Extreme Networks Network Architecture Guide · Extreme Networks is deployed in the largest IP...
Transcript of Extreme Networks Network Architecture Guide · Extreme Networks is deployed in the largest IP...
E x t r e m e N e t w o r k s ®
Network Architecture G u i d e
Why
Ext
rem
e?Extreme Networks is deployed in the largest IP networks in the world. We have the experience and proven performance to:
Extreme Networks is deployed in the largest IP networks in the world. We have the experience and proven performance to:
• Simply aggregate large quantities of desktops, servers, clusters, wireless laptops, PDAs and VoIP phones.
• Attain massive competitive advantage using custom ASICs and modular software to enable emerging technology today.
• Easily integrate with existing network elements thereby providing a smooth migration from legacy to leading edge deployments.
• Provide lowest Total Cost of Ownership (TCO) by developing products that are easy to use, implement and maintain for maximum return on investment.
• Ensure integrity of emerging converged communications: IP Telephony, Streaming Audio and Video, and Video Conferencing by using standards based
networking protocols combined with our advanced hardware and software.
Customers rely on Extreme Networks’ feature-rich capabilities and ability to deliver next generation functionality. Our track record, industry awards and market leadership demonstrate our expertise in wired and wireless infrastructure using Ethernet and IP.
*Competitive Advantage
Laye
r 1La
yer 3
I/O Triumph ModulesGM-16X3 16 port Gigabit Ethernet (SFP)GM-16T3 16 port 10/100/1000BASE-T
I/O Triumph ModulesGM-16X3 16 port Gigabit Ethernet (SFP)GM-24T3 24 port 10/100/1000BASE-T
I/O Modules60 Ports 10/100/1000*60 Ports SFP (mini GBIC)*6 Ports 10 Gigabit Ethernet*
• IPv4• IPv6• RIP v1 or v2• OSPF v2, v3• IS-IS
• IP Multicast Routing - PIM/SM - PIM/DM - DVMRP • IPX RIP/SAP
• Encapsulations - MPLS - GRE • Translations - NAT - IPv6 to IPv4 - IPv4 to IPv6
Laye
r 2
MAC Address
• “i” series 128MB - 128,000*• “i” series 256MB - 256,000*• 4GNSS IGIG - 1 Million+*
VLANs• VLAN Aggregation (RFC 3069) *• VLAN Translation*• VMANs Ethertype 88a8*
VLAN 1
VLAN 2
VLAN 3
IP Address/24Se
rver
Sub-VLAN Super-VLAN Uplink VLAN
VLAN X
VLAN YVLAN 1
VLAN 2
VLAN 3
IP Address/24Se
rver
VLAN 1
VLAN 2
VLAN 3
User
Customers Service Provider
VLAN X
VLAN YVLAN 1
VLAN 2
VLAN 3
User
VLAN 1
VLAN 2
VLAN 3
Cust
omer
Customers Service Provider
VLAN X
VLAN YVLAN 1
VLAN 2
VLAN 3
Cust
omer
Internet
Domains*• EMISTP- 802.1s• EAPS• ESRP
• BGP4 - EBGP, IBGP - Scaled (1 million routes) - Route reflector, confederation - Communities - Route policies, route maps - Route aggregation
Model I/O3802 2 Slots3804 4 Slots3808 8 Slots
Model I/O MSM6804 4 Slots 2 Slots6808 8 Slots 2 Slots6816 16 Slots 4 Slots
Model I/O MSMBD 10808 8 Slots 2 Slots
38020
20406080
100120140
3804Model Model
3808 68040
100
200
300
400
6808 6816 10 GbE0
100
200
300
400
500
10/100/1000Mini GBIC
BD 6816 BladeBD 10808 BladeBD 6816 ChassisBD 10808 Chassis
Summit
Triumph
Triumph
Domain 1 Domain 2
FeatureEAPSESRP
EMISTP
®®
H A R D W A R E - B A S E D F E A T U R E SH A R D W A R E - B A S E D F E A T U R E S
*Competitive Advantage
Internet
Internet
Ethertype 8100 Ethertype 88a8
Scal
abil
ity
3800 series3800 series 6800 series6800 series (10K)
Alpine 3800Series
BlackDiamond6800Series BlackDiamond
10K
i” series”
i” series”
CLEAR-Flow* Secure Unified Access* Se
curi
ty
• Statistics - Programmable per-VLAN statistics, any combination of: • Physical port number • MAC source or MAC destination • 802.1p QoS settings • Cast type (unicast, Multicast broadcast)• Queueing Statistics - Committed Information Rate (CIR) conforming bytes and packets - Peak Rate (PR) conforming bytes and packets
®®
CLEAR-Flow
Bypass counter
Trigger
EPIC
ente
r or
Managem
ent Sta
tionNetFlow
Protocol
sFlowProtocol
Encapsulate packet and tunnelto remote system
Send copy ofpacket out a
specified interface
NetFlow
sFlow
Tunneling
Port Mirroring
Traffic traversing the switch
