friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6290434003
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakg_5.4.0.1/rzakgscenario3.htm

192 lines
12 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="reference" />
<meta name="DC.Title" content="Example: DHCP and multihoming" />
<meta name="abstract" content="You can learn how to set up the iSeries server as a DHCP server for a LAN that is connected to the Internet by an Internet router." />
<meta name="description" content="You can learn how to set up the iSeries server as a DHCP server for a LAN that is connected to the Internet by an Internet router." />
<meta name="DC.Relation" scheme="URI" content="rzakgexampleparent.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakgscenario1.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakgproblemnoip.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakgscenario3" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Example: DHCP and multihoming</title>
</head>
<body id="rzakgscenario3"><a name="rzakgscenario3"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Example: DHCP and multihoming</h1>
<div><p>You can learn how to set up the iSeries™ server as a DHCP server for a
LAN that is connected to the Internet by an Internet router.</p>
<div class="section"><p>This example is much like the first example, Simple DHCP subnet.
In this example, the data entry clients are only communicating amongst themselves
and the iSeries server.
They obtain their IP information dynamically from the iSeries' DHCP server.</p>
<p>However,
a new version of their data entry application requires that the network communicates
with the Internet, and the company decided to provide Internet access through
an Internet router as shown in Figure 4-1. In addition to the router, the
administrator also added another interface with an IP address to communicate
with the Internet. When multiple IP addresses are assigned to the same adapter,
the iSeries server
is multihoming.</p>
<div class="fignone"><span class="figcap">Figure 1. Using DHCP with multiple IP addresses assigned
to the same adapter</span><br /><img src="rzakg503.gif" alt="Using DHCP with multiple IP addresses assigned to the same adapter." /><br /></div>
<div class="note"><span class="notetitle">Note:</span> Although this is a feasible way to connect your network to the
Internet, it is not the most secure. It suits the purposes of this DHCP example,
but you should consider the security implications when you configure your
own DHCP server.</div>
<p>The DHCP setup must take into account that the iSeries server
is known by two different IP addresses. To understand how to set up DHCP correctly
for this scenario, it is helpful to understand what happens when a client
sends out a DHCP DISCOVER packet.</p>
<p>When a client sends out a DHCP DISCOVER
packet, it is broadcast on the ring. Therefore, iSeries server cannot determine
which IP address the packet was intended for. If this packet is marked with
the 10.1.1.1 interface IP (the one used for DHCP), your clients receive their
IP information as expected. But it is possible that the packet can actually
get marked with the 192.168.1.1 address (the one connected to the Internet).
If the packet is received on the 192.168.1.1 interface, your data entry client
does not receive any IP information.</p>
<p>To set up DHCP in this situation,
you need to not only create the data entry DHCP subnet, but also one for the
Internet network. The Internet policy consists of a subnet with no available
addresses. The easiest way to do this is to define the subnet with at least
one IP address (like 192.168.1.1), then exclude that same IP address. With
the two subnets defined, you now combine the two (or more) subnets into a
subnet group. If the DISCOVER packet gets marked with the 192.168.1.1 interface,
the data entry subnet will still issue valid IP information.</p>
<p>To make
this scenario work, the policy for the Data Entry subnet must pass its clients
their router address for access to the Internet. In this case, the router
address is the iSeries interface
of 10.1.1.1. You must also set IP Datagram forwarding to 'on' for the two
interfaces to route packets to each other. This example uses reserved IP addresses
to represent both internal and external IP addresses. If your network matches
this scenario, you also need to use NAT for your Data Entry clients to communicate
with the Internet.</p>
<p>Using subnet groups to eliminate this marking problem
is not only limited to multihoming examples. Any time multiple interfaces
connect to the same network, you can encounter the same problem. The following
figure illustrates how the iSeries server can have two physical connections
to the data entry network. This network configuration requires a similar DHCP
group policy as the multihoming setup, because DHCP DISCOVER packets can conceivably
be answered by the 192.168.1.1 interface.</p>
<div class="fignone"><span class="figcap">Figure 2. Using DHCP with multiple
interfaces connected to the same network</span><br /><img src="rzakg504.gif" alt="Using DHCP with multiple interfaces connected to the same network." /><br /></div>
</div>
<div class="section"><h4 class="sectiontitle">Planning the DHCP setup for multihoming</h4>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" width="100%" frame="border" border="1" rules="all"><caption>Table 1. Global configuration options (applies to all clients served by the
