下载文档原格式
Cisco Catalyst IE3400 Rugged SeriesData sheet Cisco publicContentsProduct overview 3 Product specifications 5 System dimensions 8 Ordering information 19 Warranty 20 Cisco environmental sustainability 21 Cisco Services 21 Cisco Capital 21 Document history 22The Cisco Catalyst® IE3400 Rugged Series ushers in mainstream adoption of advanced Gigabit Ethernet connectivity in a compact form-factor, modular switch purpose-built fora wide variety of extended enterprise and industrial applications.Product overviewThe Cisco Catalyst IE3400 Rugged Series switches deliver advanced, high-speed Gigabit Ethernet connectivity in a compact form factor, and are designed for a wide range of industrial applications where hardened products are required. The modular design of the Cisco Catalyst IE3400 Rugged Series offers the flexibility to expand up to 26 ports of Gigabit Ethernet with a range of expansion module options. The platform is built to withstand harsh environments in manufacturing, energy, transportation, mining, smart cities, and oil and gas. The IE3400 platform is also ideal for extended enterprise deployments in outdoor spaces, warehouses, and distribution centers.The IE3400 Series runs Cisco IOS® XE, a next-generation operating system with built-in security and trust, featuring secure boot, image signing, and the Cisco® Trust anchor module. Cisco IOS XE also provides API-driven configuration with open APIs and data models.The Cisco Catalyst IE3400 Rugged Series can be managed with powerful management tools such as Cisco DNA Center and Industrial Network Director, and can be easily set up with a completely redesigned, user-friendly, modern GUI tool called WebUI. The platform also supports Full Flexible NetFlow (FNF) for real-time visibility into traffic patterns and threat analysis with Cisco Stealthwatch®.The IE3400 series (with expansion module) supports power budget of up to 480W for PoE/PoE+, shared across 24 ports, and is ideal for connecting PoE-powered end devices such as IP cameras, phones, wireless access points, sensors, and more.Figure 1.Cisco Catalyst IE3400 Rugged SeriesFeatures and benefitsTable 1.IE3400 Features and benefits1 Parallel Redundancy Protocol (PRP) is available on IE3400 base switch on select ports only (Gig1/1 - Gig1/4). Single instance of PRP is supported.2 Orderability currently planned for January, 2021Products overviewTable 2.Product feature sets1 The Hardware PID with “-E” suffix is Network Essentials and with “-A” suffix is Network Advantage. Network Advantage License includes all Network Essentials Features.Product specificationsTable 3 highlights the hardware configuration for Cisco Catalyst IE3400 Rugged Series switches and the supported modules with these switches.Table 3.IE3400 Hardware configurations (incl. IE3400 and IE3300 modules)* PoE modules can only be plugged with PoE base switch. IE3300 expansion modules can also be plugged with IE3400 base switch. However, this combination prevents support for advanced security feature such as SGT/SGACL on the IE3400 base switch.** Network Advantage License includes all Network Essentials features.1 Orderability currently planned for January, 2021Table 4 highlights the hardware specifications for Cisco Catalyst IE3400 Rugged Series switches.Table 4.IE3400 hardware Specifications1 In order to achieve 480W power budget, the minimum power requirements as specified in Table 8 for the switch need to be considered when selecting the power supply.2 The USB and SD card are optional and are not shipped by default with the switch.3 USB 2.0 to load system images and set configurationsFigure 2.Expansion modulesTable 5 highlights the hardware configuration for Cisco Catalyst IE3400 Rugged Series modules.Table 5.Hardware configuration for Cisco Catalyst IE3300 and IE3400 Rugged Series modules1 Orderability currently planned for January, 20212 Please refer to the conditions for using IEEE 802.3bt type 4 standard power in the Hardware Installation Guide at product availability Table 6 highlights the physical configuration for Cisco Catalyst IE3400 Rugged Series switches and modules. Table 6.IE3400 physical configurationsSystem dimensions Front view <IE3400 Non-PoE>Front View <IE3400 PoE>Module dimensions – Front ViewSingle wide expansion modules add 2 inches to the system width effectively.Double wide expansion modules add 3 inches to the system width effectively.Top viewTable 7 highlights the performance and scalability features for Cisco Catalyst IE3400 Rugged Series switches. Table 7.IE3400 performance and scalability features1 Supported with -A SKUs or -E SKUs (with Network Advantage license).2 The SD card is optional and is not shipped by default with the switch.Table 8 highlights the power specifications for Cisco Catalyst IE3400 Rugged Series switches.Table 8.IE3400 power specifications1 Power consumption for non PoE supported model is measured at 12V and for the PoE supported model is measured at 54V. Power consumption does not include PoE power.Table 9 highlights the power specifications for supported expansion modules in Cisco Catalyst IE3400 Rugged Series switches.Table 9.IEM3300/IEM3400 expansion modules power consumption1 Power consumption for non PoE supported model is measured at 12V and for the PoE supported model is measured at 54V. Power consumption does not include PoE power.Table 10 highlights the power supply options for Cisco Catalyst IE3400 Rugged Series switches.Table 10.Power supply options1 The entire power budget for the switch and PoE ports must stay within the power supply wattage.2 The power supplies are not certified for smart grid and hazardous locations. These power supplies are IP20 rated.Table 11 and 12 highlights the supported software features for Cisco Catalyst IE3400 Rugged Series switches. Table 11.Key supported software features (Network Essentials License)1 Supported on Uplink ports2 Parallel Redundancy Protocol (PRP) is available on IE3400 base switch on select ports only (Gig1/1 - Gig1/4). Single instance of PRP is supported.Table 12.Key supported software features (Network Advantage License)** Network Advantage License includes