Download *** 1 - D-Link

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
page
55
page
56
Document related concepts
no text concepts found
Transcript 
DRO Router Introduction
Agenda
 Market positioning and demand analysis
 Router introductions
 Advantages & selling point
 Competition analysis
 Case share
Sometimes this may happen…
CPU under attack.
The router can’t be
managed.
Internet
access is too
slow. Traffic
can not be
monitored
Financial and
operational
service can't
be protected.
The online video
can’t be smoothly
displayed.
New demands for network
QoS
Reliability
High performance
Management
Agenda
 Market positioning and demand analysis
 Router introductions
 Advantages & selling point
 Competition analysis
 Case share
Router portfolio
Aggregation
Router
DRO-3044
DRO-5020
DRO-5040
Access
Router
DRO-1002
DRO-2014
DRO-2024
DRO-5080
SIC modules DRO support
SIC-1HS
SIC-1E1-F
SIC-1CE1
SIC-1B-S/T
SIC-1B-U
SIC-4ESW
SIC-2FXS
SIC-2FXO
NMX module DRO support
NMX-24ESW
NMX-2GEH
NMX-4E1/CE1H
NMX-8E1/CE1H
NMX-1CPOS-STM1H
DRO-50 Specification
Module
DRO-5020
DRO-5040
DRO-5080
CPU
Dual-core NP
Dual-core NP
Dual-core NP
SDRAM
512M(default),1G
512M(default),1G
512M(default),1G
Flash
32M(default),96M
32M(default),96M
32M(default),96M
Console/AUX
1/1
1/1
1/1
Fixed Ethernet
interface
3GE(combo)
3GE(combo)
3GE(combo)
USB
2
2
2
NMX slot
2
4
8
DNMX slot
1
2
2
Power module
2
3
3
Dimension(L X W X H
mm
121×445×412,3U
161×445×412,4U
243×445×412,6U
Backplane bandwidth
28Gbps
28Gbps
28Gbps
Forwarding capacity
4.5Mpps
4.5Mpps
4.5Mpps
DRO-50 Hardware Design
Control Module-Slot 0
Slot 7
Slot 8
Slot 5
Slot 6
Power 0
Slot 3
Slot 4
Power 1
Slot 1
Slot 2
Power 2
 DRO-5020 has two power module slots.
 DRO-5040 and DRO-5080 has three power module slots.
F
A
N
DRO-50 Hardware Design (cont.)
Power
Power
Power
Power
Power
aux
aux
NMX
NMX
console
NMX
NMX
Power
Power
Power
aux
console
NMX
NMX
NMX
NMX
console
NMX
NMX
NMX
NMX
NMX
NMX
DRO-50 Hardware Design (cont.)
BootROM
AUX
DDR RAM
FLASH
Console
UART
50Gbps DDRRAM BUS
Local BUS
Temp Detect
GE Combo
GE
GE Combo
GE
GE Combo
Dual
Network
Processor
USB
USB
2Gbps
PCI Bus
AIM
Encrypt Engine
GE
20Gbps HT
Network
interface
Network
interface
2Gbps
PCI Bus
HT Bridge
2Gbps
PCI Bus
HT Bridge
Network
interface
Network
interface
Network
interface
Network
interface
Network
interface
2Gbps
PCI Bus
Fast AIM
Encrypt Engine
2Gbps
PCI Bus
Network
interface
DRO-3044 Specification
Module
DRO-3044
CPU
MPC
SDRAM
512M
Flash
512M
Console/AUX
1/1
Fixed Ethernet interface
2GE(combo)
