> One of our customers claims that some guy at the local IBM office told > him that he would get additional security benefits if he > routed packets > through the TCPIP machine, instead of connecting the virtual Linux > machine directly to the OSA channel.
This is nonsense; in fact, since VM TCP has no packet filtering or firewalling capabilities, the reverse is true. There is a (small) performance advantage to using the VM stack, and the VIPA implementation is a little more mature, but there is no additional security benefit. -- db
