We have recently released new iBypass software (v.2.0.1) for 10 GigaBit iBypass Switch
and GigaBit iBypass Switch (see the
customer portal here
This is a good opportunity to review a great feature in iBypass that allows to use it as
network tap. The advantage is that a bypass switch has an amplifier functionality on the
and in the event of power failure, the tap will pass through traffic.
Whenever the iBypass Switch is in Bypass ON mode, it operates as a full-duplex
copying the traffic received at Network Port A to Monitor Port 1, and traffic received at
Network Port B to Monitor Port 2. This function enables the attached device to monitor
network traffic out-of-band, for instance to baseline the system prior to putting the device
in-line. The only difference from a normal network Tap is that Heartbeat
packets continue to
be transmitted (if the Switch is not in Manual Bypass mode) in order to detect when the
monitoring tool comes back online.
One can force BYPASS ON by the command "set timeout 0"
A while back, I wrote about using Bypass Switches as Taps. I'd like to
tell you about some improvements we've made to increase the flexibility
of Tap mode in the iBypass Swtich starting with code version 2.2.1.
With code prior to V2.2.1, the behavior is as described in the previous post:
When the Heartbeat
timeout parameter is set to zero (command: "set timout 0"),
the iBypass Switch is forced into Bypass ON mode. In Bypass ON mode, network
traffic is copied to the monitor ports like a full-duplex
In normal Bypass ON mode, Heartbeat
packets are included in the monitor traffic
so the iBypass Switch can detect when the tool comes back online.
When Bypass ON is forced, there are no Heartbeat
s because the Heartbeat
timeout is 0.
With code V2.2.1 and later, link traffic is NOT copied to the monitor ports in
normal Bypass ON mode; only Heartbeat
packets are seen on the monitor ports.
To see the link traffic on the monitor ports like at Tap, now you use the new
command "set mode 1". This puts the iBypass Switch into Tap mode.
packets continue to be emitted, but you can turn them off by setting
the timeout to zero, like before. However, "set timeout 0" by itself does not
force Bypass ON (or Tap) mode, it controls only the Heartbeat
To return to nomal bypass switch operation, use the command "set mode 2",
and restore the Heartbeat
timeout if you had set it to zero for Tap mode.
Old code: Network traffic is copied to the monitor ports in Bypass ON mode
New code: Network traffic is NOT copied to the monitor ports in Bypass ON mode
To make the iBypass switch behave like a Tap:
Old code: "set timeout 0"
New code: "set mode 1" (also, optionally, "set timeout 0"
to remove Heartbeat
What does "set timet 0" do?
Old code: Force Bypass ON mode (like a Tap) and stop Heartbeat
New code: Stop Heartbeat
How to return to bypass switch mode?
Old code: restore timeout to non-zero value
New code: "set mode 2" (also, restore timeout to non-zero value
if you had set it to zero to stop heartbeats)
Most importantly: If you never use the iBypass Switch as a Tap,
none of this matters to you at all!
Note: Code V2.2.1 was put into production June, 20th
for 10/100/1000 copper iBypass Switch models. The GigaBit fiber models
got the new Tap mode behavior with code V3.0.2 released
which also applied to the 10/100/1000 models.
The 10 GigaBit models will get the change later this year.
These code versions are not field upgradable because they depend on
changes to lower level product firmware, so you will only see it on
new units shipped after those dates.