Layer 3 Switching Overview Agenda » » » » » » » Positioning L3 devices What is under the hood? AlliedWare Plus™ SwitchBlade x908 Layer 3 Modular Switch x900 Series - Advanced gigabit LAYER 3+ expandable SWITCHES x600 - Intelligent gigabit LAYER 3+ SWITCHES x610 Series - Layer 3+ Network Switches Allied Telesis Easy Resiliency Layer 3 Switches&Routers Positioning Top of Rack x600 9924 AR Series End of Row x900-24 X610 SBx908 x900-24 SBx908 L3 chassis x600 X610 x900-24 8000S/GS 9000 8600 Size / Capacity x900-48 L3 chassis L3 chassis X600/610 What is under the hood? AlliedWare Plus™ » AlliedWare Plus™ Operating System Fully Featured Layer 3 OS » AlliedWare Plus™ is the next generation operating system from Allied Telesis. In keeping with the increasing complexity of our feature-rich software, AlliedWare Plus™ employs a new modular approach to software creation and distribution. It represents a quantum shift in our software development methodology, providing even more features and greater robustness from the operating system. AlliedWare Plus™ Architecture Conceptual view of the operating system architecture AlliedWare Plus™ 5.4.2 - What’s under the hood? » AlliedWare Plus™ is an integration of primarily "third party software" based on the Linux operating system (http://www.linux.org/), In total, Allied Telesis engineers have written about 5% of the total code in the system, with 95% derived from third party software vendors. This saves us from writing and testing modules that are available elsewhere. Instead, Allied Telesis engineers add value by integrating the various software modules and by adding features that are not publicly available, to gain advantage over our competitors. Key Features •Industry Standard CLI •VCStack™ •IPv6 Wirespeed Forwarding •Policy-Based Quality of Service (QoS) •Network Access Control (NAC) •Ethernet Protection Switching Ring (EPSRing™) •sFlow •Dynamic VLAN Assignment •Voice VLAN 5.4.2. - What’s New? » EPSR Super Loop Protection » Optical DDM » PIM Source - Specific Multicast » TACACS+ Accounting » Up to 64 VRF-Lite domains » IPv6 Features » MEF Certification AlliedWare Plus Software License IPV6 management, static routes, unicast forwarding, RIPng, MLD snooping Advantage OSPF, PIM-SM, PIM-DM, BGP4, VLAN double tagging (QinQ) Basic Resiliency (STP, RSTP, MSTP, EPSR,VRRP, LACP, VCS) Security (tri-authentication,SSH, radius, intrusion detection, private VLAN) Convergence (Policy QoS, WRR, LLDP, WRED, IGMP, MLD snooping) Management (CLI, RMON, HTTP, SNMPv3, DHCP, LLDP) Feature and Scalability AlliedWare Plus default license IPV6 pack SwitchBlade x908 » Layer 3 Modular Switch – 8 High Speed Expansion Bays • Highly flexible • Hot Swappable – Dual Hot Swap Power Supplies • High Availability – VCStack • provides excellent resiliency by allowing you to create a single "virtual chassis" from two physical devices. – Wirespeed Routing • High Performance, non blocking • 640Gbps Switching Fabric • 357 Mpps forwarding rate – Compact Size • Only 3RU tall SwitchBlade x908 » Scalable Our high speed XEMs provide both copper and fiber connectivity, delivering the ultimate in flexibility. XEMoptions are: – – – – – – AT-XEM-1XP - 1 x 10GbE (XFP) port AT-XEM-2XP - 2 x 10GbE (XFP) ports AT-XEM-2XS - 2 x 10GbE (SFP+) ports AT-XEM-2XT - 2 x 10GbE (RJ-45) ports AT-XEM-12S - 12 x 100/1000X SFP ports AT-XEM-12T - 12 x 10/100/1000T (RJ-45) ports MEF Certified The SwitchBlade x908 has been certified by the Metro Ethernet Forum (MEF) Certification program, which tests products for conformance to the strict requirements of Carrier Ethernet. Specifically, the SwitchBlade x908 is certified for compliance to MEF 9 and MEF 14 Ethernet Services tests SwitchBlade x908 | Advanced Layer 3+ Modular Switch Key Solution - VCStack - Resiliency and Stability The diagram shows link aggregation between the core VCStack and the edge switches. With link aggregation across ports on different virtual chassis members, there is no perceptible disruption in the case of a link failure, and the full bandwidth of the network remains