E x t r e m e N e t w o r k s ®

Network Architecture G u i d e

Why

Ext

rem

e?Extreme Networks is deployed in the largest IP networks in the world. We have the experience and proven performance to:

Extreme Networks is deployed in the largest IP networks in the world. We have the experience and proven performance to:

• Simply aggregate large quantities of desktops, servers, clusters, wireless laptops, PDAs and VoIP phones.

• Attain massive competitive advantage using custom ASICs and modular software to enable emerging technology today.

• Easily integrate with existing network elements thereby providing a smooth migration from legacy to leading edge deployments.

• Provide lowest Total Cost of Ownership (TCO) by developing products that are easy to use, implement and maintain for maximum return on investment.

• Ensure integrity of emerging converged communications: IP Telephony, Streaming Audio and Video, and Video Conferencing by using standards based

networking protocols combined with our advanced hardware and software.

Customers rely on Extreme Networks’ feature-rich capabilities and ability to deliver next generation functionality. Our track record, industry awards and market leadership demonstrate our expertise in wired and wireless infrastructure using Ethernet and IP.

*Competitive Advantage

Laye

r 1La

yer 3

I/O Triumph ModulesGM-16X3 16 port Gigabit Ethernet (SFP)GM-16T3 16 port 10/100/1000BASE-T

I/O Triumph ModulesGM-16X3 16 port Gigabit Ethernet (SFP)GM-24T3 24 port 10/100/1000BASE-T

I/O Modules60 Ports 10/100/1000*60 Ports SFP (mini GBIC)*6 Ports 10 Gigabit Ethernet*

• IPv4• IPv6• RIP v1 or v2• OSPF v2, v3• IS-IS

• IP Multicast Routing - PIM/SM - PIM/DM - DVMRP • IPX RIP/SAP

• Encapsulations - MPLS - GRE • Translations - NAT - IPv6 to IPv4 - IPv4 to IPv6

Laye

r 2

MAC Address

• “i” series 128MB - 128,000*• “i” series 256MB - 256,000*• 4GNSS IGIG - 1 Million+*

VLANs• VLAN Aggregation (RFC 3069) *• VLAN Translation*• VMANs Ethertype 88a8*

VLAN 1

VLAN 2

VLAN 3

IP Address/24Se

rver

Sub-VLAN Super-VLAN Uplink VLAN

VLAN X

VLAN YVLAN 1

VLAN 2

VLAN 3

IP Address/24Se

rver

VLAN 1

VLAN 2

VLAN 3

User

Customers Service Provider

VLAN X

VLAN YVLAN 1

VLAN 2

VLAN 3

User

VLAN 1

VLAN 2

VLAN 3

Cust

omer

Customers Service Provider

VLAN X

VLAN YVLAN 1

VLAN 2

VLAN 3

Cust

omer

Internet

Domains*• EMISTP- 802.1s• EAPS• ESRP

• BGP4 - EBGP, IBGP - Scaled (1 million routes) - Route reflector, confederation - Communities - Route policies, route maps - Route aggregation

Model I/O3802 2 Slots3804 4 Slots3808 8 Slots

Model I/O MSM6804 4 Slots 2 Slots6808 8 Slots 2 Slots6816 16 Slots 4 Slots

Model I/O MSMBD 10808 8 Slots 2 Slots

38020

20406080

100120140

3804Model Model

3808 68040

100

200

300

400

6808 6816 10 GbE0

100

200

300

400

500

10/100/1000Mini GBIC

BD 6816 BladeBD 10808 BladeBD 6816 ChassisBD 10808 Chassis

Summit

Triumph

Triumph

Domain 1 Domain 2

FeatureEAPSESRP

EMISTP

®®

H A R D W A R E - B A S E D F E A T U R E SH A R D W A R E - B A S E D F E A T U R E S

*Competitive Advantage

Internet

Internet

Ethertype 8100 Ethertype 88a8

Scal

abil

ity

3800 series3800 series 6800 series6800 series (10K)

Alpine 3800Series

BlackDiamond6800Series BlackDiamond

10K

i” series”

i” series”

CLEAR-Flow* Secure Unified Access* Se

curi

ty

• Statistics - Programmable per-VLAN statistics, any combination of: • Physical port number • MAC source or MAC destination • 802.1p QoS settings • Cast type (unicast, Multicast broadcast)• Queueing Statistics - Committed Information Rate (CIR) conforming bytes and packets - Peak Rate (PR) conforming bytes and packets

