• Outside—All instances use the Port-Channel2 interface (data-sharing type). This EtherChannel includes
two 10 Gigibit Ethernet interfaces. Within each application, the interface uses a unique IP address on
the same outside network.
• Failover—Each instance uses a subinterface on Port-Channel3 (data type). This EtherChannel includes
two 10 Gigibit Ethernet interfaces. Each subinterface is on a separate network.
Figure 11: Typical Multi-Instance Deployment
Automatic MAC Addresses for Instance Interfaces
The chassis automatically generates MAC addresses for instance interfaces, and guarantees that a shared
interface in each instance uses a unique MAC address.
If you manually assign a MAC address to a shared interface within the instance, then the manually-assigned
MAC address is used. If you later remove the manual MAC address, the autogenerated address is used. In the
rare circumstance that the generated MAC address conflicts with another private MAC address in your network,
we suggest that you manually set the MAC address for the interface within the instance.
Because autogenerated addresses start with A2, you should not start manual MAC addresses with A2 due to
the risk of overlapping addresses.
The chassis generates the MAC address using the following format:
A2xx.yyzz.zzzz
Where xx.yy is a user-defined prefix or a system-defined prefix, and zz.zzzz is an internal counter generated
by the chassis. The system-defined prefix matches the lower 2 bytes of the first MAC address in the burned-in
MAC address pool that is programmed into the IDPROM. Use connect fxos, then show module to view the
Multi-Instance Mode for the Secure Firewall 3100
13
Multi-Instance Mode for the Secure Firewall 3100
Automatic MAC Addresses for Instance Interfaces
To Next Page
Loading...
Need help?
General