Interfaces
This section describes the various types of interfaces and how they are used in a VSX configuration.
Interface Types
The principal interface types are:
-
Physical Interface
-
VLAN interface
-
Warp Link (including unnumbered interfaces)
|
|
Notes:
|
Physical Interfaces
Physical interfaces connect a VSX Gateway to Management Server and to internal and external networks.
There are different types of physical interfaces used in a VSX Gateway:
-
Dedicated Management Interface: Connects the VSX Gateway to the Management Server when it is locally managed.
If the VSX Gateway is remotely managed, the management connection arrives through the external or internal interface.
-
External interface: Connects the VSX Gateway to the Internet or other untrusted networks.
-
Internal Interface: Connects the VSX Gateway to a protected network.
-
Synchronization Interface: Connects one VSX Cluster Member to other VSX Cluster Members for state synchronization.
You can install and configure more physical interfaces to a Virtual Device as required.
A VSX Gateway can theoretically contain as many physical interfaces as permitted by VSX Gateway hardware and memory constraints.
VLAN Interfaces
Virtual Systems typically connect to protected VLAN networks using IEEE 802.1q compliant VLAN Interfaces.
The networks are connected to ports on an 802.1q-compliant switch that trunks all traffic via a single physical interface to the VSX Gateway.
VSX uses VLAN tags to direct the Ethernet frames to the specific Virtual System handling each network.
VSX assigns a virtual VLAN interface to each VLAN tag on a specific physical interface.
For example: VLAN tag 100 on eth3 will be assigned a virtual interface named eth3.100.
Warp Links
|
|
Note - Security Groups in Maestro and Scalable Chassis do not support Virtual Routers (Known Limitation 01413513). |
A Warp Link is a virtual point-to-point connection between a Virtual System and a Virtual Router or Virtual Switch.
Each side of a Warp Link represents a virtual interface with the appropriate Virtual Device.
VSX automatically assigns a name to each virtual interface when administrators create the link.
Warp Interfaces on the Virtual System side are assigned the prefix wrp and those on the Virtual Router / Virtual Switch side are assigned the prefix wrpj.
In both cases, VSX appends a unique number to the prefix to form the interface name.
When connected to a Virtual Switch, VSX also assigns a unique MAC address to each Warp Link.
Unnumbered Interfaces
VSX lets you reduce the number of IP addresses required for a VSX network deployment when using one or more Virtual Routers.
A Warp Link connected to a Virtual Router can "borrow" an existing IP address from another interface, instead of assigning a dedicated address to the interface leading to a Virtual Router.
This capability is known as an Unnumbered Interface.
|
Item |
Description |
|---|---|
|
1 |
VSX Gateway |
|
2 |
The external interface serves as the next hop from the Virtual Router |
|
3 |
External |
|
4 |
Virtual Router |
|
5 |
Unnumbered External Interfaces IP "borrowed" from internal interfaces |
|
6 |
Internal Interfaces with predefined IP addresses |
|
7 |
Internal |
In this example, the external interfaces for each Virtual System are unnumbered and borrow the IP address of the internal interfaces.
Unnumbered interfaces act as the next hop from the Virtual Router.
Unnumbered Interface Limitations
The following limitations apply to Unnumbered Interfaces:
-
Unnumbered interfaces must connect to a Virtual Router.
-
You can only "borrow" an individual interface IP address once.
-
In order to use VPN or Hide NAT, the borrowed address must be routable.