all Network Essentials features.1 SGT/SGACL is supported on IE3400 base switch and only on IEM-3400 expansion modules.Table 13 highlights the details on Cisco DNA Essentials and Cisco DNA Advantage License for Cisco Catalyst IE3400 Rugged Series switches.Table 13.Cisco IE3400 Cisco DNA Essentials and Cisco DNA Advantage licenseCisco DNA licenses for Industrial Ethernet switches are add-on/optional and not mandatory. These do not include Network Tier features.Table 14 highlights the compliance specifications for Cisco Catalyst IE3400 Rugged Series switches.Table pliance specifications11 For more detailed information on safety approved power/thermal ratings refer the Hardware Installation Guide.2 Test in progress.Table 15 highlights Mean-Time-Between-Failures (MTBF) for Cisco Catalyst IE3400 Rugged Series switches. Table 15.MTBF information (Telcordia Issue 3)* Figures are Predicted MTBF numbers, measured according to Telcordia Issue 4. The numbers may vary at availability.Table 16 highlights information about management and standards for Cisco Catalyst IE3400 Rugged Series switches.Table 16.Management and standardsRFC 793: TCPRFC 826: ARPRFC 854: TelnetRFC 959: FTPRFC 1157: SNMPv1RFC 1901,1902-1907 SNMPv2 RFC 2273-2275: SNMPv3RFC 2571: SNMP Management RFC 1166: IP AddressesRFC 1256: ICMP Router Discovery RFC 1305: NTPRFC 951: BootP RFC 1643: Ethernet Interface MIBRFC 1757: RMONRFC 2068: HTTPRFC 2131, 2132: DHCPRFC 2236: IGMP v2RFC 3376: IGMP v3RFC 2474: DiffServ PrecedenceRFC 3046: DHCP Relay Agent Information Option RFC 3580: 802.1x RADIUSRFC 4250-4252: SSH ProtocolRFC 5460: DHCPv6 bulk lease querySNMP MIB objects 802.1X MIBCISCO-DHCP-SNOOPING-MIBCISCO-UDLDP-MIBCISCO-ENVMON-MIBCISCO-PRIVATE-VLAN-MIBCISCO-PAE-MIBCisco-Port-QoS-MIBCISCO-ERR-DISABLE-MIBCISCO- PROCESS-MIBLLDP-MIBCiscoMACNotification-MIBCISCO-CONFIG-COPY-MIBLLDP-MED-MIBBridge-MIBCISCO-CAR-MIBCISCO-LAG-MIBCISCO-SYSLOG-MIBCISCO-FTP-CLIENT-MIBCISCO-VLAN-IFTABLE-RELATIONSHIP-MIBCISCO-VLAN-MEMBERSHIP-MIBCisco-REP-MIBCISCO-PORT-STORM-CONTROL-MIBCISCO-CDP-MIBCISCO-IF-EXTENSION-MIBCISCO-IMAGE-MIBCISCO-MEMORY-POOL-MIBCISCO-PING-MIBSNMP-TARGET-EXT-MIBIF_MIBENTITY-MIBLLDP-EXT-PNO-MIBNOTIFICATION-LOG-MIBOLD-CISCO-CPU-MIBETHERLIKE-MIBOLD-CISCO-SYSTEM-MIBOLD-CISCO-MEMORY-MIBRMON-MIBSNMP-COMMUNITY-MIBSNMP-FRAMEWORK-MIBSNMP-PROXY-MIBSNMP-MPD-MIBSNMP-NOTIFICATION-MIBSNMP-TARGET-MIBSNMP-USM-MIBCISCO-DATACOLLECTION-MIBCISCO-CABLE-DIAG-MIBTable 17 highlights information about supported SFPs for Cisco Catalyst IE3400 Rugged Series switches. Table 17.SFP support1 If non-industrial SFPs (EXT, COM) are used, the switch operating temperature must be derated.Ordering informationTable 18 lists the ordering information for fixed system, expansion modules and memory that are commonly used with the Cisco Catalyst IE3400 switches.Table 18.Ordering information1 Orderability currently planned for January, 2021WarrantyFive-year limited HW warranty on all IE3400 PIDs and all IE Power Supplies (see table 9 above). See link below for more details on warranty https:///c/en/us/products/warranties/warranty-doc-c99-740591.html.Cisco environmental sustainabilityInformation about Cisco’s environme ntal sustainability policies and initiatives for our products, solutions, operations, and extended operations or supply chain is provided in the “Environment Sustainability” section of Cisco’s Corporate Social Responsibility (CSR) Report.Reference links to information about key environmental sustainability topics (mentioned in the “Environment Sustainab ility” section of the CSR Report) are provided in the following table:Cisco makes the packaging data available for informational purposes only. It may not reflect the most current legal developments, and Cisco does not represent, warrant, or guarantee that it is complete, accurate, or up to date. This information is subject to change without notice.Cisco ServicesCisco CapitalFlexible payment solutions to help you achieve your objectivesCisco Capital makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments. Learn more.Document historyPrinted in USA C78-741760-06 12/20。
Cisco Industrial Ethernet 5000 Series SwitchesData sheet Cisco publicContentsProduct overview 3 Features and benefits 3 Cisco ONE Software 5 Product specifications 6 Ordering information 16 Warranty information 17 Cisco environmental sustainability 17 Cisco and Partner Services 17 Cisco Capital 17 For more information 18Developed specifically to withstand the harshest industrial environments, these switches offer the most flexible and scalable industrial Ethernet platform that grows with your network.Product overviewThe Cisco® Industrial Ethernet (IE) 5000 Series Switches with four 10 Gigabit or four 1 Gigabit Ethernet uplinks and 24 Gigabit Ethernet downlinks is a rack mount, ruggedized switch that provides Layer 2 and Layer 3 line rate aggregation and copper Power over Ethernet (PoE) connectivity in the harshest of industrial environments. The IE 5000 Series uses superior high-bandwidth hardware switching and proven Cisco IOS® Software. TheIE 5000 is highly secure and scalable for access and aggregation layer deployments. It also provides Cisco stackable technologies for advanced network reliability. The switch is built to withstand extreme environments while adhering to overall IT network design, compliance, and performance requirements. The IE5000 has built-in SW image verification to ensure authenticity of the Cisco Software.The IE 5000 Series can be used to easily and securely extend the enterprise network to harsh environments with a software-defined access extension for the Internet of Things (IoT) enabling connectivity in outdoor areas, warehouses, distribution centers, roadways, etc., using powerful enterprise-grade intent-based network management platform such as Cisco DNA Center.The IE 5000 Series is ideal for industrial Ethernet applications where hardened products are required. This includes utility industries, manufacturing, energy and process control, Intelligent Transportation Systems (ITS), oil and gas field sites, city surveillance programs, and mining. With improved overall