How LACP Works With Deep Discovery Web Inspector Parent topic

Customers often need greater than 1 GB bandwidth for traffic traversing a Deep Discovery Web Inspector appliance. To provide increased bandwidth to meet customer needs, Deep Discovery Web Inspector supports LACP (Link Aggregation Control Protocol, 802.3ad standard) for configuring Ethernet interfaces. LACP is a layer 2 protocol that provides functionality when aggregating one or more Ethernet interfaces to form a single logical link (link aggregation groups).
Use the following table to determine LACP support for each deployment mode.
Mode
LACP Supported
Forward Proxy
No
Transparent Bridge
Yes
Multi-Bridge
(a variation of Transparent Bridge mode)
No
Transparent HA
Yes
LACP_topology_trans_.png

LACP enabled on Transparent Bridge mode

General Information

You should keep the following information in mind:
  • LACP is available only on appliances equipped with two bypass cards.
  • The switches to which Deep Discovery Web Inspector connects must support LACP and LACP ports must be configured for active mode.
    Deep Discovery Web Inspector automatically configures LACP on the appliance for passive mode.
  • When LACP is enabled, Deep Discovery Web Inspector automatically creates the following two-link aggregates.
    • team0: eth4 and eth6
    • team1: eth5 and eth7
  • You must configure active LACP link aggregation on the switch to match the appliance's LACP configuration.
    The speed of all network ports used for LACP must be the same.
  • After enabling LACP, Deep Discovery Web Inspector provides two-way load balancing.

Information for Transparent Bridge with LACP

  • Transparent Bridge interfaces:
    • eth0: Used as the management interface
    • team0/team1: Used for data ingress and data egress respectively
      If one of the links in a trunk is down, then the other link continues to support data.

Information for Transparent HA with LACP

Transparent HA interfaces:
  • eth0: Used as the management interface
  • team0/team1: Used for data ingress and data egress respectively
    If one of the links in a trunk is down, then the other link continues to support data.
  • br0: Virtual L3 interface used to manage data ingress/egress for the LACP trunk links.
    If one of the links in a trunk is down, the br0 virtual interface continues to work.
    Each node of the HA pair maintains separate connectivity to the Internet and internal network and uses a unique br0 IP address.