Flexible Inline Arrangements—Rules and Notes
Keep in mind the following when working with flexible inline arrangement:
|
■
|
If an inline tool is associated with a flexible inline map, it cannot be used in a classic inline map or inline decryption map. All inline networks and inline tools must participate exclusively in either flexible inline maps or classic inline maps. |
|
■
|
You cannot create multiple unidirectional collector maps for the same inline network using the flexible inline canvas. For example, consider that you want to have different VLANs in each direction on the collector map, then you must create additional unidirectional flexible inline maps and associate unique VLAN tags (or it is automatically assigned by GigaVUE‑FM). |
|
■
|
The following functionalities are not supported in GigaVUE‑TA200, GigaVUE‑TA200E, GigaVUE‑TA25E,GigaVUE‑TA25 and GigaVUE‑TA400 such as: |
|
o
|
Physical Bypass Functionality is not supported due to the absence of BPS card. |
|
o
|
Flexible and Resilient Inline SSL functionality is not supported due to the absence of the GigaSMART card. |
|
o
|
GRIP functionality is not supported due to the absence of a BPS card. |
|
o
|
ICAP functionality is not supported due to the absence of the GigaSMART card. |
|
o
|
Inline Bypass Solution (Classic) |
|
■
|
In GigaVUE‑TA25, GigaVUE‑TA25E, GigaVUE‑HC1-Plus, when a Flexible Inline Single VLAN Tag is enabled in the map, below are the limitations: |
|
o
|
inline-network traffic path BYPASS WITH MONITORING and inline-tool/inline-tool-group flex-traffic-path MONITORING cannot be configured. |
|
o
|
oob-copy from inline-network cannot be configured |
|
■
|
For GigaVUE‑HC1, GigaVUE‑HC3, GigaVUE‑HC3 (CCv1 & CCv2), GigaVUE‑TA200E, GigaVUE‑TA200 , GigaVUE‑TA25E, GigaVUE‑TA400 and GigaVUE‑HC1-Plus nodes, the scalable number of bidirectional flex inline maps per device is 256, and the scalable number of unidirectional flex inline maps per device is 512. |
|
■
|
For GigaVUE‑TA25, the limit is 126 scalable number of bidirectional maps and 252 for unidirectional maps.
|
|
■
|
The following combinations are not supported: |
|
o
|
Flexible Inline SSL Decryption |
When you attempt to add an Inline SSL App to an Inline Network LAG Flexible Map you get the following error message: "An Inline SSL APP cannot be used when the traffic source is an inline network LAG" as shown in below figure.
_735x623.png)
|
■
|
Setting the Flex Traffic Path of inner chain Inline-tools as “Drop” does not drop the Inline SSL traffic and continues to reach the inline network egress. |
|
■
|
The Egress Port Filter on inline-network/tool/hybrid does not support VLAN-based filtering in GigaVUE‑TA400. |
|
■
|
If an inline tool in a flex inline map is set to monitoring mode inGigaVUE‑TA400, then all inline tools of the said map should be set to the same shared mode (true or false). |
|
■
|
Asymmetric hashing options: a-srcip-b-dstip and b-srcip-a-dstip on the inline-tool-group are not supported in GigaVUE‑TA400.
|
|
■
|
When an Inline Network Link Aggregation is configured as a source in GigaVUE‑TA400, the CDP: pass-through option will not be supported, whereas the Bypass LACP/CDP/LLDP will be supported. |
|
■
|
For GigaVUE‑TA400 the maximum Inline Network and Inline Tools is 48. The maximum Inline Network Link Aggregation List size is 24. The maximum Inline tool or Inline tool group per direction is 16. The maximum number of oob-copy entries per direction is 17. The maximum number of oob-copy ports per entry is 128. |
