z/VM Virtual Networking Hints and Tips - one IP address in multiple VLANs

• Using the same IP Address in two different VLANs

  In general, it is not a good idea to have two hosts with the same IP Address. However, there are two options for supporting this configuration with Guest LAN or VSWITCH.

  1. The OSA Express IP Layer implementation isolates specific network frames by VLAN tag, but does not isolate IP Address registration by VLAN group. Therefore, you must create two Guest LAN segments, or two VSWITCH segments using two different OSA cards, to allow two different hosts to register the same IP Address. Two Guest LAN segments would automatically be isolated (unless a virtual router is deployed) and two VSWITCH segments would be isolated if the external switch hardware configures a unique VLAN ID set for each physical OSA connection.

  2. Link Layer networks (ETHERNET or Layer 2). The OSA Express Layer 2 implementation allows the hosts to manage IP addresses and ARP cache, so it is possible to have a single Guest LAN segment (or VSWITCH segment) where two different hosts use the same IP Address on different VLAN groups. The network must be defined with the ETHERNET option (instead of the default IP Layer options), and the virtual hosts must be configured to use layer2 (instead of the default). The ARP traffic for a given VLAN group will be visible only to authorized members of that VLAN group. Note, however, that in order to support this configuration, neither host can be a member of the VLAN group assigned to the other. Furthermore, all switches and routers in the broadcast domain must be configured to avoid forwarding network frames from one VLAN to the other.

This document is maintained by:

Montana Lee
z/VM Development
montanalee@ibm.com