2006-03-06 20:17:23 UTC
unexpected problem with connectivity through vswitches to the external
network. I'm trying to figure out if the problem is in my vswitch
definitions or if it's a reportable issue.
At the moment it appears that private IP address ranges (eg
192.168.xxx.xxx, 10.xxx.xxx.xxx, 172.16.64.xxx) which worked fine through
a vswitch in 4.4.0 do not work at all through a vswitch on 5.2.0.
Private IP addresses in the same subnet, on the same VLAN, on the same
vswitch couldn't ping each other or their external gateway. The public IP
addresses on the same vswitch had no trouble pinging their external
gateway. Private IP addresses with direct OSA conections had no problems
I was able to confirm it was a vswitch related problem through testing
with my z/VM TCPIP stack. Normally it has a dedicated OSA connection and
a private IP address of 172.16.64.3 on VLAN 7. On zVM 5.2 I was able to
PING its external gateway at 172.16.64.1. When I changed the TCPIP stacks
network connection from a dedicated OSA to a virtual NIC on the vswitch
the ping failed.
My vswitch was defined in z/VM 4.4.0 with:
DEFINE VSWITCH SWITCH02 RDEV 0500 F804 PORTNAME PT0500 PTF804
and in 5.2.0 with:
DEFINE VSWITCH SWITCH02 RDEV 0500 F804 VLAN 7 PORTNAME PT0500 PTF804
For testing the TCPIP NIC on the vswitch it was authorized with:
SET VSWITCH SWITCH02 GRANT TCPIP VLAN 7
In both cases, PROFILE TCPIP includes:
LINK ETH0 QDIOETHERNET ***@0503 VLAN 7
Changing TCPIP's GRANT to include PORTTYPE TRUNK, and verifying the change
with Q VSWITCH ALL DETAILS, had no effect.
On the exact same switch, SWITCH02, other Linux guests on VLAN 2 with
public IP addresses (eg 164.165.57.xxx) had no trouble communicating with
the network outside the z/890. They are authorized to the vswitch with:
SET VSWITCH SWITCH02 GRANT <userid> VLAN 2
The problem also manifested itself on the other vswitch carrying traffic
on private IP addresses for other VLANs (3 and 4).
Is there something I've overlooked in the changes to vswitches from 4.4.0
to 5.2.0? Or is this a reportable problem?
P.S. The problem has been temporariliy circumvented by connecting the
userids with priviate IP address on VLAN 7 to a guest LAN and using the
zVM TCPIP stack to route their traffic to the OSA. (Yuck, but it works.)