Modern architecture systems h2>
The system architecture uses the following advanced solutions:
Advanced multi-layer Clos switching architecture, providing high throughput scalability.
Orthogonal connection of fabric modules and service modules – traffic between service modules is sent directly to fabric modules through orthogonal connections, without cables on the backplane, which significantly reduces signal loss and improves bandwidth efficiency. This design offers higher throughput and better capacity scalability, allowing total system switching capacity to increase to 100 Tbps.
Compliant with 40GE Ethernet standards and 100GE – allows you to meet the growing needs for non-blocking connections in campus networks.
Independence and redundancy of switch matrix modules – due to the independence of switch matrix modules from control processor modules, Maximum system availability and capacity expansion.
Fan module and power supply redundancy – Protects the switch from unexpected fan module and power supply failures, significantly increasing availability systems.
Distributed control modules
Innovative The solution in the switch is to use distributed control modules, discovery modules and service modules to provide powerful monitoring capabilities and high availability with millisecond switching times.
Distributed control modules – A powerful control and processing system is built into each service module. It allows you to efficiently process multi-protocol packets and control packets, offering precise tools for controlling packet processing and protecting against attacks on different protocols.
Distributed detection modules – in Each service module has BFD and OAM capabilities to detect faults in a matter of milliseconds, which interact with control plane protocols for fast failover and rapid convergence for uninterrupted service delivery.
Distributed Service Modules – The intelligent processor system supports intelligent power management and monitoring of the operating status of key components. It allows you to alternately turn on and off power to modules, avoiding surges in the load on the power system, reducing the level of electromagnetic emissions and power consumption, extending the life of the device .
Technology intelligent fault-tolerant< /strong> architectureIRF 2from< /b>H3C
H3C IRF 2 intelligent fault-tolerant architecture technology allows you to virtualize multiple S10500X switches in One logical switch, called an IRF Fabric. IRF improves system performance and provides the following benefits:
High Availability – H3C routers’ proprietary hot standby technology ensures that all information is redundant in control plane and data plane, as well as uninterrupted data forwarding at Layer 3 using IRF 2 fabric. Additionally, it eliminates single point of failure and ensures uninterrupted service delivery.
Reservation and load balancing – Distributed link aggregation technology supports load sharing and mutual redundancy for multiple backbone links, which increases the level of redundancy in the network and promotes more efficient use of link resources.
Simplification of topology and ease of management – the IRF matrix is represented as a single node and is accessible through a single IP address on the network. This simplifies the management of network devices and topology, increases operational efficiency and reduces maintenance costs.
Full set solutions for centers processing data
n
Switches offer a wide range of solutions for virtualizing data centers and building converged networks, such as:
TRansparent Interconnection of Lots of Links (TRILL) – this technology combines the simplicity and flexibility of Layer 2 switching with the stability, scalability and rapid convergence of Layer 3 routing, offering the highest port density and single-layer network topology for mass access to servers in data centers.
Virtual eXtensible LAN (VXLAN) is a technology for encapsulating MAC addresses in UDP frames, providing Layer 2 connectivity between remote sites using IP networks In addition, it provides service isolation between different user organizations (tenants).
Edge Virtual Bridging (EVB) – switches virtual machine traffic on a physical switch connected to the servers using Virtual Ethernet Port Aggregator (VEPA), which not only ensures traffic forwarding between virtual machines, but also allows the application of virtual machine traffic restriction policies and access control policies.
< p style="font-weight: 400;">Fibre Channel over Ethernet (FCoE) – provides unification of heterogeneous local area networks and storage networks in data centers. Together with Converged Enhanced Ethernet (CEE), FCoE unifies network functionality to offer integrated data, compute, and storage capabilities in the data center, significantly reducing the cost of building and expanding data centers.
< p style="font-weight: 400;">MP-BGP EVPN (Multiprotocol Border Gateway Protocol Ethernet Virtual Private Network) uses the standard BGP protocol as the control plane for VXLAN networks, allowing automatic host discovery and reachability information dissemination end hosts using BGP-based VTEP. MP-BGP EVPN has many advantages, such as eliminating traffic flooding, eliminating the need for a mandatory mesh network between VTEP peers by supporting BGP RR, achieving optimal flow-based load balancing, and much more.
< h2>High availability on baseDRNI
Distributed Resilient Network technology Interconnect (DRNI) allows you to virtualize two physical devices into one using link aggregation. It provides redundancy and load balancing at the device level and improves system availability.
Comprehensive solutions for strong>IPv6
The switches provide a full range of IPv6 features, including the following:
IPv6 routing – static routing IPv6, RIPng, OSPFv3, IS-ISv6 and BGP4+.
IPv4 to IPv6 transition technologies – manual IPv6 tunneling, IPv6 to IPv4 tunnels, ISATAP tunnels, GRE tunnels and automatic tunnel configuration for IPv4 compatibility.
Media Access Control Security (MACsec)
The switch supports MACsec (802.1AE) hardware encryption technologies, industry-leading A security standard for protecting all transmitted traffic on Ethernet links. Compared to traditional application-level software encryption technologies, MACsec technology secures point-to-point Ethernet links between directly connected nodes and is capable of detecting and preventing most security threats.