Table of contents
Topics on this page

Configure teamed NICs

Teamed NICs (also known as link aggregation) describes forming a network link on a computer by using multiple network interface cards (NICs) together. This is useful for increasing the total network bandwidth or providing link redundancy.

You can configure teamed NICs on Windows or Solaris so that they are compatible with the agent.


On Windows, when you team NICs, it creates a new virtual interface. This virtual interface adopts the MAC address of its first teamed physical interface.

By default, during installation or upgrade, the Windows Agent binds to all virtual and physical interfaces. This includes the virtual interface created by NIC teaming. However, the agent does not function properly if multiple interfaces have the same MAC address, which happens with NIC teaming on Windows

To avoid that, bind the agent only to the teamed virtual interface, as opposed to the physical interfaces.

Note that NIC teaming with the agent requires Windows 2003 requires SP 2 or later.

Do not add or remove network interfaces from a teamed NIC except immediately before running the installer. Otherwise network connectivity may fail or the computer may not be correctly detected by Workload Security. The agent's network driver is bound to network interfaces when you install or upgrade; the agent does not continuously monitor for changes after.


IPMP failover (active-standby) mode in Solaris allows two NICs to have the same hardware (MAC) address. Since the agent identifies network adapters by their MAC address, such duplication prevents the agent from functioning properly.

To avoid that, manually assign a unique MAC address to each network adapter.

For example, you could use ifconfig to view the current MAC addresses:

# ifconfig -a

hme0: flags=1000843<BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
 inet netmask 0
 ether 8:0:20:f7:c3:f

hme1: flags=1000842<BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 8
 inet netmask 0
 ether 8:0:20:f7:c3:f

The ether line displays the adapter's MAC address. If any interfaces have the same MAC addresses, and are connected to the same subnet, you must manually set new unique MAC addresses:

# ifconfig <interface> ether <new MAC address>

Although the chance of a MAC address conflict is extremely small, you should verify that there is not one by using the snoop command to search for the MAC address, then use the ping command to test connectivity to the subnet's broadcast address.

On Solaris, if multiple interfaces are on the same subnet, the operating system may route packets through any of the interfaces. Because of this, Workload Security firewall stateful configuration options and IPS rules should be applied to all interfaces equally.