IBM i 7.2 support of Virtual LAN allows using a single adapter to connect to multiple VLANs. If your system must connect to multiple VLANs, this support can allow you to reduce the number of adapters needed or add redundant network connections without adding additional adapters.
Each VLAN is identified by a VLAN identifier from 1 to 4094. The configuration of your network equipment determines which VLAN IDs are used and how they are used within your network. IBM i TCP/IP supports the IEEE 802.1Q standard for accessing multiple VLANs on an Ethernet network. VLANs can be used with any Ethernet adapters including Virtual Ethernet and Ethernet Link Aggregate line descriptions.
Before your system can connect to multiple VLANs on a single adapter, your network administrator must configure the network switch port to which the IBM i Ethernet adapter is connected to allow access to multiple VLANs. Details will vary based on the network equipment, but the port must be configured for what is commonly called trunk mode.Configuring your system to access these VLANs only requires specifying the VLAN ID when you add new IPv4 or IPv6 interfaces. This can be done through either the IBM Navigator for i “New Interface” wizard or the Add TCP/IP Interface (ADDTCPIFC) CL command. For example, using ADDTCPIFC, the following command configures a new interface on line description ETH2 using a VLAN ID of 3:
ADDTCPIFC INTNETADR('192.168.41.62') LIND(ETH2 3) SUBNETMASK('255.255.255.0’)
When configuring IP filter rules or VPN policy filters, VLANs are specified using an alternate format of linename.vlanid. For example, setting filter rules on VLAN 3 of line ETH2 would use a FILTER_INTERFACE statement with a line specified as ETH2.3. The IBM Navigator for i packet rules editor and VPN policy wizards will use this format when listing lines for your selection and when updating the policy rules configuration files.
Note that ‘.’ is a valid character in line names. If you will be using VLANs, it is best to not use “.number” within the line name itself. Within this context, “ETH2.3” would be ambiguous if you had IP interfaces configured on a line description named ETH2.3 as well as IP interfaces configured on VLAN 3 of a line description named ETH2.
Enhancements are also available for IBM i Communications Trace that allow you to limit the trace to a specific VLAN using a new filter option on the STRCMNTRC command. For example,
STRCMNTRC CFGOBJ(ETH2) CFGTYPE(*LIN) CMNTRCOPTS(*VRTLANID) VRTLANID(3)
will capture only packets sent or received on VLAN 3 of line ETH2. When printing a communications trace, the VLAN tag header, which is used to specify the target VLAN, is formatted when present to allow you to determine which VLAN on which a packet was sent or received.
This blog post was originally published on IBMSystemsMag.com and is reproduced here by permission of IBM Systems Media.