gigasmart

Required Command-Line Mode = Configure

Use the gigasmart command to configure a stack port interface to provide Internet connectivity for a GigaSMART card or module. Internet connectivity is needed for SSL Decryption for inline tools for the URL categorization database. For URL categorization, an IP address must be configured to query the Webroot service.

Internet connectivity is also needed for SSL Decryption for inline tools for a Certificate Revocation List (CRL) to obtain a list of certificates that have been revoked and for an Online Certificate Status Protocol to obtain certificate revocation status.

Finally, Internet connectivity is needed for Hardware Security Module (HSM).

You can configure separate DNS servers for internal and external networks. This ensures better security and privacy management. Use the app split-dns command to configure internal DNS servers for each GigaSMART engine port. For details, refer to apps split-dns

Note:  Only IPv4 addresses are supported.

The gigasmart command has the following syntax:

gigasmart engine <port-id> proxy-server-profile attach <<Proxy server Alias> interface
      [eth2] | <eth3> [vlan <VLAN ID>]
      <IP address> <netmask> gateway <gateway IP> dns <DNS IP>split-dns <alias>[mtu <1280-9400>]
      dhcp
 ping
   ping <IP address | hostname> <start | stop>

The following table describes the arguments for the gigasmart command:

Argument

Description

engine <port-list>

Specifies the GigaSMART engine port on which to configure a stack port interface to provide Internet connectivity for a GigaSMART card or module for SSL Decryption for inline tools.

Note:  Only one GigaSMART engine port can be specified in the port list. You can configure a stack port interface on each GigaSMART engine port.

For example:

(config) # gigasmart engine 1/1/e1

proxy-server-profile

attach <alias>

detach <alias>

Specifies the proxy server profile that is being attached or detached from the GigaSMART engine.

interface [eth2] | <eth3> [vlan <VLAN ID>]<IP address> <netmask> gateway <gateway IP> dns <DNS IP> split-dns <alias> [mtu <1280-9400>] | dhcp | ping>

Specifies the stack port interface as follows:

eth2, eth3—Specifies the stack port interface. The default is eth2.
vlan—Specifies an optional VLAN identifier, for Internet connectivity with VLAN. The range of VLAN IDs is from 20 to 4094.
IP address—Specifies a static IP address. Only IPv4 addresses are supported.
netmask—Specifies the netmask or mask length. For example: 255.255.255.248 or /29.
gateway—Specifies the gateway IP address.
dns—Specifies the Domain Name Service (DNS).
split-dns—Enables the split-DNS profile on the GigaSMART engine port.

Note:  Before enabling the split-DNS profile, ensure that you create the profile using the apps split-dns command. Refer to apps split-dns.

mtu—Specifies the Maximum Transmission Unit (MTU). The range is 1280–9400. The default is 1500. It is recommended that you set the MTU value to 9400 on all platforms to avoid fragmentation.
dhcp—Specifies the Dynamic Host Configuration Protocol (DHCP).
ping—Specifies to ping using the stack port interface.

Note:  Each GigaSMART engine is configured separately.

For example, to configure the default (eth2) stack port interface for Internet connectivity:

(config) # gigasmart engine 1/1/e1 interface 1.1.1.2 /24 gateway 1.1.1.1 dns 1.1.1.1 mtu 1500

For example, to configure the eth3 stack port interface on GigaVUE‑HC3 for Internet connectivity with VLAN:

(config) # gigasmart engine 1/1/e1 interface eth3 vlan 200 1.1.1.2 /24 gateway 1.1.1.1 dns 1.1.1.1

For example, to configure the default stack port interface using DHCP:

(config) # gigasmart engine 1/1/e1 interface dhcp

For example, to configure the eth3 stack port interface on GigaVUE‑HC3 using DHCP:

(config) # gigasmart engine 1/1/e1 interface eth3 dhcp

ping <IP address | hostname> <start | stop>

Pings using the stack port interface as follows:

IP address—Specifies the IP address of the stack port interface.
start—Starts the ping request.
stop—Stops the ping request and displays the results.

