ESA Default IP Address Determination with Multiple Interfaces on the Same Subnet
Available Languages
Contents
Introduction
This document describes the Cisco Email Security Appliance (ESA) default interface determination process if there are multiple interfaces configured on the same subnet.
AsyncOS Default Interface Determination
This section describes how AsyncOS selects a default IP address (AUTO) when there are multiple IP addresses configured on the same subnet.
AsyncOS Versions 8.5.5 and Later
If your system runs AsyncOS Version 8.5.5 or later, and there are multiple IP addresses configured within the same subnet as the default gateway, the IP address with the lowest numeric value is chosen.
For example, these IP addresses might be configured:
- 10.10.10.2 /24
- 10.10.10.30 /24
- 10.10.10.100 /24
- 10.10.10.105 /24
In this case, 2 is lower than 30, 100, and 105, so it is selected as the default source IP address unless configured otherwise. (Refer to the Exceptions section for more information.)
AsyncOS Version 8.0.0 Only
If your system runs AsyncOS Version 8.0.0, the default interface is selected based on the order that the IP interfaces appear under Network > IP Interfaces on the GUI, or the order in which they appear in the output of the ifconfig CLI command output. The first interface in the list that resides on the subnet in question is used.
The order in which the IP interfaces appear is dependent upon the Name that is configured for that interface. These names are sorted alphanumerically.
All Other AsyncOS Versions
If your system runs AsyncOS Version 8.0.1, 8.0.2, or 7.6.3 or earlier, and there are multiple IP addresses configured within the same subnet as the default gateway, the IP address with the lowest number based on a C-string search is chosen.
This IP grid illustrates a C-string search. Within this grid, the system searches for numbers and moves in a downward direction from the top-left grid location until the local part of the IP address is complete.
IP Grid |
||
| 1 | ||
| 0 | ||
| 1 | ||
| 2 | ||
| 3 | ||
| 4 | ||
| 5 | ||
| 6 | ||
| 7 | ||
| 8 | ||
| 9 | ||
| 0 | ||
| 1 | ||
| 2 | ||
| 3 | ||
| 4 | ||
| 5 | ||
| 6 | ||
| 7 | ||
| 8 | ||
| 9 | ||
| 2 | ||
| 0 | ||
| 1 | ||
| 2 | ||
| 3 | ||
| ... | ||
| 0 | ||
| 1 | ||
| 2 | ||
| 3 | ||
| ... | ||
| 3 | ||
| ... | ||
For example, these IP addresses might be configured within the same subnet:
- 10.10.10.2 /24
- 10.10.10.30 /24
- 10.10.10.100 /24
- 10.10.10.105 /24
If you view the C-sting search grid example for the first IP address numeral, 2 is the first match and is in the first column. The next IP address numeral, 30, is split into 3 and 0 and has its first match at the bottom of the grid. This starts with the number 3, and it is followed by 0 for the next match in the next column (not shown in the example). The IP address that ends with 100 has its first match in the first row, as it starts with 1, is followed by 0 in the second column, and then another 0 in the last column. The last IP address, 105, also has a match in the first row and has a 0 in the second row, but the 5 appears after the 0-4 in the last column.
As shown in the example, the IP address 10.10.10.100 is used as the default.
Exceptions
The procedures that are described in this document are only valid if the default interface for delivery is not forced by a content or message filter, and:
- The default interface is not configured with the deliveryconfig command.
- An Alt-Src host action is not used.
FeedbackContact Cisco
- Open a Support Case
- (Requires a Cisco Service Contract)