Getting started with Trusted Firewall
Learn about using the Trusted Firewall feature that is supported on the PowerSC Editions. You can use this feature to perform intervirtual LAN routing functions by using the Security Virtual Machine (SVM) kernel extension.
With Virtual I/O Server (VIOS) Version 2.2.1.4, or later, you can configure and manage the Trusted Firewall feature. By using this feature, logical partitions on different VLANs of the same server can communicate through the shared Ethernet adapter. The shared Ethernet adapter calls the intervirtual LAN routing functions through the SVM kernel extension.
The SVM kernel extension consists of the following intervirtual
LAN routing functions:
- Layer 3 routing: VLANs represent different logical networks. Therefore, a layer 3 router is required to connect the VLANs.
- Network filtering rules: Network filtering rules are required to permit, deny, or route intervirtual LAN network traffic. Network filtering rules can be configured by using the VIOS command-line interface.
The following table lists the commands that can be used to configure and manage the Trusted Firewall feature by using the VIOS command-line interface.
| Command | Description |
|---|---|
| chvfilt | Changes the definition of a VLAN-crossing filter rule in the filter rule table. |
| genvfilt | Adds a filter rule for the VLAN-crossing between logical partitions on the same Power Systems server. |
| lsvfilt | Lists the VLAN-crossing filter rules and their status. |
| mkvfilt | Activates the VLAN-crossing filter rules that are defined by the genvfilt command. |
| rmvfilt | Removes the VLAN-crossing filter rules from the filter table. |
| vlantfw | Displays or clears the IP and Media Access Control (MAC) mappings. |