Addendum
Handling of Switch-Destined Traffic
• All traffic received on the management port destined to the management port IP address or received
on the front end port destined to the front end IP address is processed by the switch
• If source TCP/UDP port number matches a configured EIS or non-EIS management application and
source IP address is Management Port IP address then EIS route lookup is done for the response
traffic and hence will be sent out of the management port In this case, source IP address will be
management port IP address only if the traffic was originally destined to the management port IP.
• ICMP based applications like ping and traceroute are exceptions to the above logic since we don’t
have TCP/UDP port number. So if source IP address of the packet matches the management port IP
address EIS route lookup is done.
• Management application packet counter is incremented if EIS route lookup succeeds and packet is
sent out of the management port.
• If route lookup in the EIS routing table fails or if management port is down then packets are dropped.
The management application drop counter is incremented.
• Whenever IP address is assigned to the management port, it is stored in a global variable in the IP
stack, which is used for comparison with the source IP address of the packet.
• Rest of the response traffic is handled as per existing behavior by doing route lookup in the default
routing table. So if the traffic is destined to the front end port IP address response will be sent out by
doing route lookup in the default routing table which is existing behavior.
Consider a sample topology in which ip1 is an address assigned to the management port and ip2 is an
address assigned to any of the front panel port.a,b are end users on the management and front panel
port networks. The OS-initiated traffic for management applications takes a preference for ip1 as source
IP and use the management network to reach the destination. If management port is down or route
lookup in EIS routing table fails, ip2 is the source IP and front panel port is used to reach the destination.
The fallback route between the management and data networks is used in such a case. At any given time,
end-users can access FTOS applications using either ip1 or ip2. Return traffic for such end-user-
originated sessions destined to management port ip1 are handled using the EIS route lookup.
Handling of Transit Traffic (Traffic Separation)
This is forwarded traffic where destination IP is not an IP address configured in the switch.
• Packets received on the management port with destination on the front end port is dropped. This is
existing behavior.
• Packets received on the front endport with destination on the management port is dropped.
• A separate drop counter is incremented for this case. This counter is viewed using netstat command
like all other IP layer counters.
Consider a scenario in which ip1 is an address assigned to the management port and ip2 is an address
assigned to any of the front panel port of a switch. End users on the management and front panel port
networks are connected. In such an environment, traffic received in the management port destined on
the data port network is dropped and traffic received in the front end port destined on the management
network is dropped.
Egress Interface Selection (EIS) for HTTP and IGMP Applications
125