RE: [OpenVMPS-devel] Changing VLANs while the host is connected
Brought to you by:
dori_seliskar
Menu
▾
▴
RE: [OpenVMPS-devel] Changing VLANs while the host is connected
|
From: David S. <dav...@me...> - 2005-11-03 08:26:16
|
How do you deal with a changed vLan? In our system, when we change a = vLan, we also need the client to get a new IP address to continue operation. = Doing a reboot is sufficient for us, how do you tell the switch to recheck = it's ports? Dave System Administrator m/v Africa Mercy Mercy Ships tel: 0191 483 8413 ex 108 fax: 0870 460 0764 > -----Original Message----- > From: vmp...@li...=20 > [mailto:vmp...@li...] On Behalf Of=20 > Sean Boran > Sent: 03 November 2005 07:34 > To: vmp...@li... > Subject: RE: [OpenVMPS-devel] Changing VLANs while the host=20 > is connected >=20 >=20 > Hi, >=20 > I use 1.3 too, but I found that I often have to restart ports=20 > to get them to > change Vlan. But for me the problem was the switch not sending a VQP > request, as opposed to vmpsd giving the wrong answer. >=20 > Sean =20 >=20 > > -----Original Message----- > > From: vmp...@li...=20 > > [mailto:vmp...@li...] On Behalf Of=20 > > Matthew Wilson > > Sent: mercredi, 2. novembre 2005 20:46 > > To: vmp...@li... > > Subject: [OpenVMPS-devel] Changing VLANs while the host is connected > >=20 > > Hello! First off, thanks so much to the writers of OpenVMPS,=20 > > we've been=20 > > able to do wonderful things with it for the past couple=20 > years (~2,000=20 > > clients). > >=20 > > We use OpenVMPS to help us quarentine virus infected hosts. =20 > > Problem is,=20 > > when we find an infected host, change the vlan in the config and=20 > > reconfirm the switch while the PC is still connected, the=20 > > vmps sends a=20 > > DENY message. However, if I disconnected the host from the=20 > > switch, and=20 > > reconnect, it gets the appropriate vlan. This behavior=20 > only became a=20 > > problem when we upgraded from 1.0 to 1.3. In 1.0, the vmps=20 > > would send=20 > > an ALLOW message along with the correct new vlan.=20 > >=20 > > Here is my config: > > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D > > vmps domain ungoliant > > vmps mode open > > vmps fallback default > > vmps no-domain-req deny > > vmps-mac-addrs > > address 00d0.b7b3.6516 vlan-name VLAN0103 > >=20 > > Here is the log in v1.3: > > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D > > VQP Request > > Unknown: 1 > > Request Type: 3 > > Response: 0 > > No. Data Items: 6 > > Sequence No.: 48 > > Client IP address: 10.2.1.54 > > Port name: Fa0/10 > > Vlan name: VLAN0102 > > Domain name: Ungoliant > > MAC address: 00d0b7b36516 > > DENY: 00d0b7b36516 -> (null), switch 10.2.1.54 port Fa0/10 > >=20 > > And now the log (using the same config) using v1.0: > > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D > > VQP Request > > Unknown: 1 > > Request Type: 3 > > Response: 0 > > No. Data Items: 6 > > Sequence No.: 40 > > Client IP address: 10.2.1.54 > > Port name: Fa0/10 > > Vlan name: VLAN0102 > > Domain name: Ungoliant > > Vlan name: VLAN0102 > > MAC address: 00d0b7b36516 > > ALLOW: 00d0b7b36516 -> VLAN0103, switch 10.2.1.54 port Fa0/10 > >=20 > >=20 > > Is this the expected result? I think it's reasonable > > that a VLAN could change while a PC is still connected > > to the port. Is this configurable? > >=20 > > Thanks for any help you can give! > > Matthew > >=20 > >=20 > >=20 > > ------------------------------------------------------- > > SF.Net email is sponsored by: > > Tame your development challenges with Apache's Geronimo App=20 > > Server. Download > > it for free - -and be entered to win a 42" plasma tv or=20 > your very own > > Sony(tm)PSP. Click here to play:=20 > http://sourceforge.net/geronimo.php > > _______________________________________________ > > Vmps-devel mailing list > > Vmp...@li... > > https://lists.sourceforge.net/lists/listinfo/vmps-devel > >=20 >=20 >=20 >=20 > ------------------------------------------------------- > SF.Net email is sponsored by: > Tame your development challenges with Apache's Geronimo App=20 > Server. Download > it for free - -and be entered to win a 42" plasma tv or your very own > Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php > _______________________________________________ > Vmps-devel mailing list > Vmp...@li... > https://lists.sourceforge.net/lists/listinfo/vmps-devel >=20 |
