Redundant Interface Overview; Default State Of Redundant Interfaces; Redundant Interfaces And Failover Guidelines; Redundant Interface Mac Address - Cisco PIX 500 Series Configuration Manual

Chapter 5 Configuring Ethernet Settings, Redundant Interfaces, and Subinterfaces

Redundant Interface Overview

This section includes overview information about redundant interfaces, and includes the following
topics:
•
•
•
•

Default State of Redundant Interfaces

When you add a redundant interface, it is enabled by default. However, the member interfaces must also
be enabled to pass traffic.

Redundant Interfaces and Failover Guidelines

Follow these guidelines when adding member interfaces:
•
•
•
•

Redundant Interface MAC Address

The redundant interface uses the MAC address of the first physical interface that you add. If you change
the order of the member interfaces in the configuration, then the MAC address changes to match the
MAC address of the interface that is now listed first. Alternatively, you can assign a MAC address to the
redundant interface, which is used regardless of the member interface MAC addresses (see the
"Configuring Interface Parameters" section on page 7-2
Addresses to Context Interfaces" section on page
standby, the same MAC address is maintained so that traffic is not disrupted.

Physical Interface Guidelines

Follow these guidelines when adding member interfaces:
•
•
OL-12172-03
Default State of Redundant Interfaces, page 5-5
Redundant Interfaces and Failover Guidelines, page 5-5
Redundant Interface MAC Address, page 5-5
Physical Interface Guidelines, page 5-5
If you want to use a redundant interface for the failover or state link, then you must configure the
redundant interface as part of the basic configuration on the secondary unit in addition to the primary
unit.
If you use a redundant interface for the failover or state link, you must put a switch or hub between
the two units; you cannot connect them directly. Without the switch or hub, you could have the active
port on the primary unit connected directly to the standby port on the secondary unit.
You can monitor redundant interfaces for failover using the monitor-interface command; be sure
to reference the logical redundant interface name.
When the active interface fails over to the standby interface, this activity does not cause the
redundant interface to appear to be failed when being monitored for device-level failover. Only when
both physical interfaces fail does the redundant interface appear to be failed.
Both member interfaces must be of the same physical type. For example, both must be Ethernet.
You cannot add a physical interface to the redundant interface if you configured a name for it. You
must first remove the name using the no nameif command.
or the "Automatically Assigning MAC
6-11). When the active interface fails over to the
Cisco Security Appliance Command Line Configuration Guide
Configuring a Redundant Interface
5-5