Darn security :) Glad you found it... I asked that question because when I implemented vlans a few years ago, the physical switch ports were tagging all frames. Since I was doing something "new" it had to be me. Once we configured the physical switch to *not* tag packets associated with the primary vlan, all was good.
Patrick Carroll | Technology Architect II L.L.Bean, Inc.(r) | Double L St. | Freeport ME 04033 http://www.llbean.com | [email protected] | 207.552.2426 CONFIDENTIALITY NOTICE: This e-mail and any attachments may contain confidential information that is legally privileged. The information is solely for the use of the intended recipient(s). Any disclosure, copying, distribution, or other use of this information is strictly prohibited. If you have received this e-mail in error, please notify the sender by return e-mail and delete this message. -----Original Message----- From: Linux on 390 Port [mailto:[email protected]] On Behalf Of Martin, Terry R. (CMS/CTR) (CTR) Sent: Monday, April 04, 2011 2:38 PM To: [email protected] Subject: Re: VSWITCH and GRANT for VLAN Hi Pat Ok I figured it out. It was a RACF thing. I needed to add a specific profile for the vswtich even though the VMLAN RACF * class had UACC(UPDATE). Apparently it is looking for the specific SYSTEM.VSE4DD11.0851 (in my case). Thank You, Terry Martin Lockheed Martin CMS - CITIC 3300 Lord Baltimore Drive, Suite 200, 21244 Engineering Computing Mainframe Support Cell - 443 632-4191 -----Original Message----- From: Linux on 390 Port [mailto:[email protected]] On Behalf Of Pat Carroll Sent: Monday, April 04, 2011 1:16 PM To: [email protected] Subject: Re: VSWITCH and GRANT for VLAN Is the physical switch port configured to tag all frames, or just the primary vlan? Patrick Carroll | Technology Architect II L.L.Bean, Inc.(r) | Double L St. | Freeport ME 04033 http://www.llbean.com | [email protected] | 207.552.2426 CONFIDENTIALITY NOTICE: This e-mail and any attachments may contain confidential information that is legally privileged. The information is solely for the use of the intended recipient(s). Any disclosure, copying, distribution, or other use of this information is strictly prohibited. If you have received this e-mail in error, please notify the sender by return e-mail and delete this message. -----Original Message----- From: Linux on 390 Port [mailto:[email protected]] On Behalf Of Martin, Terry R. (CMS/CTR) (CTR) Sent: Monday, April 04, 2011 12:56 PM To: [email protected] Subject: VSWITCH and GRANT for VLAN Hi This weekend we changed the SWITCH on the Data Comm side to tag a new VLAN (581). Up to this point the switch was only set up for ACCESS switch not TRUNK with a default VLAN of 472. Now the SWITCH PORT is changed to handle TRUNKING. On my z/VM side I set up the VSWITCH to now handle VLAN tagging. Everything looks good on the switch side but when I try testing a z/Linux guest in terms of having it connect to the VSWITCH via VLAN 851 it still does not get to the Subnet pointed to by VLAN 581. I did the GRANT for this guest: SET VSWITCH VSE4DD11 GRANT E49L250D VLAN 851. What am I missing? Now I did not do anything with RACF for this do I need to allow something in RACF? Thanks! Thank You, Terry Martin Lockheed Martin CMS - CITIC 3300 Lord Baltimore Drive, Suite 200, 21244 Engineering Computing Mainframe Support Cell - 443 632-4191 ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/ ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/ ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/ ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