available. Fast failover ensures absolutely minimal Network downtime in the event of a problem. SwitchBlade x908 | Advanced Layer 3+ Modular Switch Key Solution - EPSR - Resiliency and Fault Tolerance EPSR with the SwitchBlade x908 provides a high-performing, resilient network for your enterprise core. EPSR enables rings to recover within as little as 50ms, preventing a node or link failure from affecting customer experience. The diagram shows a corporate network based on a central EPSR ring. The inclusion of Allied Telesis Virtual Chassis Stacking (VCStack) technology at the core of the network adds a further layer of resiliency, increasing the availability of critical resources. SwitchBlade x908: Increased core capabilities » Up to 4 times capacity in terms of » AT-XEM-12Tv2 – Forward DB – L3 Host Entries – LAG Groups » AT-XEM-12Sv2 Available Q2 2012 SwitchBlade x908: Increased core capabilities » Up to 4 times capacity in terms of » AT-XEM-24T – Forward DB – L3 Host Entries – LAG Groups Available Q4 2012 » Double Port Density x900 Series | Layer 3+ Network Switches Advanced gigabit LAYER 3+ expandable SWITCHES The x900 Series of Layer 3+ switches have high-speed 60Gbps expansion bays which provide a high level of port flexibility and application versatility, unmatched by any other 1RU Gigabit Ethernet switch on the market. x900 Series | Layer 3+ Network Switches Advanced gigabit LAYER 3+ expandable SWITCHES The x900 Series has been certified by the Metro Ethernet Forum (MEF) Certification program, which tests products for conformance to the strict requirements of Carrier Ethernet. Specifically, the x900 Series is certified for compliance to MEF 9 and MEF 14 Ethernet Services tests. x900 Series | Layer 3+ Network Switches - QoS Guarantee delivery of business-critical data » » Prioritize traffic by type: voice, video, data or by class: management, engineering, support Full classification and prioritization at wire-speed » No impact on network performance Easy set-up and management » Roll out the same QoS policy from the edge to the core Powerful: Best-in-Class Quality of Service x600 Series | Intelligent Gigabit Layer 3+ Switches Intelligent gigabit LAYER 3+ SWITCHES The choice of 24 port and 48 port versions, coupled with the ability to stack up to 4 units, means this one switch family can connect anything from a small workgroup right up to a large business. x600 Series | Intelligent Gigabit Layer 3+ Switches The choice of 1 Gigabit or 10 Gigabit uplink ports lets you tailor the uplink bandwidth to suit your network application. Hot-swappable XFPs provide high-speed, high-capacity fiber uplinks, with up to 40Gbps uplink capacity from each switch to the network core - so a 4-unit stack can have a massive 160Gbps of uplink bandwidth which is independent from stacking bandwidth. x600 Series | Key Features Network in a Box simplifies administration by integrating several network services into the x600 switch: »Radius Server checks the identity of users to keep the network safe. »Storm Control ensures a robust network by managing the amount of traffic allowed on the network, and dealing with any unexpected surges. »DHCP server automates the distribution of network addresses to PCs. »A centralized Timekeeper ensures your network is always working in full synchronicity. »Loop Protection guards against accidental wiring mistakes. x600 Series | Key Features VCStack - Create a VCStack with up to four units. Ethernet Protection Switching Rings (EPSR) - EPSR and 10 Gigabit Ethernet allow several x600 Series to form a highspeed protected ring capable of recovery within as little as 50ms. •Terminal Access Controller Access–Control System Plus (TACACS+) •Link Layer Discovery Protocol – Media Endpoint Discovery (LLDP – MED) •Industry-leading Quality of Service (QoS) •Network Access Control (NAC) •sFlow •Power over Ethernet Plus (PoE+) •Voice VLAN •Optical Digital Diagnostics Monitoring(DDM) x600 Series | Network Access Control (NAC) NAC automates network security policy management, allowing you to easily control network