Протоколы, поддерживаемые ExtremeXOS 12.5

Коммутация
  • RFC 3619 Ethernet Automatic Protection Switching (EAPS) and EAPSv2
  • IEEE 802.1D – 1998 Spanning Tree Protocol (STP)
  • IEEE 802.1D – 2004 Spanning Tree Protocol (STP and RSTP)
  • IEEE 802.1w – 2001 Rapid Reconfiguration for STP, RSTP
  • IEEE 802.1Q – 2003 (formerly IEEE 802.1s) Multiple Instances of STP, MSTP
  • EMISTP, Extreme Multiple Instances of Spanning Tree Protocol
  • PVST+, Per VLAN STP (802.1Q interoperable)
  • Draft-ietf-bridge-rstpmib-03.txt – Definitions of Managed Objects for Bridges with Rapid Spanning Tree Protocol
  • Extreme Standby Router Protocol™ (ESRP)
  • IEEE 802.1Q – 1998 Virtual Bridged Local Area Networks
  • IEEE 802.3ad Static load sharing configuration and LACP based dynamic configuration
  • Software Redundant Ports
  • IEEE 802.1AB – LLDP Link Layer Discovery Protocol
  • LLDP Media Endpoint Discovery (LLDP-MED), ANSI/TIA-1057, draft 08
  • Extreme Discovery Protocol (EDP)
  • Extreme Loop Recovery Protocol (ELRP)
  • Extreme Link State Monitoring (ELSM)
  • IEEE 802.1ag L2 Ping and traceroute, Connectivity Fault Management
  • ITU-T Y.1731 Frame delay measurements
  • IEEE 802.3ah Ethernet OAM – Unidirectional Link Fault Management – supported only in Summit X450a-24x

Управление и анализ трафика
  • RFC 2030 SNTP, Simple Network Time Protocol v4
  • RFC 854 Telnet client and server
  • RFC 783 TFTP Protocol (revision 2)
  • RFC 951, 1542 BootP
  • RFC 2131 BOOTP/DHCP relay agent and DHCP server
  • RFC 1591 DNS (client operation)
  • RFC 1155 Structure of Management Information (SMIv1)
  • RFC 1157 SNMPv1
  • RFC 1212, RFC 1213, RFC 1215 MIB-II, Ethernet-Like MIB & TRAPs
  • RFC 1573 Evolution of Interface
  • RFC 1650 Ethernet-Like MIB (update of RFC 1213 for SNMPv2)
  • RFC 1901, 1905 – 1908 SNMP v2c, SMIv2 and Revised MIB-II
  • RFC 2576 Coexistence between SNMP Version 1, Version 2 and Version 3
  • RFC 2578 – 2580 SMIv2 (update to RFC 1902 – 1903)
  • RFC 3410 – 3415 SNMPv3, user based security, encryption and authentication
  • RFC 3826 – The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model
  • RFC 1757 RMON 4 groups: Stats, History, Alarms and Events
  • RFC 2021 RMON2 (probe configuration)
  • RFC 2613 SMON MIB
  • RFC 2925 Ping/Traceroute MIB
  • RFC 2668 802.3 MAU MIB
  • draft-ietf-hubmib-mau-mib-v3-02.txt
  • RFC 1643 Ethernet MIB
  • RFC 1493 Bridge MIB
  • RFC 2096 IPv4 Forwarding Table MIB
  • RFC 2737 Entity MIB v2
  • RFC 2233 Interface MIB
  • RFC 3621 PoE-MIB (PoE switches only)
  • IEEE 802.1ag MIB
  • Secure Shell (SSH-2) client and server
  • Secure Copy (SCP-2) client and server
  • Secure FTP (SFTP) server
  • sFlow version 5
  • Configuration logging
  • Multiple Images, Multiple Configs
  • RFC 3164 BSD Syslog Protocol with Multiple Syslog Servers – 999 Local Messages (criticals stored across reboots)
  • Extreme Networks vendor MIBs (includes FDB, PoE, CPU, Memory MIBs)
  • XML APIs over Telnet/SSH and HTTP/HTTPS
  • Web-based device management interface – ExtremeXOS ScreenPlay™
  • IP Route Compression
  • Stacking – SummitStack, SummitStack-V

