Appendix E: Network Traffic

  • Published on Jun 17, 2025
  • 13 minute(s) read
  • CD
  • Migration Team
 Prev Next

Network Traffic Considerations

Important: Edge Appliances and the NMC must be configured with operational DNS servers and a time server (internal or external) within your environment.

Selecting Traffic Groups

When configuring settings for your network during installation, you use the Network Interface Settings area. For each Device in the list, select the Traffic Group from the drop-down list.

Figure E-1: Network Interface Settings area.

Three default traffic groups are available, but you can change the purpose and the name of each traffic group:

  • General: All traffic is in the General traffic group, unless explicitly assigned to a different traffic group. Systems with only one network interface card (NIC) always use the General traffic group. This traffic group is not for any specific purpose.

  • Management: The Management traffic group limits access to the assigned interfaces of the Nasuni Edge Appliance to administrative access only.

  • External: The External traffic group designates a set of interfaces that carry only Web Access traffic.

Note: You use the Firewall configuration page to configure what kind of traffic the Nasuni Edge Appliance accepts on each traffic group.

You cannot combine traffic from two or more traffic groups together.

Note: If a proxy is defined such that it is on one of the networks local to the Nasuni Edge Appliance, this local proxy is used for cloud traffic, Remote Support traffic, and Nasuni Data API traffic. Traffic flows on whichever interface can reach the local proxy.

Bonding. If you assign more than one device to the same traffic group, the assigned devices are “bonded” for that traffic group. A bonded interface is a virtual network interface that runs on two or more physical interfaces. The Nasuni Edge Appliance uses bonding mode 5 (balance-tlb) for high- availability (HA) networking with a performance enhancement when sending packets. This has no requirement from the switches. To change this bonding mode, request Nasuni Support to configure the Bonding Mode setting.

Bonding also provides failover benefits. This bonding mode monitors the state of the network interface cards (NICs) that are in the bond: if the active device fails, it switches to a different active device. In addition, when transmitting a packet, the system determines (using an internal metric) which device in the bond is least busy, and transmits the packet using that device. When the host sends a packet to the Nasuni Edge Appliance, the packet always goes to the active device.

Network switch ports to which bonded Nasuni Edge Appliance ports are attached must be configured as switch port access with trunk access disabled. Any switch port where a bonded Nasuni Edge Appliance port is attached should also not be bridged with any other Nasuni Edge Appliance port.

Note: Nasuni supports either Balance-TLB or the Link Aggregation Control Protocol (LACP) to bond several physical ports together to form a single logical channel. While Balance-TLB is the default, LACP allows a network device to negotiate an automatic bundling of links. If your switch supports LACP, Nasuni recommends using LACP as a best practice. To enable LACP, request Nasuni Support to configure the Bonding Mode setting.

The Spanning Tree's blocking, listening, and learning stages should be disabled or bypassed on all switch ports to which a bonded Nasuni Edge Appliance port is attached. (Cisco switches have a feature called PortFast that is used to disable these Spanning Tree stages on a port-by-port basis.)

Bonded Nasuni Edge Appliance port members may also be split across more than one switch in order to achieve switch redundancy. However, all switch ports that are attached to members of the same bond must comprise a single broadcast domain (namely, the same VLAN) configured on the switch port.

Additionally, if problems exist after deploying a Nasuni Edge Appliance bond across more than one switch, reattach all bond members to the same switch. If the problems disappear, then the cause of the problem resides in the configuration of the switches and not in the configuration of the Nasuni Edge Appliance.

Basic Configuration. Put all available NICs into the General traffic group. The Nasuni Edge Appliance uses a single IP address, and all types of traffic use that IP address. Traffic leaving the LAN uses a default gateway available on this LAN.

Separating client and cloud traffic. Divide the NICs into General and External traffic groups.

The Nasuni Edge Appliance uses one IP address for serving CIFS (SMB), NFS, and FTP traffic, along with the user interface and management protocols.

The Nasuni Edge Appliance uses another IP address for Web Access. The default gateway must be specified on the LAN that the External traffic group uses.

Separating data and management traffic. Divide the NICs into General and Management traffic groups. The Nasuni Edge Appliance uses one IP address for serving CIFS (SMB), NFS, and FTP traffic in addition to communicating with cloud APIs, and a different IP address for the user interface and

management protocols. This configuration expects that administrators use a separate “back plane” network to manage devices more securely.

Sample network topologies.

This example is for General traffic only.

Figure E-2: General traffic only.

This example is for General and External traffic.

Figure E-3: General and External traffic.

This example is for General and Management traffic.

Figure E-4: General and Management traffic.

This example is for General, External, and Management traffic.

Figure E-5: General, External, and Management traffic.

Creating Traffic Groups

After installation of the Nasuni Edge Appliance, you can change network settings as required. See Worksheet for a worksheet for planning configurations.

