RE: [OpenVMPS-devel] Changing VLANs while the host is connected
Brought to you by:
dori_seliskar
Menu
▾
▴
RE: [OpenVMPS-devel] Changing VLANs while the host is connected
|
From: David S. <dav...@me...> - 2005-11-03 08:54:54
|
Would you be able to send the part of the PHP script that shutsdown and restarts the individual port? Thanks Dave System Administrator m/v Africa Mercy Mercy Ships tel: 0191 483 8413 ex 108 fax: 0870 460 0764 > -----Original Message----- > From: vmp...@li... > [mailto:vmp...@li...] On Behalf Of > Sean Boran > Sent: 03 November 2005 08:41 > To: vmp...@li... > Subject: RE: [OpenVMPS-devel] Changing VLANs while the host > is connected > > > > I've a PHP script that shutdown/starts the Switch port via SNMP. > Is that what you mean? > > I've a major problem with hubs though, individualt ports work OK. > > Sean > > > -----Original Message----- > > From: vmp...@li... > > [mailto:vmp...@li...] On Behalf Of > > David Smith > > Sent: jeudi, 3. novembre 2005 09:26 > > To: vmp...@li... > > Subject: RE: [OpenVMPS-devel] Changing VLANs while the host > > is connected > > > > How do you deal with a changed vLan? In our system, when we > > change a vLan, > > we also need the client to get a new IP address to continue > > operation. Doing > > a reboot is sufficient for us, how do you tell the switch to > > recheck it's > > ports? > > > > Dave > > System Administrator > > m/v Africa Mercy > > Mercy Ships > > tel: 0191 483 8413 ex 108 > > fax: 0870 460 0764 > > > > > > > -----Original Message----- > > > From: vmp...@li... > > > [mailto:vmp...@li...] On Behalf Of > > > Sean Boran > > > Sent: 03 November 2005 07:34 > > > To: vmp...@li... > > > Subject: RE: [OpenVMPS-devel] Changing VLANs while the host > > > is connected > > > > > > > > > Hi, > > > > > > I use 1.3 too, but I found that I often have to restart ports > > > to get them to > > > change Vlan. But for me the problem was the switch not > sending a VQP > > > request, as opposed to vmpsd giving the wrong answer. > > > > > > Sean > > > > > > > -----Original Message----- > > > > From: vmp...@li... > > > > [mailto:vmp...@li...] On Behalf Of > > > > Matthew Wilson > > > > Sent: mercredi, 2. novembre 2005 20:46 > > > > To: vmp...@li... > > > > Subject: [OpenVMPS-devel] Changing VLANs while the host > > is connected > > > > > > > > Hello! First off, thanks so much to the writers of OpenVMPS, > > > > we've been > > > > able to do wonderful things with it for the past couple > > > years (~2,000 > > > > clients). > > > > > > > > We use OpenVMPS to help us quarentine virus infected hosts. > > > > Problem is, > > > > when we find an infected host, change the vlan in the > config and > > > > reconfirm the switch while the PC is still connected, the > > > > vmps sends a > > > > DENY message. However, if I disconnected the host from the > > > > switch, and > > > > reconnect, it gets the appropriate vlan. This behavior > > > only became a > > > > problem when we upgraded from 1.0 to 1.3. In 1.0, the vmps > > > > would send > > > > an ALLOW message along with the correct new vlan. > > > > > > > > Here is my config: > > > > ================================== > > > > vmps domain ungoliant > > > > vmps mode open > > > > vmps fallback default > > > > vmps no-domain-req deny > > > > vmps-mac-addrs > > > > address 00d0.b7b3.6516 vlan-name VLAN0103 > > > > > > > > Here is the log in v1.3: > > > > ================================== > > > > VQP Request > > > > Unknown: 1 > > > > Request Type: 3 > > > > Response: 0 > > > > No. Data Items: 6 > > > > Sequence No.: 48 > > > > Client IP address: 10.2.1.54 > > > > Port name: Fa0/10 > > > > Vlan name: VLAN0102 > > > > Domain name: Ungoliant > > > > MAC address: 00d0b7b36516 > > > > DENY: 00d0b7b36516 -> (null), switch 10.2.1.54 port Fa0/10 > > > > > > > > And now the log (using the same config) using v1.0: > > > > ================================== > > > > VQP Request > > > > Unknown: 1 > > > > Request Type: 3 > > > > Response: 0 > > > > No. Data Items: 6 > > > > Sequence No.: 40 > > > > Client IP address: 10.2.1.54 > > > > Port name: Fa0/10 > > > > Vlan name: VLAN0102 > > > > Domain name: Ungoliant > > > > Vlan name: VLAN0102 > > > > MAC address: 00d0b7b36516 > > > > ALLOW: 00d0b7b36516 -> VLAN0103, switch 10.2.1.54 port Fa0/10 > > > > > > > > > > > > Is this the expected result? I think it's reasonable > > > > that a VLAN could change while a PC is still connected > > > > to the port. Is this configurable? > > > > > > > > Thanks for any help you can give! > > > > Matthew > > > > > > > > > > > > > > > > ------------------------------------------------------- > > > > SF.Net email is sponsored by: > > > > Tame your development challenges with Apache's Geronimo App > > > > Server. Download > > > > it for free - -and be entered to win a 42" plasma tv or > > > your very own > > > > Sony(tm)PSP. Click here to play: > > > http://sourceforge.net/geronimo.php > > > > _______________________________________________ > > > > Vmps-devel mailing list > > > > Vmp...@li... > > > > https://lists.sourceforge.net/lists/listinfo/vmps-devel > > > > > > > > > > > > > > > > ------------------------------------------------------- > > > SF.Net email is sponsored by: > > > Tame your development challenges with Apache's Geronimo App > > > Server. Download > > > it for free - -and be entered to win a 42" plasma tv or > > your very own > > > Sony(tm)PSP. Click here to play: > > http://sourceforge.net/geronimo.php > > > _______________________________________________ > > > Vmps-devel mailing list > > > Vmp...@li... > > > https://lists.sourceforge.net/lists/listinfo/vmps-devel > > > > > > > > > > > ------------------------------------------------------- > > SF.Net email is sponsored by: > > Tame your development challenges with Apache's Geronimo App > > Server. Download > > it for free - -and be entered to win a 42" plasma tv or > your very own > > Sony(tm)PSP. Click here to play: > http://sourceforge.net/geronimo.php > > _______________________________________________ > > Vmps-devel mailing list > > Vmp...@li... > > https://lists.sourceforge.net/lists/listinfo/vmps-devel > > > > > > ------------------------------------------------------- > SF.Net email is sponsored by: > Tame your development challenges with Apache's Geronimo App > Server. Download > it for free - -and be entered to win a 42" plasma tv or your very own > Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php > _______________________________________________ > Vmps-devel mailing list > Vmp...@li... > https://lists.sourceforge.net/lists/listinfo/vmps-devel > |
