We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Add Additional Network Interfaces

  • Last updated on

When configuring network interfaces for the first time, the mapping of the interface names to their MAC addresses and the order of the interface names (e.g., eth0, eth1, eth2...) are assigned automatically by the system. On virtual systems, you can increase the number of network interfaces up to the maximum number supported by your hypervisor. Note that adding additional interfaces on some hypervisors may reorder the interface name assignment. Use MAC to interface mapping to resolve this issue. For more information, see How to Configure MAC to Interface Mapping.

Before You Begin

Find out which network driver is needed for your network adapter/interface.

(optional) Step 1. Add Additional Network Interfaces to Your Firewall

  1. Shut down your firewall.
  2. Add the new network interface to the hypervisor.
  3. Power up your firewall.

Step 2. Configure Network Interface(s)

  1. Go to CONFIGURATION > Configuration Tree > Box > Network.
  2. In the left menu, click Interfaces.
  3. Click Lock.
  4. In the Network Interface Cards table section:
    1. To add an interface card, click +. For more information on the NIC settings, go to the Interface Settings section.
    2. To change the number of active interface ports on your current interface card, click edit and make your changes. For more information on the NIC settings, go to the Interface Settings section.
  5. If settings in the Physical Interfaces table are not updated dynamically, select no from the Interface Computation list. In this case, you must manually update the settings. For more information on the physical interface settings, see the following Interface Settings section.
  6. Click Send Changes and Activate.

Step 3. Activate The Network Configuration

You must activate the network changes to add the network devices.

  1. Go to CONTROL > Box.
  2. In the left menu, expand the Network section and click Activate new network configuration.
  3. Select Failsafe. The 'Failsafe Activation Succeeded' message is displayed after your new network configurations have been successfully activated.

    If the number of interfaces configured exceeds the number attached to the virtual machine, the network activation fails. Hardware appliances are automatically configured with the correct network interfaces matching the configured model type.

(optional) Step 4. Remap MAC Addresses to Interface Names

After adding additional network interfaces to a firewall and configuring them (or after removing interfaces from a configuration), the mapping of the network interface names to the MAC address may differ from the order the firewall expects. In such cases, you must explicitly bind the mapping from the interface names to the corresponding MAC address. For more information, see How to Configure MAC to Interface Mapping.

The firewall can now transmit data over the new network interfaces.

Interface Parameters Description

Network Interface Cards Table

Descriptions of the settings that you can configure in the Network Interface Cards table: 

SettingDescription
NIC TypeThis information is used for logical consistency checks. In conjunction with the specified number of interfaces, it is possible to check whether a particular interface may be referenced in some of the other sections. Available NICs: Ethernet.

Driver Module Name

The driver that is used for the NIC. See the list of supported NICs to verify that your card is supported.

If the firmware version of your firewall is 6.2, select the driver name for your network interface in the Driver Module Name list.
If the firmware version of your firewall is greater than or equal to 7.0, set Driver Module Name to Automatically detected virtual NIC.

If you want to load a driver that is not listed, select the Other check box and enter the driver name in the Driver Module Name field that must be loaded into the the Linux kernel.

If you are using a Marvel network adapter that requires the sk98lin_cb.o interface, the interface naming begins with eth1. The eth0 interface is NOT supported.

Number of Interfaces

The number of NIC interfaces that can be used simultaneously. This indicates the number of ports and not the number of cards of the particular type. For example, one dual-port NIC counts as two interfaces, but one combo-type card with support for three different connectors (for example, BNC, AUI, RJ45) counts as one because only one connection is active at one time. If you enter 0, the module is not loaded.

Driver Options
(Advanced Configuration Mode)

This setting is used with module-based driver support. Note that several interface-specific option strings may be added to this table. They are formatted as:

key=value1 … valueN

with N being the number of interfaces.

Fallback Enabled
(Advanced Configuration Mode)

(Advanced Configuration Mode) Activates an alternative NIC driver that is defined via the Fallback Module Name and Fallback Driver Options settings. This setting might be helpful during and after updating sequences. If the primary driver does not work, the fallback driver is used. If the fallback driver does not work, both drivers are loaded.

Fallback Module Name/Fallback Driver Options
(Advanced Configuration Mode)

(Advanced Configuration Mode) The fallback driver to be used for the NIC. Only recommended cards are listed. If you require a card that is not listed, see the list of supported NICs to verify that your card is supported.

Activate Driver

Enable or disable the driver.
Driver Type
(Advanced Configuration Mode)

(Advanced Configuration Mode) Specifies if driver support is module-based or kernel-based. Default is Loadable_Module.

Ethernet MTU

The MTU size for an Ethernet NIC. Packets exceeding this value are fragmented when sent. This MTU is used as the default value for all existing interfaces. To specify an MTU for an interface, edit its MTU setting in the Physical Interfaces table.

MTUs can also be set for virtual LANs, box network, additional networks, and standard routing. The maximum accepted MTU of the next hop is used. 

  • Example 1: If you have a NIC with MTU size 1500 and a standard route with MTU size 2000, the valid MTU size is 2000.
  • Example 2: If you have a NIC with MTU size 2000 and a standard route with MTU size 1500, the valid MTU size is 1500.
Physical Interfaces Table
SettingDescription
MTU

The MTU for the interface. This setting overrides the MTU that is entered in the Network Interface Cards table.

Availability

If nothing else has been configured, all recognized interfaces are generally available by default. Interfaces can be claimed for exclusive use by xDSL (connection type: PPPOE) and DHCP links (see How to Configure an ISP with Dynamic IP Addresses (DHCP)). When an interface has been claimed as modem interface or DHCP interface, its usage status is set to Reserved. If an interface is claimed by multiple services concurrently, its usage status is set to Overbooked.

Interfaces marked as overbooked cannot work properly. They will not be available for any of the configured services.

References

An interface that has not been claimed by a service is flagged with none. Interfaces claimed by xDSL or DHCP links are flagged with xdsl or dhcp, respectively, followed by the link name as specified in the xDSL/DHCP configuration area when creating the link. For example, xdsl::xDSLLinkName.

Name of NIC

The NIC name as specified in the Network Interface Cards table.

NIC Type

The NIC type as specified in the Network Interface Cards table.

Used Driver

The driver module name as defined in the Network Interface Cards table.  

Enable Autonegotiation

If the driver module does not support static network speed and duplex mode settings, you can select no in order to manually enter these settings for Forced Speed and Duplex Mode.

Forced Speed [Mpbs]

The static network speed for the NIC. To manually set the forced speed, select 10, 100, or 1000 Mbps.

Duplex Mode

The static duplex mode for the NIC. To manually set the duplex mode, select half or full.

Last updated on