performance, greater bandwidth with available 10 Gigabit Ethernet interfaces, a richer feature set, and enhanced hardware, the Cisco IE 5000 Series Switches complement the current Industrial Ethernet portfolio of products. This portfolio includes Cisco industrial Ethernet switches, such as the Cisco IE 2000, IE 3200, IE 3300, IE 3400, IE 4000 and IE 4010 Series Switches, as well as utility - focused products, such as the Cisco IE 2000U Industrial Ethernet switches and Cisco 2500 Series Connected Grid Switches.Through a user-friendly web device manager, the IE 5000 provides easy out-of-the-box configuration and simplified operational manageability to deliver advanced security, data, video, and voice services over industrial networks.Features and benefitsTable 1 lists the features and benefits of Cisco IE 5000 Series Switches.Table 1.Features and benefits of Cisco IE 5000 Series SwitchesThe Cisco Industrial Ethernet 5000 Series Switches offer:●Bandwidth and capacity to grow with your networking needs: High-performance non-blocking switchcapacity with up to 24 Gigabit Ethernet downlink ports and four 10 Gigabit or four 1 Gigabit Ethernet uplink ports per switch●SFP+ heater to allow standard SFP+ optics to operate to -40C (10GE SKU only)●Cisco IOS Software features for smooth IT integration and policy consistency●Robust resiliency enabled by features, such as dual-ring design through four 10 Gigabit Ethernet uplinkports, Resilient Ethernet Protocol (REP), Parallel Redundancy Protocol (PRP), PROFINET– MediaRedundancy Protocol (MRP) ring, High Availability Seamless Redundancy (HSR) ring, EtherChannel, Flex Links, redundant power input, and dying gasp●Oven-controlled crystal oscillator (OCXO) to provide superior frequency stability needed for precisesynchronization applications●Simplified software upgrade path with universal images●Integrated support for features such as GPS receiver and IRIG●Cisco DNA Center management and support for software-defined access extension for IoTCisco ONE SoftwareCisco ONE Software offers a simplified consumption model, centered on common customer scenarios in the industrial automation and extended enterprise environments. Cisco ONE Software and services provide customers with four primary benefits:●Software suites that address typical customer use scenarios at an attractive price●Investment protection for their software purchase through software services-enabled license portability●Access to ongoing innovation and new technology with Cisco Software Support Service (SWSS)●Flexible licensing models to smoothly distribute customers' software spending over timeFigure 1 shows switch models, Table 2 shows all the available IE 5000 models, Table 3 lists the power supplies and Table 4 shows the available power budget for PoE/PoE+ for Cisco IE 5000 Series Switches Series Switches.Figure 1.IE 5000 switchTable 2.Cisco Industrial Ethernet 5000 Series models1 Uplink ports can run at 1 Gigabit Ethernet or 10 Gigabit Ethernet mode depending on the SFP or SFP+ inserted.2 Can be upgraded to IP Services license with the PID in Table 15.Table 3.Power supplies for Cisco IE 5000 Series SwitchesTable 4.Available power budget for PoE/PoE+ with different power supply wattageProduct specificationsTable 5 lists specifications, Table 6 lists information about Physical specifications, Table 7 lists information about switch performance and scalability, Tables 8 and 9 list important software license features, Tables 10-11 list the Cisco DNA Essentials and Advantage features. Table 12 lists compliance specifications, and Table 13 lists information about management and standards and Table 14 lists the supported SFPs on Cisco IE 5000 Series SwitchesTable 5.Product specificationsTable 6.Physical specificationsTable 7.Switch performance and scalabilityTable 8.Cisco IE 5000 Key LAN Base Software features1 Full flexible Netflow is included is included on all IE-5000 Switches and requires either one of the following licenses per switch:●Cisco ONE™ Foundation Perpetual license●Cisco DNA Essentials license●Cisco IP Services licenseTable 9.Cisco IE 5000 IP services license: Key software featuresTable 10.Cisco IE 5000 DNA Essentials featuresTable 11.Cisco IE 5000 DNA Advantage featuresTable pliance specificationsTable 13.Management and standardsIEEE standards ●IEEE 802.1D MAC Bridges, STP●IEEE 802.1p Layer2 COS prioritization●IEEE 802.1q VLAN●IEEE 802.1s Multiple Spanning-Trees●IEEE 802.1w Rapid Spanning-Tree●IEEE 802.1x Port Access Authentication●IEEE 802.1AB LLDP●IEEE 802.3ad Link Aggregation (LACP)●IEEE 802.3af Power over Ethernet provides up to15.4W DC power to each end device●IEEE 802.3at Power over Ethernet provides up to25.5W DC power to each end device ●IEEE 802.3af Power over Ethernet●IEEE 802.3at Power over Ethernet Plus●IEEE 802.3ah 100BASE-X SMF/MMF only ●IEEE 802.3x full duplex on 10BASE-T●IEEE 802.3 10BASE-T specification●IEEE 802.3u 100BASE-TX specification ●IEEE 802.3ab 1000BASE-T specification ●IEEE 802.3z 1000BASE-X specification ●IEEE 1588v2 PTP Precision Time ProtocolRFC compliance ●RFC 768: UDP●RFC 783: TFTP●RFC 791: IPv4 protocol●RFC 792: ICMP●RFC 793: TCP●RFC 826: ARP●RFC 854: Telnet●RFC 951: BOOTP●RFC 959: FTP●RFC 1157: SNMPv1●RFC 1901,1902-1907 SNMPv2●RFC 2273-2275: SNMPv3●RFC 2571: SNMP Management●RFC 1166: IP Addresses●RFC 1256: ICMP Router Discovery ●RFC 1305: NTP●RFC 1492: TACACS+●RFC 1493: Bridge MIB Objects●RFC 1534: DHCP and BOOTP interoperation●RFC 1542: Bootstrap Protocol●RFC 1643: Ethernet Interface MIB●RFC 1757: RMON●RFC 2068: HTTP●RFC 2131, 2132: DHCP●RFC 2236: IGMP v2●RFC 3376: IGMP v3●RFC 2474: DiffServ Precedence●RFC 3046: DHCP Relay Agent Information Option ●RFC 3580: 802.1x RADIUS●RFC 4250-4252 SSH ProtocolSNMP MIB objects ●BRIDGE-MIB●CALISTA-DPA-MIB●CISCO-ACCESS-ENVMON-MIB●CISCO-ADMISSION-POLICY-MIB●CISCO-AUTH-FRAMEWORK-MIB●CISCO-BRIDGE-EXT-MIB●CISCO-BULK-FILE-MIB●CISCO-CABLE-DIAG-MIB●CISCO-CALLHOME-MIB●CISCO-CAR-MIB●CISCO-CDP-MIB●CISCO-CIRCUIT-INTERFACE-MIB●CISCO-CLUSTER-MIB●CISCO-CONFIG-COPY-MIB●CISCO-CONFIG-MAN-MIB●CISCO-DATA-COLLECTION-MIB●IF-MIB●CISCO-DHCP-SNOOPING-MIB ●CISCO-SNMP-TARGET-EXT-MIB●CISCO-STACK-MIB●CISCO-STACKMAKER-MIB●CISCO-STP-EXTENSIONS-MIB●CISCO-SYSLOG-MIB●CISCO-TCP-MIB●CISCO-UDLDP-MIB●CISCO-VLAN-IFTABLE-RELATIONSHIP-MIB ●CISCO-VLAN-MEMBERSHIP-MIB●CISCO-VTP-MIB●ENTITY-MIB●ETHERLIKE-MIB●HC-RMON-MIB●IEEE8021-PAE-MIB●IEEE8023-LAG-MIB●IF-MIB●IP-FORWARD-MIB●IP-MIB●CISCO-EMBEDDED-EVENT-MGR-MIB●IP-MIB●CISCO-ENTITY-ALARM-MIB●CISCO-ENTITY-SENSOR-MIB●CISCO-ENTITY-VENDORTYPE-OID-MIB●LLDP-MIB●CISCO-ENVMON-MIB●CISCO-ERR-DISABLE-MIB●CISCO-FLASH-MIB●CISCO-FTP-CLIENT-MIB●CISCO-IF-EXTENSION-MIB●CISCO-IGMP-FILTER-MIB●CISCO-IMAGE-MIB●CISCO-IP-STAT-MIB●CISCO-LAG-MIB●CISCO-LICENSE-MGMT-MIB●CISCO-MAC-AUTH-BYPASS-MIB●OLD-CISCO-TCP-MIB●CISCO-MAC-NOTIFICATION-MIB●OLD-CISCO-TS-MIB●CISCO-MEMORY-POOL-MIB●CISCO-PAE-MIB●CISCO-PAGP-MIB●CISCO-PING-MIB●CISCO-PORT-QOS-MIB●CISCO-PORT-SECURITY-MIB●CISCO-PORT-STORM-CONTROL-MIB●SNMP-NOTIFICATION-MIB●CISCO-PRIVATE-VLAN-MIB●CISCO-PROCESS-MIB●CISCO-PRODUCTS-MIB●CISCO-RESILIENT-ETHERNET-PROTOCOL-MIB ●SNMP-VIEW-BASED-ACM-MIB●CISCO-RTTMON-ICMP-MIB●CISCO-RTTMON-IP-EXT-MIB●CISCO-RTTMON-MIB●CISCO-RTTMON-RTP-MIB ●LLDP-EXT-MED-MIB●LLDP-MIB●NETRANGER●NOTIFICATION-LOG-MIB●OLD-CISCO-CHASSIS-MIB●OLD-CISCO-CPU-MIB●OLD-CISCO-FLASH-MIB●OLD-CISCO-INTERFACES-MIB ●OLD-CISCO-IP-MIB●OLD-CISCO-MEMORY-MIB●OLD-CISCO-SYS-MIB●OLD-CISCO-SYSTEM-MIB●OLD-CISCO-TCP-MIB●OLD-CISCO-TS-MIB●RMON-MIB●RMON2-MIB●SMON-MIB●SNMP-COMMUNITY-MIB●SNMP-FRAMEWORK-MIB●SNMP-MPD-MIB●SNMP-NOTIFICATION-MIB●SNMP-PROXY-MIB●SNMP-TARGET-MIB●SNMP-USM-MIB●SNMP-VIEW-BASED-ACM-MIB ●SNMPv2-MIB●TCP-MIB●UDP-MIBTable 14.SFP supportNote:For DOM support and for first software release supporting SFP, refer tohttps:///en/US/products/hw/modules/ps5455/products_device_support_tables_list.html.Not all SFPs are supported in PROFINET GSD for SIMATIC STEP7/TIA Portal. Please visithttps:///c/en/us/td/docs/switches/lan/industrial/software/configuration/guide/b_sfp_TIA.html.Ordering informationTable 15 lists the ordering information for Cisco IE 5000 system. Table 15.Ordering informationWarranty information for the IE 5000 switch is available at/warrantyfinder.aspx.Cisco environmental sustainabilityInformation about Cisco’s environmental sustainability policies and initiatives for our products, solutions, operations, and extended operations or supply chain is provided in the “Environment Sustainability” section of Cisco’s Corporate Social Responsibility (CSR) Report.Reference links to information about key environmental sustainability topics (m entioned in the “Environment Sustainability” section of the CSR Report) are provided in the following table:Cisco makes the packaging data available for informational purposes only. It may not reflect the most current legal developments, and Cisco does not represent, warrant, or guarantee that it is complete, accurate, or up to date. This information is subject to change without notice.Cisco and Partner ServicesAt Cisco, we’re committed to minimizing our customers’ TCO, and we offer a wide range of services programs to accelerate customer success. Our innovative programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco Services helps you protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. Some of the key benefits our customers can get from Cisco Services follow:●Mitigating risks by enabling proactive or expedited problem resolution●Lowering TCO by taking advantage of Cisco expertise and knowledge●Minimizing network downtime●Supplementing your existing support staff so they can focus on additional productive activitiesFor more information about Cisco Services, refer to Cisco Technical Support Services or Cisco Advanced Services at https:///web/services/Cisco CapitalFlexible payment solutions to help you achieve your objectives.Cisco Capital makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments. Learn more.For more information about the Cisco IE 5000 Series, visit https:///go/ie5000 or contact your local account representative.Printed in USA C78-734967-12 07/20。
大型网络骨干万兆交换机--BDCOM S6803/6806/6810交换机产品概述BDCOM S6810机箱式硬件三层交换机是上海博达数据通信有限公司针对大型网络汇聚、中小型网络核心等情况推出的高性能的机箱式L2/L3/L4交换机。
BDCOM S/6810完全为自主研发产品,采用全模块化,具有高密度端口,4.8T的背板带宽,可根据用户的需求灵活配置,灵活构建弹性可扩展的网络。
BDCOM S6810交换机产品提供强大的交换和路由功能,可与博达公司各系列交换机配合,为用户提供完整的端到端解决方案,是大型网络核心骨干交换机的理想选择。
适用范围∙网络的核心∙大型网络汇聚∙高性能网络交换环境主要特性高密度、接口类型丰富的业务模块BDCOM S6810系列交换机提供高密度端口的接入能力,整机最多支持384千兆端口、64个万兆端。
交换容量,全线速交换性能BDCOM S6810万兆交换机最高具有4.8T的背板带宽,为所有的端口提供非阻塞线速转发性能。
强大的处理能力是构建可靠、稳定、高速的IP网络平台的重要保障。
BDCOM S6810交换机硬件支持多层线速交换,能够识别、处理四层以上的应用业务流,所有端口都具有单独的数据包过滤、区分不同应用流,并根据不同的流进行不同的管理和控制。
BDCOM S6800系列硬件芯片支持IPv6协议,有利于将来进行平滑的网络升级。
功能丰富的安全特性BDCOM S6800系列提供了完整的ACL支持,除通常的标准ACL以及扩展ALC,还提供基于时间的ACL,使得控制策略非常丰富和灵活。
DAP(DOS攻击防御)的功能,使网络免受ICMP、SYN、UDP等病毒扫描攻击、更加安全可靠。
支持基于用户的接入控制协议802.1x,提供比传统接入控制方式更为有效的用户端口控制能力,端口MAC地址限定功能可以对端口接入的主机数目进行限制。
丰富的QoS策略支持802.1p、WRR、RED、 DiffServ等优先级处理和调度算法,可以对不同优先级业务进行调度及良好的网络拥塞控制策略,支持基于L2/L3/L4的流分类,丰富的Qos策略是构建高质量NGN(下一代网络)的基础。
Network Working Group S. Deering, Editor Request for Comments: 1256 Xerox PARC September 1991 ICMP Router Discovery MessagesStatus of this MemoThis RFC specifies an IAB standards track protocol for the Internetcommunity, and requests discussion and suggestions for improvements. Please refer to the current edition of the "IAB Official ProtocolStandards" for the standardization state and status of this protocol. This document is a product of the IETF Router Discovery WorkingGroup. Distribution of this memo is unlimited.AbstractThis document specifies an extension of the Internet Control Message Protocol (ICMP) to enable hosts attached to multicast or broadcastnetworks to discover the IP addresses of their neighboring routers.Table of Contents1. Terminology 12. Protocol Overview 33. Message Formats 54. Router Specification 7 4.1. Router Configuration Variables 7 4.2. Message Validation by Routers 94.3. Router Behavior 95. Host Specification 12 5.1. Host Configuration Variables 12 5.2. Message Validation by Hosts 135.3. Host Behavior 146. Protocol Constants 177. Security Considerations 17 References 18 Author’s Address 191. TerminologyThe following terms have a precise meaning when used in thisdocument:system a device that implements the Internet Protocol, IP [9].router a system that forwards IP