Re: VLAN-Aware VSWITCH Linux Guest
10.254.32.130: icmp_seq=1 ttl=60 time=0.408 ms 64 bytes from 10.254.32.130: icmp_seq=2 ttl=60 time=0.418 ms 64 bytes from 10.254.32.130: icmp_seq=3 ttl=60 time=0.428 ms 64 bytes from 10.254.32.130: icmp_seq=4 ttl=60 time=0.428 ms 64 bytes from 10.254.32.130: icmp_seq=5 ttl=60 time=0.429 ms 64 bytes from 10.254.32.130: icmp_seq=6 ttl=60 time=0.428 ms 64 bytes from 10.254.32.130: icmp_seq=7 ttl=60 time=0.436 ms 64 bytes from 10.254.32.130: icmp_seq=8 ttl=60 time=0.433 ms 64 bytes from 10.254.32.130: icmp_seq=9 ttl=60 time=0.427 ms 64 bytes from 10.254.32.130: icmp_seq=10 ttl=60 time=0.437 ms --- 10.254.32.130 ping statistics --- 10 packets transmitted, 10 received, 0% packet loss, time 8998ms rtt min/avg/max/mdev = 0.408/0.427/0.437/0.015 ms Iptables are not running. Thanks, Dave -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Marcy Cortes Sent: Monday, November 24, 2008 4:12 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH Linux Guest Post the results of a q vswitch details, please. And also route and ifconfig from linux. Marcy This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of KEETON Dave * OR SDC Sent: Monday, November 24, 2008 2:30 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: [IBMVM] VLAN-Aware VSWITCH Linux Guest Thanks, Alan. To answer your question, I am now able to ping the TCPIP stack address (after making the change you recommended). I am still unable to ping the gateway, however. I suppose I'll go back to beating my head against the wall... Dave -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Monday, November 24, 2008 11:07 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH Linux Guest On Monday, 11/24/2008 at 01:54 EST, KEETON Dave * OR SDC [EMAIL PROTECTED] wrote: I've been beating my head against the wall for a week now trying to figure out what I'm doing wrong, but I can't get it figured out, so I'm appealing to the fine folks on this list for help. I have a new OSA port all to myself and it's connected to a trunk port on the network switch. I've talked to the network guys and they know what it is that I want, so I'm pretty sure that part is set up correctly. I've configured TCPIP and the stack is up. From TCPMAINT, I can ping the gateway. I have a connection to the network. I built the VSWITCH with the following command and added it to SYSTEM CONFIG. Addresses have been changed for security: DEF VSWITCH VSS3000 RDEV 1234 2234 PORTT TRUNK VLAN 1234 As you suggest below, get rid of the PORTTYPE TRUNK. Only a guest that needs access to multiple VLANs on the VSWITCH need be granted PORTTYPE TRUNK (VLAN-aware). The others shouldo remain VLAN-unaware (PORTTYPE ACCESS). Even VM TCP/IP. (For RDEV, there are two links for fail-over) Next, I coupled the guest to the vswitch: SET VSWITCH VSS3000 GRANT SLES10 VLAN 1234 Then, I built a SLES10-SP2 guest and configured the network with YaST. I cannot ping outside the guest. Here are the steps I've taken and info I've verified in an effort to troubleshoot: 1. Log on to the guest VM and from CMS, ping the gateway. This works. I can ping devices outside the z10. 2. Tried configuring SLES10 using either VLAN-aware method (Novell doc indicates manual reconfiguration of adapter create ifcfg-vlan file). This doesn't work. I can't ping outside the VM. 3. Tried making the guest VLAN-unaware (ACCESS 1234 option for SET VSWITCH) and configure SLES interface as normal (eth0). Doesn't work either. Cannot ping outside the VM. I am no expert on VLANs and I appear to be stuck. I would appreciate anyone's input on this one. The ony thing that comes to mind is that the IP address/subnet/gateway on the guests doesn't match what's in the switch. Can the Linux guest ping VM TCP/IP? Alan Altmark z/VM Development IBM Endicott
Re: VLAN-Aware VSWITCH Linux Guest