ThresholdCounters monitored forthresholds exceeded
CountUp to 128,000programmable
counters track packetand byte counts
XMLreporting
FilterPackets can be discarded,
mapped to a securityprofile, and/or copied into
the CLEAR-Flow Engine
ReportTraffic can be
forwarded to one or more multiple traffic
monitoring tools
Altitude Summit Switch
PoE
PoE
PoE
PoE
10/100/1000
10/100/1000
10/100/1000PoE
PoE
Alpine Switch
Summit Switch
Network Instrumentation Measure • Analyze • Enforce
E X T R E M E N E T W O R K SE X T R E M E N E T W O R K S
Queueing Statistics (continued) - Discards - Programmable packet statistics, based on any combination of: • Layer 2 (source MAC, destination MAC) • Layer 3 (source IP, destination IP, IP protocol) • Layer 4 (source port, destination port) • QoS (DiffServ, ToS, or 802.1p) • MPLS label
• Network Login - Browser based - 802.1x• Host Integrity • Intelligent Network Access - Dynamic Policy-based Quality of Service (QoS) - Identity based networking• IP & MAC Security - IP DHCP Option 82—IP address on a per port basis - MAC address lock down, learn, count and limit - Disable ARP—Eliminates spoofed or duplicate IP addresses
Wired—Wireless
*Competitive Advantage
Secure Network Infrastructure* Intelligent Network* S E C U R I T Y F R A M E W O R K S E C U R I T Y F R A M E W O R K
Security
BlackDiamond 10K switches
Internet
• Secure Administration - SSH2 - SCP - SNMPv3• Network Protection - IPDA—Hardware subnet look-up - ICMP—Fast path - LPM—Longest prefix match - QoS—Prioritization of control and
management traffic
Secure Unified Access
Host Integrity
PoE
PoE
PoE
PoE
Data and Control Plane HardeningSecurity Framework CLEAR-Flow
• Measure• Analyze• Enforce
Monitoring
Intelligent Network Access
CLEAR-Flow Secure Unified Access
Secure Network Infrastructure
10/100/1000
Network Access
Policy-based QoS• ACLs• VLANs
• Network Login• 802.1x• MAC Address Lock Down
Identity-based Networking
Secure Network InfrastructureWIRED: Powered, Copper and Fiber WIRELESS: Encryption
*Competitive Advantage
Layer 1 - Physical Layer 2 - Ethernet Layer 3 - RoutingCabling Convention
Box Level Redundancy
Active - Standby Equal Cost Multi-Path
Load Balance
Software Redundant Port*
Extreme Standby Router Protocol (ESRP)
Ethernet Automatic Protection Switching* (EAPS)
RFC 3619
Physical Link Redundancy
Ring
• Passive backplane• Redundant, load-sharing switch fabric• Redundant management processors• Dual switch configurations and ExtremeWare® images• Redundant ports
• Redundant power supplies• AC or 48-VDC• Hot swappable modules, power supplies and fan tray
Port–Different ports on the same chassis or bladeModule–Different ports on the same chassisChassis–Different ports on two different chassisAll offer link and port redundancy
ChassisPort Module802.32ad –Link Aggregation–Point to Point
Mesh
< 50 ms Convergence
T O P O L O G I E ST O P O L O G I E S
Multi-Home
Active
BlackDiamond ® 10K
Summit 400 switches
BlackDiamond 10K switches
BlackDiamond 10K switches
BlackDiamond 10K switches
BlackDiamond 10K switches
Alpine switches
BlackDiamond 10K switches
BlackDiamond 10K switches
BlackDiamond 10K switches
Summit® 400 switches
Standby
Active Standby
Internet
E-BGP
Hub & Spoke
VRRPRFC 2338
OSPF RFC 2328
Multi-Home
Multi-Home
T-Sync*
Resiliency
*Competitive Advantage
Alpine ® switches
Summit 400 switches
Summit 400 Summit 400
Summit 400 Summit 400
1 Gigabit Ethernet Multi-Mode Fiber
10/100/1000 Ethernet Copper Category 510/100 Power over Ethernet (PoE) Copper Category 5
10 Gigabit Ethernet Single-Mode Fiber
Layer 2 and Layer 3Layer 2 and Layer 3
Wireless
PoE for WAP
PoE for VoIP
10/100/1000
User
Copper Fiber
Desktop
Phone
Laptop
Cell Phone
PDA
Wireless
• Applications move from work area to conference room.• Single login and authentication while roaming from building to building.• Single security profile, authentication and encryption.• Ability to add new devices and users immediately without pulling more cabling.• Instant provisioning for seminars, conferences and guests.