access and manage network security. NAC uses 802.1x port-based authentication in partnership with standards-compliant dynamic VLAN assignment, to assess a user’s adherence to network security policies, and then either grant authentication or offer remediation. Allied Telesis is also a partner with Microsoft, supporting Microsoft Network Access Protection (NAP) technology. This ‘Tri-Authentication’, shown in Diagram provides a way for the network to successfully manage authentication of all devices. AT-x610 series New NewProduct ProductLaunch Launch x610 Series | Layer 3+ Network Switches The Allied Telesis x610 Series is a high performing and scalable solution for today’s networks, providing an extensive range of port-density and uplink-connectivity options. With a choice of 24-port and 48-port versions and optional 10 Gigabit uplinks, plus the ability to stack up to eight units, the x610 Series can connect anything from a small workgroup to a large business. The x610 Series has fully non-blocking switching on all ports, so IPv4 and IPv6 Layer 2 switching and Layer 3 routing occur at wire speed with low latency. x610 Series | Key Features VCStack »Create a VCStack of up to eight units with 48Gbps of stacking bandwidth to each unit. Mixed Stacking » The x610 Series is compatible with the x600 Series in a mixed VCStack of up to four units. Long-distance Stacking » Long-distance stacking allows a VCStack to be created over longer distances, perfect for a distributed network environment. Ethernet Protection Switching Rings (EPSRing) SuperLoop Protection enables a link between two EPSR nodes to be in separate EPSR domains, improving redundancy and network fault resiliency. Power over Ethernet Plus (PoE+) PoE+ provides the capability to connect devices requiring more power (up to 30 Watts)—for example, tilt and zoom security cameras. Virtual Routing and Forwarding (VRF Lite) allows multiple customers to share a common infrastructure, while maintaining their own independent virtual routing domains. x610 Models 10/100/1000 Ports 10/1000 SFP 1000 SFP Combo SFP+ 10G Ports AT-x610-24Ts 24 4 AT-x610-24Ts-PoE+ 24 4 AT-x610-24Ts/X 24 4 2 AT-x610-24Ts/X-PoE+ 24 4 2 AT-x610-24SPs/X 4 Combo AT-x610-48Ts 48 4 AT-x610-48Ts-PoE+ 48 4 AT-x610-48Ts/X 48 2 2 AT-x610-48Ts/X-PoE+ 48 2 2 24 port SFP unit has 4 10/100/1000 ports 24 Copper Switches all have 4 SFP 2 Except on the 48/X, where there is not enough room These models have two 10G ports as standard x610 offers 10Gbps interfaces - How fast is 10Gbps? » Loading 10,000 average size web pages in 1 second = 10Gbps! » » » » A web page size from 20Kbytes to 500KB (bigger than that it would take too long to load) Assume an average of 100Kbytes = 1Mbit 1000 web pages = 1Gbit 10,000 web pages = 10Gbits » Watching 6,666 BBC iPlayer HD streams = 10Gbps » » » BBC iPlayer HD stream H.264 720 x 404 pixel – 1.5Mbps 1,000 HD streams – 1.5Gbps 6,666 HD streams = 10Gbps » Back up 1 TerraByte of Storage Area Network in 16 minutes » » » 1TByte = 1000GByte = 10,000Gbit Time to pass 10,000Gbit @ 10Gbps = 1000 seconds 1000 seconds = 16 minutes Improved 10Gbps Ports Old XFP New SFP+ Benefits of SFP+ • • • • • • SFP+ takes up less space on front panel (fit on more interfaces) An SFP may be fitted in SFP+ slots allowing for flexible interim solutions Consumes less power (XFP <1.37 Watt vs SFP+ <1 Watt) XFP & SFP+ currently the same price, (but XFP £?↑, SFP+ £?↓) SFP+’s can communicate with XFP’s (850nm > 850nm / 1310nm >1310nm) both LC SFP+ allows low cost copper 10G connection SFP+ allows Low cost copper 10G interconnections. Part Number Description Power Consumption List US$ AT-SP10TW1 1m SFP+ to SFP+ cable 0.1W per end $240 AT-SP10TW3 3m SFP+ to SFP+ cable 0.1W per end $358 AT-SP10TW7 7m SFP+ to SFP+ cable 0.5W per end $494 Approximately 1/10th the price of solution using optics: Part Number Description Power Consumption Each US$ List Qty Total List US$ AT-SP10SR 850nm 10G SFP+ 300mtrs 1W per end $1200 2 $2400 $40 1 $40 Fibre Patch cord Total Notes: Cable can not be removed from SFP+ Sometimes