Note: You use the Firewall configuration page to configure what kind of traffic the Nasuni Edge Appliance accepts on each traffic group.

To create a traffic group, follow these steps:

  1. On Nasuni Edge Appliance: Click Configuration, then select Network Configuration from the menu. The Network Configuration page appears.

    Figure E-6: Network Configuration page.

  2. In the Network Interface Settings area, to manage traffic groups, click Manage Traffic Groups. The Traffic Groups dialog box appears.

    Figure E-7: Traffic Groups dialog box.

    The Traffic Groups dialog box displays a list of the currently available traffic groups. For each traffic group, the traffic group’s name and description appear.

    1. To add a new traffic group, click Add Traffic Group. The Add Traffic Group dialog box appears.

      Figure E-8: Add Traffic Group dialog box.

      1. In the Name text box, enter a short name for the new traffic group.

      2. Optionally, in the Description text box, enter a description of the purpose or characteristics of the new traffic group.

      3. Click OK to add the new traffic group. Alternatively, click Cancel to exit without adding a new traffic group.

    2. To edit a traffic group’s name or description, click Edit. The Edit Traffic Group dialog box appears. The Edit Traffic Group dialog box is similar to the Add Traffic Group dialog box described in step a above. Enter a new name or description for the traffic group, then click OK.

    3. To delete a traffic group, click Delete. The traffic group is deleted.

    4. To save all changes to the traffic groups, including added traffic groups and edited traffic groups, click Save. Alternatively, to exit without saving any changes, click Cancel.

    Note: You configure the network settings for each traffic group in step 4 below.

  3. In the Network Interface Settings area, for each Device in the list, select the Traffic Group from the drop-down list.

    Figure E-9: Network Interface Settings area.

  4. In the Network Interface Settings area, to configure each Traffic Group, click Edit beside the Traffic Group. The Network Settings page appears.

    Figure E-10: Network Settin gs page.

    From the Network Type drop-down list, select either Static or DHCP.

    If you select DHCP (Dynamic Host Configuration Protocol), the IP Address, Netmask, and MTU Value fields become unavailable.

    Note: DHCP might not be enabled on more than one traffic group.

    Important: If installing on the Google Compute Platform (GCP), use Static and not DHCP.

    If DHCP is selected, the new Edge Appliance can reach appliances outside the local GCP subnet, but is unable to reach local appliances on the same subnet.

    If you select Static, you must provide Network Interface Settings and System Settings. See your IT administrator for assistance. Enter the following information:

  • Enter the static IP address in the IP Address text box. The address of a static device must not already be present on the network. The Nasuni Edge Appliance verifies this and displays an error if a collision is detected.

    Ensure that the IP address you are using is not in use elsewhere.

    Note: If you define more than one static device, the Nasuni Edge Appliance checks that the subnets specified do not appear more than once.

    Important: If you change the IP address, also do the following:

    • Update Firewalls with the new IP address.

    • Update DNS entries so that they resolve the Edge Appliance with the new IP address.

    • Re-join the Domain after changing the IP address.You might need to remove the old computer object.

  • Enter a netmask address in the Netmask text box.

  • Enter the MTU value in the MTU Value text box.

    Tip: MTU settings should not exceed 1500.

    The maximum transmission unit (MTU) is the size (in bytes) of the largest protocol data unit that the layer can pass onwards. A larger MTU brings greater efficiency, because each packet carries more user data, while protocol overheads, such as headers, remain fixed; the resulting higher efficiency means a slight improvement in the bulk protocol throughput. A larger MTU also means processing fewer packets for the same amount of data. However, large packets can occupy a slow link for some time, causing greater delays to following packets, and increasing lag and minimum latency.

  • (Optional) You can specify a gateway for each traffic group. This gateway is used to return traffic for clients outside one of the Nasuni Edge Appliance's local networks that do not use the default gateway. In the Gateway text box, enter the IP address for the gateway.

  • Click OK to use these values. Click Cancel to exit this page without making any changes.

  1. Click Save Network Configuration to accept your entries. The Confirm Network Changes page appears.

    Figure E-11: Conf irm Network Changes page.

  2. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to perform this operation, then click Submit. Your changes are saved.

A message box appears indicating that you will be disconnected briefly from the user interface while the changes are applied. Close this message box and refresh the page, or re-access the Nasuni Edge Appliance with your new IP address.

Configuring Traffic Groups

Note: You use the Firewall configuration page to configure what kind of traffic the Nasuni Edge Appliance accepts on each traffic group.

On Nasuni Edge Appliance: Also in the Network Interface Settings area, to configure each Traffic Group, click Edit beside the Traffic Group. The Network Settings page appears.

Figure E-12: Network Settin gs page.

From the Network Type drop-down list, select either Static or DHCP.

