Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] Shared interface versus the dedicated interface in a multi-VSYS environment

0

0

Article ID: KB26330 KB Last Updated: 08 Jan 2013Version: 1.0
Summary:
This article provides information about the shared and dedicated interfaces in a multi-VSYS environment.
Symptoms:
Information about the shared and dedicated interfaces in a multi-VSYS environment.
Cause:

Solution:
Shared interfaces:

  • The interface that is bound to a shared zone in the root VSYS will be shared and acts as the gateway from a user VSYS to the root VSYS.

  • Any other interface (including the interface that is bound to the shared zone at the VSYS level) will be unshared.

  • Interfaces can be imported into the VSYS, if they are not bound to any root VSYS zone. The interface must be in the null zone, prior to importing.

Dedicated interfaces:

  • A dedicated interface is exclusively dedicated to its own VSYS. Such interfaces are not sharable by other virtual systems.

  • A physical interface, sub interface, redundant interface, or aggregate interface in the root system, which is bound to the Root non-sharable zone, remains dedicated to the root system.

  • When you configure a sub-interface, tunnel interface, loopback interface, aggregate interface, or redundant interface in a VSYS, it belongs to it.

  • When you import a physical or aggregate interface into a VSYS and bind it to either the shared Untrust zone or the Trust-vsys_name zone, that interface becomes a dedicated interface for that VSYS:


  • When a system has a dedicated sub-interface, the security device must employ VLAN-based traffic classification to properly sort the inbound traffic.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search