sending a pause frame to stop sending until the condition clears. Upon receipt of a pause frame, the sending
device stops sending any data packets, which prevents any loss of data packets during the congestion period.
The threat defense supports transmitting pause frames so that the remote peer can rate-control
the traffic.
However, receiving of pause frames is not supported.
Note
The internal switch has a global pool of 8000 buffers of 250 bytes each, and the switch allocates buffers
dynamically to each port. A pause frame is sent out every interface with flow control enabled when the buffer
usage exceeds the global high-water mark (2 MB (8000 buffers)); and a pause frame is sent out of a particular
interface when its buffer exceeds the port high-water mark (.3125 MB (1250 buffers)). After a pause is sent,
an XON frame can be sent when the buffer usage is reduced below the low-water mark (1.25 MB globally
(5000 buffers); .25 MB per port (1000 buffers)). The link partner can resume traffic after receiving an XON
frame.
Only flow control frames defined in 802.3x are supported. Priority-based flow control is not supported.
Step 10 (Optional) Check Auto Negotiation to set the interface to negotiate the speed, link status, and flow control.
You cannot edit this setting for speeds lower than 1Gbps. For SFP interfaces, you can only disable
auto-negotiation when the speed is set to 1Gbps.
Step 11 Click Save and then Save in the top right of the Interfaces page.
You can now Deploy the policy to the chassis. The changes are not active until you deploy them.
Configure an EtherChannel
An EtherChannel (also known as a port channel) can include up to 8 member interfaces of the same media
type and capacity, and must be set to the same speed and duplex. The media type can be either RJ-45 or SFP;
SFPs of different types (copper and fiber) can be mixed. You cannot mix interface capacities (for example
1GB and 10GB interfaces) by setting the speed to be lower on the larger-capacity interface, unless you set
the speed to Detect SFP; in this case, you can use different interface capacities, and the lowest common speed
is used.
The Link Aggregation Control Protocol (LACP) aggregates interfaces by exchanging the Link Aggregation
Control Protocol Data Units (LACPDUs) between two network devices. LACP coordinates the automatic
addition and deletion of links to the EtherChannel without user intervention. It also handles misconfigurations
and checks that both ends of member interfaces are connected to the correct channel group. “On” mode cannot
use standby interfaces in the channel group when an interface goes down, and the connectivity and
configurations are not checked.
When the chassis creates an EtherChannel, the EtherChannel stays in a Suspended state for Active LACP
mode or a Down state for On LACP mode until you assign it to a logical device, even if the physical link is
up. The EtherChannel will be brought out of this Suspended state when it is added to an instance.
Before you begin
Enable physical interfaces and set hardware parameters. See Configure a Physical Interface, on page 23.
Multi-Instance Mode for the Secure Firewall 3100
26
Multi-Instance Mode for the Secure Firewall 3100
Configure an EtherChannel
To Next Page
Loading...
Need help?
General