Manualshelf

HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
1
Managing interfaces
All configuration tasks in this chapter are independent and optional. You can perform these
configuration tasks in any order.
Overview
An interface is the point of interaction or communication between devices. It is used for exchanging data
between devices. A physical interface is an interface that materially exists and is supported by a device.
For example, an Ethernet interface is a physical interface. A logical interface is an interface that can
implement data switching, but does not exist physically. A logical interface must be established through
configuration.
The interface management feature is used to manage all physical interfaces and the following types of
logical interfaces of a device:
Loopback interfaces—A software-only virtual interface. Once a loopback interface is created, its
physical status is always up, and link layer protocols are enabled unless you manually shut down
the interface. You can enable routing protocols on a loopback interface, and enable it to receive
and transmit routing protocol packets. When you assign an IPv4 address to a loopback interface,
the subnet mask must be 32-bit long.
Null interface—A software-only virtual interface. A null interface is always up. It can neither
forward data packets nor be configured with an IP address or any link layer protocol. With a null
interface specified as the next hop of a static route to a specific network segment, any packets
routed to the network segment are dropped. The null interface provides a simpler way to filter
packets than ACL. You can filter uninteresting traffic by transmitting it to a null interface instead of
applying an ACL.
Layer 2 Ethernet interfaces—Physical Ethernet interfaces operating at the data link layer (Layer 2)
to forward traffic within a subnet between hosts. The device does not support Layer 2 Ethernet
interfaces.
Layer 3 Ethernet interfaces—Physical Ethernet interfaces operating at the network layer (Layer 3) to
forward traffic between different subnets. You can assign an IP address to a Layer 3 Ethernet
interface.
Layer-configurable Ethernet interfaces—Physical Ethernet interfaces that can be configured to
operate in bridge mode as Layer 2 Ethernet interfaces or in route-mode as Layer 3 Ethernet
interfaces.
Layer 2 Ethernet subinterfaces—Logical interfaces operating at the data link layer for inter-VLAN
forwarding mainly on firewall cards. By configuring Layer 2 Ethernet subinterfaces for VLANs, you
enable Layer 2 Ethernet packets to be forwarded across VLANs through the corresponding Layer 2
Ethernet subinterfaces. The link type of a Layer 2 Ethernet subinterface is access, which cannot be
changed. Besides the Layer 2 subinterface configurations described in this chapter, you can also
assign a Layer 2 Ethernet subinterface to a VLAN. For more information, see "Configuring VLANs."
Layer 3 Ethernet subinterfaces—Logical interfaces operating at the network layer. You can assign
an IP address to a Layer 3 Ethernet subinterface. By creating subinterfaces on a Layer 3 Ethernet
interface, you enable the interface to carry packets for multiple VLANs. For how a Layer 3 Ethernet