datagrams, as specifiedRouter Discovery Working Group [Page 1]in [2]. This does not include systems that, thoughcapable of IP forwarding, have that capability turnedoff. Nor does it include systems that do IP forwarding only insofar as required to obey IP Source Routeoptions.host any system that is not a router.multicast unless otherwise qualified, means the use of either IP multicast [4] or IP broadcast [6] service.link a communication facility or medium over which systemscan communicate at the link layer, i.e., the protocollayer immediately below IP. The term "physicalnetwork" has sometimes been used (imprecisely) forthis. Examples of links are LANs (possibly bridged toother LANs), wide-area store-and-forward networks,satellite channels, and point-to-point links.multicast linka link over which IP multicast or IP broadcast service is supported. This includes broadcast media such asLANs and satellite channels, single point-to-pointlinks, and some store-and-forward networks such as SMDS networks [8].interface a system’s attachment point to a link. It is possible (though unusual) for a system to have more than oneinterface to the same link. Interfaces are uniquelyidentified by IP unicast addresses; a single interface may have more than one such address.multicast interfacean interface to a multicast link, that is, an interface to a link over which IP multicast or IP broadcastservice is supported.subnet either a single subnet of a subnetted IP network [7] or a single non-subnetted IP network, i.e., the entityidentified by an IP address logically ANDed with itsassigned subnet mask. More than one subnet may existon the same link.neighboring having an IP address belonging to the same subnet. Router Discovery Working Group [Page 2]2. Protocol OverviewBefore a host can send IP datagrams beyond its directly-attachedsubnet, it must discover the address of at least one operationalrouter on that subnet. Typically, this is accomplished by reading alist of one or more router addresses from a (possibly remote)configuration file at startup time. On multicast links, some hostsalso discover router addresses by listening to routing protocoltraffic. Both of these methods have serious drawbacks: configuration files must be maintained manually -- a significant administrativeburden -- and are unable to track dynamic changes in routeravailability; eavesdropping on routing traffic requires that hostsrecognize the particular routing protocols in use, which vary fromsubnet to subnet and which are subject to change at any time. Thisdocument specifies an alternative router discovery method using apair of ICMP [10] messages, for use on multicast links. Iteliminates the need for manual configuration of router addresses and is independent of any specific routing protocol.The ICMP router discovery messages are called "Router Advertisements" and "Router Solicitations". Each router periodically multicasts aRouter Advertisement from each of its multicast interfaces,announcing the IP address(es) of that interface. Hosts discover the addresses of their neighboring routers simply by listening foradvertisements. When a host attached to a multicast link starts up, it may multicast a Router Solicitation to ask for immediateadvertisements, rather than waiting for the next periodic ones toarrive; if (and only if) no advertisements are forthcoming, the host may retransmit the solicitation a small number of times, but thenmust desist from sending any more solicitations. Any routers thatsubsequently start up, or that were not discovered because of packet loss or temporary link partitioning, are eventually discovered byreception of their periodic (unsolicited) advertisements. (Linksthat suffer high packet loss rates or frequent partitioning areaccommodated by increasing the rate of advertisements, rather thanincreasing the number of solicitations that hosts are permitted tosend.)The router discovery messages do not constitute a routing protocol:they enable hosts to discover the existence of neighboring routers,but not which router is best to reach a particular destination. If a host chooses a poor first-hop router for a particular destination, it should receive an ICMP Redirect from that router, identifying abetter one.A Router Advertisement includes a "preference level" for eachadvertised router address. When a host must choose a default router address (i.e., when, for a particular destination, the host has not Router Discovery Working Group [Page 3]been redirected or configured to use a specific router address), itis expected to choose from those router addresses that have thehighest preference level (see Section 3.3.1 in the Host Requirements -- Communication Layers RFC [1]). A network administrator canconfigure router address preference levels to encourage or discourage the use of particular routers as default routers.A Router Advertisement also includes a "lifetime" field, specifyingthe maximum length of time that the advertised addresses are to beconsidered as valid router addresses by hosts, in the absence offurther advertisements. This is used to ensure that hosts eventually forget about routers that fail, become unreachable, or stop acting as routers.The default advertising rate is once every 7 to 10 minutes, and thedefault lifetime is 30 minutes. This means that, using the defaultvalues, the advertisements are not sufficient as a mechanism for"black hole" detection, i.e., detection of failure of the first hopof an active path -- ideally, black holes should be detected quickly enough to switch to another router before any transport connectionsor higher-layer sessions time out. It is assumed that hosts already have mechanisms for black hole detection, as required by [1]. Hosts cannot depend on Router Advertisements for this purpose, since theymay be unavailable or administratively disabled on any particularlink or from any particular router. Therefore, the defaultadvertising rate and lifetime values were chosen simply to make theload imposed on links and hosts by the periodic multicastadvertisements negligible, even when there are many routers present. However, a network administrator