®®

CLEAR-Flow

Bypass counter

Trigger

EPIC

ente

r or

Managem

ent Sta

tionNetFlow

Protocol

sFlowProtocol

Encapsulate packet and tunnelto remote system

Send copy ofpacket out a

specified interface

NetFlow

sFlow

Tunneling

Port Mirroring

Traffic traversing the switch

ThresholdCounters monitored forthresholds exceeded

CountUp to 128,000programmable

counters track packetand byte counts

XMLreporting

FilterPackets can be discarded,

mapped to a securityprofile, and/or copied into

the CLEAR-Flow Engine

ReportTraffic can be

forwarded to one or more multiple traffic

monitoring tools

Altitude Summit Switch

PoE

PoE

PoE

PoE

10/100/1000

10/100/1000

10/100/1000PoE

PoE

Alpine Switch

Summit Switch

Network Instrumentation Measure • Analyze • Enforce

E X T R E M E N E T W O R K SE X T R E M E N E T W O R K S

Queueing Statistics (continued) - Discards - Programmable packet statistics, based on any combination of: • Layer 2 (source MAC, destination MAC) • Layer 3 (source IP, destination IP, IP protocol) • Layer 4 (source port, destination port) • QoS (DiffServ, ToS, or 802.1p) • MPLS label

• Network Login - Browser based - 802.1x• Host Integrity • Intelligent Network Access - Dynamic Policy-based Quality of Service (QoS) - Identity based networking• IP & MAC Security - IP DHCP Option 82—IP address on a per port basis - MAC address lock down, learn, count and limit - Disable ARP—Eliminates spoofed or duplicate IP addresses

Wired—Wireless

*Competitive Advantage

Secure Network Infrastructure* Intelligent Network* S E C U R I T Y F R A M E W O R K S E C U R I T Y F R A M E W O R K

Security

BlackDiamond 10K switches

Internet

• Secure Administration - SSH2 - SCP - SNMPv3• Network Protection - IPDA—Hardware subnet look-up - ICMP—Fast path - LPM—Longest prefix match - QoS—Prioritization of control and

management traffic

Secure Unified Access

Host Integrity

PoE

PoE

PoE

PoE

Data and Control Plane HardeningSecurity Framework CLEAR-Flow

• Measure• Analyze• Enforce

Monitoring

Intelligent Network Access

CLEAR-Flow Secure Unified Access

Secure Network Infrastructure

10/100/1000

Network Access

Policy-based QoS• ACLs• VLANs

• Network Login• 802.1x• MAC Address Lock Down

Identity-based Networking

Secure Network InfrastructureWIRED: Powered, Copper and Fiber WIRELESS: Encryption

*Competitive Advantage

Layer 1 - Physical Layer 2 - Ethernet Layer 3 - RoutingCabling Convention

Box Level Redundancy

Active - Standby Equal Cost Multi-Path

Load Balance

Software Redundant Port*

Extreme Standby Router Protocol (ESRP)

Ethernet Automatic Protection Switching* (EAPS)

RFC 3619

Physical Link Redundancy

Ring

• Passive backplane• Redundant, load-sharing switch fabric• Redundant management processors• Dual switch configurations and ExtremeWare® images• Redundant ports

• Redundant power supplies• AC or 48-VDC• Hot swappable modules, power supplies and fan tray

Port–Different ports on the same chassis or bladeModule–Different ports on the same chassisChassis–Different ports on two different chassisAll offer link and port redundancy

ChassisPort Module802.32ad –Link Aggregation–Point to Point

Mesh

< 50 ms Convergence

T O P O L O G I E ST O P O L O G I E S

Multi-Home

Active

BlackDiamond ® 10K

Summit 400 switches

BlackDiamond 10K switches

BlackDiamond 10K switches

BlackDiamond 10K switches

BlackDiamond 10K switches

Alpine switches

BlackDiamond 10K switches

BlackDiamond 10K switches

BlackDiamond 10K switches

Summit® 400 switches

Standby

Active Standby

Internet

E-BGP

Hub & Spoke

VRRPRFC 2338

OSPF RFC 2328

Multi-Home

Multi-Home

T-Sync*

Resiliency

*Competitive Advantage

Alpine ® switches

Summit 400 switches

Summit 400 Summit 400

Summit 400 Summit 400

1 Gigabit Ethernet Multi-Mode Fiber

10/100/1000 Ethernet Copper Category 510/100 Power over Ethernet (PoE) Copper Category 5

10 Gigabit Ethernet Single-Mode Fiber

Layer 2 and Layer 3Layer 2 and Layer 3

Wireless

PoE for WAP

PoE for VoIP

10/100/1000

User

Copper Fiber

Desktop

Phone

Laptop

Cell Phone

PDA

Wireless

• Applications move from work area to conference room.• Single login and authentication while roaming from building to building.• Single security profile, authentication and encryption.• Ability to add new devices and users immediately without pulling more cabling.• Instant provisioning for seminars, conferences and guests.

