Expressway DMI Interface

From 12.7, expressway support dedicate Management Interface(DMI). s. Instead of sharing a routing interface with other traffic, management traffic is sent and received through LAN3 and no other traffic uses that port.The DMI is disabled by default.

Enabling DMI

  • Enabling the DMI function . This switches the LAN3 Port for management Traffic. Still you can use Lan1 and Lan 2 for management traffic.
  • For LAN 3 as management , , we need to configure the individual management services in Expressway for DMI on

Enable DMI

1. Go to System > Network Interfaces > IP and set Use Dedicated Management Interface to Yes.

2. In the LAN3 – DMI section:
a. Specify the IPv4 and/or IPv6 address of the LAN3 port.
b. For IPv4 also specify the subnet mask.
c. For IPv6 use a static, global address. It cannot be link-local or stateless SLAAC.
d. Optionally change the maximum Ethernet packet size that can be sent over the DMI by setting the
Maximum transmission unit (MTU) for the port. The default is 1500 bytes.
3. Restart the system. These changes require a restart to take effect.
The DMI is now activated on LAN3 as an interface for management traffic.

If you want the DMI to be the sole interface for management, go on to the next tasks

(Optional) Make DMI sole interface – server management traffic

Use this task to make management traffic use the DMI, where Expressway is the server.

CAUTION: Before you do this, make sure that the required services are accessible on LAN3, else they won’t have access after the change to DMI only. This is especially important for administration services, as the only way to recover them would be to turn off DMI using the console (serial/VMWare).

1. You can do this for administration services (web user interface, REST API, and command line interface) and/or for SNMP. Do either or both the following steps, depending on which services you want to configure for DMI only:
— Go to System > SNMP and in the Configuration section set Use Dedicated Management Interface only to Yes.
— Go to System > Administration settings and in the Services section set Use Dedicated Management

Interface only (for administration) to Yes.
2. You need to restart the system for the changes to take effect for the web user interface and the API, which
remain accessible from LAN1 / LAN2 until you restart. Changes take immediate effect for the command line
interface (SSH) and SNMP service, regardless of restar