Gigabit to the Desktop• Gigabit NICs are becoming standard OEM feature.• Processor CPUs are 1.5 to 2.0 GHz+ and able to handle increased throughput.
Gigabit to the Server• Gigabit NICs and multi-processor systems have the capabilities to push full 1 gigabit of throughput.• Availability of TCP Offload Engine (TOE) enabled NICs to eliminate the server CPU from TCP processing–typically 1 gigabit of throughput requires 1 GHz of processor. TOE allows the CPU to run the applications and the NIC to perform all the networking overhead.• Operating system is optimized for 64Bit processor architecture. Applications are enabled to use the network to its full potential.• Increases lifecycle of applications as hardware enables better performance.• Increased application performance requires corresponding increase in network capabilities. 10 Gigabit Ethernet becomes technically viable to eliminate bottlenecks.
Power over Ethernet (PoE)802.3af 15 watts per port maximum up to 100 meters.• Typical VoIP phone uses about 3.5 to 10 watts.• Backwards compatible with existing 10/100 cabling and hardware.• Devices are segmented into different classes:
Effortlessly deploy wireless and VoIP with one box.• Emerging applications that require PoE for recharging batteries are enabled.• Security cameras and PDAs can be deployed and supported with minimal configuration and impact to network.• PoE allows new applications and hardware to be implemented. Intelligent Network Access provides security, reliability and mobility.
Layer 1 - Physical Layer 2 - Ethernet Topologies Layer 3 - Routing
U N I F I E D A C C E S SU N I F I E D A C C E S S
Server
Data Center
Fiber
Range–IndoorRange–OutdoorBandwidthFrequency
60–120 ft100–1100 ft
54–6 Mbs5 GHz
160–500 ft450–1600 ft
11–1Mbs2.4 GHz
65–200 ft110–650 ft54–6Mbs2.4 GHz
802.11a 802.11b 802.11g
Class01234
UsageDefaultOptionalOptionalOptionalOptional
Max PowerLevels at PSE
15.0 watts4.0 watts7.0 watts
15.0 wattsTreat as Class 0
(Reserved for future use)
PoE
Thin Access Point
Extreme Unified Access*
Mobility
*Competitive Advantage
Internet
300
Altitude
Alpine, BlackDiamond, EPICenter, Ethernet Everywhere, Extreme Ethernet Everywhere, Extreme Networks, Extreme Turbodrive, Extreme Velocity, ExtremeWare, ExtremeWorks, the Go Purple–Extreme Solution Partners Logo, ServiceWatch, Summit, the Summit7i logo, and the Color Purple, among others, are trademarks or registered trademarks of Extreme Networks, Inc. or its subsidiaries in the United States and other countries. Other names and marks may be the property of their respective owners.
© 2002, 2003, 2004 Extreme Networks, Inc. All Rights Reserved. Specifications are subject to change without notice. L-BR-PSG-404
Australia and New Zealand Extreme NetworksLevel 20, 99 Walker StreetNorth Sydney, NSW 2060P 61 2 9657 1348
Japan Extreme Networks KK17F Sumitomo Korakuen Building1-4-1 KoishikawaBunkyo-ku, Tokyo 112-002JapanP [email protected]
Corporate Headquarters and Americas RegionExtreme Networks3585 Monroe St. Santa Clara, CA 95051 USA 888 257 3000 P 408 579 2800 F 408 579 [email protected]
Asia Pacific Extreme NetworksUnit 1117, Tower 1, Grand Century Place193 Prince Edward Road WestKowloon, Hong KongP 011 852 2105 6543
Europe, Middle East and Africa Extreme NetworksKernkade 2, 2nd floorLage Weide, Utrecht 3542 CHThe NetherlandsP 31(0) 30 800 [email protected]