Gigabit to the Desktop• Gigabit NICs are becoming standard OEM feature.• Processor CPUs are 1.5 to 2.0 GHz+ and able to handle increased throughput.

Gigabit to the Server• Gigabit NICs and multi-processor systems have the capabilities to push full 1 gigabit of throughput.• Availability of TCP Offload Engine (TOE) enabled NICs to eliminate the server CPU from TCP processing–typically 1 gigabit of throughput requires 1 GHz of processor. TOE allows the CPU to run the applications and the NIC to perform all the networking overhead.• Operating system is optimized for 64Bit processor architecture. Applications are enabled to use the network to its full potential.• Increases lifecycle of applications as hardware enables better performance.• Increased application performance requires corresponding increase in network capabilities. 10 Gigabit Ethernet becomes technically viable to eliminate bottlenecks.

Power over Ethernet (PoE)802.3af 15 watts per port maximum up to 100 meters.• Typical VoIP phone uses about 3.5 to 10 watts.• Backwards compatible with existing 10/100 cabling and hardware.• Devices are segmented into different classes:

Effortlessly deploy wireless and VoIP with one box.• Emerging applications that require PoE for recharging batteries are enabled.• Security cameras and PDAs can be deployed and supported with minimal configuration and impact to network.• PoE allows new applications and hardware to be implemented. Intelligent Network Access provides security, reliability and mobility.

Layer 1 - Physical Layer 2 - Ethernet Topologies Layer 3 - Routing

U N I F I E D A C C E S SU N I F I E D A C C E S S

Server

Data Center

Fiber

Range–IndoorRange–OutdoorBandwidthFrequency

60–120 ft100–1100 ft

54–6 Mbs5 GHz

160–500 ft450–1600 ft

11–1Mbs2.4 GHz

65–200 ft110–650 ft54–6Mbs2.4 GHz

802.11a 802.11b 802.11g

Class01234

UsageDefaultOptionalOptionalOptionalOptional

Max PowerLevels at PSE

15.0 watts4.0 watts7.0 watts

15.0 wattsTreat as Class 0

(Reserved for future use)

PoE

Thin Access Point

Extreme Unified Access*

Mobility

*Competitive Advantage

Internet

300

Altitude

Alpine, BlackDiamond, EPICenter, Ethernet Everywhere, Extreme Ethernet Everywhere, Extreme Networks, Extreme Turbodrive, Extreme Velocity, ExtremeWare, ExtremeWorks, the Go Purple–Extreme Solution Partners Logo, ServiceWatch, Summit, the Summit7i logo, and the Color Purple, among others, are trademarks or registered trademarks of Extreme Networks, Inc. or its subsidiaries in the United States and other countries. Other names and marks may be the property of their respective owners.

© 2002, 2003, 2004 Extreme Networks, Inc. All Rights Reserved. Specifications are subject to change without notice. L-BR-PSG-404

Australia and New Zealand Extreme NetworksLevel 20, 99 Walker StreetNorth Sydney, NSW 2060P 61 2 9657 1348

Japan Extreme Networks KK17F Sumitomo Korakuen Building1-4-1 KoishikawaBunkyo-ku, Tokyo 112-002JapanP 81-3-5842-4011sales@extremenetworks.com.jp

Corporate Headquarters and Americas RegionExtreme Networks3585 Monroe St. Santa Clara, CA 95051 USA 888 257 3000 P 408 579 2800 F 408 579 3000info@extremenetworks.com

Asia Pacific Extreme NetworksUnit 1117, Tower 1, Grand Century Place193 Prince Edward Road WestKowloon, Hong KongP 011 852 2105 6543

Europe, Middle East and Africa Extreme NetworksKernkade 2, 2nd floorLage Weide, Utrecht 3542 CHThe NetherlandsP 31(0) 30 800 5100sales@extremenetworks.com