If you select DHCP (Dynamic Host Configuration Protocol), the IP Address, Netmask, and MTU Value fields become unavailable.

Note: DHCP might not be enabled on more than one traffic group.

Important: If installing on the Google Compute Platform (GCP), use Static and not DHCP.

If DHCP is selected, the new Edge Appliance can reach appliances outside the local GCP subnet, but is unable to reach local appliances on the same subnet.

If you select Static, you must provide Network Interface Settings and System Settings. See your IT administrator for assistance. Enter the following information:

  • Enter the static IP address in the IP Address text box. The address of a static device must not already be present on the network. The Nasuni Edge Appliance verifies this and displays an error if a collision is detected.

    Ensure that the IP address you are using is not in use elsewhere.

    Note: If you define more than one static device, the Nasuni Edge Appliance checks that the subnets specified do not appear more than once.

    Important: If you change the IP address, also do the following:

    • Update Firewalls with the new IP address.

    • Update DNS entries so that they resolve the Edge Appliance with the new IP address.

  • Re-join the Domain after changing the IP address.You might need to remove the old computer object.

  • Enter a netmask address in the Netmask text box.

  • Enter the MTU value in the MTU Value text box.

Tip: MTU settings should not exceed 1500.

The maximum transmission unit (MTU) is the size (in bytes) of the largest protocol data unit that the layer can pass onwards. A larger MTU brings greater efficiency, because each packet carries more user data, while protocol overheads, such as headers, remain fixed; the resulting higher efficiency means a slight improvement in the bulk protocol throughput. A larger MTU also means processing fewer packets for the same amount of data. However, large packets can occupy a slow link for some time, causing greater delays to following packets, and increasing lag and minimum latency.

  • (Optional) You can specify a gateway for each traffic group. This gateway is used to return traffic for clients outside one of the Nasuni Edge Appliance's local networks that do not use the default gateway. In the Gateway text box, enter the IP address for the gateway.

  • Click OK to use these values. Click Cancel to exit this page without making any changes.

Configuring System Settings

Important: Edge Appliances and the NMC must be configured with operational DNS servers and a time server (internal or external) within your environment.

In the System Settings area, from the Settings Source drop-down list, select either Static or DHCP as the source for system-wide configuration.

Figure E-13: System Settings page.

  • DHCP (Dynamic Host Configuration Protocol): Provides a network IP address for a host on an IP network automatically. The Default Gateway, Search Domain, Primary DNS Server, and Secondary DNS Server fields become unavailable.

    Important: If installing on the Google Compute Platform (GCP), use Static and not DHCP or DHCP with custom DNS.

    If DHCP or DHCP with custom DNS is selected, the new Edge Appliance can reach appliances outside the local GCP subnet, but is unable to reach local appliances on the same subnet.

  • DHCP with custom DNS: Provides a network IP address for a host on an IP network automatically. The Default Gateway field becomes unavailable.

    Important: If installing on the Google Compute Platform (GCP), use Static and not DHCP or DHCP with custom DNS.

    If DHCP or DHCP with custom DNS is selected, the new Edge Appliance can reach appliances outside the local GCP subnet, but is unable to reach local appliances on the same subnet.

Enter the following information:

  • Enter one or more local search domains in the Search Domain text box, each separated by a space. You must enter valid hostnames.

    You can use search domains to avoid typing the complete address of domains that you use frequently. The search domains that you enter are automatically appended to names that you specify for purposes such as Active Directory configuration, HTTPS proxy, and NTP server. For example, if you specify the search domain “mycompany.com”, then typing “server1” for one of these purposes would connect to “server1.mycompany.com”.

  • Enter the IP address for your primary DNS server in the Primary DNS server text box. You must enter a valid hostname or IP address.

  • Enter the IP address for your secondary DNS server in the Secondary DNS server text box (if applicable). You must enter a valid hostname or IP address.

  • Static: Address information must be entered manually. Enter the following information:

    • Enter a default gateway address in the Default Gateway text box.

      The gateway address must match a subnet of a defined static network.

    • Enter one or more local search domains in the Search Domain text box, each separated by a space. You must enter valid hostnames.

      You can use search domains to avoid typing the complete address of domains that you use frequently. The search domains that you enter are automatically appended to names that you specify for purposes such as Active Directory configuration, HTTPS proxy, and NTP server. For example, if you specify the search domain “mycompany.com”, then typing “server1” for one of these purposes would connect to “server1.mycompany.com”.

    • Enter the IP address for your primary DNS server in the Primary DNS server text box. You must enter a valid hostname or IP address.

    • Enter the IP address for your secondary DNS server in the Secondary DNS server text box (if applicable). You must enter a valid hostname or IP address.

To configure a proxy in order to reach HTTPS resources on the Internet, select the Configure A Proxy check box.

Related articles