Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SCREENOS DEVICES GUIDE REV 01 Manual page 75

Table 21: Interface Types
Interface Types
Aggregate interface
Multilink interface
Loopback interface
Virtual security interfaces (VSIs)
Redundant interface
Subinterface
Tunnel interface
ADSL interface
Copyright © 2010, Juniper Networks, Inc.
physical MGMT interface for management traffic or a high availability (HA) interface
used to link two devices together to form a redundant group or cluster.
Interfaces and subinterfaces enable traffic to enter and exit a security zone. To enable
network traffic to flow in and out of a security zone, you must bind an interface to that
zone and, if it is a Layer 3 zone, assign it an IP address. You can assign multiple interfaces
to a zone, but you cannot assign a single interface to multiple zones.
NOTE: Not all devices support all features described in this guide. For
device-specific datasheets that include an updated feature list for each
device, go to: http://www.juniper.net/products/integrated/dsheet/. This link
is provided for your convenience and may change without notice. You can
also find this information by going to the Juniper website
(http://www.juniper.net/).
Interface Types
You can add the interfaces on a security device as described in Table 21 on page 51.
Description
A logical interface that combines two or more physical interfaces on the device, for the
purpose of sharing the traffic load to a single IP address. This type of interface is only
supported on certain security device systems.
On available devices, you configure and access multiple serial links called a bundle,
through a virtual interface called a multilink interface. The multilink interface emulates
a physical interface for the transport of frames.
A logical interface that emulates a physical interface and is always in the up state.
The virtual interfaces that two security devices share when forming a virtual security
device (VSD) in a high availability cluster.
Two physical interfaces bound to the same security zone. One of the two physical
interfaces acts as the primary interface and handles all the traffic directed to the
redundant interface; the other physical interface acts as a backup.
A logical division of a physical interface. A subinterface borrows the bandwidth it needs
from the physical interface.
Acts as a doorway to a VPN tunnel. Traffic enters and exits a VPN tunnel through a
tunnel interface. When you configure a tunnel interface, you can also encapsulate IP
multicast packets in GREv1 unicast packets.
A NetScreen-5GT ADSL security device uses ATM as its Transport Layer. The interface
can support multiple permanent virtual circuits (PVCs) on a single physical line. Before
you can configure the adsl1 interface, however, you must obtain the DSLAM configuration
details for the ADSL connection from the service provider.
Chapter 3: Network Settings
51