I don't see anything amiss on your side. I think its time to go back to the switch folks and have them poke further. Maybe they can see a vlan mismatch or something wrong with the thing you have pointed to as gw. Marcy This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of KEETON Dave * OR SDC Sent: Tuesday, November 25, 2008 9:02 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: [IBMVM] VLAN-Aware VSWITCH Linux Guest Marcy, Here's the info you requested: q vswitch details VSWITCH SYSTEM VSS3000 Type: VSWITCH Connected: 1Maxconn: INFINITE PERSISTENT RESTRICTEDNONROUTER Accounting: OFF VLAN Aware Default VLAN: 3046Default Porttype: Trunk GVRP: Enabled Native VLAN: 3046VLAN Counters: OFF MAC address: 02-00-00-00-00-01 State: Ready IPTimeout: 5 QueueStorage: 8 RDEV: 1D84.P00 VDEV: 1D84 Controller: DTCVSW1 VSWITCH Connection: MAC address: 00-11-25-BD-F8-74 RX Packets: 30 Discarded: 389Errors: 0 TX Packets: 86 Discarded: 0 Errors: 0 RX Bytes: 2904 TX Bytes: 7472 Device: 1D84 Unit: 000 Role: DATA vPort: 0001 Index: 0001 Options: VLAN_ARP RDEV: 2D84.P00 VDEV: 2D84 Controller: DTCVSW2 BACKUP Adapter Connections: Adapter Owner: SLX005 NIC: 3902.P00 Name: eth0 Porttype: Access RX Packets: 37 Discarded: 0 Errors: 0 TX Packets: 86 Discarded: 0 Errors: 0 RX Bytes: 6628 TX Bytes: 7472 Device: 3904 Unit: 002 Role: DATA vPort: 0065 Index: 0065 VLAN: IPv4 3046 Assigned by system VLAN: IPv6 3046 Assigned by system Options: Broadcast Multicast IPv6 IPv4 VLAN Unicast IP Addresses: 10.254.32.132MAC: 02-00-00-00-00-02 FE80::200:0:100:2MAC: 02-00-00-00-00-02 Local Multicast IP Addresses: 224.0.0.1MAC: 01-00-5E-00-00-01 224.0.1.22 MAC: 01-00-5E-00-01-16 239.255.255.253 MAC: 01-00-5E-7F-FF-FD FF02::1 MAC: 33-33-00-00-00-01 Local FF02::1:FF00:2 MAC: 33-33-FF-00-00-02 Local q vswitch accesslist VSWITCH SYSTEM VSS3000 Type: VSWITCH Connected: 1Maxconn: INFINITE PERSISTENT RESTRICTEDNONROUTER Accounting: OFF VLAN Aware Default VLAN: 3046Default Porttype: Trunk GVRP: Enabled Native VLAN: 3046VLAN Counters: OFF MAC address: 02-00-00-00-00-01 State: Ready IPTimeout: 5 QueueStorage: 8 Authorized userids: SLX005 Porttype: Access VLAN: 3046 SYSTEM Porttype: Trunk VLAN: 3046 RDEV: 1D84.P00 VDEV: 1D84 Controller: DTCVSW1 RDEV: 2D84.P00 VDEV: 2D84 Controller: DTCVSW2 BACKUP ifconfig eth0 Link encap:Ethernet HWaddr 02:00:00:00:00:02 inet addr:10.254.32.132 Bcast:10.254.32.255 Mask:255.255.255.0 inet6 addr: fe80::200:0:100:2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1 RX packets:38 errors:0 dropped:0 overruns:0 frame:0 TX packets:86 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:7160 (6.9 Kb) TX bytes:7472 (7.2 Kb) hsi0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 inet addr:10.0.129.181 Bcast:10.0.129.255 Mask:255.255.255.128 inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link UP BROADCAST RUNNING NOARP MULTICAST MTU:8192 Metric:1 RX packets:298 errors:0 dropped:0 overruns:0 frame:0 TX packets:230 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:23716 (23.1 Kb) TX bytes:29045 (28.3 Kb) loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:70 errors:0 dropped:0 overruns:0 frame:0 TX packets:70 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:5727 (5.5 Kb) TX bytes:5727 (5.5 Kb) route Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 10.0.129.128* 255.255.255.128 U 0 00 hsi0 10.254.32.0 * 255.255.255.0 U 0 00 eth0 link-local
Re: VLAN-Aware VSWITCH Linux Guest
Thanks, Marcy. Yes, you're right. It was time to go back to the network folks. I did that this morning. We whiteboarded it out and come to find out, there was a missing element: Native VLAN ID. They didn't give me this information initially, but after the conversation I was able to get that info plugged in and everything is working. Thanks to you, Alan David for the assistance. Regard, Dave -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Marcy Cortes Sent: Tuesday, November 25, 2008 9:45 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH Linux Guest I don't see anything amiss on your side. I think its time to go back to the switch folks and have them poke further. Maybe they can see a vlan mismatch or something wrong with the thing you have pointed to as gw. Marcy This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of KEETON Dave * OR SDC Sent: Tuesday, November 25, 2008 9:02 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: [IBMVM] VLAN-Aware VSWITCH Linux Guest Marcy, Here's the info you requested: q vswitch details VSWITCH SYSTEM VSS3000 Type: VSWITCH Connected: 1Maxconn: INFINITE PERSISTENT RESTRICTEDNONROUTER Accounting: OFF VLAN Aware Default