Beruflich Dokumente
Kultur Dokumente
Version 2.3
Agenda
Agenda
Chapter 1
Introduction to the
Enterprise Switch Family
>Chapter Topics
Introduction to Secure Converged Networks
Explain the Positioning of the Enterprise Switches
Introduction to the Switch 5500 Family
Introduction to the Switch 7750 Family
Introduction to the Switch 8800 Family
Secure Network
IP connectivity
IP Services: data, voice, video,
music, gaming
security
Integrated security
Adaptive and dynamic protection
Automatic protection
Customizable and centrally managed
Converged Network
management
Customer Benefits
Business continuity
Improved productivity
Capital efficiency and cost reduction
Corporate control and visibility
Deployment Focus:
Convergence
Carrier-proven, scalable,
redundant solutions
Security
Industry leader in
hardware-based IPS
Total Flexibility
Comprehensive media flexibility;
Wired, wireless, PoE, voice
7
> The Enterprise Switch Family has been designed to integrate with
the Tipping Point IPS products to quarantine clients to prevent
undesirable traffic on the network
> Enable an administrator to take action when an infected machine
is found
3.
4.
5.
2
4
6.
7.
Safe
Zone
3
Core
6
TippingPoint IPS
10
What is XRN?
14
>High Availability
Reduce the risk of a single point of failure
Support link aggregation across units to ensure the highest
possible network availability
>High Performance
>Scaleable
Add units to the stack to increase port density
>Simple to Administer
All switches in the fabric behave as a single management
entity
15
192.168.1.254
Stack-Wide Management
Single entity for SNMP, WEB and CLI
Management
Display ALL configurations in one screen
with Device View
Reduces configuration time
Improved monitoring responsiveness
16
Student VLAN
Admin VLAN
17
Switch 5500-EI
4 Gbps Load
Balanced LAG
Switch 5500
19
Switch 5500G
Ultra high-speed
robust Infiniband
12X connectors
and cables
20
21
Powerware APS3
Powerware APS6
22
> Layer 1
IEEE802.3ae 10Gigabit Ethernet
> XENPAK, XFP
> Layer 2
Rapid Spanning Tree 802.1w
Multiple Spanning Tree 802.1s
Address Table Learning 802.1d
> User Definable Ageing period
4096 VLAN's
>
>
>
>
GVRP
Priority Queuing 802.1p
IGMP Snooping
802.3ad Link aggregation
> Layer 3
IPV4 Routing
Static Routing
RIP V1/2
OSPF
> on EI models only
Routing Policies
VRRP
PIM DM/SM
> Management
Terminal port
Telnet ( 4 sessions)
Industry-standard CLI
WEB Browser interface
FTP, TFTP Download
NTP
SNMPv1, v2c, v3
RMON (4 groups)
Xmodem
Security (Port/Access)
> Security
Hierarchical user management and
password protection
Packet authentication using cipher
text and MD5 for OSPF and RIPv2
ACL with L2/L3/L4 filtering
802.1X User Authentication
RADA MAC Authentication
Radius Authentication
SNMPv3
SSH V2
25
5500-SI
Master/Slave Stacking
5500-EI
XRN
5500G-EI
XRN
Yes
(from S/W ver 3/02.00)
8 per Fabric
Yes
Yes
8 per fabric
32 per Fabric
No
Yes
Yes
Yes
Yes
Yes
No
Yes
Yes
OSPF
2Gbps
256
64
2K
4 per stack
Up to 4 secondary IP
addresses per interface
64
1K entries
4 Networked Interfaces
No
2Gbps
4094
256
4K
32 per stack
Up to 4 secondary IP
addresses per interface
256
2K entries
8 Networked Interfaces
