Hello,
merry xmas to you all. I hope you can enjoy some stressless days with your loved ones.
I'm using the days off work to do some cleanup work here and there. One of that is that I want to migrate my routed (tun) network connection of an OS/390 instance running in Hercules 4.4.1.0-SDL, in turn running on a Linux Debian 11 machine, to tap. I want to spare multiple intermediate routing networks but have the machine appear at the local LAN with its designated MAC address.
The very same instance runs SNA 802.2 DLC on a bridged interface without issue.
Hercules runs as root, but I prefer preconfigured interfaces for Hercules to use.
I don't use the fancy new Network Manager, but stock /etc/network/interfaces configuration:
- Eth1 is the physical port connected to the LAN switch (works),
- Tap0 is the bridged interface for SNA (works),
- Tap1 is the bridged interface for IP (doesn't work).
---8<--- /etc/network/interfaces ---8<---
auto eth1 tap0 tap1 br0
# Hercules OS/390: Port LAN Port
iface eth1 inet manual
up /sbin/ip link set dev $IFACE up
# Hercules OS/390: TAPs for Bridging.
iface tap0 inet manual
pre-up /sbin/ip tuntap add mode tap
up /sbin/ip link set dev $IFACE address 02:00:FE:DF:00:42
up /sbin/ip link set dev $IFACE up
post-down /sbin/ip link del dev $IFACE
iface tap1 inet manual
pre-up /sbin/ip tuntap add mode tap
up /sbin/ip link set dev $IFACE address 02:00:FE:DF:01:42
up /sbin/ip link set dev $IFACE up
post-down /sbin/ip link del dev $IFACE
# Bridge everything together and assign an IP address to the bridge.
iface br0 inet static
address 192.168.59.12
netmask 255.255.255.128
gateway 192.168.59.1
bridge_ports tap0 tap1 eth1
---8<---
Hercules configuration excerpt:
---8<---
0E40 LCS -e SNA tap0
0E42.2 LCS tap1
---8<---
Relevant configuration excerpts from TCPIP.PROFILE.TCPIP:
---8<---
; Required for EE
DEVICE IUTSAMEH MPCPTP
LINK LSAMEH MPCPTP IUTSAMEH
DEVICE LCS1 LCS E42
LINK TAP1 ETHERNET 1 LCS1
HOME
192.168.59.89 TAP1
PRIMARYINTERFACE TAP1
GATEWAY
;
; Direct Routes - Routes that are directly connected to my interfaces.
;
; Network First Hop Link Pkt Subnet Mask Subnet Value
; Class Hop Name Size (excl. Class!) (Remainder)
;The next commented line gives us an error:
;17.10.00 STC00043 EZZ0312I THE SUBNET MASK ON LINE 230 CONTAINS AN INCORRECT VALUE 0.0
;192.168 = TAP1 1492 0.0.255.128 0.0.59.0
192.168.59 = TAP1 1492 0
DEFAULTNET 192.168.59.1 TAP1 1492 0
START LCS1
START IUTSAMEH
---8<---
Link starts without error:
17.55.46 STC00052 EZZ4314I INITIALIZATION COMPLETE FOR DEVICE LCS1, LINK TAP1
I can see the MAC addresses of all three bridged devices on the switch port:
sw-keller-1g#show mac address-table | incl Gi0/2$
1 0200.fedf.0043 DYNAMIC Gi0/2
1 0200.fedf.0143 DYNAMIC Gi0/2
1 7efc.3ef5.66ca DYNAMIC Gi0/2
Note that the TAP code automatically increments the MAC address given while configuring the interface by one. So, the host-local side of the TAP has 02:00:fe:df:01:42, but the guest-local side uses 02:00:fe:df:01:43!
But I can't ping.
When "S TCPIP" is run from the master console, the TCP/IP code seems to check for IP address collisions:
18:01:13.178327 02:00:fe:df:01:43 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.59.89 tell 192.168.59.89, length 46
Then it does a lookup because I've configured a DNS server (192.168.59.10):
18:01:13.784330 02:00:fe:df:01:43 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.59.10 tell 192.168.59.89, length 46
18:01:13.784723 00:50:56:98:0a:f8 > 02:00:fe:df:01:43, ethertype ARP (0x0806), length 60: Reply 192.168.59.10 is-at 00:50:56:98:0a:f8, length 46
18:01:14.811173 02:00:fe:df:01:43 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.59.10 tell 192.168.59.89, length 46
18:01:14.811627 00:50:56:98:0a:f8 > 02:00:fe:df:01:43, ethertype ARP (0x0806), length 60: Reply 192.168.59.10 is-at 00:50:56:98:0a:f8, length 46
This happens 11 times. Apparently, the ARP answer doesn't make it back to OS/390, because it tries multiple times?
Looking at 192.168.59.10's local ARP table, I see that the MAC address from tap1 is visible after S TCPIP but is purged after a while:
# arp -an |fgrep 192.168.59.89
? (192.168.59.89) at 02:00:fe:df:01:43 [ether] on ens160
# arp -an |fgrep 192.168.59.89
? (192.168.59.89) at <incomplete> on ens160
Now setting a static ARP entry on 192.168.59.10¡ but I still can't ping.
Looking at the local ARP cache of OS/390 via OMVS netstat -R ALL command shows that it only knows about its own MAC address and nothing else:
MVS TCP/IP onetstat CS V2R10 TCPIP Name: TCPIP
Querying ARP cache for address 192.168.59.89
Link: TAP1 ETHERNET: 0200FEDF0143
Unfortunately, I can't find out how to set a static ARP entry from OMVS. There seems to be no related command in ls /usr/lpp/tcpip/[s]?bin/
Browsing SG24-5227-01 (OS/390 eNetwork Communications Server V2R7 TCP/IP Implementation Guide
Volume 1: Configuration and Routing) there are some commands mentioned which aren't there in V2R10 ADCD, such as oeifconfig (PDF Page 506). The document can be obtained here:
Questions:
- How can I set a static arp entry in OS390 V2R10 ADCD?
- Is my GATEWAY configuration correct (sans assuming a /24 network instead of a /25)?
- Has anybody successfully established TCP/IP-Networking in a bridged environment as described above?
Thank you!
:wq! PoC