VLAN: 3046Default Porttype: Trunk GVRP: Enabled Native VLAN: 3046VLAN Counters: OFF MAC address: 02-00-00-00-00-01 State: Ready IPTimeout: 5 QueueStorage: 8 RDEV: 1D84.P00 VDEV: 1D84 Controller: DTCVSW1 VSWITCH Connection: MAC address: 00-11-25-BD-F8-74 RX Packets: 30 Discarded: 389Errors: 0 TX Packets: 86 Discarded: 0 Errors: 0 RX Bytes: 2904 TX Bytes: 7472 Device: 1D84 Unit: 000 Role: DATA vPort: 0001 Index: 0001 Options: VLAN_ARP RDEV: 2D84.P00 VDEV: 2D84 Controller: DTCVSW2 BACKUP Adapter Connections: Adapter Owner: SLX005 NIC: 3902.P00 Name: eth0 Porttype: Access RX Packets: 37 Discarded: 0 Errors: 0 TX Packets: 86 Discarded: 0 Errors: 0 RX Bytes: 6628 TX Bytes: 7472 Device: 3904 Unit: 002 Role: DATA vPort: 0065 Index: 0065 VLAN: IPv4 3046 Assigned by system VLAN: IPv6 3046 Assigned by system Options: Broadcast Multicast IPv6 IPv4 VLAN Unicast IP Addresses: 10.254.32.132MAC: 02-00-00-00-00-02 FE80::200:0:100:2MAC: 02-00-00-00-00-02 Local Multicast IP Addresses: 224.0.0.1MAC: 01-00-5E-00-00-01 224.0.1.22 MAC: 01-00-5E-00-01-16 239.255.255.253 MAC: 01-00-5E-7F-FF-FD FF02::1 MAC: 33-33-00-00-00-01 Local FF02::1:FF00:2 MAC: 33-33-FF-00-00-02 Local q vswitch accesslist VSWITCH SYSTEM VSS3000 Type: VSWITCH Connected: 1Maxconn: INFINITE PERSISTENT RESTRICTEDNONROUTER Accounting: OFF VLAN Aware Default VLAN: 3046Default Porttype: Trunk GVRP: Enabled Native VLAN: 3046VLAN Counters: OFF MAC address: 02-00-00-00-00-01 State: Ready IPTimeout: 5 QueueStorage: 8 Authorized userids: SLX005 Porttype: Access VLAN: 3046 SYSTEM Porttype: Trunk VLAN: 3046 RDEV: 1D84.P00 VDEV: 1D84 Controller: DTCVSW1 RDEV: 2D84.P00 VDEV: 2D84 Controller: DTCVSW2 BACKUP ifconfig eth0 Link encap:Ethernet HWaddr 02:00:00:00:00:02 inet addr:10.254.32.132 Bcast:10.254.32.255 Mask:255.255.255.0 inet6 addr: fe80::200:0:100:2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1 RX packets:38 errors:0 dropped:0 overruns:0 frame:0 TX packets:86 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:7160 (6.9 Kb) TX bytes:7472 (7.2 Kb) hsi0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 inet addr:10.0.129.181 Bcast:10.0.129.255 Mask:255.255.255.128 inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link UP BROADCAST RUNNING NOARP MULTICAST MTU:8192 Metric:1 RX packets:298 errors:0 dropped:0 overruns:0 frame:0 TX packets:230 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:23716 (23.1 Kb) TX bytes:29045 (28.3 Kb) loLink encap:Local Loopback inet addr:127.0.0.1
VLAN-Aware VSWITCH Linux Guest
I've been beating my head against the wall for a week now trying to figure out what I'm doing wrong, but I can't get it figured out, so I'm appealing to the fine folks on this list for help. I have a new OSA port all to myself and it's connected to a trunk port on the network switch. I've talked to the network guys and they know what it is that I want, so I'm pretty sure that part is set up correctly. I've configured TCPIP and the stack is up. From TCPMAINT, I can ping the gateway. I have a connection to the network. I built the VSWITCH with the following command and added it to SYSTEM CONFIG. Addresses have been changed for security: DEF VSWITCH VSS3000 RDEV 1234 2234 PORTT TRUNK VLAN 1234 (For RDEV, there are two links for fail-over) Next, I coupled the guest to the vswitch: SET VSWITCH VSS3000 GRANT SLES10 VLAN 1234 Then, I built a SLES10-SP2 guest and configured the network with YaST. I cannot ping outside the guest. Here are the steps I've taken and info I've verified in an effort to troubleshoot: 1. Log on to the guest VM and from CMS, ping the gateway. This works. I can ping devices outside the z10. 2. Tried configuring SLES10 using either VLAN-aware method (Novell doc indicates manual reconfiguration of adapter create ifcfg-vlan file). This doesn't work. I can't ping outside the VM. 3. Tried making the guest VLAN-unaware (ACCESS 1234 option for SET VSWITCH) and configure SLES interface as normal (eth0). Doesn't work either. Cannot ping outside the VM. I am no expert on VLANs and I appear to be stuck. I would appreciate anyone's input on this one. Thanks in advance, Dave
Re: VLAN-Aware VSWITCH Linux Guest