Areas: 2
Link State Database size: 6K
Imported routes: 2K
48Gbps
4094
1K
8K
64 per stack
Up to 9 secondary IP addresses
per interface
256
2K entries
64 Networked Interfaces
Areas: 8
Link State Database size: 12K
Imported routes: 4K
Multicast Routing
Time-based ACLs
No
No
Yes
Yes
No of Static Routes
RIP v1 / v2
26
Key Points
Switch 5500-SI 28-Port
Port Configurations:
24 x 10/100 Ports + 4 SFP
48 x 10/100 Ports + 4 SFP
Key Points
Switch 5500-EI 28-Port
Switch 5500-EI 52-Port
Switch 5500-EI 28-Port PWR
Switch 5500-EI 52-Port PWR
Switch 5500-EI 28-Port FX
Port Configurations:
24 x 10/100 Ports + 4 SFP
48 x 10/100 Ports + 4 SFP
24 x 10/100 PoE + 4 SFP
48 x 10/100 PoE + 4 SFP
24 100BASE FX SFP + 2
10/100/1000 + 2 SFP
Key Points
Switch 5500G-EI 24-Port
Switch 5500G-EI 48-Port
Port Configurations:
24 x 10/100/1000 Ports + 4 SFP
+ 1 Application Module Slot
(PoE Ready)
29
30
Switch 7758
Fabrics (2)
I/O Modules
Fans
Power Supplies
Switch 7750
Chassis and Fabric
Switch 7758
Face Plate
Slot 7
PSU
PSU
PSU
Switch 7757
Face Plate
Fabric
Slot 0
Fan
I/O Modules
Slot 6
PSU
Fan
I/O Modules
Slot 0
Fabrics
PSU
PSU
Switch 7704
Face Plate
Fabric
Slot 0
Fan
I/O Modules
Slot 3
PSU
PSU
33
Switch 7750
Architecture
I/O
I/O
I/O
Fabric
I/O
I/O
I/O
Switch 7758
8 Slot Redundant Switching Architecture
Second Fabric for Sub 1
Second Failover
Local Switching
Engine
16Gbps
Local Switching
Engine
16Gbps
Local Switching
Engine
16Gbps
Local Switching
Engine
16Gbps
Local Switching
Engine
16Gbps
Local Switching
Engine
16Gbps
Secondary
Switch
Fabric
Primary
Switch
Fabric
35
>Launched mid-2005
>Superseded the original 7700 Family, which was
launched in 2003
>Optional Power over Ethernet support
7758 Chassis
> High Density Wiring Closet or building aggregator
> Redundant Switch Fabric option
7757 Chassis
> High Density Wiring Closet or building aggregator
7754 Chassis
> Medium Density Wiring Closet or building aggregator
37
>For the 7-slot and 8-slot chassis two power supplies are required
Do not try to run with only 1 power supply
N+1 redundancy with the addition of a third power supply
A third power supply may NOT be installed into the slot marked NULL
> It is not electrically connected and does not operate
38
41
All the original Switch 7700 modules work in all Chassis with all
Fabrics
Original modules have been superseded by new modules
43
> Layer 1
IEEE802.3ae 10Gigabit Ethernet
> XENPAK
> Layer 2
Rapid Spanning Tree 802.1w
Multiple Spanning Tree 802.1s
4096 VLAN's
>
>
>
>
>
>
802.1Q Port
Protocol Based VLAN 802.1v
VLAN Q-in-Q
Guest VLAN
Voice VLAN
Auto VLAN
GVRP
Priority Queuing 802.1p
IGMP Snooping
802.3ad Link aggregation
> Layer 3
IPV4 Routing
Routing Policies
VRRP
Bandwidth Guarantee
PIM DM/SM
MSDP
GMRP
DHCP Relay and DHCP Server
With Advanced License:
> BGP-4
> IS-IS Routing
45
> Management
Terminal, Modem ports
Telnet ( 4 sessions)
Out of Band Management port
(10/100 Ethernet)
Industry-standard CLI
> Security
Hierarchical user management and
password protection
Packet authentication using cipher
text and MD5 for OSPF, RIPv2 and
BGP-4
ACLs with L2/L3/L4 Filtering
802.1X User Authentication
