× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



DEFAULT route resolved the issue.

ADDTCPRTE RTEDEST(*DFTROUTE) SUBNETMASK(*NONE) NEXTHOP('xx.x.xx.xxx4') BINDIFC('xx.x.xx.xx') TEXT('Default route for LSGUI')

Paul

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Steinmetz, Paul
Sent: Friday, November 11, 2016 10:41 AM
To: 'Midrange Systems Technical Discussion'
Subject: RE: HTTP listening ports and URL questions

Rob,

1) Don't I need to add a new default route for the new IP.
CFGTCP 2. Work with TCP/IP routes

Route Subnet Next Preferred
Destination Mask Hop Interface

*DFTROUTE *NONE xx.x.xx.xxx xx.x.xx.x

2) There are some jobs binding to all IPS, but not on port 443.

Paul



-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob Berendt
Sent: Friday, November 11, 2016 10:19 AM
To: Midrange Systems Technical Discussion
Subject: RE: HTTP listening ports and URL questions

I would do the
NETSTAT *CNN
and ensure that it is being used correctly and that no particular job is binding to all (*) IP addresses or some such thing.


Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: "Steinmetz, Paul" <PSteinmetz@xxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Date: 11/11/2016 10:15 AM
Subject: RE: HTTP listening ports and URL questions
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



I've added the new IP
QSYS/ADDTCPIFC INTNETADR('XX.X.X.XX') LIND(ETHERLAN02)
SUBNETMASK('255.255.255.0')
Started the new IP - active.
Network folks changed the URL to use the new IP and opened the firewall ports.
New IP is pingable.
Reconfigured the HTTP instance to use new IP listening on port 443.
Restarted the HTTP instance - running.

Page cannot be displayed.

Are there any other setting changes needed to enable a new IP?

Paul

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Welly@OCBCNISP
Sent: Wednesday, November 09, 2016 8:58 PM
To: 'Midrange Systems Technical Discussion'
Subject: RE: HTTP listening ports and URL questions

HI Paul,
1. Correct
2. Correct
3. do not know
4. It depends on how you want to treat your network


Thanks for your help

Br,
Welly Soegiantoro
EST Division

cug : 367090

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Steinmetz, Paul
Sent: Kamis, 10 November 2016 08.49
To: 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxx>
Subject: RE: HTTP listening ports and URL questions

Rob,

QSYS/ADDTCPIFC INTNETADR('XX.X.X.XX') LIND(ETHERLAN01)
SUBNETMASK('255.255.255.0')

1) When creating the additional interface, will the new interface will be attached to an existing lind ETHERLAN01., correct?
2) All other values, use default, correct?
3) Is there any reason to use the PREFIFC option?
4) Will a static route be needed? This interface will only be used for a new HTTP instance listening on port 443.

Paul

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob Berendt
Sent: Wednesday, November 02, 2016 10:05 AM
To: Midrange Systems Technical Discussion
Subject: RE: HTTP listening ports and URL questions

Your first IP interface that you've ever done (not counting the local
loopback) was completed using
ADDTCPIFC 'x.x.x.x' LIND(MYLINE)
All the rest could be the same, just with a different IP address. On a DMZ lpar supporting multiple sites all of the interfaces use
Virtual LAN identifier . . . . . . . . . . . . : *NONE

I even have a virtual ethernet set up from my hosting lpars to their guests and they use
Virtual LAN identifier . . . . . . . . . . . . : *NONE

You may have to have your network guy do the firewall thing.He's probably blocking external from getting to any new IP address assigned. But, if he's worth his salt, he should have asked you enough questions to get started on that.

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail
to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: "Steinmetz, Paul" <PSteinmetz@xxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Date: 11/02/2016 09:49 AM
Subject: RE: HTTP listening ports and URL questions
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



I'm assuming these additional IPs will all be virtual IPS.

1) Should these new virtual IPs be on the same VLAN as the physicals?
2) If there is a choice of a physical IP to bind to any suggestions on which to choose?
3) Must also contact security guy to add new firewall rules for the new IPs?

Paul

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob Berendt
Sent: Wednesday, November 02, 2016 8:28 AM
To: Midrange Systems Technical Discussion
Subject: RE: HTTP listening ports and URL questions

Here it involves sacrificing two doves and an unblemished young ram to the network administrator and asking him for another IP address.
Once you have that you can add it one of two ways

Add TCP/IP Interface (ADDTCPIFC)
Start TCP/IP Interface (STRTCPIFC)

CFGTCP
1. Work with TCP/IP interfaces

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail
to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: "Steinmetz, Paul" <PSteinmetz@xxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Date: 11/02/2016 08:19 AM
Subject: RE: HTTP listening ports and URL questions
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



Currently, I have two IPs, each physical, on each LPAR.
What would be required to set up additional IPs, which would only be used for HTTP listening ports.

Paul

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob


Berendt
Sent: Wednesday, November 02, 2016 8:14 AM
To: Midrange Systems Technical Discussion
Subject: Re: HTTP listening ports and URL questions

I don't even pretend to be a web expert on TV but we use the multiple IP address solution. We tend to "bind specific" and not bind to all IP addresses.


Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail
to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: "Steinmetz, Paul" <PSteinmetz@xxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Date: 11/02/2016 08:09 AM
Subject: HTTP listening ports and URL questions
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



I have some questions related to HTTP listening ports and URLs.
I have a current instance listening on port 443, all IPS.

I have a new app going live that we prefer to listen on port 443. It can listen on a different port, but I've been told that if 443 is not used, then we must include the port number in the URL.
We would like to have the new app keep the same URL as the old current app, which is listening on port 80.

So my issue is that I will have two http apps listening on port 443.
Options.
1) Create one http instance for both, using virtual host. The problem with



this option is that when one app needs to be shutdown, we don't wish to shut down the other app.
2) Have both apps listen on 443, two http instances, different IPs. I'm leaning towards this solution.
3) Are there others?



Thank You

_____

Paul Steinmetz

IBM i Systems Administrator



Pencor Services, Inc.

462 Delaware Ave

Palmerton Pa 18071



610-826-9117 work

610-826-9188 fax

610-349-0913 cell

610-377-6012 home



psteinmetz@xxxxxxxxxx<mailto:psteinmetz@xxxxxxxxxx>

http://www.pencor.com/


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related questions.



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.