On Monday, 11/24/2008 at 01:54 EST, KEETON Dave * OR SDC [EMAIL PROTECTED] wrote: I've been beating my head against the wall for a week now trying to figure out what I'm doing wrong, but I can't get it figured out, so I'm appealing to the fine folks on this list for help. I have a new OSA port all to myself and it's connected to a trunk port on the network switch. I've talked to the network guys and they know what it is that I want, so I'm pretty sure that part is set up correctly. I've configured TCPIP and the stack is up. From TCPMAINT, I can ping the gateway. I have a connection to the network. I built the VSWITCH with the following command and added it to SYSTEM CONFIG. Addresses have been changed for security: DEF VSWITCH VSS3000 RDEV 1234 2234 PORTT TRUNK VLAN 1234 As you suggest below, get rid of the PORTTYPE TRUNK. Only a guest that needs access to multiple VLANs on the VSWITCH need be granted PORTTYPE TRUNK (VLAN-aware). The others shouldo remain VLAN-unaware (PORTTYPE ACCESS). Even VM TCP/IP. (For RDEV, there are two links for fail-over) Next, I coupled the guest to the vswitch: SET VSWITCH VSS3000 GRANT SLES10 VLAN 1234 Then, I built a SLES10-SP2 guest and configured the network with YaST. I cannot ping outside the guest. Here are the steps I've taken and info I've verified in an effort to troubleshoot: 1. Log on to the guest VM and from CMS, ping the gateway. This works. I can ping devices outside the z10. 2. Tried configuring SLES10 using either VLAN-aware method (Novell doc indicates manual reconfiguration of adapter create ifcfg-vlan file). This doesn't work. I can't ping outside the VM. 3. Tried making the guest VLAN-unaware (ACCESS 1234 option for SET VSWITCH) and configure SLES interface as normal (eth0). Doesn't work either. Cannot ping outside the VM. I am no expert on VLANs and I appear to be stuck. I would appreciate anyone's input on this one. The ony thing that comes to mind is that the IP address/subnet/gateway on the guests doesn't match what's in the switch. Can the Linux guest ping VM TCP/IP? Alan Altmark z/VM Development IBM Endicott
Re: VLAN-Aware VSWITCH Linux Guest
Thanks, Alan. To answer your question, I am now able to ping the TCPIP stack address (after making the change you recommended). I am still unable to ping the gateway, however. I suppose I'll go back to beating my head against the wall... Dave -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Monday, November 24, 2008 11:07 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH Linux Guest On Monday, 11/24/2008 at 01:54 EST, KEETON Dave * OR SDC [EMAIL PROTECTED] wrote: I've been beating my head against the wall for a week now trying to figure out what I'm doing wrong, but I can't get it figured out, so I'm appealing to the fine folks on this list for help. I have a new OSA port all to myself and it's connected to a trunk port on the network switch. I've talked to the network guys and they know what it is that I want, so I'm pretty sure that part is set up correctly. I've configured TCPIP and the stack is up. From TCPMAINT, I can ping the gateway. I have a connection to the network. I built the VSWITCH with the following command and added it to SYSTEM CONFIG. Addresses have been changed for security: DEF VSWITCH VSS3000 RDEV 1234 2234 PORTT TRUNK VLAN 1234 As you suggest below, get rid of the PORTTYPE TRUNK. Only a guest that needs access to multiple VLANs on the VSWITCH need be granted PORTTYPE TRUNK (VLAN-aware). The others shouldo remain VLAN-unaware (PORTTYPE ACCESS). Even VM TCP/IP. (For RDEV, there are two links for fail-over) Next, I coupled the guest to the vswitch: SET VSWITCH VSS3000 GRANT SLES10 VLAN 1234 Then, I built a SLES10-SP2 guest and configured the network with YaST. I cannot ping outside the guest. Here are the steps I've taken and info I've verified in an effort to troubleshoot: 1. Log on to the guest VM and from CMS, ping the gateway. This works. I can ping devices outside the z10. 2. Tried configuring SLES10 using either VLAN-aware method (Novell doc indicates manual reconfiguration of adapter create ifcfg-vlan file). This doesn't work. I can't ping outside the VM. 3. Tried making the guest VLAN-unaware (ACCESS 1234 option for SET VSWITCH) and configure SLES interface as normal (eth0). Doesn't work either. Cannot ping outside the VM. I am no expert on VLANs and I appear to be stuck. I would appreciate anyone's input on this one. The ony thing that comes to mind is that the IP address/subnet/gateway on the guests doesn't match what's in the switch. Can the Linux guest ping VM TCP/IP? Alan Altmark z/VM Development IBM Endicott
