On Feb 2, 2021, at 4:58 PM, Gilson Cesar de Oliveira <[email protected]> wrote: > > My concern is related to isolate consoles for different lpars. All > the console clients that will connect to 192.168.10.100 should not connect > to 10.152.200.100 and vice-versa. > > Are you saying that I can define the ports in different subnets but > the default gateway should be the same ?? > I have the configuration in HCD and there is a panel where I can > configure the ports 0 and 1. > > Am I wrong at this point ?? >
In HCD there are two parts to the “OSA Advanced Facilities” configuration, a server configuration and a sessions configuration. In the server configuration you specify an IP address, subnet prefix, and TCP port number for one or both of the physical ports. Then you may specify a single gateway address, which should be on the same subnet as one of the physical ports. The port whose address is not on the same subnet as the gateway will be inaccessible to any host that is not on the same subnet as that host. For example, one of the cards on the University’s z14 ZR1 has port 0 IPv4 address 10.157.166.44/27 and port 1 IPv4 address 192.168.2.13/24 and IPv4 gateway address 10.157.166.33. When I’m on the University’s VPN (or when I was on campus back when we still did that) I can connect to port 0. However, only hosts with an IP address of 192.168.2.xxx (which are confined to the data center) can connect to port 1. Then there is the session configuration. Each session is assigned a CSS id and an MFID (which selects an LPAR) and a unit number; it is identified by an LU name. You can connect to a session from either port, but as part of the session definition you can filter by client IP address. So if what you want to do is isolate consoles for different LPARs, you need to be looking at the session definitions, not the port definitions. Although, of course, all clients will need to be able to access one or the other of the ports. -- Pew, Curtis G [email protected] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
