Using PA as pure IDS for etherchannel/LACP (interface-bonding) setup?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Using PA as pure IDS for etherchannel/LACP (interface-bonding) setup?

L6 Presenter

Any of you who have been using PA-devices in tap-mode (acting as a pure IDS) to monitor etherchannel/LACP links (well any form of interface-bonding for that matter) and whats your experience from this?

That is for example a setup such as:

Device1 <-> 2 x fibercables forming a single etherchannel/LACP <-> Device2

and then you plugin wiretaps such as Network Taps | Net Optics, Inc. (or similar) so the setup becomes (still etherchannel/LACP between device 1 and 2) - the use of wiretaps is to not interfere with the traffic but also if the PA loses power or reboots the traffic wont get interrupted:

Device1 <-> 2 x fibercables <-> 2 x wiretaps <-> 2 x fibercables  <-> Device2

where the wiretaps will break out 4 lines towards the PA device (RX/TX from the device 1 point of view):

int1: RX_cable1

int2: TX_cable1

int3: RX_cable2

int4: TX_cable2

As I understand if you put both tap-interfaces int1 and 2 in the same zone the PA will automagically reassemble the flows, but what about the etherchannel/LACP case?

Should I, because this will tap on etherchannel/LACP, put all 4 interfaces in the same zone or should I use one zone for int1+2 and another zone for int3+4 in the PA?

Also, since using tap-mode, will this have some demands on how the etherchannel/LACP is being setup (im thinking of loadbalance hashes such as srcmac+dstmac vs srcip+dstip or for that matter srcip in one direction and dstip in the other etc) in order to make PA fully understand the traffic or it doesnt matter as long as the tap-interfaces are in the same zone so the PA will reassemble the flows?

0 REPLIES 0
  • 1216 Views
  • 0 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!