Re: VLAN-Aware VSWITCH Linux Guest
do a cp q vswitch details from tcpmaint. Determine: 1. is the linux machine in the list with an ip address? 2. determine the name of the current vswitch controller. From TCPMAINT: NETSTAT ARP ALL TCPIP name of current controller The netstat arp command may need to be issued twice. Does the linux machine show the mac of the OSA along with its IP address? David Kreuter From: The IBM z/VM Operating System on behalf of KEETON Dave * OR SDC Sent: Mon 11/24/2008 5:29 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: [IBMVM] VLAN-Aware VSWITCH Linux Guest Thanks, Alan. To answer your question, I am now able to ping the TCPIP stack address (after making the change you recommended). I am still unable to ping the gateway, however. I suppose I'll go back to beating my head against the wall... Dave -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Monday, November 24, 2008 11:07 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH Linux Guest On Monday, 11/24/2008 at 01:54 EST, KEETON Dave * OR SDC [EMAIL PROTECTED] wrote: I've been beating my head against the wall for a week now trying to figure out what I'm doing wrong, but I can't get it figured out, so I'm appealing to the fine folks on this list for help. I have a new OSA port all to myself and it's connected to a trunk port on the network switch. I've talked to the network guys and they know what it is that I want, so I'm pretty sure that part is set up correctly. I've configured TCPIP and the stack is up. From TCPMAINT, I can ping the gateway. I have a connection to the network. I built the VSWITCH with the following command and added it to SYSTEM CONFIG. Addresses have been changed for security: DEF VSWITCH VSS3000 RDEV 1234 2234 PORTT TRUNK VLAN 1234 As you suggest below, get rid of the PORTTYPE TRUNK. Only a guest that needs access to multiple VLANs on the VSWITCH need be granted PORTTYPE TRUNK (VLAN-aware). The others shouldo remain VLAN-unaware (PORTTYPE ACCESS). Even VM TCP/IP. (For RDEV, there are two links for fail-over) Next, I coupled the guest to the vswitch: SET VSWITCH VSS3000 GRANT SLES10 VLAN 1234 Then, I built a SLES10-SP2 guest and configured the network with YaST. I cannot ping outside the guest. Here are the steps I've taken and info I've verified in an effort to troubleshoot: 1. Log on to the guest VM and from CMS, ping the gateway. This works. I can ping devices outside the z10. 2. Tried configuring SLES10 using either VLAN-aware method (Novell doc indicates manual reconfiguration of adapter create ifcfg-vlan file). This doesn't work. I can't ping outside the VM. 3. Tried making the guest VLAN-unaware (ACCESS 1234 option for SET VSWITCH) and configure SLES interface as normal (eth0). Doesn't work either. Cannot ping outside the VM. I am no expert on VLANs and I appear to be stuck. I would appreciate anyone's input on this one. The ony thing that comes to mind is that the IP address/subnet/gateway on the guests doesn't match what's in the switch. Can the Linux guest ping VM TCP/IP? Alan Altmark z/VM Development IBM Endicott
Re: VLAN-Aware VSWITCH Linux Guest
command should be NETSTAT ARP ALL TCP name of controller machine David From: The IBM z/VM Operating System on behalf of KEETON Dave * OR SDC Sent: Mon 11/24/2008 5:29 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: [IBMVM] VLAN-Aware VSWITCH Linux Guest Thanks, Alan. To answer your question, I am now able to ping the TCPIP stack address (after making the change you recommended). I am still unable to ping the gateway, however. I suppose I'll go back to beating my head against the wall... Dave -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Monday, November 24, 2008 11:07 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH Linux Guest On Monday, 11/24/2008 at 01:54 EST, KEETON Dave * OR SDC [EMAIL PROTECTED] wrote: I've been beating my head against the