HP VPN Firewall Appliances Network Management Configuration Guide
137
• Blackhole type—A packet received on an interface is discarded. A complete configuration contains
an ID, which uniquely identifies an inline Layer 2 forwarding entry, and one interface.
The inline Layer 2 forwarding feature is supported on interfaces and subinterfaces.
Configuration restrictions and guidelines
• An interface can only belong to one inline forwarding entry, and the last configured port
inline-interfaces id command on an Ethernet interface takes effect.
• Subinterfaces can be assigned to inline Layer 2 forwarding entries. To make these entries take effect,
the main interface must be assigned to the VLAN of which the ID is used as the subinterface number.
For example, if the subinterface GigabitEthernet 0/1.2 is assigned to an inline forwarding entry,
the interface GigabitEthernet 0/1 must be assigned to VLAN 2 so that the inline Layer 2 forwarding
can be implemented.
• If an interface and its subinterface are assigned to different inline forwarding entries, the
forwarding entry with the main interface takes precedence. For example, the interfaces
GigabitEthernet 0/1 and GigabitEthernet 0/2 are assigned to one inline forwarding entry, and the
subinterfaces GigabitEthernet 0/1.2 and GigabitEthernet 0/2.3 are assigned to another
forwarding entry; then the data received from GigabitEthernet 0/1 is forwarded through the
interface GigabitEthernet 0/2, and vice versa.
Configuring inline forwarding in the Web interface
The following matrix shows the feature and hardware compatibility:
Hardware Com
p
atibilit
y
F1000-A-EI/F1000-S-EI Yes
F1000-E Yes
F5000 No
F5000-S/F5000-C Yes
VPN firewall modules Yes
20-Gbps VPN firewall modules Yes
Configuring inline Layer 2 forwarding
1. Select Network > Forwarding from the navigation tree.
Figure 73 Inline forwarding list
2. Click Add to enter the inline forwarding policy configuration page.