Безопасность, защита сети и коммутации
  • Secure Shel (SSH-2), Secure Copy (SCP-2) and SFTP client/server with encryption/authentication (requires export control end encryption module)
  • SNMPv3 user based security, with encryption/authentication (see above)
  • RFC 1492 TACACS+
  • RFC 2138 RADIUS Authentication
  • RFC 2139 RADIUS Accounting
  • RFC 3579 RADIUS EAP support for 802.1x
  • RADIUS Per-command Authentication
  • Access Profiles on All Routing Protocols
  • Access Policies for Telnet/SSH-2/SCP-2
  • Network Login – 802.1x, Web and MAC-based mechanisms
  • IEEE 802.1x – 2001 Port-Based Network Access Control for Network Login
  • Multiple supplicants with multiple VLANs for Network Login (all modes)
  • Fallback to local authentication database (MAC and Web-based methods)
  • Guest VLAN for 802.1x
  • RFC 1866 HTML – Used for Web-based Network Login and ExtremeXOS ScreenPlay
  • SSL/TLS transport – used for Web-based Network Login and ExtremeXOS ScreenPlay (requires export controlled encryption module)
  • MAC Security – Lockdown and Limit
  • IP Security – RFC 3046 DHCP Option 82 with port and VLAN ID
  • IP Security – Trusted DHCP Server
  • Layer 2/3/4 Access Control Lists (ACLs)
  • RFC 2267 Network Ingress Filtering
  • RPF (Unicast Reverse Path Forwarding) Control via ACLs
  • Wire-speed ACLs
  • Rate Limiting/Shaping by ACLs
  • IP Broadcast Forwarding Control
  • ICMP and IP-Option Response Control
  • SYN attack protection
  • CPU DoS Protection with traffic rate-limiting to management CPU
  • Robust against common network attacks:
  • – CERT (http://www.cert.org)
    – CA-2003-04: “SQL Slammer”
    – CA-2002-36: “SSHredder”
    – CA-2002-03: SNMP vulnerabilities
    – CA-98-13: tcp-denial-of-service
    – CA-98.01: smurf
    – CA-97.28:Teardrop_Land -Teardrop and “LAND“ attack
    – CA-96.26: ping
    – CA-96.21: tcp_syn_flooding
    – CA-96.01: UDP_service_denial
    – CA-95.01: IP_Spoofing_Attacks_and_Hijacked_ Terminal_Connections– IP Options Attack
  • Host Attack Protection
  • – Teardrop, boink, opentear, jolt2, newtear, nestea, syndrop, smurf, fraggle, papasmurf, synk4, raped, winfreeze, ping –f, ping of death, pepsi5, Latierra, Winnuke, Simping, Sping, Ascend, Stream, Land, Octopus

Безопасность, защита маршрутизации
  • IP Security – DHCP enforcement via Disable ARP Learning
  • IP Security – Gratuitous ARP Protection
  • IP Security – DHCP Secured ARP/ARP Validation
  • Routing protocol MD5 authentication (see above)

Обнаружение и защита
  • CLEAR-Flow, threshold-based alerts and actions (in non-SummitStack configuration only)
  • Identity Manager

IPv4 услуги хоста
  • RFC 1122 Host Requirements
  • RFC 768 UDP
  • RFC 791 IP
  • RFC 792 ICMP
  • RFC 793 TCP
  • RFC 826 ARP
  • RFC 894 IP over Ethernet
  • RFC 1027 Proxy ARP
  • RFC 2068 HTTP server
  • IGMP v1/v2/v3 Snooping with Configurable Router Registration Forwarding
  • IGMP Filters
  • PIM Snooping
  • Static IGMP Membership
  • Multicast VLAN Registration (MVR)

Услуги маршрутизации IPv4
  • RFC 1812 Requirements for IP Version 4 Routers
  • RFC 1519 CIDR
  • RFC 1256 IPv4 ICMP Router Discovery (IRDP)
  • Static Unicast Routes
  • Static Multicast Routes
  • RFC 1058 RIP v1
  • RFC 2453 RIP v2
  • Static ECMP
  • RFC 1112 IGMP v1
  • RFC 2236 IGMP v2
  • RFC 3376 IGMP v3
  • RFC 2933 IGMP MIB
  • RFC 2096 IPv4 Forwarding Table MIB
  • RFC 1724 RIPv2 MIB
  • RFC 3768 VRRPv2
  • RFC 2787 VRRP MIB
  • RFC 2328 OSPF v2 (Edge-mode)
  • OSPF ECMP
  • OSPF MD5 Authentication
  • RFC 1587 OSPF NSSA Option
  • RFC 1765 OSPF Database Overflow
  • RFC 2370 OSPF Opaque LSA Option
  • RFC 3623 OSPF Graceful Restart
  • RFC 1850 OSPFv2 MIB
  • RFC 2362 PIM-SM (Edge-mode)
  • RFC 2934 PIM MIB
  • RFC 3569, draft-ietf-ssm-arch-06.txt PIM-SSMPIM Source Specific Multicast
  • draft-ietf-pim-mib-v2-o1.tx
  • Mtrace, a “traceroute” facility for IP Multicast: draft-ietf-idmr-traceroute-ipm-07
  • Mrinfo, the multicast router information tool based on Appendix-B of draft-ietf-idmr-dvmrp-v3-11

