Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Network Management Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
161162163164165166167168169170
138
The inline Layer 2 forwarding feature is supported on the high-end firewall series, and comprises the
following types:
Forward type—A packet coming from one interface goes out of another. The packet is forwarded
through the specified incoming and outgoing interfaces, rather than through looking up the MAC
address table. A complete configuration contains an ID, which uniquely identifies an inline Layer 2
forwarding entry, and two interfaces.
Reflect type—A packet is forwarded through the interface that received the packet. A complete
configuration contains an ID, which uniquely identifies an inline Layer 2 forwarding entry, and one
interface.
Blackhole type—A packet received on an interface is discarded. A complete configuration contains
an ID, which uniquely identifies an inline Layer 2 forwarding entry, and one interface.
The inline Layer 2 forwarding feature is supported on interfaces and subinterfaces.
471BConfiguration restrictions and guidelines
An interface can only belong to one inline forwarding entry, and the last configured port
inline-interfaces id command on an Ethernet interface takes effect.
Subinterfaces can be assigned to inline Layer 2 forwarding entries. To make these entries take effect,
the main interface must be assigned to the VLAN of which the ID is used as the subinterface number.
For example, if the subinterface GigabitEthernet 0/1.2 is assigned to an inline forwarding entry,
the interface GigabitEthernet 0/1 must be assigned to VLAN 2 so that the inline Layer 2 forwarding
can be implemented.
If an interface and its subinterface are assigned to different inline forwarding entries, the
forwarding entry with the main interface takes precedence. For example, the interfaces
GigabitEthernet 0/1 and GigabitEthernet 0/2 are assigned to one inline forwarding entry, and the
subinterfaces GigabitEthernet 0/1.2 and GigabitEthernet 0/2.3 are assigned to another
forwarding entry; then the data received from GigabitEthernet 0/1 is forwarded through the
interface GigabitEthernet 0/2, and vice versa.
472BConfiguring inline forwarding in the Web interface
1184BConfiguring inline Layer 2 forwarding
1. Select Network > Forwarding from the navigation tree.
Figure 73 Inline forwarding list
2. Click Add to enter the inline forwarding policy configuration page.