referred to as “Twinax” (similar to older technology with twin co-ax $2440 ) New Dual SFP+ Module – AT-x6EM-XS2 May be used to provide 2 additional 10G for standalone switches giving up to 4 x 10G (Also use for remote stacking) Available number of SFP+ ports 10/100/1000 Ports 10/1000 SFP 1000 SFP Combo SFP+ 10G Ports AT-x610-24Ts 24 4 2* AT-x610-24Ts-PoE+ 24 4 2 AT-x610-24Ts/X 24 4 2 4* AT-x610-24Ts/X-PoE+ 24 4 2 4* AT-x610-24SPs/X 4 Combo 2 4* AT-x610-48Ts 48 4 2* AT-x610-24Ts-PoE+ 48 4 2* AT-x610-48Ts/X 48 2 2 4* AT-x610-48Ts/X-PoE+ 48 2 2 4* 24 * With AT-x6EM/2XS module in stand alone switch Improved Virtual Chassis Stacking New - x610 stacks to 8 switches Max (384 x 1G ports + 16 10G ports) (x600 was max stack 4) • x610 uses AT-STACKXG stacking modules (same as x600) 10G transmission with IP stripped = 12Gbps 12+12+12+12 = 48Gbps stacking • “x600 stacking mode” allows combining x610 and x600 in same stack (4 in stack) New Dual SFP+ Module for Long distance Stacking Benefits » » » » Can be used to provide 2 additional 10G for standalone switches Can be used with SFP+ optics to provide long distances stacking Manage local and remote switches from one GUI or console Protect against: Core Failure, Power failure, Theft, Fire & Flood with a “Remote Stacked Core” Can’t mix AT-x6EM-XS2 and AT-STAKXG Can’t put AT-x6EM-XS2 stacking module into x600 Remote Stacking – with dual homed virtual servers Virtualise servers Single Core switch failure - network OK Big problems with Fire or Flood Especially if computerised attendance Remote Stacking – with remote dual homed virtual servers Vandalism / Theft Terrorism Remote With Remote Stacking & Remote Virtulisation Virtulised With SIMPLE configuration (no VRRP) servers Network becomes resilient against many disasters! x610 Series– Long-Distance Stacking Distributed Core Long-Distance Stacking enables the VCStack solution to provide a distributed network core. The increased distance provided by fiber stacking connectivity means that members of the virtual chassis do not need to be collocated. Instead, they can be kilometers apart. Diagram shows an example of a long-distance stack, where the single virtual distributed core ensures high availability of data for network users. Power Over Ethernet (PoE / PoE+) • PoE - provides power & data, on Ethernet Cat 3/5/6 cabling • x600 was PoE Capable (IEEE 802.3af-2003) • PoE up to 15.4 Watts per port (12.95 Watts at the powered device) • x610 is PoE+ Capable (IEEE 802.3at-2009) • PoE+ up to 30 Watts per port (25.5 Watts at the powered device) Why PoE+ PoE illuminators Raytec less than 25W covers up to 60 metres Combined Fan & Heater – single Cat 6 cable to enclosure Axis P1344E - Class 3 (15.4 Watt x 24 = 370 Watt) Larger Pan Zoom & Tilt camera housings Axis Q6032-E Pan Tilt Zoom - High Power PoE+ (Up to 30 Watt ea) PoE versions of x610 have plug in Power Supply Units x610 PoE+ models have PSU slot, allowing for choice of PoE budget (x610 Non PoE+ models have a fixed internal system PSU) AT-PWR250 Future upgrade of the switch to PoE+ use AT-PWR800 PoE+ budget for whole switch of 480 Watts AT-PWR1200 PoE+ budget for whole switch of 780 Watts Note: Power supply modules that fit in the PoE+ versions of the x600, also fit into the AT-RPS3000 Redundant PSU chassis . x610 Power Supply Module options for PoE switches Part Number Power Source Description AT-PWR250 AC Mains System PSU only, useful if want to save cost now but might want PoE later AT-PWR250-80 48vDC System PSU only AT-PWR800 AC Mains System PSU + 480W PoE+ Power Budget AT-PWR1200 AC Mains System PSU + 780W PoE+ Power Budget (Note: PSUs also fit AT-RPS3000 Redundant PSU Chassis) What is the x610 PoE+ capability? PSU Type PoE Budget Number of Ports Average Power per Port (Non Redundant PSU) Average Power per Port (Redundant PSU) Max PoE if some ports unused 800W 480 Watts 24 20 Watts - 30 Watts 800W 480 Watts 48 10 Watts - 30 Watts 1200W 780 Watts 24 Exceeds 30 Watts - 30 Watts 1200W 780 Watts 48 16.2 Watts - 30 Watts 800W + 800W 960 Watts 24 Exceeds 30 Watts 20 Watts 30 