from root what does iptables-save show? Is iptables somehow getting started on the linux guest?
________________________________ From: The IBM z/VM Operating System on behalf of KEETON Dave * OR SDC Sent: Mon 11/24/2008 7:10 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: [IBMVM] VLAN-Aware VSWITCH & Linux Guest Thanks for the reply, David. Yes, doing a VSWITCH DETAILS from TCPMAINT shows the linux machine's IP address. The output of NETSTAT ARP ALL TCP DTCVSW1 shows the arp cache for TCPIP and for the linux machine. An IFCONFIG in Linux indicates the virtual MAC address for the interface ETH0. I'm going to bring the firewall guys into this. I've already talked to the network group and they can see my pings on the trunk port, so I need to see if there are some rules in place that I'm not aware of. Thanks again, Dave ________________________________ From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of David Kreuter Sent: Monday, November 24, 2008 3:18 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH & Linux Guest do a cp q vswitch details from tcpmaint. Determine: 1. is the linux machine in the list with an ip address? 2. determine the name of the current vswitch controller. From TCPMAINT: NETSTAT ARP ALL TCPIP <name of current controller> The netstat arp command may need to be issued twice. Does the linux machine show the mac of the OSA along with its IP address? David Kreuter ________________________________ From: The IBM z/VM Operating System on behalf of KEETON Dave * OR SDC Sent: Mon 11/24/2008 5:29 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: [IBMVM] VLAN-Aware VSWITCH & Linux Guest Thanks, Alan. To answer your question, I am now able to ping the TCPIP stack address (after making the change you recommended). I am still unable to ping the gateway, however. I suppose I'll go back to beating my head against the wall... Dave -----Original Message----- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Monday, November 24, 2008 11:07 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH & Linux Guest On Monday, 11/24/2008 at 01:54 EST, KEETON Dave * OR SDC <[EMAIL PROTECTED]> wrote: > I've been beating my head against the wall for a week now trying to figure out > what I'm doing wrong, but I can't get it figured out, so I'm appealing to the > fine folks on this list for help. > > I have a new OSA port all to myself and it's connected to a trunk port on the > network switch. I've talked to the network guys and they know what it > is that I > want, so I'm pretty sure that part is set up correctly. > > I've configured TCPIP and the stack is up. From TCPMAINT, I can ping > the > gateway. I have a connection to the network. I built the VSWITCH with the > following command and added it to SYSTEM CONFIG. Addresses have been changed > for security: > > DEF VSWITCH VSS3000 RDEV 1234 2234 PORTT TRUNK VLAN 1234 As you suggest below, get rid of the PORTTYPE TRUNK. Only a guest that needs access to multiple VLANs on the VSWITCH need be granted PORTTYPE TRUNK (VLAN-aware). The others shouldo remain VLAN-unaware (PORTTYPE ACCESS). Even VM TCP/IP. > (For RDEV, there are two links for fail-over) > > Next, I coupled the guest to the vswitch: > > SET VSWITCH VSS3000 GRANT SLES10 VLAN 1234 > > Then, I built a SLES10-SP2 guest and configured the network with YaST. > I cannot > ping outside the guest. Here are the steps I've taken and info I've verified in > an effort to troubleshoot: > > 1. Log on to the guest VM and from CMS, ping the gateway. This works. > I can > ping devices outside the z10. > 2. Tried configuring SLES10 using either VLAN-aware method (Novell doc > indicates manual reconfiguration of adapter & create ifcfg-vlanxxxx file). This > doesn't work. I can't ping outside the VM. > > 3. Tried making the guest VLAN-unaware (ACCESS 1234 option for SET VSWITCH) and > configure SLES interface as normal (eth0). Doesn't work either. Cannot ping > outside the VM. > > I am no expert on VLANs and I appear to be stuck. I would appreciate anyone's > input on this one. The ony thing that comes to mind is that the IP address/subnet/gateway on the guests doesn't match what's in the switch. Can the Linux guest ping VM TCP/IP? Alan Altmark z/VM Development IBM Endicott
