Redundancy Design | MPUs, SFUs, power supplies, and fan modules |
CSS2 | 1+N backup of MPUs in a cluster |
Up to 1.92 Tbit/s cluster bandwidth, 4 μs inter-chassis transmission latency |
Wireless Network Management | Native AC |
AP access control, AP region management, and AP profile management |
Radio profile management, uniform static configuration, and centralized dynamic management |
Basic WLAN services, QoS, security, and user management |
User Management | Unified user management |
802.1x, MAC, and Portal authentication |
Traffic- and time-based accounting |
User authorization based on user groups, domains, and time ranges |
iPCA Quality Awareness | Marking real service packets to obtain real-time count of dropped packets and packet loss ratio |
Counting number of dropped packets and packet loss ratio on devices and L2/L3 networks |
SVF2.0 Virtualization | Up to 4K clients (access switches and APs) virtualized into a single device |
Two layers of ASs allowed in an SVF system |
Third-party devices allowed between SVF parent and clients |
VxLAN | VxLAN |
Configured through NETCONF protocol |
VLAN | 4K VLANs |
Access, trunk, and hybrid interface types, auto-negotiation of LNP links |
Default VLAN |
VLAN switching |
QinQ and selective QinQ |
MAC address-based VLAN assignment |
ARP | 256K ARP entries |
MAC Address | 1M MAC address entries |
Dynamic MAC address learning and aging |
Static, dynamic, and blackhole MAC address entries |
Source MAC address filtering |
MAC address limiting based on ports and VLANs |
Ring Network Protection | Spanning Tree Protocol (STP) (IEEE 802.1d), RSTP (IEEE 802.1w), and MSTP (IEEE 802.1s) |
SEP |
Bridge Protocol Data Unit (BPDU), root protection, and loop protection |
BPDU tunnel |
G.8032 Ethernet Ring Protection Switching (ERPS) |
IP Routing | 3M IPv4 routing entries |
IPv4 dynamic routing protocols, such as RIP, OSPF, IS-IS, and BGP |
IPv6 routing protocols, such as RIPng, OSPFv3, IS-ISv6, and BGP4+ |
Multicast | 128,000 multicast routing entries |
IGMP v1/v2/v3 and IGMP v1/v2/v3 snooping |
PIM-DM, PIM-SM, and PIM-SSM |
Multicast Source Discovery Protocol (MSDP) and Multiprotocol Extensions for BGP (MBGP) |
Fast leave |
Multicast traffic control |
Multicast querier |
Multicast protocol packet suppression |
Multicast Call Admission Control (CAC) |
Multicast ACL |
MPLS | Basic MPLS functions |
MPLS Operations, Administration, and Maintenance (OAM) |
MPLS Traffic Engineering (TE) |
MPLS VPN/VLL/VPLS |
Reliability | Link Aggregation Control Protocol (LACP) and E-Trunk |
Virtual Router Redundancy Protocol (VRRP) and Bi-directional Forwarding Detection (BFD) for VRRP |
BFD for BGP/IS-IS/OSPF/static route |
Non-Stop Routing (NSR), Non-Stop Forwarding (NSF) and Graceful Restart (GR) for BGP/IS-IS/OSPF/LDP |
TE Fast ReRoute (FRR) and IP FRR |
Eth-OAM 802.3ah and 802.1ag (hardware-based) |
HSR |
ITU-Y.1731 |
Device Link Detection Protocol (DLDP) |
QoS | 256K ACLs |
Traffic classification based on Layer 2 headers, Layer 3 protocols, Layer 4 protocols, and 802.1p priority |
ACLs and actions such as Committed Access Rate (CAR), re-marking, and scheduling |
Queuing algorithms, such as SP, WRR, DRR, SP + WRR, and SP + DRR |
Congestion avoidance mechanisms, including (WRED) and tail drop |
H-QoS |
Traffic shaping |
Network Synchronization | Ethernet synchronization |
1588v2 |
Configuration and Maintenance | Terminal access services such as console port login, Telnet, and SSH |
Network management protocols, such as SNMP v1/v2/v3 |
File uploading and downloading through FTP and TFTP |
BootROM upgrade and remote in-service upgrade |
Hot patches |
User operation logs |
Security and Management | MAC address, Portal, 802.1x, and Dynamic Host Configuration Protocol (DHCP) snooping triggered authentication |
MACsec |
RADIUS and HWTACACS authentication for login users |
Command line authority control based on user levels, preventing unauthorized users from using command configurations |
Defense against DoS attacks, Transmission Control Protocol (TCP) SYN Flood attacks, User Datagram Protocol (UDP) Flood attacks, broadcast storms, and heavy traffic attacks |
Remote Network Monitoring (RMON) |
Security Protection* | Firewall |
Network Address Translation (NAT) |
IPSec, SSL VPN |
Intrusion Protection System (IPS) |
Load balancing Analog Digital Conversion (ADC) |
Interoperability | Interoperable with VBST (compatible with PVST/PVST+/RPVST) |
Interoperable with LNP (similar to DTP) |
Interoperable with VCMP (similar to VTP) |
Energy Saving | Energy Efficient Ethernet (802.3az) |
Operating Voltage | DC: –40V to –72V
AC: 90V to 290V |