wall for a week now trying to figure out what I'm doing wrong, but I can't get it figured out, so I'm appealing to the fine folks on this list for help. I have a new OSA port all to myself and it's connected to a trunk port on the network switch. I've talked to the network guys and they know what it is that I want, so I'm pretty sure that part is set up correctly. I've configured TCPIP and the stack is up. From TCPMAINT, I can ping the gateway. I have a connection to the network. I built the VSWITCH with the following command and added it to SYSTEM CONFIG. Addresses have been changed for security: DEF VSWITCH VSS3000 RDEV 1234 2234 PORTT TRUNK VLAN 1234 As you suggest below, get rid of the PORTTYPE TRUNK. Only a guest that needs access to multiple VLANs on the VSWITCH need be granted PORTTYPE TRUNK (VLAN-aware). The others shouldo remain VLAN-unaware (PORTTYPE ACCESS). Even VM TCP/IP. (For RDEV, there are two links for fail-over) Next, I coupled the guest to the vswitch: SET VSWITCH VSS3000 GRANT SLES10 VLAN 1234 Then, I built a SLES10-SP2 guest and configured the network with YaST. I cannot ping outside the guest. Here are the steps I've taken and info I've verified in an effort to troubleshoot: 1. Log on to the guest VM and from CMS, ping the gateway. This works. I can ping devices outside the z10. 2. Tried configuring SLES10 using either VLAN-aware method (Novell doc indicates manual reconfiguration of adapter create ifcfg-vlan file). This doesn't work. I can't ping outside the VM. 3. Tried making the guest VLAN-unaware (ACCESS 1234 option for SET VSWITCH) and configure SLES interface as normal (eth0). Doesn't work either. Cannot ping outside the VM. I am no expert on VLANs and I appear to be stuck. I would appreciate anyone's input on this one. The ony thing that comes to mind is that the IP address/subnet/gateway on the guests doesn't match what's in the switch. Can the Linux guest ping VM TCP/IP? Alan Altmark z/VM Development IBM Endicott
Re: VLAN-Aware VSWITCH Linux Guest
Thanks for the reply, David. Yes, doing a VSWITCH DETAILS from TCPMAINT shows the linux machine's IP address. The output of NETSTAT ARP ALL TCP DTCVSW1 shows the arp cache for TCPIP and for the linux machine. An IFCONFIG in Linux indicates the virtual MAC address for the interface ETH0. I'm going to bring the firewall guys into this. I've already talked to the network group and they can see my pings on the trunk port, so I need to see if there are some rules in place that I'm not aware of. Thanks again, Dave From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of David Kreuter Sent: Monday, November 24, 2008 3:18 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH Linux Guest do a cp q vswitch details from tcpmaint. Determine: 1. is the linux machine in the list with an ip address? 2. determine the name of the current vswitch controller. From TCPMAINT: NETSTAT ARP ALL TCPIP name of current controller The netstat arp command may need to be issued twice. Does the linux machine show the mac of the OSA along with its IP address? David Kreuter From: The IBM z/VM Operating System on behalf of KEETON Dave * OR SDC Sent: Mon 11/24/2008 5:29 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: [IBMVM] VLAN-Aware VSWITCH Linux Guest Thanks, Alan. To answer your question, I am now able to ping the TCPIP stack address (after making the change you recommended). I am still unable to ping the gateway, however. I suppose I'll go back to beating my head against the wall... Dave -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Monday, November 24, 2008 11:07 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH Linux Guest On Monday, 11/24/2008 at 01:54 EST, KEETON Dave * OR SDC [EMAIL PROTECTED] wrote: I've been beating my head against the wall for a week now trying to figure out what I'm doing wrong, but I can't get it figured out, so I'm appealing to the fine folks on this list for help. I have a new OSA port all to myself and it's connected to a trunk port on the network switch. I've talked to the network guys and they know what it is that I want, so I'm pretty sure that part is set up correctly. I've configured TCPIP and the stack is up. From TCPMAINT, I can ping the gateway. I