 (IP) function while Bridging is a Layer 2 (Ethernet) function.
You may add as many client partitions on this VLAN as desired.

- Larry "DrFranken" Bolhuis

www.frankeni.com
www.iDevCloud.com
www.iInTheCloud.com

On 3/21/2014 4:26 PM, Anna Abt wrote:

I've set up a service partition and a guest partition. On the service
partition I created a virtual Ethernet adapter and one on the client
partition using the same VLAN id. I have 2 line descriptions, one for the
physical and one for the virtual created on the service partition. I have a
line description created for the virtual adapter on the client partition. I
then created the routing for the physical adapter with a public address and
routing for each of the virtual adapters. I used NAT to map the private
address of partition 2 (client) to the public address of partition 1
(service). I thought I had this set up correctly, but I am unable to see
the public interface from the network. Did I do something incorrectly? I
am able to see another interface on partition 1 that is not bridged. Any
help would be appreciated.





Anna Abt
Director of Programming
CYBRA Corporation
(914)963-6600 Ext 207
acosgrove@xxxxxxxxx

<http://www.cybra.com/> www.cybra.com








Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact