summit x350 l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Summit ® X350 PowerPoint Presentation
Download Presentation
Summit ® X350

Loading in 2 Seconds...

play fullscreen
1 / 37

Summit ® X350 - PowerPoint PPT Presentation


  • 381 Views
  • Uploaded on

Summit ® X350. Introducing Value Edge Switch Series from Extreme Networks ® Automate Edge Deployment. Agenda. Extreme Networks ® Summit ® switch portfolio overview Introducing Summit X350 series Optimized services for Enterprise wiring closet edge Comparison. 10/100 Edge. Summit X250e.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

Summit ® X350


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
summit x350

Summit® X350

Introducing Value Edge Switch Series from Extreme Networks®

Automate Edge Deployment

agenda
Agenda
  • Extreme Networks® Summit® switch portfolio overview
  • Introducing Summit X350 series
  • Optimized services for Enterprise wiring closet edge
  • Comparison
summit blackdiamond 8800

10/100 Edge

Summit X250e

Fiber

PoE

Summit X350

Summit X150

PoE

Summit & BlackDiamond 8800

Core &

Data Center

c-series

BlackDiamond® 8800 a-series

Aggregation

SummitStack

Gigabit Aggregation

Fiber

Summit® X450a

NEBS-1

DC

Fiber

DC

AdvancedEdge

Gigabit Edge

Summit X450e

TAA

BlackDiamond 8800 e-series

DC

PoE

TAA

PoE

ValueEdge

ExtremeXOS™

summit product portfolio
Summit® Product Portfolio

Gigabit Ethernet

Summit X450a series

Advanced Aggregation

Fast Ethernet

Summit X450e series

Summit X250e series

Advanced Edge/Access

Summit X350 Series

Summit X150 Series

Value Edge/Access

extreme networks comprehensive fixed configuration switch series

Summit X150/Summit X350NEW / Value Edge

  • Ideal for cost effective edge connectivity for static environment
  • ExtremeXOS™ scripting for ease of rapid deployment and management
  • ExtremeXOS modular operating system from backbone core down to value edge

Summit X450e/Summit X250e / Advanced Edge

  • Ideal for the intelligent edge where multiple differing devices are connected
  • Universal Port to support dynamic changes
  • SummitStack 40Gbs stacking support

Summit® X450a / Advanced Aggregation

  • Ideal for Network Aggregation and Server Aggregation
  • Highly scalable H/W resources to meet requirements
  • SummitStack™ 40Gps stacking support
Extreme Networks® Comprehensive Fixed Configuration Switch Series
simple differentiation between product series
Simple Differentiation Between Product Series

Core

Summit® X450a

Higher scale H/W (LPM, MAC, Buffer)

EAPS-Full, PIM-SM/DM Full, OSPFv2/v3

IS-IS, BGP4, MBGP, BGP4+

Core

License upgrade

Adv Edge

OSPFv2 Edge, PIM-SM Edge

VRRP, ESRP

Adv Edge

License upgrade

L3-Edge

Summit X250e/Summit X450e

Layer-3 unicast and multicast routing for IPv4 and IPv6

RIPv1/v2, RIPng, 6-to-4 and IPv6-in-IPv4, UDP forwarding

SummitStack, Universal Port, Disable ARP, DHCP Option-82

L3-Edge

L2-Edge

Summit X150/Summit X350<All Layer 2-based feature sets>

L2 switching with L2-L4 packet classification and 8 hardware queues for QoS with CIR/PR settings per queue

802.1D/w/s STP, EAPS Edge, VLAN (port, protocol, tag), 802.1ad, ACLs with Policy-based Switching

sFlow, many-to-one, one-to-many mirroring, monitoring, Scripting, XML, SNMP, etc.

L2-Edge

Consistent from Core to Edge with ExtremeXOS™ operating system and hardware behavior

what is summit x350
Value Edge Switch

Summit X350 switch is ideal for the Enterprise edge where there is sparse user population and a less dynamic environment

Entry level, stand-alone Gigabit Ethernet edge/access switch

Provides Ease of Deployment/Management

Summit X350 offers industry leading manageability by offering

End-to-End ExtremeXOS™

Scripting for automated deployment

ExtremeXOS™ ScreenPlay™ feature rich web-based management

Feature Richness

Summit X350 is an affordable yet highly intelligent L2 switch

8 hardware queues per port

ASIC to support both IPv4/v6 traffic for packet classification (ACL)

sFlow traffic sampling in hardware

What is Summit® X350?
advanced edge and value edge switches
Product:

Summit® X250e (10/100)

Summit X450e (Gigabit)

Ideal application:

The enterprise edge where multiple types of devices to be connected

Density from 10-200 devices

The network enabled devices to move around the ports

Automate network deployment and operation

Scripting and Universal Port

Product:

Summit X150 (10/100)

Summit X350 (Gigabit)

Ideal application:

The enterprise edge to provide basic connectivity

Density from 10-48 per switch

The network deployment is more static, pre-provisioned

Automate network deployment

Scripting

Advanced Edge and Value Edge Switches

Advanced Edge Switches

Value Edge Switches

summit x350 series switches
Summit® X350 Series Switches

24-port 10/100/1000BASE-T auto negotiation, auto polarity ports

4 shared 10/100/1000BASE-T or 100/1000BASEX SFP uplink ports

Slot for XGM2 dual 10 gigabit option module

External PSU support (EPS-500)

Summit X350-24t

48-port 10/100/1000BASE-T auto negotiation, auto polarity ports

4 shared 10/100/1000BASE-T or 100/1000BASEX SFP uplink ports

Slot for XGM2 dual 10 gigabit option module

External PSU support (EPS-500)

Summit X350-48t

summit x350 hardware
Summit X350 Hardware

High performance CPU and subsystem

  • MIPS 64-bit processor 400MHz
  • 256MB ECC DRAM and 256MB Compact Flash

4-port 10/100/1000BASE-T, SFP combo ports

20-port or 44-port 10/100/1000BASE-T ports

External PSU connector

Out of band mgmt port

Internal AC PSU

XGM2 Slot for dual 10GbE

Picture shown here is Summit X350-48t

supported accessories
Supported Accessories
  • Optical Transceivers
    • Gigabit SFP ports on Summit® X350 support 1000M SFPs
    • XGM2 dual 10 gigabit option module
      • XGM2-2xf (XFP)
      • XGM2-2xn (Xenpak)
  • 1000M (1G) Ethernet SFPs
    • 1000BASE-SX
    • 1000BASE-LX
    • 1000BASE-ZX
    • 1000BASE-LX100
    • 1000BASE-BX-U/D
  • 10 Gigabit Ethernet Pluggable Optics
    • SR XENPAK
    • LR XENPAK
    • ER XENPAK
    • ZR XENPAK
    • LX4 XENPAK
    • SX XFP
    • LR XFP
    • ER XFP
external power supply
External Power Supply
  • Summit® X350 supports External Power Supply for high availability, providing full redundancy even under power anomaly
  • EPS-500
    • Provides full redundancy
    • Stand-alone
    • One EPS-500 supports one Summit X350
summit x35014

Summit® X350

Application and Features

overview
Overview
  • The value edge switch, Summit® X350
    • Single OS across the network
    • Ease of Management via ExtremeXOS™ intelligence
    • High availability for mission critical applications
    • Highly Secure Infrastructure at the edge
    • Advanced ASIC capability for Layer-2 switching and high-speed control plane
single os across the network
Single OS Across the Network
  • ExtremeXOS™ modular operating system
    • Familiar consistent user experience
    • Same feature behavior across multiple products
    • Shared binary image across all fixed configuration switches
  • Total Cost of Ownership
    • No new training or operational change
    • Synchronized software release
    • Easier upgrade planning
  • Overcome the cost challenge
    • Summit™ X350 allows offering single-OS network at an affordable initial cost and significantly save operational burden

Data Center

Core

ExtremeXOS End-to-End

Aggregation

Edge

The Enterprise Network

ease of management
Ease of Management
  • ExtremeXOS™ provides tools for ease of management
  • Complete sets of basic management capabilities
    • Console, Out-of-Band, In-band network management
    • Telnet, SSH, SNMP v1, v2c, v3, Syslog
  • Advanced management feature sets
    • EPICenter® integration
    • Web-based device management via XML and Adobe/Macromedia Flash technology
    • ExtremeXOS CLI scripting
      • Helps rapid deployment of edge network switches
      • CLI scripting template can be used as a base-line configuration
      • One command execution either through CLI or EPICenter
extremexos scripting extensibility for the user combine multiple commands to automate complex tasks
ExtremeXOS ScriptingExtensibility for the User Combine multiple commands to automate complex tasks

Set var yneaps yes

Set var eapsprimary 23

Set var eapsctrltag 4000

Set var eapssecondary 24

##################################

# Start of EAPS Configuration block

##################################

if (!$match($yneaps,yes)) then

create log entry Config_EAPs

config eaps config-warnings off

create eaps $eapsdomain

config eaps $eapsdomain mode transit

config eaps $eapsdomain primary port $eapsprimary

config eaps $eapsdomain secondary port $eapssecondary

create vlan $eapsctrl

config $eapsctrl tag $eapsctrltag

config $eapsctrl qosprofile qp8

config $eapsctrl add port $eapsprimary tagged

config $eapsctrl add port $eapssecondary tagged

config eaps $eapsdomain add control vlan $eapsctrl

enable eaps

enable eaps $eapsdomain

else

create log entry EAPs_Not_Configured

endif

  • Write once – use many times across switches and ports
  • Reduces risk of configuration errors and typos
    • IF <condition> THEN <statements> ELSE <statements> ENDIF
    • Loop while condition is TRUE
    • WHILE <condition> DO <statements> ENDWHILE
    • System and user defined variables
    • Operators
    • Error handling: control abort / ignore
  • Specifically time saving for rapid deployment at the edge
  • Examples available from Extreme
    • Switch Initialization, EAPS, …
  • Professional Services available
summit x350 security
Summit™ X350 Security
  • Comprehensive security feature-sets for highly secure network
    • Network Access Control
      • 802.1x, Web and MAC based authentication
    • Protocol Anomaly Detection
    • Denial of Service Protection
    • Powerful Access Control List capability
      • With L2-L4 classification
    • MAC Security
    • IP Security
    • Flexible mirroring
      • One to Many, Flow Based, VLAN Based, ACL Based, Port Based
summit x350 security20
Summit® X350 Security
  • Network Access Control
    • User authentication through 802.1x, HTTP/HTTPS and MAC
      • Network Login (WEB/MAC) via RADIUS and Local DB
      • Customizable WEB login
    • Multiple supplicant (devices) per physical port with Dynamic VLAN assignment
      • Each supplicant to be authenticated individually
      • Even users sharing the same physical port can have different VLAN
    • Microsoft NAP compatible
protocol anomaly detection summit x350 has built in hardware based protocol checker
Protocol Anomaly DetectionSummit® X350 has “Built-in” Hardware-Based Protocol Checker
  • Allow users to drop the packets based upon the following matching:
    • SIP = DIP for IPv4/IPv6 packets.
    • TCP_SYN Flag = 0 for Ipv4/Ipv6 packets
    • TCP Packets with control flags = 0 and sequence number = 0 for Ipv4/Ipv6 packets
    • TCP Packets with FIN, URG & PSH bits set & seq. number = 0 for Ipv4/Ipv6 packets
    • TCP Packets with SYN & FIN bits are set for Ipv4/Ipv6 packets
    • TCP Source Port number = TCP Destination Port number for Ipv4/Ipv6 packets
    • First TCP fragment does not have the full TCP header (less than 20bytes) for Ipv4/Ipv6 packets
    • TCP header has fragment offset value as 1 for Ipv4/Ipv6 packets
    • UDP Source Port number = UDP Destination Port number for Ipv4/Ipv6 packets
    • ICMP ping packets payload is larger than programmed value of ICMP max size for Ipv4/Ipv6 packets
    • Fragmented ICMP packets for Ipv4/Ipv6 packets

Denial of Service Attacks

Ping of Death

Tear Drop attacks

....................

powerful access control list
Powerful Access Control List
  • Summit® X350 can lookup fields in L2-L4 header with remapping and re-writing capability
    • Source/Destination MAC, 802.1p, VLAN-id, Double-tagged VLAN-id, Ethertype
    • Source/Destination IP address for IPv4 and IPv6, protocol
    • TCP/UDP port, port-range, syn/syn-ack,
    • Etc, etc, etc
  • ACL can be used to filter (drop), meter (measure and police), map (QoS priority), re-map CoS value (dot1p, diffserv), flow-redirect (ignore FDB)
  • Typical Layer 2 isn’t capable of classifying the packets with multiple field
    • Doesn’t even have ACL for filter, MAC filtering only, dot1p for CoS setting only, etc.