have a connection to the network. I built the VSWITCH with the following command and added it to SYSTEM CONFIG. Addresses have been changed for security: DEF VSWITCH VSS3000 RDEV 1234 2234 PORTT TRUNK VLAN 1234 As you suggest below, get rid of the PORTTYPE TRUNK. Only a guest that needs access to multiple VLANs on the VSWITCH need be granted PORTTYPE TRUNK (VLAN-aware). The others shouldo remain VLAN-unaware (PORTTYPE ACCESS). Even VM TCP/IP. (For RDEV, there are two links for fail-over) Next, I coupled the guest to the vswitch: SET VSWITCH VSS3000 GRANT SLES10 VLAN 1234 Then, I built a SLES10-SP2 guest and configured the network with YaST. I cannot ping outside the guest. Here are the steps I've taken and info I've verified in an effort to troubleshoot: 1. Log on to the guest VM and from CMS, ping the gateway. This works. I can ping devices outside the z10. 2. Tried configuring SLES10 using either VLAN-aware method (Novell doc indicates manual reconfiguration of adapter create ifcfg-vlan file). This doesn't work. I can't ping outside the VM. 3. Tried making the guest VLAN-unaware (ACCESS 1234 option for SET VSWITCH) and configure SLES interface as normal (eth0). Doesn't work either. Cannot ping outside the VM. I am no expert on VLANs and I appear to be stuck. I would appreciate anyone's input on this one. The ony thing that comes to mind is that the IP address/subnet/gateway on the guests doesn't match what's in the switch. Can the Linux guest ping VM TCP/IP? Alan Altmark z/VM Development IBM Endicott
Re: VLAN-Aware VSWITCH Linux Guest
Post the results of a q vswitch details, please. And also route and ifconfig from linux. Marcy This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of KEETON Dave * OR SDC Sent: Monday, November 24, 2008 2:30 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: [IBMVM] VLAN-Aware VSWITCH Linux Guest Thanks, Alan. To answer your question, I am now able to ping the TCPIP stack address (after making the change you recommended). I am still unable to ping the gateway, however. I suppose I'll go back to beating my head against the wall... Dave -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Monday, November 24, 2008 11:07 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH Linux Guest On Monday, 11/24/2008 at 01:54 EST, KEETON Dave * OR SDC [EMAIL PROTECTED] wrote: I've been beating my head against the wall for a week now trying to figure out what I'm doing wrong, but I can't get it figured out, so I'm appealing to the fine folks on this list for help. I have a new OSA port all to myself and it's connected to a trunk port on the network switch. I've talked to the network guys and they know what it is that I want, so I'm pretty sure that part is set up correctly. I've configured TCPIP and the stack is up. From TCPMAINT, I can ping the gateway. I have a connection to the network. I built the VSWITCH with the following command and added it to SYSTEM CONFIG. Addresses have been changed for security: DEF VSWITCH VSS3000 RDEV 1234 2234 PORTT TRUNK VLAN 1234 As you suggest below, get rid of the PORTTYPE TRUNK. Only a guest that needs access to multiple VLANs on the VSWITCH need be granted PORTTYPE TRUNK (VLAN-aware). The others shouldo remain VLAN-unaware (PORTTYPE ACCESS). Even VM TCP/IP. (For RDEV, there are two links for fail-over) Next, I coupled the guest to the vswitch: SET VSWITCH VSS3000 GRANT SLES10 VLAN 1234 Then, I built a SLES10-SP2 guest and configured the network with YaST. I cannot ping outside the guest. Here are the steps I've taken and info I've verified in an effort to troubleshoot: 1. Log on to the guest VM and from CMS, ping the gateway. This works. I can ping devices outside the z10. 2. Tried configuring SLES10 using either VLAN-aware method (Novell doc indicates manual reconfiguration of adapter create ifcfg-vlan file). This doesn't work. I can't ping outside the VM. 3. Tried making the guest VLAN-unaware (ACCESS 1234 option for SET VSWITCH) and configure SLES interface as normal (eth0). Doesn't work either. Cannot ping outside the VM. I am no expert on VLANs and I appear to be stuck. I would appreciate anyone's input on this one. The ony thing that comes to mind is that the IP address/subnet/gateway on the guests doesn't match what's in the switch. Can the Linux guest ping VM TCP/IP? Alan Altmark z/VM Development IBM Endicott