who wishes to employ advertisements as a supplemental black hole detection mechanism is free to configure smaller values.Router Discovery Working Group [Page 4]3. Message FormatsICMP Router Advertisement Message0 1 2 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Num Addrs |Addr Entry Size| Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Router Address[1] | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Preference Level[1] | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Router Address[2] | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Preference Level[2] | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | . | | . | | . | IP Fields:Source Address An IP address belonging to the interfacefrom which this message is sent.Destination Address The configured AdvertisementAddress or theIP address of a neighboring host.Time-to-Live 1 if the Destination Address is an IPmulticast address; at least 1 otherwise.ICMP Fields:Type 9Code 0Checksum The 16-bit one’s complement of the one’scomplement sum of the ICMP message, start-ing with the ICMP Type. For computing thechecksum, the Checksum field is set to 0. Router Discovery Working Group [Page 5]Num Addrs The number of router addresses advertisedin this message.Addr Entry Size The number of 32-bit words of informationper each router address (2, in the versionof the protocol described here).Lifetime The maximum number of seconds that therouter addresses may be considered valid.Router Address[i], The sending router’s IP address(es) on thei = 1..Num Addrs interface from which this message is sent.Preference Level[i], The preferability of each Router Address[i] i = 1..Num Addrs as a default router address, relative toother router addresses on the same subnet.A signed, twos-complement value; highervalues mean more preferable.ICMP Router Solicitation Message0 1 2 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ IP Fields:Source Address An IP address belonging to the interfacefrom which this message is sent, or 0.Destination Address The configured SolicitationAddress.Time-to-Live 1 if the Destination Address is an IPmulticast address; at least 1 otherwise.ICMP Fields:Type 10Code 0Router Discovery Working Group [Page 6]Checksum The 16-bit one’s complement of the one’scomplement sum of the ICMP message, start-ing with the ICMP Type. For computing thechecksum, the Checksum field is set to 0.Reserved Sent as 0; ignored on reception.4. Router Specification4.1. Router Configuration VariablesA router that implements the ICMP router discovery messages mustallow for the following variables to be configured by systemmanagement; default values are specified so as to make it unnecessary to configure any of these variables in many cases.For each multicast interface:AdvertisementAddressThe IP destination address to be used for multicastRouter Advertisements sent from the interface. Theonly permissible values are the all-systems multicastaddress, 224.0.0.1, or the limited-broadcast address,255.255.255.255. (The all-systems address is preferred wherever possible, i.e., on any link where alllistening hosts support IP multicast.)Default: 224.0.0.1 if the router supports IP multicast on the interface, else 255.255.255.255MaxAdvertisementIntervalThe maximum time allowed between sending multicastRouter Advertisements from the interface, in seconds.Must be no less than 4 seconds and no greater than 1800 seconds.Default: 600 secondsMinAdvertisementIntervalThe minimum time allowed between sending unsolicitedmulticast Router Advertisements from the interface, in seconds. Must be no less than 3 seconds and no greater than MaxAdvertisementInterval.Default: 0.75 * MaxAdvertisementIntervalRouter Discovery Working Group [Page 7]AdvertisementLifetimeThe value to be placed in the Lifetime field of Router Advertisements sent from the interface, in seconds.Must be no less than MaxAdvertisementInterval and nogreater than 9000 seconds.Default: 3 * MaxAdvertisementIntervalFor each of the router’s IP addresses on its multicast interfaces:AdvertiseA flag indicating whether or not the address is to beadvertised.Default: TRUEPreferenceLevelThe preferability of the address as a default routeraddress, relative to other router addresses on the same subnet. A 32-bit, signed, twos-complement integer,with higher values meaning more preferable. Theminimum value (hex 80000000) is used to indicate thatthe address, even though it may be advertised, is notto be used by neighboring hosts as a default routeraddress.Default: 0The case in which it is useful to configure an address with apreference level of hex 80000000 (rather than simply setting itsAdvertise flag to FALSE) is when advertisements are being used for"black hole" detection, as mentioned in Section 2. In particular, a router that is to be used to reach only specific IP destinationscould advertise its address with a preference level of hex 80000000(so that neighboring hosts will not use it as a default router forreaching arbitrary IP destinations) and a non-zero lifetime (so that neighboring hosts that have been redirected or configured to use itcan detect its failure by timing out the reception of itsadvertisements).It has been suggested that, when the preference level of an addresshas not been explicitly configured, a router could set it accordingto the metric of the router’s "default route" (if it has one), rather than defaulting it to zero as suggested above. Thus, a router with a better metric for its default route would advertise a higherpreference level for its address. (Note that routing metrics thatare encoded such that "lower is better" would have to be inverted Router Discovery Working Group [Page 8]before being used as preference levels in Router Advertisementmessages.) Such a strategy might reduce the amount of ICMP Redirect traffic on some links by making it more likely that a host’s firstchoice router for reaching an arbitrary destination is also the best choice. On the other hand, Redirect traffic is rarely a significant load on a link, and there are some cases where such a strategy would result in more Redirect traffic, not less (for example, on links from which the most frequently chosen destinations are best reached viarouters other than the one with the best default route). Thisdocument makes no recommendation concerning this issue, andimplementors are free to try such a strategy, as long as they alsosupport static configuration of preference levels as specified above.4.2. Message Validation by RoutersA router must silently discard any received Router Solicitationmessages that do not satisfy the following validity checks:- IP Source Address is either 0 or the address of a neighbor(i.e., an address that matches one of the router’s ownaddresses on the arrival interface, under the subnet maskassociated with that address.)