Watts 800W + 800W 960 Watts 48 20 Watts 10 Watts 30 Watts 1200W + 1200W 1560 Watts 24 Exceeds 30 Watts Exceeds 30 Watts 30 Watts 1200W + 1200W 1560 Watts 48 Exceeds 30 Watts 16.2 Watts 30 Watts Note: can’t think of many applications yet that require a full 30 Watts on all ports! AT-RPS-3000 Functions The RPS-3000 has three functions: 1. To protect against x610 system power supply failure, and 2. Provide additional PoE+ capability or 3. Provide redundant PoE+ capability The RPS-3000 is not an Uninterruptible Power Supply – i.e. it does not include batteries What can an AT-PWR800 or AT-PWR1200 RPSU supply? PWR800 or PWR1200 in RPS3000 Supplying System & PoE Power OR Two low system power consumption switches (24 port) One high system power consumption switch (48 port / SFP) Low Power & High Power Switches (Relevant to RPSU) Low Power Switches High Power Switches (low system power consumption) x610-24Ts (high system power consumption) X610-48Ts x610-24Ts/X X610-48Ts/X x610-24Ts-PoE+ X610-48Ts-PoE+ x610-24Ts/X-PoE+ X610-48Ts/X-PoE+ X610-24SPs/X In summary: All 24 port switches are “Low Power Switches” All 48 port switches are “High Power Switches” With the exception of the 24 port SFP Switch which is a “High Power Switch” Rear connectors All four connectors may be used to provided Redundant System Power (even to PoE+ switches) The bottom two provide Redundant System Power and Additional / Redundant PoE+ Power x610 Series– Network Virtualization Virtual Routing and Forwarding (VRF Lite) allows multiple customers to share a common infrastructure, while maintaining their own independent virtual routing domains. Individual customers can take advantage of shared resources such as printers and Internet access via filtered inter-VRF communication, whilst maintaining absolute security. Layer 3 network virtualization provided by Virtual Routing and Forwarding (VRF Lite) creates independent routing domains, where IP addresses can overlap without causing conflict. Virtual Routing and Forwarding (VRF Lite) Tenants require a data infrastructure when renting (Regus type) flexible office space Tenants also want to use their own IP addressing scheme Addressing schemes may overlap (all use 192.168.1.x) VRF Lite allows Landlords with Multi Tennant Units to offer this facility Easy Resiliency Solution Overview Resiliency the Easy Way VCStack approach Traditional Approach » » Many protocols running at different layers Hard to configure, manage and troubleshoot internet RIP VRRP Allied Telesis resiliency »Same on every equipment – – Interface port 1.3.8, port 2.3.4 Channel group 1 mode active internet OSPF STP Link Aggregation Resiliency the High Performance Way VCStack approach Allied Telesis resiliency Traditional redundancy Active-Stand by Active-Active True Active-Active Full bandwidth used all the time Master Slave Master Slave Master Slave Fully dynamic load distribution Easy scalable bandwidth Resiliency the Ring Approach in the Carriers Network Aggregation Layer 3 Easy to configure 10GbE carrier-grade (EPSR) Access Layer 2 Subscriber Affordable Cost Fast sub-50ms failover to traffic The Ring in the Video Surveillance Easy to configure 10GbE carrier-grade (EPSR) Affordable Cost Fast sub-50ms failover to traffic Resiliency Everywhere LAG LAG LAG Web Servers INTERNET LAG LAG LAG App Servers DB Servers Secure Router LAG LAG LAG Managed Switch Resiliency in internet access Managed Switch Resiliency in the Data center Resiliency in Hotels Thank you Americas Headquarters | 19800 North Creek Parkway | Suite 100 | Bothell | WA 98011 | USA | T: +1 800 424 4284 | F: +1 425 481 3895 Asia-Pacific Headquarters | 11 Tai Seng Link | Singapore | 534182 | T: +65 6383 3832 | F: +65 6383 3830 EMEA Headquarters | Via Motta 24 | 6830 Chiasso | Switzerland | T: +41 91 69769.00 | F: +41 91 69769.11 © 2011 Allied Telesis Inc. All rights reserved. Information in this document is subject to change without notice. All company names, logos, and product designs that are trademarks or registered trademarks are the property of their respective owners.