Summit X350

L1

L2

L3

L4

DATA

Typical L2 Switch

ip security
IP Security
  • Source IP Lockdown
    • Prevent many different types of attacks that use random source addresses for their traffic
    • Place “source IP address” filters on all ports automatically, i.e. allow only traffic sourced from a valid DHCP-assigned address or authenticated user’s IP static address to enter the network.
  • Trusted DHCP server
    • Allow to configure a set of ports to be valid for DHCP Server responses
  • DHCP Option 82 (Planned for future release)
  • The following IP security requires Layer-3 routing, no support on Summit® X350
    • Disable ARP learning, Gratuitous ARP Protection, DHCP secured ARP
high availability
High Availability
  • The Operating System
    • Modularity provides higher availability than non-modular OS
    • Each modularized processes runs in a protected memory
    • Each processes can be stopped or restarted manually and automatically
    • Denial of Service attach protection with dynamic ACL
  • The Network
    • Summit® X350 provides feature sets to provide high availability at network level
      • Ethernet Automatic Protection Switching (EAPS)
      • Standard based 802.1d/w/s and Extreme Proprietary EMISTP
      • EARP-Aware for rapid failover of uplink ports connecting to ESRP master/slave
  • The Hardware
    • Partitioned storage for software and configuration and dual or more copies can be stored on 256MB flash
    • Redundant PSU for power anomaly both for internal PSU failure and power source failure
advanced l2 asic and cpu system built in
Advanced L2 ASIC and CPU System Built In
  • ASIC Performance and Intelligence
    • Packet forwarding at wire rate with very low latency, 6 micro seconds at 100% traffic
    • Complete L2 through L4 packet classification/access control list including IPv4/IPv6 header matching
    • 8 queues per port with strict priority, weighted fair queuing with per queue level bandwidth provisioning
    • Hardware based source MAC learning to prevent MAC thrashing being impacting CPU control plane
    • L2 policy based switching/flow redirection to route the L2 forwarding path to fine granular path control
    • sFlow packet sampling in hardware
  • High Power CPU
    • 64-bit MIPS compatible processor running at 400Mhz
    • 256MB DDR-DRAM for the complex running configuration and table management
    • 256MB Storage space to store dual image and multiple configuration, script files, etc
summit x350 24t block diagram 24 port
Summit X350-24t block diagram (24-port)

DDR-SDRAM256MB

Compact Flash256MB

Boot Flash4MB

RS-232C Console Port

Out-of-Band Management Port

XGM2 Slot

40Gbps Stacking Interfaces

MMI

CPU64-bit 400MHz

PCI

Switching ASIC

SGMII

SGMII

SGMII

4-port PHY

4-port PHY

4-port PHY

24-port 10/100/1000BASE-T (includes 4x1G combo ports)

SFP

summit x350 48t block diagram 48 port
Summit X350-48t block diagram (48-port)

DDR-SDRAM256MB

Compact Flash256MB

Boot Flash4MB

RS-232C Console Port

Out-of-Band Management Port

XGM2 Slot

40Gbps Stacking Interfaces

MMI

CPU64-bit 400MHz

PCI

Switching ASIC

Switching ASIC

12Gbps x 2

SGMII

SGMII

SGMII

SGMII

SGMII

SGMII

4-port PHY

4-port PHY

4-port PHY

4-port PHY

4-port PHY

4-port PHY

SFP

48 (2x24) -port 10/100/1000BASE-T (includes 4x1G combo ports)

quality of service bandwidth control
Quality of Service, Bandwidth Control
  • Ingress Metering/Rate-limiting = number of ACLs
    • Action can be drop precedence, drop packets
  • 8 egress queues (2 default) with port limiter (2-tier hierarchical)
  • Both at 64kbps granularity

Egress queues

Egress port limiter

Summit X350

Scheduler

Ingress Port

Egress Port

Priority andMin/Max Bandwidth Configuration

Strict PriorityorWRR

Ingress Meter and Rate Limiting

ACL

acl slice architecture
ACL Slice Architecture

8 slices total

Each slice has 128 rules max (1,024 ACLs total)

Each slice to have packet filed to be lookup

  • Refer to the ExtremeXOS™ concept guide for ACL implementation details
layer 2 policy based flow redirection
Layer 2 Policy Based Flow Redirection
  • This feature allows matching packets to override the normal forwarding decision and be Layer 2 switched to the specified physical port.

entry one {

if {

protocol tcp;

source-port 81;

destination-port 200 ;

} then {

count num_pkts_redirected;

redirect-port 25;

}

}

#25

#26

If traffic matches the ACL, the packet will be forwarded to port #25 regardless of switch’s FDB