NOTES:

Always issue the start command before the stop command.
If you issue the start command a second time, it erases the output of the first start command.
If you issue the stop command a second time, usage help is displayed.
You will not be able to ping the stack port interface from a laptop or client machine because incoming connections to the stack port interface are blocked for security reasons.
In a cluster, ping only works for the leader. You will not be able to ping remote nodes such as standby or normal nodes from the leader.

For example:

(config) # gigasmart engine 1/1/e1 ping 1.1.1.2 start

use command with option "stop" to see ping result

(config) # gigasmart engine 1/1/e1 ping 1.1.1.2 stop

PING google.com (216.58.194.174) from 10.115.126.37 mgmt0.12: 56(84) bytes of data.

64 bytes from sfo07s13-in-f14.1e100.net (216.58.194.174): icmp_seq=1 ttl=53 time=3.97 ms

64 bytes from sfo07s13-in-f174.1e100.net (216.58.194.174): icmp_seq=2 ttl=53 time=3.78 ms

64 bytes from sfo07s13-in-f14.1e100.net (216.58.194.174): icmp_seq=3 ttl=53 time=3.18 ms

64 bytes from sfo07s13-in-f174.1e100.net (216.58.194.174): icmp_seq=4 ttl=53 time=3.15 ms

64 bytes from sfo07s13-in-f14.1e100.net (216.58.194.174): icmp_seq=5 ttl=53 time=3.18 ms

--- google.com ping statistics ---

5 packets transmitted, 5 received, 0% packet loss, time 4002ms

rtt min/avg/max/mdev = 3.156/3.456/3.976/0.357 ms

For example with VLAN:

(config) # gigasmart engine 1/4/e1 interface eth2 vlan 100 ping 1.1.1.1 start

use command with option "stop" to see ping result

(config) # gigasmart engine 1/4/e1 interface eth2 vlan 100 ping 1.1.1.1 stop

PING 1.1.1.1 (1.1.1.1) from 1.1.1.10 mgmt00.100: 56(84) bytes of data.

64 bytes from 1.1.1.1: icmp_seq=1 ttl=64 time=0.065 ms

64 bytes from 1.1.1.1: icmp_seq=2 ttl=64 time=0.080 ms

64 bytes from 1.1.1.1: icmp_seq=3 ttl=64 time=0.074 ms

64 bytes from 1.1.1.1: icmp_seq=4 ttl=64 time=0.075 ms

64 bytes from 1.1.1.1: icmp_seq=5 ttl=64 time=0.091 ms

--- 1.1.1.1 ping statistics ---

5 packets transmitted, 5 received, 0% packet loss, time 3996ms

rtt min/avg/max/mdev = 0.065/0.077/0.091/0.008 ms

Related Commands

The following table summarizes other commands related to the gigasmart command:

Task

Command

Displays ARP information for the GigaSMART engine port.

show gigasmart engine 1/1/e1 arp

Displays detailed information for the GigaSMART engine port.

show gigasmart engine 1/1/e1 details

Displays statistics for the GigaSMART engine port.

show gigasmart engine 1/1/e1 stats

Displays ARP information for a specified GigaSMART engine port interface and VLAN ID.

show gigasmart engine 1/1/e1 interface eth2 vlan 200 arp

Displays detailed information for a specified GigaSMART engine port interface and VLAN ID.

show gigasmart engine 1/1/e1 interface eth3 vlan 300 details

Displays statistics for a specified GigaSMART engine port interface and VLAN ID.

show gigasmart engine 1/1/e1 interface eth2 vlan 200 stats

Deletes the default (eth2) interface for Internet connectivity.

(config) # no gigasmart engine 1/1/e1 interface

Deletes the specified interface for Internet connectivity.

(config) # no gigasmart engine 1/1/e1 interface eth3

Deletes the interface for connectivity with VLAN.

(config) # no gigasmart engine 1/1/e1 interface eth2 vlan 100

Deletes all stack port interfaces and the proxy serve profiles that were attached to the GigaSMART engine.

(config) # no gigasmart engine 1/1/e1 interface all