> > ??? Shouldn't the topology not change? Other than physical host > > changes, > I've > > been assuming the LGR stuff effectively is a unit black box from > external hosts. > > Topology doesn't change, but traffic flow does. If two virtual servers are > using the same VSWITCH on System A, they communicate directly, without > external bridging. If one of them relocates to System B, then the guests > virtual NICs will be reconnected to a VSWITCH on System B. Even though the > two VSWITCHes have the same name, they may be using different OSAs > (e.g. on different CECs). Once they are on different OSAs, then traffic will > leave the box.
Hmm. This should probably go in the planning guide, then. Sounds like a good recommendation for a small dedicated switch for this purpose, or we need to put in a requirement that OSAs linked to cluster nodes have a way to turn on encryption for externally connected traffic. > > It is kinda surprising that VM and MVS still ship with plaintext > > tn3270 > as the > > default. > > > > Sounds like a requirement. > > As long as you don't mind the system having a default self-signed certificate, > it's feasible. Better than nothing, I'd say. I'll write it up when I have spare time. BTW, is the vmnet code from the old SSL server still a supported interface? ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
