Breakout interfaces
You can break out high-speed interfaces on some XGS Series appliances into two or more interfaces of lower speeds. This enables them to connect with lower-speed ports in other network devices. You can also break out high-speed interfaces configured using FleXi modules.
Support for breakout interfaces
Sophos Firewall supports breakout interfaces on the following XGS Series appliances:
Appliances | Fixed interfaces | FleXi module (AMDA0112-0001) | Supported configuration |
---|---|---|---|
XGS 8500 | 100 Gbps (Ports F13 and F14) | 40 Gbps | Two breakout interfaces: 2 x 50 Gbps Four breakout interfaces: 4 x 25 Gbps, 4 x 10 Gbps, 4 x 1 Gbps |
XGS 7500 | 40 Gbps (Ports F13 and F14) | 40 Gbps | Four breakout interfaces: 4 x 25 Gbps, 4 x 10 Gbps, 4 x 1 Gbps Note that you can breakout this 40 Gbps port into 4 ports of 25 Gbps speeds each to get a total of 100 Gbps throughput. |
XGS 6500 XGS 5500 | Not supported | 40 Gbps | Four breakout interfaces: 4 x 10 Gbps, 4 x 1 Gbps |
Note
For breakout ports, make sure you use the AMDA0112-0001 FleXi module on the supported XGS Series appliances.
See Sophos and third-party transceivers/SFPs compatibility list for a list of transceivers and cables compatible with the firewall.
How breakout interfaces work
Here's how breakout interfaces work in the following scenarios:
General
- You must restart the firewall for the breakout configuration changes to take effect. The Interfaces page shows an alert message to restart the firewall.
- If you change the breakout configuration of an interface and revert it, you don't need to restart the firewall.
For more information about breakout interfaces in a high availability cluster, see Interface requirements.
FleXi modules
If you break out a FleXi module interface and remove the FleXi module, the firewall deletes the member interfaces. The Interfaces page shows the source interface's status as Not Available. If you install the FleXi module again, you must break out the interface and restart the firewall.
Migration
- The breakout configuration is available when you upgrade, downgrade, or rollback to a different SFOS version. Downgrades and rollbacks must be to a version that supports breakout.
-
If you downgrade or rollback to a version where breakout wasn't configured, you can see the configuration on the web admin console, but the breakout source and member interfaces don't function. You can do as follows:
- Break out the source interface again. You don't need to restart the firewall because the member interfaces are already present.
- If you don't want the breakout configuration, delete it and restart the firewall.
Factory reset
If you break out an interface and reset the appliance to its factory default settings, the breakout configuration is deleted, and the source interface is shown as Available.
Backup and restore
See Breakout port.
Import and export
You can only import breakout configurations to supported SFOS versions and appliances.