Enabling Multi-Instances

This feature is enabled from the Settings screen. To enable Multi-instances, we first reserve logical blades and front panel ports that are used for supporting spawned instances.

To Enable Multiple Instances

1. To select the number of logical blades, click and select up to two. Click Accept to save changes. This step requires the chassis to reboot for changes to take effect.
2. The next step is to reserve front panel ports for instances. These ports are the ones available for instance configuration.
3. To select ports, click on ports that are orange. Selected ports turn green. The legend on the right of the display provides details on the colors and the status of ports.
4. Click Accept to save changes. This step does not require a reboot. Front panel port reservations can be modified anytime after multiple instances are enabled.
5. Ports reserved for the instances are green, and ports available to instances, but not yet reserved, are orange. To reserve an orange port for instances, simply click on it to turn it green.

After Multi-Instances are enabled and logical blades are selected and ports are reserved, the reserved ports for Multi-Instances are exclusive, that is, not available for the rest of the sub-system.

Any time Multi-Instances is disabled and the chassis is rebooted, all the Multi-Instance port(s) are unreserved and are available to the rest of the system while all instances configured in the system are lost.

Selecting Ports for Instances

Currently, a maximum of two logical blades might be configured to support instances. With four logical blades in the system, two logical blades are used by the multi-bladed firewall while the other two can be used for instances. However, the configuration is flexible, we could have three logical blades running in multi-bladed firewall mode with one logical blade configured to launch instances.

Allocating CPUs

The previous screen shows the Multi-Instance-enabled settings in the DEVICE | Multi-Instances > Settings screen. In this case, four logical blades are available and one is allocated to instances, while three support multi-bladed firewall operation.

After Multi-Instance (MI) operation is enabled on the GUI and the configuration is saved, the firewall prompts for reboot before the settings can be applied.

Enabling Multi-Instance requires a chassis reboot, which can take up to 15 minutes.

After the reboot firewall confirmation button is clicked, the firewall comes up with one or two logical blades enabled for launching instances. In the left navigation column of the display, the Instances screen is enabled only when MI is enabled. In order to change the number of logical blades selected to launch MI instances, the firewall has to go through the reboot processes. This means the currently running instance-support blades is also rebooted.

In order to revert back, with all the logical blades to work as one big multi-bladed firewall, the MI-enabled settings are disabled and the firewall goes through the reboot process again.

To reserve front panel ports for virtual firewall instances

1. Identify available ports by looking for orange colored ports on the GUI.
2. Click on the port to turn it green.
3. Click Accept.

To allocate CPUs to instances

1. Navigate to DEVICE | Multi-Instance > Settings and locate the controls under Setup Multi-Instance.
2. Move the Enable switch to the right to turn on Multi-Instance capability.
3. Determine the number of CPUs available to support instances.
4. Click Accept and then reboot the system.