If we performed the get interface without topology thus affect anything?

Make sure to do get interfaces WITHOUT topology. If you do WITH, it will reset your current settings.

Cheers,

Andy

Of note: removing the bond from the OS level requires removing the member interfaces from the bond. I would also do that step last. You really should not delete an interface which the firewall software still knows about. It can cause all kinds of weird traffic problems.

1. Remove interface from topology table in SmartConsole
2. Push policy
3. Disable interfaces at the OS level (e.g, shutdown the attached switch ports)
4. Test
5. If everything tests good, remove the bond's member interfaces, then delete the bond

Thats true, good point, it does require removing member interfaces, thank you for pointing that out. But, even TAC would suggest to remove it from OS level first, then topology...at least thats how they always did it in the past.

Andy

If someone in the TAC suggested that order to me, I would request the call be transferred to somebody else.

When adding an interface, you must add at the OS level first, then the application level.

When removing an interface, you should tell the application to stop using the interface before you tell the OS to stop providing the interface to be used. While in most circumstances you can do it in the other order (remove from OS first, remove from application second), that leaves the application trying to use something which doesn't exist. The best case situation for that is cluster failovers when a monitored interface goes down. It could easily result in flapping or a hard outage if combined with other interface problems or cluster monitoring problems.

It's like using a cable for cluster sync: technically supported, but a bad idea which will cause problems sooner or later.

Respectfully, I would disagree. I had done it the way TAC suggested many times before and never had a problem. If you think about it, all smart console would do is really get information based on whats configured on OS level, so to me, makes total sense to do it same way when adding OR removing the interface.

Andy

Think about it with VSX. If you remove the bond from the OS level first, then you try to remove it from your VSX object, provisioning will fail.

Im sure you know VSX way better than I do, so Im positive thats correct. As far as regular gateways, I always done it how TAC suggests and never had a problem.

Just my experience...

Andy

I have removed the bond interface and performed the fetch without topology. after activity i can seen that topology is undefined.

So we need to manually edit the same. I have took screenshot before activity.?

Yes, please send a screenshot indicating the settings.

Andy

i don't have individual setting i.e. what is anti-spoofing settings.

Sorry to say that is not bond interface, that is VLAN interface under that bond 2.

I have removed the vlan interface.

As long as interface is not part of OS, then topology should reflect that, for sure.

Andy