There are several approaches to this. You didn't mention if there is a virtual switch on the 1st level that your second level guest attached to for connectivity. One way or the other you need to get to the real OSA. If there is a vswitch 1st level you could define 5 virtual nic triplets to your guest on the same virtual chpid. These will appear to your second level guest as real OSAs. Attach these triplets to your five 3rd level zVosguests. On the 1st level vswitch since they will end up on the same vlan, they can be access ports, no need for trunks. Specific port access can't be done in the vswitch so maybe look outboard. Define the vlan to the vswitch. Or you could define 1 triplet to the vswitch from the 2nd level guest. Attach this virtually real triplet to 1 zVos guest. Define a guest lan on the 2nd level machine. Attach the zVos machine with the triplet on the virtually real osa to another virtual nic to your guest lan; vnic triplets to the big five; and now on the zVos machine with the two interfaces port map to the big five. I dunno which is more or less complex, plus there are other solutions. I would do the first one, I think. Or, maybe the 2nd one. Dunno. David
________________________________ From: The IBM z/VM Operating System on behalf of Gary M. Dennis Sent: Tue 12/9/2008 6:00 PM To: [email protected] Subject: [IBMVM] .zVos System z/VM Connectivity - Men or Mice Over the last few weeks we have determined (without equivocation) that we are z/VM communications mice. Communications men or women would have dispatched the following problem forthwith. What we are attempting to do is describe our connectivity requirements for testing zVos to IBM¹s Dallas development center. I feel as though we are throwing them somewhat of a curve ball because our environment is not Linux and not strictly CMS/VM. Here is what we have: 1. A second level VM system running on the Dallas First level. 2. On that second level system there are two server machines which have to be able to communicate with a z/Vos management console in Birmingham via HTTP. 3. On the same machine there are 3 virtual x86 machines that must be reached from the Birmingham network with RDP and/or VNC over a Specific subnet and port range. 4. The servers and virtualized machines are on the same VLAN. 5. VPN Questions: 1. What has to happen on the first level machine to permit access to a specific subnet and port range on the VLAN of the second level machine? 2. Shouldn't we be able to get away with just having a VSWITCH/VLAN combination on the second level machine without dedicating an OSA adapter? Anybody done this in a DR environment. 3. Would use of a virtual OSA adapter in the second level machine make this easier or just ratchet the level of complexity? Thanks --. .- .-. -.-- Gary Dennis Mantissa Corporation
