I have NICDEFed to my level 1 switch from my level 2 machine (ZVM54SVM)
and can display my level 2 switch now with "q lan" from Level 2:
Adapter Owner: VLINUX3 NIC: D000.P00 Name: LNXVSW1
RX Packets: 341673 Discarded: 0 Errors: 0
TX Packets: 24165 Discarded: 0 Errors: 0
RX Bytes: 23039266 TX Bytes: 7154034
Device: D002 Unit: 002 Role: DATA vPort: 0067 Index: 0067
Options: Broadcast Multicast IPv6 IPv4 VLAN
Unicast IP Addresses:
172.28.3.137 MAC: 02-00-00-00-00-06
FE80::200:0:100:6 MAC: 02-00-00-00-00-06 Local
Multicast IP Addresses:
224.0.0.1 MAC: 01-00-5E-00-00-01
224.0.0.251 MAC: 01-00-5E-00-00-FB
FF02::1 MAC: 33-33-00-00-00-01
FF02::FB MAC: 33-33-00-00-00-FB
Adapter Owner: ZVM54SVM NIC: 9012.P00 Name: UNASSIGNED
But I do not seem to be able to ping the Level 1 VLINUX3 machine even
though it is on the same VSWITCH.
Nor can I ping my Level 1 VM.
ping 172.28.3.137
Ping Level 540: Pinging host 172.28.3.137.
Enter #CP EXT to interrupt.
DTCPIN0029E SendTo(): EDC8118I Network is unreachable. (errno2=0x000005DF)
Also I do not see much detail for my Level 2 machine in the "q lan" above.
To summarize:
Apparently, it is not possible to telnet "downstream" from Level 1 to
Level 2 even though they both have TCPIP stacks and share the same
VSWITCH.
However, it may be possible to telnet "upstream" from Level 2 to Level 1
though I have yet to do it.
I would have thought it possible to telnet to Level1 and then, from there,
telnet to Level 2.
When I install a new release, it is possible to telnet directly to Level 2
simply by connecting an OSA to a unique IP address.
I should be able to do the same here with a VM under VM maintenance
machine.
But I guess that presumes a unique real address in the IOCDS.
Can't I just bypass VSWITCH and OSALAN and just attach the same real
device OSA device address from Level 1 to Level 2 to a unique IP address?
Brian Nielsen <bniel...@sco.idaho.gov>
Sent by: The IBM z/VM Operating System <IBMVM@LISTSERV.UARK.EDU>
10/13/2010 12:31 PM
Please respond to
The IBM z/VM Operating System <IBMVM@LISTSERV.UARK.EDU>
To
IBMVM@LISTSERV.UARK.EDU
cc
Subject
Re: Cannot TELNET to Level 2
On Wed, 13 Oct 2010 11:04:29 -0400, George Henke/NYLIC
<george_he...@newyorklife.com> wrote:
>ty, Brian.
>
>OSA2LAN is defined in the 1st Level Dircectory profile of my 2d Level
>machine.
The SPECIALs do not define OSA2LAN, they create the virtual device
addresses and attempt to automatically COUPLE to an existing OSA2LAN at
login time of your 2nd level machine. On your 1st level system you need
to use the DEFINE LAN or DEFINE VSWITCH command to create OSA2LAN.
>There is an OSALAN on the 1st Level machine and a VSWITCH as well.
>
>As you noted in a previous email, I could just NICDEF from 2nd Level to
>the 1st Level VSWITCH, but I was not clear how I would distinguish my IP
>address between the 2 levels if I did that.
>
>My first Level IP is 10.13.13.18
>
>My second Level IP is 10.13.13.26
If, as it seems, you've changed your 2nd level TCPIP stack to be a
different IP address then that is how you distinguish between them.
>I have no problem teleneting to 1st level, but how do I get to 2nd level
>from there.
Once you get all the "virtual hardware and cables" setup you just telnet
to your 2nd level IP address.
>Alternatively you indicated in the previous email, I could just mirror
>everything, OSALAN, VSWITCH at 2nd Level, instead of NICDEFing 2d Leve
l
>to 1st Level.
There is no problem using the same names for VSWITCHes and LANs in both
your 1st and 2nd level systems. The important thing is what does the
virtual OSA of the 2nd level system connect to?
The purpose of setting up a new VSWITCH or LAN in your 1st level system
would be to *prevent* your 2nd level system from accessing the outside
world. This protects you while testing in case you create duplicate IP
addresses or routing conflicts. However, it also would prevent you from
telnetting to it from the outside world.
Here is some crude ASCII art of one possible setup:
Real Network
|
| 1st level system
+-------------------------------------------------+
| real OSA 9010 |
| | |
| | |
| VSWITCH01 |
| | | |
| | | |
| TCPIP | |
| 10.13.13.18 | |
| | 2nd level system |
| +-----------------------------------+ |
| | virtual OSA 9010 | |
| | | | |
| | | | |
| | VSWITCH01 | |
| | | | |
| | | | |
| | TCPIP | |
| |10.13.13.26 | |
| | | |
| +-----------------------------------+ |
| |
+-------------------------------------------------+
In the above, you can telnet to 10.13.13.26 from the real network.
Here is a possible setup for isolation:
Real Network
|
| 1st level system
+-------------------------------------------------+
| real OSA 9010 |
| | |
| | |
| VSWITCH01 VSWITCH02 |
| | | |
| | | |
| TCPIP +-----------+ |
| 10.13.13.18 | |
| | 2nd level system |
| +-----------------------------------+ |
| | virtual OSA 9010 | |
| | | | |
| | | | |
| | VSWITCH01 | |
| | | | |
| | | | |
| | TCPIP | |
| |10.13.13.18 | |
| | | |
| +-----------------------------------+ |
| |
+-------------------------------------------------+
In the above, your 2nd level system is isoloated from your real network,
so the duplicate IP address doesn't matter. However, you cannot telnet t
o
your 2nd level TCPIP from the real network. To access your 2nd level
guest you telnet to your 1st level guest, then DIAL to your 2nd level
guest. Once you logon to a userid in your 2nd level guest if you were to
telnet 10.13.13.18 you would be accessing your 2nd level TCPIP stack.
Brian Nielsen
