Brocade Communications Systems Bigiron RX Series User Manual

• metro ring Protocol (mrP):

An alternative to Spanning Tree Protocol,
MRP provides sub-second fault detection
and failover for Ethernet ring topologies.
MRP works in conjunction with VSRP
and 802.3ad based link aggregation to
provide bandwidth scalability and SoNEt-
like resilience.

• Virtual switch redundancy Protocol

(VsrP):

Supports sub-second fault

detection and fail-over for mesh topologies
in which redundant switches provide
back-up operation for one another

• single-instance stP:

Provides a single

instance of STP to run on all port-based
VLaNs within a single device, interoperable
with others that are 802.1d compliant

• rapid spanning tree Protocol based

on ieee 802.1w:

Dramatically improves

the spanning tree convergence time to sub-
second by automatically renegotiating port
roles in case of a link failure without relying
on timers

• Per Vlan spanning tree (PVst):

Allows

for control of StP on an individual VLaN
basis for traffic engineering VLaN traffic
(i.e., load distribution)

• topology groups:

Dramatically improves

Layer 2 control protocol scalability by
allowing a few instances of STP, RSTP,
MRP, or VSRP to control large groups
of VLaNs

• super aggregated Vlans (saVs):

Allows

transparent tunneling of multiple VLaNs
through a single backbone VLaN

• Pim and igmP snooping:

offers efficient

handling of multicast traffic in Layer 2
topologies by identifying ports that request
a multicast stream and forwarding the
stream only on these ports. This dramatically
improves the performance of multicast
applications, allowing for many more
streams to be transiting the network.

advanced Quality of service

• advanced Qos:

Allows administrators to

enforce QoS policies based on port, VLaN,
source Mac, acL rules, 802.1p priority,
Type of Service (ToS), DiffServ settings or
Rate Limiting status

• Very low latency across all Packet sizes:

Consistent low latency for strict priority
applications such as voice over IP, high
performance computing and video over IP

• Configurable Combinations of Queuing

Disciplines and Congestion Control
Policies:

Combinations of Strict Priority (SP)

and Weighted Fair Queuing (WFQ) provide
flexibility for network administrators. In
the event of egress port congestion,
traffic policies can be configured for tail
drop or weighted random early detection
(WREd) operation.

• advanced bandwidth management:

Allows intelligent bandwidth management
using hardware based enforcement of
Committed Information Rate (CIR) with
Excess Burst control capabilities and
seamless integration with other advanced
QoS features including priority marking
and honoring.

Cohesive, Unified and Easy-to-Use

network management

• Centralized network management:

Brocade IronView Network Manager is a
Web-based, graphical interface tool that
empowers network operators to seamlessly
control software and configuration updates

• Command line interface (Cli):

Industry-standard configuration interface,
consistent and common throughout
Brocade products

• web interface:

Provides easy-to-use

Graphical User Interface (GUI) for system
configuration from standard Web browsers

• sFlow (rFC 3176):

Provides scalable,

wire-speed network monitoring and
accounting with no impact on network
performance

brocade ironshield security

• wire-speed extended layer 2, layer 3

and 4 access Control lists (aCl):

Control

packet forwarding and restricts access to
the system management interface, while
providing wire-speed switching and routing:

– extensible aCl implementation for

layer 3 and 4 information:

Identifies

traffic based on source or destination
IP address, IP protocol type, TCP or
UDP port, IP precedence or ToS values

– Flexible aCl implementation for

layer 2 information:

Identifies traffic

based on source or destination MAC
address, Ethernet type, VLaN-Id
values and 802.1p values

– aCl scalability: Support for up to

8,000 acLs

– ease of administration: Identify an ACL

by name or number, or add a comment
line for ease of administration

– secure shell and secure Copy:

Provides secure access to the
administration and management
interface over the network

• Protection against Denial of service

(Dos) attacks:

Prevents or minimizes

network downtime from malicious users
by limiting tcP SYN and IcMP traffic and
protects against broadcast storms

• user authentication:

Authentication with

aaa, 802.1x, RadIUS, tacacS, and tacacS+
prevents unauthorized network access

• maC Port security:

Controls the MAC

addresses allowed per port

• sFlow (rFC 3176):

Provides cost-effective,

scalable, wire-speed network monitoring
to detect unusual network activity

• snmPv3:

Secured SNMP management

with authentication and privacy services

• bgP-guard:

Complements MD5 security

for BGP sessions to protect against session
disruption by restricting the number of
hops the BGP session can traverse