This document describes Network Interface Card (NIC) pairing and conditions that trigger a failover on a Cisco Email Security Appliance (ESA).
When NIC pairing is configured, what conditions will trigger a failover?
Note: NIC pairing is not a supported feature on virtual ESA. NIC pairing can be configured only on two physical data ports.
NIC pairing allows ESA users to use one NIC as a backup to the primary NIC. For more information about NIC pairing, see the chapter Network Interface Card Pairing/Teaming in the User Guide for AsyncOS, or the online help on your appliance from the GUI (Help and Support >Online Help).
When NIC pairing initializes, the ESA will broadcast a gratuitous ARP, which notifies the network that MAC address has been updated. If connectivity to the primary Ethernet interface is lost, the ESA will fail over to the backup Ethernet interface and an alert is sent automatically. Technically, NIC Pairing monitors the IFMEDIA signal on an interface. If that signal is lost for any reason, then the failover occurs.
Example of NIC Pairing Alerts
Cisco ESAs can be configured to send out alert notifications. When NIC pairing is used, it is common to receive an alert when the interfaces fail over. Two alerts are generated:
Port Data 1 failure, switching to Data 2 Recovered network using port Data 2
Some switches occasionally cause an ESA to fail over. If this happens frequently, and there is no issue with the physical connection or with the switch, it might make sense to verify the speed and duplex settings on both the ESA and the switch itself.