Interface Types in ScreenOS Devices Overview
The Interface screen displays the physical
interfaces available on the security device. Some security devices
support functional zone interfaces, which are
either a separate physical MGMT interface for management traffic or
a high availability (HA) interface used to link two devices together
to form a redundant group or cluster.
Interfaces and subinterfaces enable traffic to
enter and exit a security zone. To enable network traffic to flow
in and out of a security zone, you must bind an interface to that
zone and, if it is a Layer 3 zone, assign it an IP address. You can
assign multiple interfaces to a zone, but you cannot assign a single
interface to multiple zones.
 |
Note:
Not all devices support all features described
in this guide. For device-specific datasheets that include an updated
feature list for each device, go to: http://www.juniper.net/products/integrated/dsheet/.
This link is provided for your convenience and may change without
notice. You can also find this information by going to the Juniper
website (http://www.juniper.net/).
|
Interface Types
You can add the interfaces on a security device
as described in Table 1.
Table 1: Interface Types
Interface Types
|
Description
|
Aggregate interface
|
A logical interface that combines two or more physical
interfaces on the device, for the purpose of sharing the traffic load
to a single IP address. This type of interface is only supported on
certain security device systems.
|
Multilink interface
|
On available devices, you configure and access multiple
serial links called a bundle, through a virtual interface called a
multilink interface. The multilink interface emulates a physical interface
for the transport of frames.
|
Loopback interface
|
A logical interface that emulates a physical interface
and is always in the up state.
|
Virtual security interfaces (VSIs)
|
The virtual interfaces that two security devices share
when forming a virtual security device (VSD) in a high availability
cluster.
|
Redundant interface
|
Two physical interfaces bound to the same security zone.
One of the two physical interfaces acts as the primary interface and
handles all the traffic directed to the redundant interface; the other
physical interface acts as a backup.
|
Subinterface
|
A logical division of a physical interface. A subinterface
borrows the bandwidth it needs from the physical interface.
|
Tunnel interface
|
Acts as a doorway to a VPN tunnel. Traffic enters and
exits a VPN tunnel through a tunnel interface. When you configure
a tunnel interface, you can also encapsulate IP multicast packets
in GREv1 unicast packets.
|
ADSL interface
|
A NetScreen-5GT ADSL security device uses ATM as its
Transport Layer. The interface can support multiple permanent virtual
circuits (PVCs) on a single physical line. Before you can configure
the adsl1 interface, however, you must obtain the DSLAM configuration
details for the ADSL connection from the service provider.
|
WAN subinterface
|
A logical division of a physical WAN interface. This
type of interface is only supported on available devices.
|
ISDN BRI interface
|
Integrated Services Digital Network (ISDN) is an international
communications standard for sending voice, video, and data over digital
telephone lines. ISDN in NSM supports Basic Rate Interface (BRI).
|
Wireless interface
|
A NetScreen-5GT Wireless security device interface handles
wireless traffic to and from that wireless access point (WAP).
|
For information about configuring specific interface
types, see Example: Configuring an Aggregate Interface (NSM Procedure).
Published: 2009-08-20
