Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 11 replies
  • Answers 3 answers
  • Subscribers 27 subscribers
  • Views 2876 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Setup REDs on Bridge Mode

Chacha Kairu

Hi Team,

Does anyone have some in-depth on how RED bridged network works. The current documentation seems abit 'outdated'.

Also, i would like some clarification in regards to VPN traffic to and from REDs in a bridged setup and how routing is done.

Thanks

Chacha Kairu 



This thread was automatically locked due to age.
Parents
  • 0

    Chacha, 

    what do you mean bridged? Do you mean transparent mode?

    Thanks

  • 0 in reply to lferrara

    lferrara said:

    Chacha, 

    what do you mean bridged? Do you mean transparent mode?

    Thanks

     

     

    I have 33 REds devices to deploy on multiple branches. I think i read somewhere that to ease deployment, one can create a bridge and attach REDs to the bridge for ease of deployment.

    Needed some more info on this especially in cases where we need to have VPN traffic reaching the REDs network.

    Thanks

  • 0 in reply to Chacha Kairu

    Bridging is used when XG lan and red networks have the same IP/Subnet addresses or when you have more than one network with the same ip/mask. For example, 2 red sites with same addresses.

    community.sophos.com/.../red-on-same-subnet

    Regards

  • 0 in reply to lferrara

    I would highly recommend to not Bridge the REDs into one big bridge. 

    There are many issues in this deployments regarding handling. 

    The Interface on XG is the LAN port of RED. A network bridge is like a ethernet bridge and build in the linux kernel to bridge physical interfaces together. 

    It will work, but now lets take a brief look at the real world. 

    If one RED goes down, for what ever reason, the Bridge would loose one interface (in kernel), which could lead to a reload of the whole bridge. So to speak all other sites could go down for couple seconds. 

     

    Some customer bridge one RED with their local Network, yes thats fine for me. 

    But if you consider to build a 33 Interface Bridge together, i would assume, that is not the best idea, consider the point i made earlier.

Reply
  • 0 in reply to lferrara

    I would highly recommend to not Bridge the REDs into one big bridge. 

    There are many issues in this deployments regarding handling. 

    The Interface on XG is the LAN port of RED. A network bridge is like a ethernet bridge and build in the linux kernel to bridge physical interfaces together. 

    It will work, but now lets take a brief look at the real world. 

    If one RED goes down, for what ever reason, the Bridge would loose one interface (in kernel), which could lead to a reload of the whole bridge. So to speak all other sites could go down for couple seconds. 

     

    Some customer bridge one RED with their local Network, yes thats fine for me. 

    But if you consider to build a 33 Interface Bridge together, i would assume, that is not the best idea, consider the point i made earlier.

Children
  • 0 in reply to LuCar Toni

    LuCar Toni said:

    I would highly recommend to not Bridge the REDs into one big bridge. 

    There are many issues in this deployments regarding handling. 

    The Interface on XG is the LAN port of RED. A network bridge is like a ethernet bridge and build in the linux kernel to bridge physical interfaces together. 

    It will work, but now lets take a brief look at the real world. 

    If one RED goes down, for what ever reason, the Bridge would loose one interface (in kernel), which could lead to a reload of the whole bridge. So to speak all other sites could go down for couple seconds. 

     

    Some customer bridge one RED with their local Network, yes thats fine for me. 

    But if you consider to build a 33 Interface Bridge together, i would assume, that is not the best idea, consider the point i made earlier.

     

    Toni,

    This's well noted but my other issue would be, the VPN traffic going to and from REDs to partner network. I will have to add each REDs network to the VPN and also create static routes on the same.

    In my opinion, this is alot of work especially in a scenario where i'm connecting to partner's network which i have no control of. That's my dilemma.