Multiple Shared Ethernet Adapters
You can configure Trusted Firewall on systems that use multiple Shared Ethernet Adapters.
Some configurations use multiple Shared Ethernet Adapters (SEAs) on the same Virtual I/O Server > (VIOS ). Multiple SEAs can provide benefits of failover protection and resource leveling. Trusted Firewall supports routing across multiple SEAs, provided they are on the same VIOS .
Figure 1 shows an environment using multiple SEAs.
The following are examples of multiple SEA configurations that are supported by Trusted Firewall:
- The SEAs are configured with trunk adapters on the same Power® hypervisor virtual switch. This configuration is supported because each SEA receives network traffic with different VLAN IDs.
- The SEAs are configured with trunk adapters on different Power hypervisor virtual switches, and each trunk adapter is on a different VLAN ID. In this configuration, each SEA still receives network traffic by using different VLAN IDs.
- The SEAs are configured with trunk adapters on different Power hypervisor virtual switches, and the same VLAN IDs are reused on the virtual switches.
In this case, the traffic for both SEAs has the same VLAN IDs.
An example of this configuration is having LPAR2 on VLAN200 with virtual switch 10 and LPAR3 on VLAN200 with virtual switch 20. Because both LPARs and their corresponding SEAs use the same VLAN ID (VLAN200), both of the SEAs have access to the packets with that VLAN ID.
You cannot enable bridging on more than one VIOS . For this reason, the following multiple SEA
configurations are not supported by Trusted Firewall:
- Multiple VIOS and multiple SEA drivers.
- Redundant SEA load sharing: Trunk adapters that are configured for inter-VLAN routing cannot be split between VIOS servers.