SafeNet Luna Network HSM Appliance Port Bonding

SafeNet Luna Network HSM has four physical network interface devices: eth0, eth1, eth2, and eth3. You can bond eth0 and eth1 into a single virtual interface, bond0, or eth2 and eth3 into bond1, to provide a redundant active/standby interface. The primary purpose of the service is a hot standby mode for network interface failure, no performance or throughput gains are intended.

The following conditions and recommendations apply to the port bonding feature:

>Bonded interfaces must both be attached to the same network segment. For example, if a bonded interface of IP 192.168.9.126 is chosen, both interfaces must be connected to devices that can access the 192.168.9.* network.

>Bonded interfaces must use static addressing.

>Avoid executing bonding commands while clients are running applications against the SafeNet Luna Network HSM. Where a bonding interface has the same IP as the IP of eth0 or eth2, no ill effects have been observed on running clients other than normal fail-over/recover behavior.

>Avoid executing bonding commands over SSH, which can result in the closure of the active SSH session.

Once bonding is configured, client connections as well as SSH connections continue uninterrupted if either of the bonded interfaces fails.

Using Port Bonding

Use LunaSH to configure, enable, or disable port bonding, and to display the current port bonding status. See network interface bonding in the LunaSH Command Reference Guide for a list of the port bonding commands.

To bond eth0 and eth1 to the bond0 or eth2 and eth3 to the bond1 virtual interface:

1.Use the command network interface bonding config to specify a static IP address, subnet mask, and gateway for the bonded interface.

NOTE   To avoid breaking the NTLS connection to the appliance, ensure that the IP address you specify for the bonded interface is the IP address used for the current NTLS connection. For bond0 use the IP address for eth0 or eth1. For bond1 use the IP address for eth2 or eth3.

2.Use the command network interface bonding enable to enable the bonded interface.


Customer Support Portal

SafeNet Luna Network HSM 7.4 Product Documentation  16 December 2019  Copyright 2001-2019 Thales. All rights reserved.