Support /
Knowledge Base

Network Interfaces

Every Syneto machine must have at lease two network interface cards that are automatically detected at system startup. New or removed network interface cards will automatically be detected at startup, the system adapting itself to the new hardware configuration.

We can distinguish between two kinds of network interfaces: physical and virtual. Physical interfaces are those that have a physical representation in the system, that is, are connected to a piece of hardware. As for now, Syneto appliances support only Ethernet based network cards, thus the name of these interfaces range from eth0 to ethN. There are two types of virtual interfaces: bridges and VLANs (Virtual LANs). Bridges, which are in fact layer 2 switches, are created by bonding two or more Ethernet or VLAN interfaces. VLANs are obtained by decoding all network packets tagged with the same VLAN tag.

Each network interface is defined by several properties:

  • Ethernet interface: primary IP address, multiple secondary IP addresses (or aliases) and advanced ethernet properties like negotiated speed and MTU
  • Bridge interface: primary IP address, multiple secondary IP addresses (or aliases) and a list of interfaces that are part of that bridge – it may contain either physical or VLAN interfaces
  • VLAN interface: primary IP address, multiple secondary IP addresses (or aliases), physical interface (or trunk interface) and the VLAN tag
You can bridge several VLAN interfaces but this is not recommended. 
As routing is always active, Syneto can route and filter connections from one VLAN to another.
When all the physical interfaces are grouped in a bridge, Syneto can act like a switch that can filter the traffic between interfaces. What happens is that layer 2 traffic is injected into the layer 3 filtering firewall. This is especially interesting because allows the appliance to be configured as a transparent firewall/proxy.

To configure various aspects of the network interfaces, bridges and VLANs, you have to navigate to the System -> Interfaces menu. The first tab that is presented to the user is named ‘Ethernet’. This allows changing the IP/netmask pairs for the ethernet network interfaces present in the system, adding new IP/netmask pairs for the same ethernet interface (this process is calledaliasing) or changing the status of the interface – enabled or disabled (see Figure 1).

Figure 1. Configure Ethernet network interfaces

To change the IP/netmask of an interface (primary IP or alias), you can click on the pencil icon. Figure 2 shows the window that appears when editing the IP/netmask:

Figure 2. Configure IP/netmask pairs

The ‘Advanced’ button will pop up a window where the savvy network administrator can change the speed at which the Ethernet interface operates or it can change the MTU (Maximum Transfer Unit) – that is, how large an Ethernet frame is allowed through this interface.

Bridges can be added and configured in the ‘Bridge’ tab. By default no bridge is defined. To add one to the system click on the ‘Add bridge’; a new pop-up window will emerge as in Figure 3, which will allow you to define a new bridge by selecting a name for the bridge, a list of Ethernet or VLAN interfaces that will be part of the bridge and an IP/netmask pair for it.

Figure 3. Defining a bridge

Defining a VLAN is similar to defining a bridge. Click the ‘Vlan’ tab then click the ‘Add Vlan’ button. Choose an interface on which to attach that VLAN, a tag for that VLAN (which should be a small integer) and an IP/netmask pair for that VLAN.

Figure 4. Defining a VLAN