About base interface settings

You can display the base interfaces under Networking > Networking: Base Interfaces. Under Primary Interface, these configuration options are available:

Specifies an IP address. This IP address is the in-path main interface.

Specifies the subnet mask.

Specifies the IP address for the in-path gateway. If you have a router (or a Layer-3 switch) on the LAN side of your network, specify this device as the in-path gateway. If there’s a routed network on the LAN-side of the in-path appliance, the router that is the default gateway for the appliance must not have the ACL configured to drop packets from the remote hosts as its source. The in-path appliance uses IP masquerading to appear as the remote server.

Specifies NAT IPs and ports. In the case of UDP encapsulation with NAT, different SteelHeads could use the same public-facing destination addresses. To uniquely identify such SteelHeads, specify a NAT IPv4 address paired with a specific port opened on the NAT. Specify multiple NAT IPs and ports on separate lines.

Assigns an IPv6 address. IPv6 addresses are disabled by default. You can only assign one IPv6 address per in-path interface. The primary and in-path interfaces can share the same subnet. The primary and auxiliary interfaces can’t share the same network subnet.

Specifies a global or site-local IPv6 address. This IP address is the in-path main interface. You can’t use a DHCP server to assign an IPv6 address automatically.

Specifies the prefix. The prefix length is 0 to 128 bits, separated from the address by a forward slash (/). In this example, 60 is the prefix:

Specifies the IPv6 address for the in-path gateway. You can use a link local address. If you have a router (or a Layer-3 switch) on the LAN side of your network, specify this device as the in-path gateway. If there’s a routed network on the LAN-side of the in-path appliance, the router that is the default gateway for the appliance must not have the ACL configured to drop packets from the remote hosts as its source. The in-path appliance uses IP masquerading to appear as the remote server.

Specifies Auto, 1000, 100, or 10 from the drop-down list. The default value is Auto.

Specifies Auto, Full, or Half from the drop-down list. The default value is Auto.

If your network routers or switches don’t automatically negotiate the speed and duplex, be sure to set them on the device manually.

The speed and duplex must match (LAN and WAN) in an in-path configuration. To avoid a speed and duplex mismatch, configure your LAN external pair to match the WAN external pair.

Speed and duplex mismatches can easily occur in a network. For example, if one end of the link is set at half or full-duplex and the other end of the link is configured to autonegotiate (auto), the link defaults to half-duplex, regardless of the duplex setting on the nonautonegotiated end. This duplex mismatch passes traffic, but it causes interface errors and results in degraded optimization.

These guidelines can help you avoid speed and duplex mismatches when configuring the SteelHead:

• Routers are often configured with fixed speed and duplex settings. Check your router configuration and set it to match the SteelHead WAN and LAN settings. Make sure that your switch has the correct setting.

• After you finish configuring the SteelHead, check for speed and duplex error messages (cyclic redundancy check (CRC) or frame errors) in the System Log page of the Management Console.

• If there’s a serious problem with the SteelHead and it goes into bypass mode (that is, it automatically continues to pass traffic through your network), a speed and duplex mismatch might occur when you reboot the SteelHead. To avoid a speed and duplex mismatch, configure your LAN external pair to match the WAN external pair.

Specifies the MTU value. The MTU is the largest physical packet size, measured in bytes, that a network can send. Applies to optimized traffic only. The default value is 1500.

Specifies the VLAN tag that the appliance uses to communicate with other SteelHeads in your network. The VLAN Tag ID might be the same value or a different value than the VLAN tag used on the client. A zero (0) value specifies nontagged (or native VLAN) and is the correct setting if there are no VLANs present.

As an example, if the in-path interface is 192.168.1.1 in VLAN 200, you would specify tag 200.

When the SteelHead communicates with a client or a server, it uses the same VLAN tag as the client or the server. If the SteelHead can’t determine which VLAN the client or server is in, it doesn’t use the VLAN tag (assuming that there’s no router between the SteelHead and the client or server).

You must also define in-path rules to apply to your VLANs.

Under Auxiliary Interface, these configuration options are available:

Enables an auxiliary interface, which can be used only for managing the SteelHead. It can’t be used for an out-of-path (OOP) SteelHead data service. Typically this is used for device-management networks.

Automatically obtains the IP address from a DHCP server. A DHCP server must be available so that the system can request the IP address from it. The primary and in-path interfaces can share the same subnet. The primary and auxiliary interfaces can’t share the same network subnet.

Sends the hostname with the DHCP request for registration with Dynamic DNS. The hostname is specified under Networking > Networking: Host Settings.

Indicates you don’t use a DHCP server to set the IPv4 address. Specify these settings:

(SteelHead EX only) Do Not Assign An IPv4 Address

Enables the interface without assigning an IP address.

Specifies these settings to set an IPv6 address:

• IPv6 Auto-Assigned displays the link-local address that is automatically generated when IPv6 is enabled on the base interfaces.

• IPv6 Address specifies an IP address, using this format: eight 16-bit hexadecimal strings separated by colons, 128-bits. For example:

• IPv6 Prefix specifies a prefix. The prefix length is 0 to 128, separated from the address by a forward slash (/). In this example, 60 is the prefix:

Specifies the speed from the drop-down list. The default value is Auto.

Specifies Auto, Full, or Half from the drop-down list. The default value is Auto.

If your network routers or switches don’t automatically negotiate the speed and duplex, be sure to set them on the device manually.

The speed and duplex must match (LAN and WAN) in an in-path configuration. To avoid a speed and duplex mismatch, configure your LAN external pair to match the WAN external pair.

Specifies the MTU value. The MTU is the largest physical packet size, measured in bytes, that a network can send. The default value is 1500.

Under Main IPv4 Routing Table, you can configure static routing in the main routing table for out-of-path deployments or if your device-management network requires static routes.

You can add or remove these routes from the table:

Specifies the destination IP address for the out-of-path appliance or network management device.

Specifies the subnet mask.

Specifies the IP address for the gateway. The gateway must be in the same network as the primary or auxiliary interface you are configuring.

Specifies an interface for the IPv4 route from the drop-down list.

The Management Console writes your configuration changes to memory.

Under Main IPv6 Routing Table, you can configure static routing in the main routing table if your device-management network requires static routes.

You can add or remove these routes from the table list:

Specifies the destination IP address.

Specifies a prefix. The prefix length is from 0 to 128 bits, separated from the address by a forward slash (/).

Specifies the IP address for the gateway. The gateway must be in the same network as the primary or auxiliary interface you are configuring.