Re: VLAN-Aware VSWITCH Linux Guest
from root what does iptables-save show? Is iptables somehow getting started on the linux guest? From: The IBM z/VM Operating System on behalf of KEETON Dave * OR SDC Sent: Mon 11/24/2008 7:10 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: [IBMVM] VLAN-Aware VSWITCH Linux Guest Thanks for the reply, David. Yes, doing a VSWITCH DETAILS from TCPMAINT shows the linux machine's IP address. The output of NETSTAT ARP ALL TCP DTCVSW1 shows the arp cache for TCPIP and for the linux machine. An IFCONFIG in Linux indicates the virtual MAC address for the interface ETH0. I'm going to bring the firewall guys into this. I've already talked to the network group and they can see my pings on the trunk port, so I need to see if there are some rules in place that I'm not aware of. Thanks again, Dave From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of David Kreuter Sent: Monday, November 24, 2008 3:18 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH Linux Guest do a cp q vswitch details from tcpmaint. Determine: 1. is the linux machine in the list with an ip address? 2. determine the name of the current vswitch controller. From TCPMAINT: NETSTAT ARP ALL TCPIP name of current controller The netstat arp command may need to be issued twice. Does the linux machine show the mac of the OSA along with its IP address? David Kreuter From: The IBM z/VM Operating System on behalf of KEETON Dave * OR SDC Sent: Mon 11/24/2008 5:29 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: [IBMVM] VLAN-Aware VSWITCH Linux Guest Thanks, Alan. To answer your question, I am now able to ping the TCPIP stack address (after making the change you recommended). I am still unable to ping the gateway, however. I suppose I'll go back to beating my head against the wall... Dave -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Monday, November 24, 2008 11:07 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VLAN-Aware VSWITCH Linux Guest On Monday, 11/24/2008 at 01:54 EST, KEETON Dave * OR SDC [EMAIL PROTECTED] wrote: I've been beating my head against the wall for a week now trying to figure out what I'm doing wrong, but I can't get it figured out, so I'm appealing to the fine folks on this list for help. I have a new OSA port all to myself and it's connected to a trunk port on the network switch. I've talked to the network guys and they know what it is that I want, so I'm pretty sure that part is set up correctly. I've configured TCPIP and the stack is up. From TCPMAINT, I can ping the gateway. I have a connection to the network. I built the VSWITCH with the following command and added it to SYSTEM CONFIG. Addresses have been changed for security: DEF VSWITCH VSS3000 RDEV 1234 2234 PORTT TRUNK VLAN 1234 As you suggest below, get rid of the PORTTYPE TRUNK. Only a guest that needs access to multiple VLANs on the VSWITCH need be granted PORTTYPE TRUNK (VLAN-aware). The others shouldo remain VLAN-unaware (PORTTYPE ACCESS). Even VM TCP/IP. (For RDEV, there are two links for fail-over) Next, I coupled the guest to the vswitch: SET VSWITCH VSS3000 GRANT SLES10 VLAN 1234 Then, I built a SLES10-SP2 guest and configured the network with YaST. I cannot ping outside the guest. Here are the steps I've taken and info I've verified in an effort to troubleshoot: 1. Log on to the guest VM and from CMS, ping the gateway. This works. I can ping devices outside the z10. 2. Tried configuring SLES10 using either VLAN-aware method (Novell doc indicates manual reconfiguration of adapter create ifcfg-vlan file). This doesn't work. I can't ping outside the VM. 3. Tried making the guest VLAN-unaware (ACCESS 1234 option for SET VSWITCH) and configure SLES interface as normal (eth0). Doesn't work either. Cannot ping outside the VM. I am no expert on VLANs and I appear to be stuck. I would appreciate anyone's input on this one. The ony thing that comes to mind is that the IP address/subnet/gateway on the guests doesn't match what's in the switch. Can the Linux guest ping VM TCP/IP? Alan Altmark z/VM Development IBM Endicott
