The syslog-ng Store Box (SSB) hardware has five network interfaces: the external, the management, the internal (currently not used in SSB), the HA, and the IPMI interface. For details on hardware installation, see syslog-ng Store Box Hardware Installation Guide in the Installation Guide.
External interface
The external interface is used for communication between SSB and the clients: clients send the syslog messages to the external interface of SSB. Also, the initial configuration of SSB is always performed using the external interface (for details on the initial configuration, see Configuring SSB with the Welcome Wizard). The external interface is used for management purposes if the management interface is not configured. The external interface uses the Ethernet connector labeled as 1 (or EXT).
Using a 10Gbit interface as external interface
Several SSB appliances are equipped with dual-port 10Gbit SFP+ interfaces. Use this 10Gbit interface instead of the regular 1Gbit external (LAN 1) interface if your network devices support only 10Gbit and you must connect SSB to a 10Gbit-only network.
NOTE: For the list of compatible SFP+ peripherals for syslog-ng Store Box (SSB) Appliance 3500 outfitted with Intel Ethernet Converged Network Adapter X520-DA2 NIC, refer to the Intel Product Compatibility Tool.
For the list of compatible SFP+ peripherals for syslog-ng Store Box (SSB) Appliance 3500 outfitted with Broadcom NetXtreme-E Series P210P 2x10G PCIe NIC, see Supported Cables for Broadcom Ethernet Network Adapters in the Broadcom Ethernet Network Adapter User Guide.
NOTE: For the list of compatible SFP+ peripherals for syslog-ng Store Box (SSB) Appliance 4000 outfitted with Broadcom NetXtreme-E Series P210P 2x10G PCIe NIC, see Supported Cables for Broadcom Ethernet Network Adapters in the Broadcom Ethernet Network Adapter User Guide.
|
Caution:
Hazard of data lossOne Identity recommends using a single interface (either 1, or A) and leaving the B interface unused. If SSB detects a link on multiple interfaces, SSB will not switch to a different interface as long as the link is detected on the currently active interface, not even in case of packet loss or other network issues. To ensure that your configuration is future-proof and to avoid having to reconfigure your appliance in the future, it is not recommended to use the B interface. In future releases of SSB, the B interface will be used exclusively in one particular type of scenario. |
Management interface
The management interface is used exclusively for communication between SSB and the auditors or the administrators of SSB. Incoming connections are accepted only to access the SSB web interface, other connections targeting this interface are rejected. The management interface uses the Ethernet connector labeled as 2 (or MGMT).
The routing rules determine which interface is used for transferring remote backups and syslog messages of SSB.
TIP: It is recommended to direct backups, syslog and SNMP messages, and email alerts to the management interface. For more information, see Configuring the routing table.
If the management interface is not configured, the external interface takes the role of the management interface.
NOTE: When deploying SSB in a virtual environment, it is sufficient to use only a single network interface. When only one network interface is defined, that interface will be the one used for management purposes, enabling access to SSB's web interface and the RPC API.
High availability interface
The high availability interface (HA) is an interface reserved for communication between the nodes of SSB clusters. The HA interface uses the Ethernet connector labeled as 4 (or HA). For details on high availability, see High Availability support in SSB.