|
n
|
|
n
|
To create tunnels, use the Tunnel Builder tab.
|
 |
|
n
|
|
n
|
Auto Max BW allows appliances to negotiate the maximum tunnel bandwidth based on the lower of the system bandwidths of the two appliances.
|
|
n
|
Auto [Discover] MTU allows the tunnel MTU to be discovered automatically. When selected, this overrides the MTU setting.
|
|
n
|
|
n
|
FEC Ratio is an option when FEC is set to auto, that specifies the maximum ratio. The options are 1:2, 1:5, 1:10, or 1:20.
|
|
n
|
Local IP is the IP address for the local appliance.
|
|
n
|
Max BW is the maximum bandwidth for this tunnel, in kilobits per second. This must be less than or equal to the upstream bandwidth of your WAN connection.
|
|
n
|
|
n
|
MTU (bytes) (Maximum Transmission Unit) is the largest possible unit of data that can be sent on a given physical medium. For example, the MTU of Ethernet is 1500 bytes. Silver Peak provides support for MTUs up to 9000 bytes.
|
|
n
|
Oper Status indications are as follows:
|
|
•
|
Down = The tunnel is down. This can be because the tunnel administrative setting is down, or the tunnel can't communicate with the appliance at the other end. Possible causes are:
|
|
•
|
Intermediate QoS policy (be packets are being starved. Change control packet DSCP marking)
|
|
•
|
|
•
|
IPsec is misconfigured: (1) enabled on one side (see show int tunnel configured), or (2) mismatched pre-shared key
|
|
•
|
Down - In progress = The tunnel is down. Meanwhile, the appliance is exchanging control information with the appliance at the other end, trying to bring up the tunnel.
|
|
•
|
Down - Misconfigured = The two appliances are configured with the same System ID. (see show system)
|
|
•
|
Up - Active = The tunnel is up and active. Traffic destined for this tunnel will be forwarded to the remote appliance.
|
|
•
|
Up - Active - Idle = The tunnel is up and active but hasn't had recent activity in the past five minutes, and has slowed the rate of issuing keep-alive packets.
|
|
•
|
Up - Reduced Functionality = The tunnel is up and active, but the two endpoint appliances are running mismatched software releases that give no performance benefit.
|
|
•
|
UNKNOWN = The tunnel status is unknown. This can be because the appliance is unable to retrieve the current tunnel status. Try again later.
|
|
n
|
Receive BW is the configured rate for receiving data. When you enable Dynamic Rate Control (DRC) in the appliance's Shaper, the transmission rate will change dynamically. At the same time, you also configure the appliance's Inbound Bandwidth Limit. So, the appliance's Receive rate may be different from its Max BW (transmission) rate.
|
|
n
|
Remote IP is the IP address for the remote appliance.
|
|
n
|
Uptime is how long since the tunnel came up.
|
As needed, use the options Tunnel template to configure these options.
 |
|
•
|
IPSec Anti-replay window provides protection against an attacker duplicating encrypted packets by assigning a unique sequence number to each encrypted packet. The decryptor keeps track of which packets it has seen on the basis of these numbers. The default window size is 64 packets.
|
|
•
|
UDP destination port is used in UDP mode.
|
|
•
|
UDP flows is the number of flows over which to distribute tunnel data.
|
|
•
|
Coalescing Enabled allows the appliance to coalesce smaller packets into larger packets.
|
|
•
|
Coalescing Wait (ms) is the number of milliseconds that the appliance should hold packets while attempting to coalesce smaller packets into larger ones.
|
|
•
|
Reorder Wait (ms) is the number of milliseconds to allow for out-of-order packets to reorder. The default value is 100 ms.
|
|
•
|
Retry Count is the number of failed keep-alive messages that are allowed before the appliance brings the tunnel down.
|
|
•
|
DSCP determines which DSCP marking the keep-alive messages should use.
|
