Thank you. And yes, I was incorrect in calling it a service partition.
From the previous email I was able to correct the issues. I removed the IP
on the bridge, removed NAT packet rules, restarted all of my interfaces, and
everything looks to be up and running! I was in a way, combining the 2
technologies (bridging and NAT).
Thank you everyone for your help!
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of DrFranken
Sent: Monday, March 24, 2014 9:26 AM
To: Midrange Systems Technical Discussion
Subject: Re: Logical Partitions and TCP/IP over virtual ethernet
Anna,
You *DO NOT* want to do this this way! The use of ANY IP at all on the
bridge is not recommended because of severe potential performance issues.
Also NAT is not required or desired on the bridge.
Also just to be clear this is not a service partition, to people like
Pete and Jim and others here that term describes a partition that is used to
update firmware on the server without using the HMC. While we also don't
recommend service partitions, we do reserve the name for it.
What you have is a 'Host Partition'. No matter what else it might be
hosting it is at least hosting network traffic.
The short course is this:
1) Connect an Ethernet cable from an available port on this host partition
to your network switch. You want to identify an available port that
currently has NO Line description associated with it. Identify the CMNnn
number for this port.
2) Create a line description using this CMNnn that matches the speed and
duplex of the switch. Put a name in the BRIDGE parameter and remember it as
we'll be using it again in a moment. Be SURE to include TEXT on this line.
Vary on the line.
3) Using "Dynamic LPAR - Virtual Adapters" Create a new virtual Ethernet
Adapter for this host partition. Critical pieces are two: First assign the
Port VIrtual Ethernet (VLAN ID) as the VLAN you wish the client partitions
to be on. Typically this is 1. Second, check the box "Access external
network." Once created identify the CMNnn number for this new adapter.
4) Create a line description using this CMNnn that designates *FULL and 1G
for the line speed. Use THE SAME Bridge name from step 2 above. Add text to
the line! Vary it on.
5) Verify that the two lines are Varied On.
Here is an example of two lines that form a bridge:
Description Status
ETHBRIDGEE VARIED ON
ETHBRIDGEI VARIED ON
Note that they should NEVER go past VARIED ON. If they do, you have done a
bad thing and assigned an IP address to one or the other. As I mentioned
before you do not want to do this. The reason is that the bridge, in order
to self-learn which devices are on which side of the bridge, must put itself
in promiscuous mode. This means it will see every packet not just packets
the switch thinks it should see. If there was an IP interface on the line
then EVERY PACKET gets handed to IP to see if it's destined for this host
partition. The VAST Majority of them will not and thus will be thrown away
but they ALL must be checked thus burning value CPU resource. Note this is
also why you don't want to try Proxy ARP or NAT on this line - same problem.
6) Next on the guest partition(s) create a virtual Ethernet adapter in the
same VLAN as the Host. *DO NOT* check the 'Access external network'
box here.
7) On the Guest create a typical Ethernet line description using the CMNnn
number for this new Virtual Ethernet Adapter. DO NOT specify a bridge name.
Do use 1G and *FULL duples. Do add text! Vary it on.
8) Add a TCP/IP Interface to this new line and start the interface. This
interface should be in the same IP subnet as the host partition. The bridge
will work it's magic carrying the traffic from the inside to the outside of
the system.
Note: The ROUTE for this guest partition is THE SAME as it is for the Host
partition. The host is NOT routing, rather it is merely a bridge.
ROUTING is a Layer 3 (IP) function while Bridging is a Layer 2
(Ethernet) function.
You may add as many client partitions on this VLAN as desired.
- Larry "DrFranken" Bolhuis
www.frankeni.com
www.iDevCloud.com
www.iInTheCloud.com
On 3/21/2014 4:26 PM, Anna Abt wrote:
I've set up a service partition and a guest partition. On the service
partition I created a virtual Ethernet adapter and one on the client
partition using the same VLAN id. I have 2 line descriptions, one for
the physical and one for the virtual created on the service partition.
I have a line description created for the virtual adapter on the
client partition. I then created the routing for the physical adapter
with a public address and routing for each of the virtual adapters. I
used NAT to map the private address of partition 2 (client) to the
public address of partition 1 (service). I thought I had this set up
correctly, but I am unable to see the public interface from the
network. Did I do something incorrectly? I am able to see another
interface on partition 1 that is not bridged. Any help would be
appreciated.
Anna Abt
Director of Programming
CYBRA Corporation
(914)963-6600 Ext 207
acosgrove@xxxxxxxxx
<http://www.cybra.com/> www.cybra.com
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe,
or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at
http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.