DHCP server)</caption><thead align="left"><tr><th valign="top" width="42.2680412371134%" id="d0e75">Object</th>
<th valign="top" width="57.73195876288659%" id="d0e77">Value</th>
</tr>
</thead>
<tbody><tr><td valign="top" width="42.2680412371134%" headers="d0e75 ">Is the server performing DNS updates?</td>
<td valign="top" width="57.73195876288659%" headers="d0e77 ">No</td>
</tr>
<tr><td valign="top" width="42.2680412371134%" headers="d0e75 ">Is the server supporting BOOTP clients?</td>
<td valign="top" width="57.73195876288659%" headers="d0e77 ">No</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" width="100%" frame="border" border="1" rules="all"><caption>Table 2. Subnet for Data Entry clients</caption><thead align="left"><tr><th colspan="2" valign="top" id="d0e99">Object</th>
<th valign="top" width="58.18815331010453%" id="d0e101">Value</th>
</tr>
</thead>
<tbody><tr><td colspan="2" valign="top" headers="d0e99 ">Subnet name</td>
<td valign="top" width="58.18815331010453%" headers="d0e101 ">Data Entry</td>
</tr>
<tr><td colspan="2" valign="top" headers="d0e99 ">Addresses to manage</td>
<td valign="top" width="58.18815331010453%" headers="d0e101 ">10.1.1.2 - 10.1.1.150</td>
</tr>
<tr><td colspan="2" valign="top" headers="d0e99 ">Lease time</td>
<td valign="top" width="58.18815331010453%" headers="d0e101 ">24 hours (default)</td>
</tr>
<tr><td rowspan="4" valign="top" width="13.937282229965156%" headers="d0e99 ">Configuration options </td>
<td valign="top" width="27.874564459930312%" headers="d0e99 ">option 1: Subnet mask </td>
<td valign="top" width="58.18815331010453%" headers="d0e101 ">255.255.255.0 </td>
</tr>
<tr><td valign="top" width="27.874564459930312%" headers="d0e99 ">option 3: Router </td>
<td valign="top" width="58.18815331010453%" headers="d0e101 ">10.1.1.1 </td>
</tr>
<tr><td valign="top" width="27.874564459930312%" headers="d0e99 ">option 6: Domain name server </td>
<td valign="top" width="58.18815331010453%" headers="d0e101 ">10.1.1.1 </td>
</tr>
<tr><td valign="top" width="27.874564459930312%" headers="d0e99 ">option 15: Domain name</td>
<td valign="top" width="58.18815331010453%" headers="d0e101 ">mycompany.com </td>
</tr>
<tr><td colspan="2" valign="top" headers="d0e99 ">Subnet addresses not assigned by server</td>
<td valign="top" width="58.18815331010453%" headers="d0e101 ">10.1.1.1 (Router, DNS server)</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" width="100%" frame="border" border="1" rules="all"><caption>Table 3. Subnet for Internet clients (empty Subnet)</caption><thead align="left"><tr><th valign="top" width="41.62436548223351%" id="d0e154">Object</th>
<th valign="top" width="58.37563451776649%" id="d0e156">Value</th>
</tr>
</thead>
<tbody><tr><td valign="top" width="41.62436548223351%" headers="d0e154 ">Subnet name</td>
<td valign="top" width="58.37563451776649%" headers="d0e156 ">Internet</td>
</tr>
<tr><td valign="top" width="41.62436548223351%" headers="d0e154 ">Addresses to manage</td>
<td valign="top" width="58.37563451776649%" headers="d0e156 ">192.168.1.1 - 192.168.1.1</td>
</tr>
<tr><td valign="top" width="41.62436548223351%" headers="d0e154 ">Subnet addresses not assigned by server</td>
<td valign="top" width="58.37563451776649%" headers="d0e156 ">192.168.1.1 (All IP addresses available)</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" width="100%" frame="border" border="1" rules="all"><caption>Table 4. Subnet group for all incoming DISCOVER
packets</caption><thead align="left"><tr><th valign="top" width="41.62436548223351%" id="d0e182">Object</th>
<th valign="top" width="58.37563451776649%" id="d0e184">Value</th>
</tr>
</thead>
<tbody><tr><td valign="top" width="41.62436548223351%" headers="d0e182 ">Subnet Group Name</td>
<td valign="top" width="58.37563451776649%" headers="d0e184 ">Multihomed</td>
</tr>
<tr><td valign="top" width="41.62436548223351%" headers="d0e182 ">Subnets included in group</td>
<td valign="top" width="58.37563451776649%" headers="d0e184 "><p>Subnet Internet<br />
Subnet DataEntry</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section"><h4 class="sectiontitle">Other setup</h4><ul><li>Set IP Datagram forwarding to 'on' for the two interfaces</li>
<li>Set up NAT for the Data Entry clients</li>
</ul>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakgexampleparent.htm" title="By reviewing diagrams and examples of how different networks are set up, you can determine which is the best choice for your installation.">DHCP examples</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzakgproblemnoip.htm" title="Problems might occur if the clients cannot receive an IP address or the configuration information. An IP address is leased to a client through a four-step process between the client and the DHCP server.">Problem: Clients are not receiving an IP address or their configuration information</a></div>
</div>
<div class="relref"><strong>Related reference</strong><br />
<div><a href="rzakgscenario1.htm" title="You can learn how to set up the iSeries server as a DHCP server in a simple LAN with four PC clients and a LAN-based printer.">Example: Simple DHCP subnet</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink