|
通用特性
性能
- 97.6 Gbps交换背板带宽
- 39.3 Mpps 包转发率
- 9216 Byte 超大帧
- 128个链路捆绑组, 每组多至8个端口
- 8 QoS 队列/端口
- 4094 VLANs (端中, 协议, IEEE 802.1Q)
- 每24个端口1,024个集中式ACL条目
转发表
- Layer 2/MAC 地址表: 8K
- IPv4 LPM Entries: 512
- IPv6 LPM Entries: 256
速率限制
- 入口带宽策略/数据流速率限制
- 出口带宽速率限制/每出口队列
- 速率限制粒度: 64Kbps
- 可用速率限制策略: 1,024/每交换机
状态指示灯
- 每端口状态LED
- 系统状态LEDs: 管理, 风 扇和电源
端口
- 48口10/100BASE-T 自动速率和极性
- 2口千兆以太网 (SFP mini-GBIC, 与2个10/100/1000BASE-T共享物理接口)
- 2 SummtStack 堆叠接口
- 1 个串行口 (控制口)
- 1 10/100BASE-T 带外管理口
物理特性
尺寸和重量
高度: 1.73 Inches/4.4 Cm
宽度: 17.35 Inches/44.1 Cm
深度: 15.28 Inches/38.8 Cm
重量: 12.06 lbs/5.48 Kg
EPS 尺寸和重量
EPS-T
高度: 1.75 Inches/4.4 Cm
宽度: 17.4 Inches/44 Cm
深度: 7.6 Inches/19.3 Cm
EPS-160
高度: 1.7 Inches/4.3 Cm
宽度: 7.4 Inches/18.8 Cm
深度: 7.9 Inches/20 Cm
运行参数
温度
- 运行温度范围: 0C to 40C(32F to 104F)
- 运行湿度: 10% to 93% 相对湿度, 非冷凝
- 运行撞击 (Half Sine): 30 m/s2 (3g),11ms, 60 Shocks
- 运行随机震动: 5-500 Hz @5g rms
贮存& 运输条件 (包装)
- 运输温度: -40C to 70C(- 40F to 158F)
- 贮存和运输湿度: 60% to95% 相对湿度, 非冷凝
- 包装撞击 (Half Sine): 180 m/s2 (18g),6ms, 600 shocks
- 包装正弦震动: 5-62 Hz @ Velocity5mm/s, 62-500 Hz @ 0.2 G
- 包装随机震动: 5-20 Hz @ 1.0ASD w/-3dB/oct. from 20-200 Hz
- 14 drops min on sides & corners @ 42<15kg box)
电源& 声学特性
- 输入电压范围: 90 -264V
- 通常输入范围: 100-240V~, 50/60Hz, 1.0A
- 输入电流: 0.6A @ 115V~ (lowline) 0.3A @230V~ (high-line)
- 最大浪涌电流: 30A @115V/60 Hz,最大负载
- 效率: 83% with 60% -100% load
- 供电频率: 47 - 63 Hz
- 电源插座: IEC 320 C14
- 电源线插头: IEC 320 C13
- 散热: 51W (174 BTU/h)
- 电源消耗: 51W (174 BTU/h)
- 声学噪音(低风扇转速): 37 dBA per ISO 7779
- 声学噪音 (高风扇转速): 47 dBA per ISO 7779
外置电源 - EPS-160
- 输入电压范围: 90 - 264V,Nominal Input Ratings: 100-240V~, 50-60Hz, 10A
- 供电频率: 47-63 Hz
- 最大输入电流: 4A at 115 VAC, 2A at230 VAC
- 最大浪涌电流: 30A at 115 VAC, 50Aat 230 VAC
- 输出: 12 VDC, 11A max, 5 VDC, 1.5A max
- 电源插座: IEC 320 C14
- 电源插头: IEC 320 C13
- 散热: 160 W (546 BTU/h)
- 电源消耗: 160 W (546 BTU/h)
标准与接口
交换
- RFC 3619 – 以太网自动保护切换 (EAPS) 和EAPSv2
- IEEE 802.1D – 1998生成树协议
- IEEE 802.1D – 2004生成树协议(STP/RSTP)
- IEEE 802.1w – 2001 STP/RSTP快速配置
- IEEE 802.1Q-2003 (formerly IEEE 802.1s)
- Multiple Instances of STP, MSTP
- PVST+, 每VLAN生成树 (802.1Q 兼容)
- ESRP
- IEEE 802.1Q – 1998 Virtual Bridged Local AreaNetworks
- IEEE 802.3ad 静态负载均衡配置和LACP 动态配置
- IEEE 802.1AB – LLDP 链路层发现协议
- LLDP Media Endpoint Discovery (LLDP-MED),ANSI/TIA-1057, draft 08
- Software Redundant Ports
VLANs, vMANs
- IEEE 802.1Q VLAN Tagging
- IEEE 802.1v: VLAN classification by Protocoland Port
- 基于端口的VLANs划分
- 基于协议的VLANs划分
- Multiple STP domains per VLAN
- IEEE 802.1ad Virtual MANs (vMANs)
QoS服务质量和策略
- IEEE 802.1D – 1998 (802.1p) 包优先级
- RFC 2474 DiffServ优先级, 每端口8 个队列
- RFC 2598 DiffServ Expedited Forwarding (EF)
- RFC 2597 DiffServ Assured Forwarding (AF)
- RFC 2475 DiffServ 核心/边缘路由器功能
IPv4
- RFC 1812- IP Version 4路由器需求
- RFC 1519 CIDR
- RFC 1256 IPv4 ICMP路由器发现 (IRDP)
- RFC 1122 Host Requirements
- RFC 768 UDP
- RFC 791 IP
- RFC 792 ICMP
- RFC 793 TCP
- RFC 826 ARP
- RFC 894 IP over Ethernet
- RFC 1027 Proxy ARP
- RFC 2068 HTTP server – Used for web-basedNetwork Login
- RFC 2338 VRRP
- Static Unicast Routes
- Static Multicast Routes
- RFC 1058 RIP v1
- RFC 2453 RIP v2
- RFC 2328 OSPF v2 (包含MD5认证)
- RFC 1587 OSPF NSSA Option
- RFC 1765 OSPF Database Overflow
- RFC 2370 OSPF Opaque LSA Option
- RFC 3623 OSPF Graceful Restart
- RFC 1112 IGMP v1
- RFC 2236 IGMP v2
- RFC 3376 IGMP v3
- IGMP v1/v2/v3 Snooping with ConfigurableRouter Registration Forwarding
- IGMP Filters
- Static IGMP Membership
- Multicast VLAN Registration
- RFC 2362 PIM-SM
- RFC 3569, draft-ietf-ssm-arch-06.txt PIM-SSM
- PIM Source Specific Multicast
IPv6
- RFC 2460, Internet Protocol, Version 6 (IPv6)Specification
- RFC 2461, IP V 6 邻居发现(IPv6)
- RFC 2462, IPv6 Stateless Address Autoconfiguration – Router Requirements
- RFC 2463, ICMPv6协议(ICMPv6)
- RFC 2464, 以太网IPv6 包传输
- RFC 2465, IPv6 MIB, General Group and TextualConventions
- RFC 2466, MIB for ICMPv6
- RFC 1981, Path MTU Discovery for IPv6, August1996 – Router requirements
- RFC 3513, IPv 6
- Addressing Architecture
- RFC 3587, Global Unicast Address Format
- RFC 2710, IPv6 Multicast Listener Discovery v1(MLDv1) Protocol
- RFC 3810, IPv6 Multicast Listener Discovery v2 (MLDv2) Protocol
- RFC 2080, RIPng
- RFC 2893, Configured Tunnels
- RFC 3056, 6to4
- Static Unicast routes for IPv6
- Telnet server over IPv6 transport
- SSH-2 server over IPv6 transport
- Ping over IPv6 transport
- Traceroute over IPv6 transport
管理和流量分析
- RFC 2030 SNTP, 简单网络时间协议v4
- RFC 854 Telnet client and server
- RFC 783 TFTP Protocol (revision 2)
- RFC 951, 1542 BootP
- RFC 2131 BOOTP/DHCP relay agent andDHCP server
- RFC 1591 DNS (client operation)
- RFC 1155 Structure of Mgmt Information (SMIv1)
- RFC 1157 SNMPv1
- RFC 1212, RFC 1213, RFC 1215 MIB-II,Ethernet-Like MIB & TRAPs
- RFC 1573 Evolution of Interface
- RFC 1650 Ethernet-Like MIB (update of RFC1213 for SNMPv2)
- RFC 1901 – 1908 SNMP v2c, SMIv2 and
- Revised MIB-II
- RFC 2570 – 2575 SNMPv3, user based security,encryption and authentication
- RFC 2576 Coexistence between SNMPVersion 1, Version 2 and Version 3
- RFC 1757 RMON 4 groups: Stats, History,Alarms and Events
- RFC 2021 RMON2 (probe configuration)
- RFC 2668 802.3 MAU MIB
- RFC 1643 Ethernet MIB
- RFC 1493 Bridge MIB
- RFC 1354 IPv4 Forwarding Table MIB
- RFC 2737 Entity MIB v2
- RFC 2233 Interface MIB
- RFC 1354 IP Forwarding Table MIB
- RFC 1724 RIPv2 MIB
- RFC 1850 OSPFv2 MIB
- draft-ietf-pim-mib-v2-o1.txt
- RFC 2787 VRRP MIB
- Draft-ietf-bridge-rstpmib-03.txt – Definitions ofManaged Objects for Bridges with RapidSpanning Tree Protocol
- Secure Shell (SSH-2) client and server
- Secure Copy (SCP-2) client and server
- Secure FTP (SFTP) server
- sFlow version 5
- Configuration logging
- Multiple Images, Multiple Configs
- BSD System Logging Protocol (SYSLOG), withMultiple Syslog Servers––999 Local Messages (criticals stored acrossreboots)
- Web-based device management interface
- Stacking
安全
- MD5 路由协议认证(同上)
- Secure Shell (SSH-2), Secure Copy (SCP-2) andSFTP client/server with encryption/authentication(requires export controlled encryptionmodule)
- SNMPv3 user based security, with encryption/authentication (see above)
- RFC 1492 TACACS+
- RFC 2138 RADIUS Authentication
- RFC 2139 RADIUS Accounting
- RFC 3579 RADIUS EAP support for 802.1x
- RADIUS Per-command Authentication
- Access Profiles on All Routing Protocols
- Access Policies for Telnet/SSH-2/SCP-2
- Network Login - 802.1x, web and MAC-basedmechanisms
- IEEE 802.1x – 2001 Port-Based NetworkAccess Control for Network Login
- Multiple supplicants with multiple VLANs forNetwork Login (all modes)
- Fallback to local authentication database (MAC and Web-based methods)
- Guest VLAN for 802.1x
- RFC 1866 HTML – Used for web-based Network Login
- SSL/TLS transport – used for for web-based Network Login, (requires export controlled encryption module)
- MAC Security – Lockdown and Limit
- IP Security – RFC 3046 DHCP Option 82 with port and VLAN ID
- IP Security – DHCP enforcement via Disable ARP Learning
- IP Security – Gratuitous ARP Protection
- IP Security – Trusted DHCP Server
- IP Security – DHCP Secured ARP / ARP validation
- Layer 2/3/4 Access Control Lists (ACLs)
- Denial of Service Protection:
- RFC 2267 Network Ingress Filtering
- RPF (Unicast Reverse Path Forwarding) Control via ACL
- Wire-speed ACLs
- Rate Limiting / Shaping by ACLs
- IP Broadcast Forwarding Control
- ICMP and IP-Option Response Control
- SYN attack protection
- CPU DoS Protection with traffic rate-limiting tomanagement CPU
- Robust against common Network Attacks:
–CERT (http://www.cert.org)
–CA-2003-04: “SQL Slammer”
–CA-2002-36: “SSHredder”
–CA-2002-03: SNMP vulnerabilities
–CA-98-13: tcp-denial-of-service
–CA-98.01: smurf
–CA-97.28:Teardrop_Land -Teardrop and“LAND“ attack
–CA-96.26: ping
–CA-96.21: tcp_syn_flooding
–CA-96.01: UDP_service_denial
–CA-95.01: IP_Spoofing_Attacks_and_
Hijacked_ Terminal_Connections
–IP Options Attack
–Teardrop, boink, opentear, jolt2, newtear,nestea, syndrop, smurf, fraggle, papasmurf,synk4, raped, winfreeze, ping –f, ping ofdeath, pepsi5, Latierra, Winnuke, Simping,Sping, Ascend, Stream, Land, Octopus
|
