NP-Channel - Network Visibility & Test Solutions for Security, Network and Application Performance


Soluzioni > Using Bypass Switch as Tap

We have recently released new iBypass software (v.2.0.1) for 10 GigaBit iBypass Switch and GigaBit iBypass Switch (see the customer portal here).

This is a good opportunity to review a great feature in iBypass that allows to use it as network tap. The advantage is that a bypass switch has an amplifier functionality on the and in the event of power failure, the tap will pass through traffic.

Whenever the iBypass Switch is in Bypass ON mode, it operates as a full-duplex breakout Tap, copying the traffic received at Network Port A to Monitor Port 1, and traffic received at Network Port B to Monitor Port 2. This function enables the attached device to monitor network traffic out-of-band, for instance to baseline the system prior to putting the device in-line. The only difference from a normal network Tap is that Heartbeat packets continue to be transmitted (if the Switch is not in Manual Bypass mode) in order to detect when the monitoring tool comes back online.

One can force BYPASS ON by the command "set timeout 0"


A while back, I wrote about using Bypass Switches as Taps. I'd like to tell you about some improvements we've made to increase the flexibility of Tap mode in the iBypass Swtich starting with code version 2.2.1.

With code prior to V2.2.1, the behavior is as described in the previous post: When the Heartbeat timeout parameter is set to zero (command: "set timout 0"), the iBypass Switch is forced into Bypass ON mode. In Bypass ON mode, network traffic is copied to the monitor ports like a full-duplex breakout tap. In normal Bypass ON mode, Heartbeat packets are included in the monitor traffic so the iBypass Switch can detect when the tool comes back online. When Bypass ON is forced, there are no Heartbeats because the Heartbeat timeout is 0.

With code V2.2.1 and later, link traffic is NOT copied to the monitor ports in normal Bypass ON mode; only Heartbeat packets are seen on the monitor ports. To see the link traffic on the monitor ports like at Tap, now you use the new CLI command "set mode 1". This puts the iBypass Switch into Tap mode. Heartbeat packets continue to be emitted, but you can turn them off by setting the timeout to zero, like before. However, "set timeout 0" by itself does not force Bypass ON (or Tap) mode, it controls only the Heartbeats. To return to nomal bypass switch operation, use the command "set mode 2", and restore the Heartbeat timeout if you had set it to zero for Tap mode.

To summarize,

Old code: Network traffic is copied to the monitor ports in Bypass ON mode
New code: Network traffic is NOT copied to the monitor ports in Bypass ON mode

To make the iBypass switch behave like a Tap:
Old code: "set timeout 0"
New code: "set mode 1" (also, optionally, "set timeout 0" to remove Heartbeat packets)

What does "set timet 0" do?
Old code: Force Bypass ON mode (like a Tap) and stop Heartbeats
New code: Stop Heartbeats only

How to return to bypass switch mode?
Old code: restore timeout to non-zero value
New code: "set mode 2" (also, restore timeout to non-zero value if you had set it to zero to stop heartbeats)

Most importantly: If you never use the iBypass Switch as a Tap, none of this matters to you at all!

Note: Code V2.2.1 was put into production June, 20th 2011 for 10/100/1000 copper iBypass Switch models. The GigaBit fiber models got the new Tap mode behavior with code V3.0.2 released Sept., 30th 2011, which also applied to the 10/100/1000 models. The 10 GigaBit models will get the change later this year. These code versions are not field upgradable because they depend on changes to lower level product firmware, so you will only see it on new units shipped after those dates.

© by Ixia/Net Optics

Inizio PaginaBypass Switches
+49 6102 7487-0   |       |    Disclaimer   |    Condizioni del contratto   |    Mappa del sito   |    Imprint
Last updated: 30.06.2016 - © 2016 by KTM Industries AG