EasyManua.ls Logo

Allen-Bradley Stratix 5950 - Hardware Bypass Limitations

Allen-Bradley Stratix 5950
130 pages
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Rockwell Automation Publication 1783-UM010C-EN-P - June 2019 83
Hardware Bypass Chapter 6
Limitations of Hardware
Bypass
You must carefully consider enabling the bypass feature and its interoperability
with other features. Here are some considerations to keep in mind.
When using port security, the Stratix 5950 security appliance acts as
another MAC address on the link. You must enable one more MAC
allowed on the port of the switch than expected.
A Stratix 5950 security appliance cannot be placed on a link with Port
Security enabled. In general, placement of the appliance on a link with
Port Security enabled affects the following.
Port Security limits on the number and value of MAC addresses on
that link. These limits could be a manual CLI configuration
Any Smartport configuration that automatically sets Port Security
configuration, for example, Automation Device, Desktop for
Automation.
Bypass mode is supported only in transparent mode. No CLI commands
are available in the routed mode to configure bypass.
Bridge-groups must contain g1/1, g1/2, or g1/3 and g3/4 for them to
work properly when bypass is configured. If a bridge-group is defined
with some ports bypass enabled and other ports bypass disabled, then
there would be packet drops from/to ports for which bypass is enabled
Disable the bypass feature when using subinterfaces and EtherChannel
features.
You have to disable the bypass feature to use HA and vice versa.
After bypass is disabled and ASA starts to process packets, all TCP
sessions have to be reinitiated like FTP and Telnet sessions. UDP and
single packets can still pass. The ongoing FTP session packets are
dropped mid-way once ASA starts to process packets. CIP™ connected
messages and unconnected packets have the same behavior and are
dropped in ASA.
Hardware Bypass CLI
The following are the CLI commands to support hardware bypass feature.
show hardware-bypass
This CLI displays the status of the bypass on a particular port set. The status
details the state of the relays on powerfail, sticky and manual as well.
stratix5950# show hardware-bypass
Status Powerdown Powerup
Gigabitethernet 1/1-1/2 Enable/Disable Enable/disable Enable/Disable
Gigabitethernet 1/3-1/4 Enable/Disable Enable/Disable Enable/Disable

Table of Contents