Chapter 6. Interfaces and Subnets

Table of Contents

6.1. Relationship between Interfaces and Physical Ports
6.1.1. Port groups
6.1.2. Interfaces
6.2. Defining port groups
6.3. Defining an interface
6.3.1. Defining subnets
6.3.1.1. Using DHCP to configure a subnet
6.3.2. Setting up DHCP server parameters
6.3.2.1. Fixed/Static DHCP allocations
6.3.2.2. Partial-MAC-address based allocations
6.4. Physical port settings
6.4.1. Disabling auto-negotiation
6.4.2. Setting port speed
6.4.3. Setting duplex mode
6.4.4. Defining port LED functions

This chapter covers the setup of Ethernet interfaces and the definition of subnets that are present on those interfaces.

For information about other types of 'interfaces', refer to the following chapters :-

6.1. Relationship between Interfaces and Physical Ports

The FB2500 features four Gigabit Ethernet (1Gb/s) ports that can also operate at 10Mb/s and 100Mb/s speeds. Auto-negotiation of link speed is enabled by default, so when connected to auto-negotation capable equipment, the ports operate at the highest speed that both ends of the link can run at. In some situations, auto-negotiation is not supported by connected equipment, and so the FB2500 provides control of port behaviour to allow the port to work with such equipment.

Each port features a green and amber LED, the functions of which can be chosen from a range of options indicating link speed and/or traffic activity.

The exact function of the ports is flexible, and controlled by the configuration of the FB2500.

6.1.1. Port groups

Up to four port groups can be defined, with each group comprising a set of one or more physical ports that doesn't overlap with any other group. The ports within the group work as a conventional Ethernet switch, directly transferring traffic at wire-speed that is destined for a MAC address that is present on one of the other ports in the group.

6.1.2. Interfaces

In the FB2500, an interface is a logical equivalent of a physical Ethernet interface adapter. Each interface normally exists in a distinct broadcast domain, and is associated with at most one port group. It is referred to as a logical interface, since Virtual LAN (VLAN) support allows multiple logical interfaces to be implemented on one physical port group. If you are unfamiliar with VLANs or the concept of broadcast domains, Appendix D contains a brief overview.

Table 6.1 shows the logical to physical associations that are possible :-

Table 6.1. Physical port usage options

AssociationNotes
A single physical port[a] implements one interfaceVLANs are not in use on the port, and so only untagged packets are present.
A user-defined group of physical ports implements one interface

The ports in the group work as a conventional Layer 2 Ethernet switch, directly transferring traffic at wire-speed that is destined for a MAC address that is present on one of the other ports in the group.

The interface is associated with an internal (to the FB2500) port in this switch-port group, thus :-

  • packets arriving at any of the ports in the group and destined for a MAC address belonging to the FB2500 will be received by the associated interface
  • packets being sent out of the interface will be forwarded to the appropriate physical port based on normal MAC learning
A single physical port implements multiple interfacesVLANs are in use on the port - each logical interface is specified with a different VLAN ID, the port receives (and sends) tagged packets, the tag is removed and the packet is processed as arriving on the interface with matching VLAN ID
A user-defined group of physical ports implements multiple interfaces**TBC would this ever be done?**

[a] This is actually a port group, but with only a single member.


From Table 6.1 it will be apparent that, when not using VLANs, a maximum of four interfaces can be defined - one interface per physical port. When using VLANs, the number of interfaces is ultimately limited to the smaller of 4096 (as a result of the VLAN tag size of 12-bits) or the number of MAC addresses available for use by a specific FB2500 (see Appendix C).

By combining the FB2500 with a VLAN capable switch, using only a single physical connection between the switch and the FB2500, you can effectively expand the number of distinct physical interfaces, with the upper limit on number being determined by switch capabilities, or by inherent IEEE 802.1Q VLAN or FB2500 MAC address block size. An example of such a configuration is a multi-tenant serviced-office environment, where the FB2500 acts as an Internet access router for a number of tenants, firewalling between tenant networks, and maybe providing access to shared resources such as printers.