Amer Networks E5Web GUI User Manual

With negotiated aggregation, the switch to which the aggregated interfaces are connected is
configured to use LACP (Link Aggregation Control Protocol). This means that should a
physical link become inoperative, cOS Core will only try to send traffic over the remaining
operating links.

The advantage over the Static setting is that cOS Core will try to send a limited number of
packets over the failed connection before it switches to an alternate, working link. This means
that the connection won't be dropped and the connection's external endpoint will
experience only minor packet loss.

Removing Interface References Once an EthernetInterface object becomes part of a
LinkAggregation object, it can no longer be used as a separate object in such contexts as IP rules.
If a configuration retains this individual usage after aggregation then the rules where it occurs
will be ignored. For configuration clarity, it is recommended that the administrator removes such
redundant usage from the configuration.

Distribution Methods

The administrator must make a judgment about the traffic being spread across the aggregated
physical interfaces and choose one of the following criteria for the distribution:

•

DestinationMAC

•

SourceIP

•

DestinationIP

•

SourcePort

•

DestinationPort

Choosing the Distribution Method

The algorithm that spreads the traffic between the aggregated interfaces uses hashing with the
chosen distribution method as the input. The best distribution method is therefore the one
which varies the most. For example, if the source of traffic is a number of internal clients being
NATed to the Internet via an ISP, the best choice for the distribution method is most likely
SourcePort since this will be chosen randomly as each connection is opened by a client.

An alternative in the above scenario could be SourceIP but only if there is a sufficiently large
number of clients. With just a few clients, SourceIP might end up with only one of the aggregated
interfaces being used.

If aggregation is being done for a protected web server receiving external requests from remote
clients over the public Internet, the DestinationIP would not be suitable since all connections
would have the server's address. Instead, the more variable SourceIP would be a better choice for
the distribution method.

The hashing process to choose the physical Ethernet interface to use takes place each time a new
connection is opened. This means that all packets for a given connection will be sent on the
same physical interface. The chosen interface for the connection would then only subsequently
change if the chosen mode was dynamic and the connection fails.

Physical Switch Connections

The physical cable links between the security gateway and the external switch can be made
either before or after creating the LinkAggregation object and activating the changed
configuration. cOS Core will try to send data on the aggregated interfaces as soon as the
configuration changes become active.

Chapter 3: Fundamentals

166