- ICMP Checksum is valid.- ICMP Code is 0.- ICMP length (derived from the IP length) is 8 or moreoctets.The contents of the ICMP Reserved field, and of any octets beyond the first 8, are ignored. Future, backward-compatible changes to theprotocol may specify the contents of the Reserved field or ofadditional octets at the end of the message; backward-incompatiblechanges may use different Code values.A solicitation that passes the validity checks is called a "validsolicitation".A router may silently discard any received Router Advertisementmessages. Any other action on reception of such messages by a router (for example, as part of a "peer discovery" process) is beyond thescope of this document.4.3. Router BehaviorThe router joins the all-routers IP multicast group (224.0.0.2) onall interfaces on which the router supports IP multicast.Router Discovery Working Group [Page 9]The term "advertising interface" refers to any functioning andenabled multicast interface that has at least one IP address whoseconfigured Advertise flag is TRUE. From each advertising interface, the router transmits periodic, multicast Router Advertisements,containing the following values:- In the destination address field of the IP header: theinterface’s configured AdvertisementAddress.- In the Lifetime field: the interface’s configuredAdvertisementLifetime.- In the Router Address[i] and Preference Level[i] fields:all of the interface’s addresses whose Advertise flags areTRUE, along with their corresponding PreferenceLevelvalues. (In the unlikely event that not all addresses fitin a single advertisement, as constrained by the MTU of thelink, multiple advertisements are sent, with each exceptthe last containing as many addresses as can fit.)The advertisements are not strictly periodic: the interval betweensubsequent transmissions is randomized to reduce the probability ofsynchronization with the advertisements from other routers on thesame link. This is done by maintaining a separate transmissioninterval timer for each advertising interface. Each time a multicast advertisement is sent from an interface, that interface’s timer isreset to a uniformly-distributed random value between the interface’s configured MinAdvertisementInterval and MaxAdvertisementInterval;expiration of the timer causes the next advertisement to be sent from the interface, and a new random value to be chosen. (It isrecommended that routers include some unique value, such as one oftheir IP or link-layer addresses, in the seed used to initializetheir pseudo-random number generators. Although the randomizationrange is configured in units of seconds, the actual randomly-chosenvalues should not be in units of whole seconds, but rather in unitsof the highest available timer resolution.)For the first few advertisements sent from an interface (up toMAX_INITIAL_ADVERTISEMENTS), if the randomly chosen interval isgreater than MAX_INITIAL_ADVERT_INTERVAL, the timer should be set to MAX_INITIAL_ADVERT_INTERVAL instead. Using this smaller interval for the initial advertisements increases the likelihood of a router being discovered quickly when it first becomes available, in the presenceof possible packet loss.In addition to the periodic, unsolicited advertisements, a routersends advertisements in response to valid solicitations received onany of its advertising interfaces. A router may choose to unicast Router Discovery Working Group [Page 10]the response directly to the soliciting host’s address (if it is not zero), or multicast it to the interface’s configuredAdvertisementAddress; in the latter case, the interface’s intervaltimer is reset to a new random value, as with unsolicitedadvertisements. A unicast response may be delayed, and a multicastresponse must be delayed, for a small random interval not greaterthan MAX_RESPONSE_DELAY, in order to prevent synchronization withother responding routers, and to allow multiple, closely-spacedsolicitations to be answered with a single multicast advertisement.If a router receives a solicitation sent to an IP broadcast address, on an interface whose configured AdvertisementAddress is an IPmulticast address, the router may send its response to the IPbroadcast address instead of the configured IP multicast address.Such an event indicates a configuration inconsistency, and should be logged for possible corrective action by the network administrator.It should be noted that an interface may become an advertisinginterface at times other than system startup, as a result of recovery from an interface failure or through actions of system managementsuch as:- enabling the interface, if it had been administrativelydisabled and it has one or more addresses whose Advertiseflag is TRUE, or- enabling IP forwarding capability (i.e., changing thesystem from being a host to being a router), when theinterface has one or more addresses whose Advertise flag isTRUE, or- setting the Advertise flag of one or more of theinterface’s addresses to TRUE (or adding a new address witha TRUE Advertise flag), when previously the interface hadno address whose Advertise flag was TRUE.In such cases, the router must commence transmission of periodic advertisements on the new advertising interface, limiting the first few advertisements to intervals no greater than MAX_INITIAL_ADVERT_INTERVAL. In the case of a host becoming a router, the system must also join the all-routers IP multicast group on all interfaces on which the router