When the appliance switches from normal operation to hardware bypass or from hardware bypass back
to normal operation, traffic may be interrupted for several seconds. A number of factors can affect the
length of the interruption; for example, behavior of the optical link partner such as how it handles link
faults and debounce timing; spanning tree protocol convergence; dynamic routing protocol convergence;
and so on. During this time, you may experience dropped connections.
Note
There are three configuration options for hardware bypass network modules:
• Passive interfaces—Connection to a single port.
For each network segment you want to monitor passively, connect the cables to one interface. This is
how the nonhardware bypass network modules operate.
• Inline interfaces—Connection to any two like ports (10 Gb to 10 Gb for example) on one network module,
across network modules, or fixed ports.
For each network segment you want to monitor inline, connect the cables to pairs of interfaces.
• Inline with hardware bypass interfaces—Connection of a hardware bypass paired set.
For each network segment that you want to configure inline with fail-open, connect the cables to the
paired interface set.
For the 40-Gb network module, you connect the two ports to form a paired set. For the 1/10-Gb network
modules, you connect the top port to the bottom port to form a hardware bypass paired set. This allows
traffic to flow even if the security appliance fails or loses power.
If you have an inline interface set with a mix of hardware bypass and nonhardware bypass interfaces,
you cannot enable hardware bypass on this inline interface set. You can only enable hardware bypass
on an inline interface set if all the pairs in the inline set are valid hardware bypass pairs.
Note
For More Information
• See 1-Gb Network Module with Hardware Bypass , on page 16 for a description of the 1-Gb network
module.
• See 40-Gb Network Module with Hardware Bypass , on page 18 for a description of the 40-Gb
network module.
• See 1-Gb SX/10-Gb SR/10-Gb LR Network Module with Hardware Bypass , on page 19 for a
description of the 1-GB SX, 10-GB SR, and LR network modules.
• See Install, Remove, and Replace the Network Module for the procedure for removing and replacing
single-wide network modules.
1-Gb Network Module with Hardware Bypass
The following figure shows the front panel view of the 1-Gb network module with hardware bypass
(FPR-NM-8X1G-F). Pair ports 1 and 2, 3 and 4, 5 and 6, and 7 and 8 to form hardware bypass paired sets.
Overview
16
Overview
1-Gb Network Module with Hardware Bypass
To Next Page
Loading...
Need help?
General