IPv6 услуги хоста
  • RFC 3587, Global Unicast Address Format
  • Ping over IPv6 transport
  • Traceroute over IPv6 transport
  • RFC 5095, Internet Protocol, Version 6 (IPv6) Specification
  • RFC 4861, Neighbor Discovery for IP Version 6, (IPv6)
  • RFC 2463, Internet Control Message Protocol (ICMPv6) for the IPv6 Specification
  • RFC 2464, Transmission of IPv6 Packets over Ethernet Networks
  • RFC 2465, IPv6 MIB, General Group and Textual Conventions
  • RFC 2466, MIB for ICMPv6
  • RFC 2462, IPv6 Stateless Address Auto Configuration – Host Requirements
  • RFC 1981, Path MTU Discovery for IPv6, August 1996 – Host Requirements
  • RFC 3513, Internet Protocol Version 6 (IPv6) Addressing Architecture
  • Telnet server over IPv6 transport
  • SSH-2 server over IPv6 transport

IPv6 миграция
  • RFC 2893, Configured Tunnels
  • RFC 3056, 6to4

Услуги маршрутизации IPv6
  • RFC 2462, IPv6 Stateless Address Auto Configuration – Router Requirements
  • RFC 1981, Path MTU Discovery for IPv6, August 1996 – Router requirements
  • RFC 2710, IPv6 Multicast Listener Discovery v1 (MLDv1) Protocol
  • RFC 3810, IPv6 Multicast Listener Discovery v2 (MLDv2) Protocol
  • Static Unicast routes for IPv6
  • RFC 2080, RIPng
  • RFC 2740 OSPF v3 (Edge-mode)
  • Static ECMP

Протоколы ядра для Layer 2, IPv4 и IPv6
Requires Core License
  • EAPSv2 Shared Ports – multiple interconnections between rings
  • PIM-DM Draft IETF PIM Dense Mode draft-ietf-idmr-pim-dm-05.txt, draft-ietf-pim-dm-new-v2-04.txt
  • RFC 3618 Multicast Source Discovery Protocol (MSDP)
  • RFC 3446 Anycast RP using PIM and MSDP
  • RFC 2740 OSPFv3, OSPF for IPv6
  • RFC 1771 Border Gateway Protocol 4
  • RFC 1965 Autonomous System Confederations for BGP
  • RFC 2796 BGP Route Reflection (supersedes RFC 1966)
  • RFC 1997 BGP Communities Attribute
  • RFC 1745 BGP4/IDRP for IP-OSPF Interaction
  • RFC 2385 TCP MD5 Authentication for BGPv4
  • RFC 2439 BGP Route Flap Damping
  • RFC 2918 Route Refresh Capability for BGP-4
  • RFC 3392 Capabilities Advertisement with BGP-4
  • RFC 4360 BGP Extended Communities Attribute
  • RFC 4486 Subcodes for BGP Cease Notification message
  • draft-ietf-idr-restart-10.txt Graceful Restart Mechanism for BGP
  • RFC 4760 Multiprotocol extensions for BGP-4
  • RFC 1657 BGP-4 MIB
  • RFC 4893 BGP Support for Four-Octet AS Number Space
  • Draft-ietf-idr-bgp4-mibv2-02.txt – Enhanced BGP-4 MIB
  • RFC 1195 Use of OSI IS-IS for Routing in TCP/IP and Dual Environments (TCP/IP transport only)
  • RFC 2763 Dynamic Hostname Exchange Mechanism for IS-IS
  • RFC 2966 Domain-wide Prefix Distribution with Two-Level IS-IS
  • RFC 2973 IS-IS Mesh Groups
  • RFC 3373 Three-way Handshake for IS-IS Point-to-Point Adjacencies
  • Draft-ietf-isis-restart-02 Restart Signaling for IS-IS
  • Draft-ietf-isis-ipv6-06 Routing IPv6 with IS-IS
  • Draft-ietf-isis-wg-multi-topology-11 Multi Topology (MT) Routing in IS-IS

QoS (качество сервиса/приоритезация) и VLAN
Quality of Service and Policies
  • IEEE 802.1D – 1998 (802.1p) Packet Priority
  • RFC 2474 DiffServ Precedence, including 8 queues/port
  • RFC 2598 DiffServ Expedited Forwarding (EF)
  • RFC 2597 DiffServ Assured Forwarding (AF)
  • RFC 2475 DiffServ Core and Edge Router Functions

Traffic Engineering
  • RFC 3784 IS-IS Externs for Traffic Engineering (wide metrics only)

VLAN Services: VLANs, vMANs
  • IEEE 802.1Q VLAN Tagging
  • IEEE 802.1v: VLAN classification by Protocol and Port
  • Port-based VLANs
  • Protocol-based VLANs
  • MAC-based VLANs
  • Multiple STP domains per VLAN
  • Upstream Forwarding Only/Disable Flooding
  • RFC 5517 Private VLANs
  • VLAN Translation
  • IEEE 802.1ad Provider Bridge Network, virtual MANs (vMANs)
  • vMAN Ethertype Translation/Secondary vMAN Ethertype
  • Multicast Support for PVLAN
  • Multicast Support for VLAN Aggregation
  • VLAN Aggregation

Дата-центр
  • Direct Attach (IEEE 802 VEPA) (Supported in a feature pack)
  • XNV (ExtremeXOS Network Virtualization
 
© 2013 Diawest.net.ua