USB
2 USB2.0
Routing engine slot
1
Service slot
8(4 NMX,4 SIC)
Power supply module
2
Dimension(L×D×H,mm)
440X412X161.4
Forwarding capacity
2Mpps
DRO-3044 Hardware Design
SIC-6
SIC-8
SIC-5
SIC-7
NMX-3
Control Module
F
a
n
NMX-4
Power
NMX-1
NMX-2
Power
DRO-20 series specification
Mode
DRO-2014
DRO-2024
Appearance
Forwarding capacity
280kpps
300kpps
Console/AUX
1/1
1/1
Fixed routing port
3FE
2FE
SIC slot
4
4
NMX slot
1
2
USB
2
2
Maximum switching port
24
52
DRO-2014
NMX slot
SIC slot
Console
 Built-in encryption engine
 Capacity to 280kpps
AUX
3*10/100M
2*USB
DRO-2024
2*NMX slot
4*SIC slot
Console
2*USB
 Built-in encryption engine
 Capacity to 300kpps
AUX
2*10/100M
DRO-10 specification
Mode
DRO-1002
Appearance
Forwarding capacity
260Kpps
Fixed routing port
2FE
SIC module slot
2
NMX module slot
N
USB
N
Dimension
44 ×268×185 (mm)
DRO-1002
2*SIC
Console
 Built-in encryption engine
 Capacity to 260kpps
2*10/100M
Agenda
 Market positioning and demand analysis
 Router introductions
 Advantages & selling point
 Competition analysis
 Roadmap
 Case share
Topic
1 High performance
2
Multi-service
3
High security
4
High availability
High performance ---In services
 With the access mode becoming more
and more, the speed is faster and
faster (MSTP、fiber、PON), the
bandwidth requirement is growing
rapidly.
 With multi -services running , DRO
router can achieve 100M wire-speed
forwarding.
 Nearly no interruption when using
ACL、QOS、PBR、NAT.
Under 100M line,DRO router won’t be
the bottleneck of network.
High performance --- D-link DEF fast forwarding
Complete flow path
Flow Whole Whole Whole
create ACL
PBR
NAT
Accept
packet
…
Header
Inspection
Fast
Fast
State
ACL
processing
Fast
PBR
Fast
NAT
Packet
QOS
encapsulation
Fast flow path
FIB
ADJ
Packet
encapsulation
Extreme path
 DEF-D-link Express Forwarding
 DEF achieve multi-service integration,
 Increase performance of ACL, PBR,NAT,FW,QOS etc.
Send
packet
High performance --- D-link DEF fast forwarding
Flow-based speeding
mechanism
When ACL, PBR,NAT,
FW,QOS is deployed,
DEF achieves exact
matching with the 1st
packet, and the matching of
following packets according
to the flow table. No impact
on performance between
deploying 1 piece of ACL
and 500 pieces of ACL!
1 ACL/PBR
100 ACL/PBR
500 ACL/PBR
High performance --- X-FLOW
ACL
1st packet,
routing inquiry,
record result
Packet
Flow table
Look up
NAT
IPSec
routing
…
QOS
Update flow table
according to results
Packet
Direct processing of packets
Following packet
using flow table
forwarding directly