Radius Authentication
RADA MAC Authentication
Auto-ACL
SNMPv3
SSH V2
46
47
>High bandwidth
High density Gigabit and 10Gig
>High availability
>Extensive layer 2, layer 3
>IPv6-ready
>Future-proofed backplane
up to 1,440 Tbps
48
Switch 8800
Chassis and Fabric
Switch 8814
> Fully Redundant, all
Elements Hot Swappable
Fabric, I/O Modules,
Power & Fans
12 I/O Slots + 2 Fabric
8 I/O Slots + 2 Fabric
5 I/O Slots + 2 Fabric
Face Plate
Slot 0
Slot 0
I/O
Modules
Fans
Switch 8810
Fabrics
I/O
Modules
Slot 9
Slot 13
Switch 8807
Face Plate
Fabrics
Slot 0
Fan
I/O Modules
Slot 6
49
Power Supplies
>The 4 port 10G module has greater power consumption than any
Release 1 module
160W per module
>A SW8814 fully populated with 4 Port 10G modules draws 2100W
Two PSUs are required regardless of input voltage
Power redundancy is not possible even at 220V
51
2500W (x3)
48 Port 10/100/1000
3C17528 or 3C17532
IPv6
Module
IPv4
Module
IPv4
Module
MPLS
Module
Fabric
IPv4
Module
30 Gbps
Auxiliary 30 Gbps
MPLS
Module
Fabric
IPv4
Module
IPv6
Module
53
Backplane Architecture
Fabric 1
CPU
Crossbar
Fabric 2
SW
Crossbar
CPU
SW
Crossbar
Crossbar
6*3.125G
FA
Line card1
FA
FA
Line card2
FA
FA
Line card10
FA
FA
FA
FA
Line card12
Architecture
55
Fabric
Fabric
Interface
Module
Interface
Module
56
57
58
59
Fabric 2
SW
Crossbar
CPU
SW
Crossbar
FA
FA
FA
FA
FA
PP
PP
PP
PP
PP
Line card1
Line card2
Line card10
>If the current master fails, the slave becomes the master
Takes over responsibility for route calculation and distribution
Failover is rapid, as routing tables are already up to date
The new master was synchronised with the old one
>Hot-swap is supported
Either fabric may be removed or inserted with the switch running
62
Fabric 2
SW
Crossbar
CPU
SW
Crossbar
FA
FA
FA
FA
FA
PP
PP
PP
PP
PP
Line card1
Line card2
Line card10
Configuration of Load-Balancing
64
65
66
67
48-Port 10/100/1000
> 3C17528
Switch 8814
Switch 8810
Switch 8807
428 Mpps
286 Mpps
179 Mpps
Single Fabric
360 Gbps
240 Gbps
150 Gbps
Dual Fabrics
720 Gbps
480 Gbps
300 Gbps
12
48
32
20
12
24
16
10
576
384
240
576
384
240
288
192
120
288
192
120
288
192
120
Performance
Switching Capacity
Fabric Bandwidth
69
SSH v2 authentication
SNMP v3 (Simple Network Management Protocol version 3)
encryption
70
All traffic of the same class flows along the same path
> Different paths may be selected based on various requirements
Overview of MBGP
Overview of TACACS+
> Layer 1
IEEE802.3ae 10Gigabit Ethernet
> XENPAK, XFP
> Layer 2
Rapid Spanning Tree 802.1w
Multiple Spanning Tree 802.1s
4096 VLAN's
>
>
>
>
802.1Q Port
Protocol Based VLAN
Super VLAN
VLAN Q-in-Q
GVRP
75
> Layer 3
IPV4 Routing
GMRP
VRRP
Traffic shaping
Bandwidth Limiting
Bandwidth Guarantee
> Management
Terminal, Modem ports
Out of Band Management port
(10/100 Ethernet)
Telnet ( 4 sessions)
Industry-standard CLI
> Security
Hierarchical user management and
password protection
Packet authentication using cipher
text and MD5 for OSPF, RIPv2 and
BGP-4
ACL with L2/L3/L4 Filtering
802.1X User Authentication
Radius Authentication
With Advanced License:
> TACACS+
Xmodem
> SSH V2
Security (Port/Access)
77
End of Chapter