TippingPoint devices support Cisco's EtherChannel^® and the IEEE Link Aggregation Control Protocol (LACP). However, all aggregation configurations are performed at the switch as the IPS by itself has no configuration settings about aggregation. The only caveat with running aggregated links through the device is that to maintain operations, the aggregation protocol being used needs to be configured not to use any type of load balancing (e.g., Round Robin, Active-Backup policy) algorithm for traffic flow. While "Round Robin" is great for load balancing traffic flow across multiple links, it is not good for packet inspection. Traffic flow affinity must be maintained using a flow-based algorithm, such as by aggregating the source IP. This will ensure that all fragments from any particular flow go through the same segment.

To configure link aggregation, the user must set up the appropriate number of segments. For example, if the user aggregates four links, he would need to set up four segments (8 ports) for the link aggregation connections. Four ports (1A, 2A, 3A, 4A) come from "Switch 1", and four ports (1B, 2B, 3B, 4B) go to "Switch 2". See the sample topology diagrams below.

Segment Groups

In addition, the user can also create "Segment Groups". A Segment Group is a grouping of device segments, physical or virtual, that are set up in a specific combination that allows users to maintain settings and file distribution. Users can then associate a particular filter profile with the segment group. So, in the above example, the user could create a Segment Group for all the "A" ports (inbound) and another Segment Group for all the "B" ports (outbound) and apply profiles accordingly.

How To: Create a Segment Group

1. Log in to the SMS from a client.
2. On the SMS toolbar, navigate to Devices > All Devices and expand the tab.
3. Select the Segment Groups tab.
4. To create a new Segment Group, do one of the following:
   • Click New.
   • Right-click and select New.
   • On the top menu, select File > New > Segment Group.
5. The Segment Group Edit dialog displays.
6. In the Group Name field, specify a name for the group.
7. In the Non-Members pane, select how you want to organize the list: by Device or Segment Group.
8. Select one or more devices from the list. You can select multiple devices by clicking and dragging your cursor over the names and using the Shift and Ctrl keys.
9. Click the right arrow button to move the selected device to the right Group Members pane.
10. Click OK.
11. The segment group is displayed in the Devices Navigation pane and Devices > Segment Group screen.