Figure 10: Cascading Instances
Do not use cascading instances (using a shared interface) with High Availability. After a failover occurs and
the standby unit rejoins, MAC addresses can overlap temporarily and cause an outage. You should instead
use unique interfaces for the gateway instance and inside instance using an external switch to pass traffic
between the instances.
Note
Typical Multi-Instance Deployment
The following example includes three container instances in routed firewall mode. They include the following
interfaces:
• Management—All instances and the chassis use the dedicated Management interface. Within each
instance (and the chassis), the interface uses a unique IP address on the same management network.
• Inside—Each instance uses a subinterface on Port-Channel1 (data type). This EtherChannel includes
two 10 Gigibit Ethernet interfaces. Each subinterface is on a separate network.
Multi-Instance Mode for the Secure Firewall 3100
12
Multi-Instance Mode for the Secure Firewall 3100
Typical Multi-Instance Deployment
To Next Page
Need help?
General