X-FLOW is the data processing mechanism of DEF.

Traffics with the same SIP, DIP, TCP/UDP port number, protocol number, are
defined as a flow. DRO applied the flow table technology.
Why X-FLOW:
when deployed with ACL、QOS、NAT、IPSec, the forwarding
performance will not be affected.
Topic
1 High performance
2 Multi-service
3
High security
4
High availability
Multi-service --- routing, switching all-in-one
 DROs can achieve different functions of switch and router by
deploying the switching module.
Why All-in-one design:
 Greatly save the cost of TCO。
 Decrease the maintenance cost,
 Save installation space
 Save one machine’s power for “green world”。
Multi-service --- distributed architecture
Router master
CPU
Managing
tunnel
Data
tunnel
Managing
tunnel
Data
tunnel
Switching chip
Router master
CPU
Switching chip
……
……
Switching
port
Switching
port
Switching CPU
Centralized architecture
Distributed architecture
Sharing CPU,switching function
integrated in the router OS.
Separate CPU,with separate OS
28
Multi-service --- advantage and disadvantage
 Advantage:
• Modular design, based on the customer’s real need, easy to
be extended and flexible to use.
• Distributed architecture switching module with own CPU and
OS, decrease the burden of CPU, promote the stability.
• Switching module with separate OS, and D-link has nearly
million deployment of switches with high maturity OS.
• All the switch functions are included.
Multi-service --- routing, switching all-in-one
• One router with:
Routing+Switching+MPLS+NAT+Firewall+VOIP+VPN
+3G+IPFIX
30
Multi-service --- L2/3 VPN processing
VPN A
Site 1
VPN A
Site2
CE–A2
VPN B
Site2
CE–A1
P
P
PE
PE
CE–B2
VPN B
Site 1
P
P
VPN A
Site 3
PE
CE–B1
CE–A3
 Fully support MPLS function, support standard MPLS label switching
 Layer 3 VPN based on BGP/MPLS VPN
 Support IPSec、L2tp multi-instance, achieve perfect integration between IP VPN
and MPLS VPN
Multi-service --- QoS
Classify
Drop
Queue
Queue0
In port
ACL
Sou. interface
Dest. interface
RED
Sou. port
Classify
WRED
Dest. port
Protocol type
TOS
FIFO
PQ
SP
WRR
DRR
Accept packet
Congestion
detection/avoidance
L2/L3/L4 Flow classifying schedule
Token
Out port
Drop
Queue1
Queue2
In
queue
QueueN
CAR
Out
queue
Token
bucket
Flow shaping
Continue to send
Multi-service --- Dedicated QoS
Meticulous management
 Packet classify marking
Congestion avoidance(RED、WRED)
Flow supervision(CAR)
Flow shaping(GTS)
Congestion management(
FIFO,PQ,CQ,WFQ,CBWFQ,LLQ,RTPQ)
Line efficiency(CTCP、CRTP)
QoS queuing technology
OA packets
100K
Business packets
1M
Video packets
900K
Physical
Port
Multi-service --- 3G accessing for remote places
• Support WCDMA、CDMA2000、TD-SCDMA.
• Flexible for remote areas to access.
• Serve as backup link for enterprise network.
34
Multi-service --- AEP application extension platform
 AEP:
Application Extension Platform
 Layer 7 applications can be
deeply integrated into DRO
router.
Multi-service --- built-in IPFIX
With IPFIX, network is transparent to you.
• How many applications? Network attack? Which is the key application?
Where does the flow come from?
Topic
1 High performance
2 Multi-service
3
High security
4
High availability
High security--- application encryption
Encryption
DRO-20
Branch
office
UNIX
Router
WAN
Information
center
DRO-20
Branch
office
Hardware
encryption card
Built-in
Encryption
card
Topic
1 High performance
2 Multi-service
3
High security
4
High availability
High availability --- equipments can be managed in any time
 The V-CPU technology of DRO
router, can separate the CPU into
two part, the management and
data-forwarding.
 No matter how large the attack
and data flow is, the management
will be always available.
Why V-CPU:
The equipment can be managed at any time!!!
High availability- --- VCPU
System
Management
CPU




CPU Data
forwarding
resource
CPU
VCPU: Virtual CPU technology,CPU resources can be virtualized into two
part: data forwarding and system management, the resources can be adjusted
dynamically.
Data forwarding CPU:specialized for data forwarding
System management CPU:control plane and management plane
No matter how large the attack and data flow is, the management won’t be
interrupted
Q&A
What is the technology helps DRO routers achieve
high performance , when applying ACL, QoS, NAT…….?
Agenda
 Market positioning and demand analysis
 Router introductions
 Advantages & selling point
 Competition analysis
 Case share
DRO router is widely deployed
in the vertical market.

D-link DRO series routers,have been deployed in the finance,
government, education, enterprise for more than

100,000.
The strategic partner of China Life, PICC,more than
5,000
deployment.

