On Monday, 07/13/2009 at 12:44 EDT, Marcy Cortes <marcy.d.cor...@wellsfargo.com> wrote: > That's what I suspected. > The PSP bucket needs a warning for the folks whose networks don't work after > 902.
I have forwarded your concern to the developers, though it is N/A to people who follow the listserver or attend my presentations on the subject :-) where I have been exhorting people for some time to DEFINE VSWITCH .... NATIVE xxx VLAN yyy - where xxx is the native VLAN of the attached switch. It is given to you by the switch administrator. - where yyy is a VLAN id that your switch admins have reserved for ports that have yet been assigned to a VLAN. That VLAN is not routed anywhere; it is a dead-end. And to explicitly GRANT each guest to ONLY the specifc VLAN it requires, NOT to VLAN yyy or VLAN xxx. (xxx is ok if you want the guest to be able to send untagged frames to the switch - a generally Bad Idea since untagged frames are used to communicate with the switch itself!) This way a QUERY will immediately reveal any basic misconfigurations and can be an audit point. Alan Altmark z/VM Development IBM Endicott
