I highly recommend this approach with the addition of a VLAN so that traffic never leaves the VLAN on the System i bus. You can use 2 Linux LPAR's one for Firewall and one for Web serving in a DMZ. Both the subnets on either side of the DMZ could be VLAN's and therefore never accessible by anything but the iSeries.

I sat in on an LPAR presentation in Miami. I'll see if I can find the diagrams that lay out this scenario.

Pete Helgren

Jones, John (US) wrote:
And if you don't want to buy two systems this can easily be done via

Firewall -- LPAR1:web iSeries -- Firewall* -- LPAR2:production iSeries

* Firewall could be a software firewall running on a 3rd LPAR running

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].