The strategic partner of Construction Bank of China, more than
8,000
deployment.
100,000 vertical deployment with stable routers.
Topic
1 Financial cases
2
Government cases
Backbone network of China Life Insurance
•110 cities,2*DRO-30 for uplink for each city
100M
Jiangsu
Data center
155M SDH
2M SDH
1000M
Shanghai
Data center
Beijing
Data center
CNC ATM
Data center
Province
Shandong
Branch
……
Guangdong
Branch
Hebei
Branch
……
City DRO-30*2 City DRO-30*2 City DRO-30*2 City DRO-30*2 City DRO-30*2 City DRO-30*2
Network of Construction Bank of China
To HQ
Backbone
Area
WAN
Area
Core switch
WAN core
WAN
Area
ATM
CPOS
CPOS
2007-2008,6 provincial network
Neimenggu:14*branch,400*node
Hebei:11*branch,1100*node
Ningxia:9*branch,200*node
Qinghai:9*branch,150*node
Hunan:20*branch,600*node
Guangxi:14*branch,400*node
Others:
Hubei:700*node. Jinagsu:800*node
Shandong:600*node, Xinjiang:
300*node
Fujian:400*node, Henan:200*node
…………………………
100M
DRO-20
DRO-20
DRO-20
155M SDH
2M SDH
DRO50
1000M
S5700/S7600/S8600
Branches
S2600
S3700
ATM node
Small node
S3700
Big node
Network of Industrial & Commercial Bank of China
Beijing:400
Xinjiang:300
Jilin:100
Gansu:200
Guizhou:300
Shandong:400
Ningxia:100
Guangdong:200
Liaoning:200
Dalian:100
Guangxi:100
………………
100M
155M SDH
2M SDH
1000M
MSTP/2M SDH
Master
2M SDH
Backup
Branches
DRO-2024
Service segment
Small node
Normal node
SW
SW
SW
DRO-2014
SW
Service segment
ATM Terminal Service PC
Office PC
DRO-1002
Office segment
Office segment
ATM Terminal Service PC
Office PC
ATM
ATM
National VPN network of China Insurance
Shanxi 600 Guangdong 300 Hunan 200 Hebei 200 Fujian 200 Shandong 100
Neimenggu 100 Xinjiang 100 Gansu 100 Hubei 100 Tianjin 100 Henan 50 Beijing 50
Ningxia 50 Zhejiang 50……
To HQ
To HQ
R3642
R3642
Hunan
To HQ
…
Hebei
DRO-50
Fujian
INTERNET
SecVPN100
branches
SecVPN100
branches
To HQ
To HQ
R3740
R3642
Guangdong
Shanxi
INTERNET
DRO-20
branches
SecVPN100
branches
SecVPN100
branches
Network of Agriculture Bank of China
Guangdong:2000
Jiangsu:2000
Shanxi:600
Shanghai:400
Hainan:300
Guangxi:500
Heilongjiang:300
Liaoning:500
…………………………
City Branches
100M
155M SDH
2M SDH
1000M
City Branches
branches
DRONode 20/R27
00
Service
Node
SW
Office
DRO20/R27
00
Service
Node DRO-
20/R27
00
SW
Office
Service
SW
Office
Topic
1 Financial cases
2 Government cases
Military branch network Xinhua News Agency
Xinhua News Agency HQ
HQ deployed 2*DRO-5080, adopted 155M
CPOS connecting 19 army branches. Each
army branch deployed DRO-2014
DRO-5080
100M
SDH
DRO-2014
155M SDH
2M SDH
1000M
XX Army
DRO-2014
DRO-2014
DRO-2014
……
XX Army
XX Army
XX Army
08 transmission platform of Xinhua News Agency
100M
155M SDH
2M SDH
Xinhua HQ
1000M
Xinhua Shanghai
Branch
Exchange
office
ISP
DRO-5080
DRO-5080
Stock office
Xinhua
08 access
Servers
Xinhua News Agency deployed 6*DRO5080,2 were deployed for Xinhua 08
service, others were deployed for mobile
reporting platform, uses CPOS or 4E1
binding.
2nd phase of “Gold Audit” Network
1000M
100M
155M SDH
DRO-2024
Branch
2M SDH
Ministry of
Audit
National
Government
Network
Private
Network for
Ministries
Provincial
Government
Network
DRO-2024
Branch
DRO-2024
Branch
DRO-2024
Branch
Private
Network for
Ministries
Provincial
Government
Network
DRO-2024
Branch
DRO-2024
Branch
Video monitoring network of Xuanwu District, Beijing
Storage
DRO-5080
Camera
Monitor center Encoding &decoding
Video monitor center
DRO-5080
Office
Office
DRO-5080
Camera
Office
Office
DRO-5080
Office
23*Branch office
DRO-5080
Camera
DRO-5080
MAN
DRO-5080
DRO-5080
Camera
Camera
Office
DRO-5080
Office
Camera
DRO-5080
Camera
Office
Camera
Thank you!
Related documents