AIX LPARs, IVM and network segmentation
Posted on 2011-03-25
We have bought a couple of new IBM blades, each blade has two internal ethernet switch and is connected to other switches on the network. Our "friendly communication admins" has segmented the network in multiples VLANs. One of them is the IVM-VIOserver that is in another segment. I meant there's no connection between segments, all ports are closed. I have clear that between the IVM and LPARs there's services like ctrmc but dont know if they, the IVM and LAPRs needs others tcp or udop ports. ALso, I need multiples services between segments like NFS, SSH, portamp, xwindows are other..
1- Is there any document regarding best practices regarding connectivity between the VIOserver (IVM) and LPARs? Must they be in the same VLAN?
2- Is there any document or best practices regarding the configuration of internal blade's switches VLANS?
My boss is asking me if it's necesary to have TOO MUCH security inside the blade or not. Take in mind there's only one VIOserver by blade and it's not easy to make changes constantly on it because a new vlan is added to the blade.[
is my spanish-english clear for you? :-)