Network interface bonding on Encryption Appliance

Unanswered Question
Dec 30th, 2009


We are currently "test driving" a set of Ironport encryption appliances and there is (for this moment) one thing that we can't figure out.

A little background:

We are planning to use the machines as S/MIME (and maybe PGP) encryption/decryption systems only. We are (currently) not interested in all the other nice features offered (but force us to connect the systems directly to the internet). This means we can place the machines into our Fully Trusted network Area(FTA) and use all the nice network facilities available in this area. One of the important ones is network connection redundancy (Interface Bonding).

I'm sure the C series can be configured to combine DATA1 and DATA2 as a high availability (bonded) network interface and I'm also sure the operating system that is used by the encryption systems (CentOS) supports bonding.

I have searched the HTML interface but can not find the option to enable bonding.

I know I can hack the Linux configuration but am a little afraid to do this. For the moment it's not possible for us to oversee the impact on the total system (that's really a good thing about AsyncOS interfaces, we all know it's a FreeBDS system but also know exactly what actions we can do safely, if it's not available on the CLI or GUI, you can not use it (example: IPv6 is supported by FreeBSD but the GUI and CLI do not offer the possibility to configure it so it's not available, that's totally clear!)

Can anyone advise us what to do?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Tommy Foucha Mon, 01/11/2010 - 13:17

As you mentioned in your POST, the operating system of CentOS does indeed support Bonding and I have configured the IronPort Encryption Appliances to support bonding but it is not "officially" supported and therefore is not recommended at this time. So to answer your last question: I would not configure nic bonding on the IronPort Encryption Appliance.

steven_geerts Tue, 01/12/2010 - 00:21

Hi Tom,

Thank you for your answer, this helps us making a proper decision.



This Discussion