supports IP multicast (whether or not they are advertising interfaces). An interface may also cease to be an advertising interface, through actions of system management such as:- administratively disabling the interface,Router Discovery Working Group [Page 11]- shutting down the system, or disabling the IP forwardingcapability (i.e., changing the system from being a routerto being a host), or- setting the Advertise flags of all of the interface’saddresses to FALSE.In such cases, it is recommended (but not required) that the routertransmit a final multicast advertisement on the interface, identical to its previous transmission but with a Lifetime field of zero. Inthe case of a router becoming a host, the system must also departfrom the all-routers IP multicast group on all interfaces on whichthe router supports IP multicast (whether or not they had beenadvertising interfaces).When the Advertise flag of one or more of an interface’s addressesare set to FALSE by system management, but there remain otheraddresses on that interface whose Advertise flags are TRUE, it isrecommended that the router send a single multicast advertisementcontaining only those address whose Advertise flags were set toFALSE, with a Lifetime field of zero.5. Host Specification5.1. Host Configuration VariablesA host that implements the ICMP router discovery messages must allow for the following variables to be configured by system management;default values are specified so as to make it unnecessary toconfigure any of these variables in many cases.For each multicast interface:PerformRouterDiscoveryA flag indicating whether or not the host is to perform ICMP router discovery on the interface.Default: TRUESolicitationAddressThe IP destination address to be used for sendingRouter Solicitations from the interface. The onlypermissible values are the all-routers multicastaddress, 224.0.0.2, or the limited-broadcast address,255.255.255.255. (The all-routers address is preferred wherever possible, i.e., on any link where alladvertising routers support IP multicast.)Router Discovery Working Group [Page 12]Default: 224.0.0.2 if the host supports IP multicast on the interface, else 255.255.255.255The Host Requirements -- Communication Layers RFC [1], Section3.3.1.6, specifies that each host implementation must support aconfigurable list of default router addresses. The purpose of theICMP router discovery messages is to eliminate the need to configure that list in hosts attached to multicast links. On non-multicastlinks, and on multicast links for which ICMP router discovery is not (yet) supported by the routers or is administratively disabled, itwill continue to be necessary to configure the default router list in each host. Each entry in the list contains (at least) the following configurable variables:RouterAddressAn IP address of a default router.Default: (none)PreferenceLevelThe preferability of the RouterAddress as a defaultrouter address, relative to other router addresses onthe same subnet. The Host Requirements RFC does notspecify how this value is to be encoded; to allow thepreference level to be conveyed in a RouterAdvertisement or configured by system management, it is here specified that it be encoded as a 32-bit, signed, twos-complement integer, with higher values meaningmore preferable. The minimum value (hex 80000000) isreserved to mean that the address is not to be used as a default router address, i.e., it is to be used onlyfor specific IP destinations, of which the host hasbeen informed by ICMP Redirect or configuration.Default: 05.2. Message Validation by HostsA host must silently discard any received Router Advertisementmessages that do not satisfy the following validity checks:- ICMP Checksum is valid.- ICMP Code is 0.- ICMP Num Addrs is greater than or equal to 1.- ICMP Addr Entry Size is greater than or equal to 2.Router Discovery Working Group [Page 13]- ICMP length (derived from the IP length) is greater than orequal to 8 + (Num Addrs * Addr Entry Size * 4) octets.The contents of any additional words of per-address information(i.e., other than the Router Address and Preference Level fields),and the contents of any octets beyond the first 8 + (Num Addrs * Addr Entry Size * 4) octets, are ignored. Future, backward-compatiblechanges to the protocol may specify additional per-addressinformation words, or additional octets at the end of the message;backward-incompatible changes may use different Code values.An advertisement that passes the validity checks is called a "validadvertisement".A host must silently discard any received Router Solicitationmessages.5.3. Host BehaviorOn any interface on which the host supports IP multicast, the hostwill be a member of the all-systems IP multicast group (224.0.0.1).This occurs automatically, as specified in [4]; no explicit action is required on the part of the router discovery protocol implementation.A host never sends a Router Advertisement message.A host silently discards any Router Advertisement message thatarrives on an interface for which the host’s configuredPerformRouterDiscovery flag is FALSE, and it never sends a RouterSolicitation on such an interface.A host cannot process an advertisement until it has determined itsown IP address(es) and subnet mask(s) for the interface on which the advertisement is received. (On some links, a host may be able to use some combination of BOOTP [3], RARP [5], or ICMP Address Maskmessages [7] to discover its own address and mask.) While waiting to learn the address and mask of an interface, a host may save any valid advertisements received on that interface for later processing; this allows router discovery and address/mask discovery to proceed inparallel.To process an advertisement, a host scans the list of routeraddresses contained in it. It ignores any non-neighboring addresses, i.e., addresses that do not match one of the host’s own addresses on the arrival interface, under the subnet mask associated with thataddress. For each neighboring address, the host does the following: - If the address is not already present in the host’s defaultRouter Discovery Working Group [Page 14]。
