Download tech brief - Arrow ECS

TECH BRIEF
The BlackDiamond 6804: One Small Switch from Extreme,
One Big Boost for IT Pros
Bigger is better? Just try telling that to an IT manager attempting to cram another piece of gear into an overcrowded wiring closet.
At that point, small isn’t just beautiful, it’s also smarter.
Extreme Networks® has something much more effective than a shoehorn or a sledgehammer for the spatially challenged.
Introducing the four-slot BlackDiamond® 6804, the newest—and smallest—member of Extreme’s family of highly resilient
Ethernet switches.
Don’t confuse proportions with performance: The only thing undersized about the 6804 is its form-factor. Like its bigger brothers,
it delivers wire-speed performance; scales seamlessly from 10 Mbps to 10 Gbps; offers a wealth of interface options; provides
the industry’s most sophisticated Policy-Based Quality of Service (QoS); is engineered for maximum redundancy and reliability;
and furnishes airtight security—including Network Login, Extreme’s pioneering authentication scheme. In fact, given its abilities,
the 6804 doesn’t have to be restricted to the wiring closest. It’s equally at home in small data centers, on the edge of midsized
enterprise networks, at remote offices and in R&D labs, where space is typically in short supply. It also can be used to aggregate
traffic when oversubscription ratios aren’t excessively high.
Actually, there is one difference between the 6804 and its bulkier brethren: the price of entry. Other than that, it’s pure
BlackDiamond. And that’s very good news for Extreme customers who’ve already deployed 6808s or 6816s. Since all
BlackDiamonds accept the same blades, management switch fabric modules (MSMs), power supplies, and gigabit interface
connectors (GBICs), that can add up to some serious savings thanks to recycling (sparing). And with one switch series in place, IT
managers don’t have to maintain separate inventories—another savings in investment and resources. What’s more, the 6804
runs the same ExtremeWare® software and uses the same Infrastructure & Services Management software suite found on all
Extreme switches, thus ensuring consistent services and management across the enterprise. It’s also built around the “i”-series
chipset that powers virtually every Extreme product.
This sort of end-to-end thinking is nothing new for Extreme. Like its enterprise customers, Extreme understands that applications
and services are no better than the networks they run on. By giving IT managers some common, easy-to-use management tools
and utilities, Extreme frees them to concentrate on their real tasks: supporting and developing corporate apps. Further, by
ensuring that BlackDiamond components are truly interchangeable, Extreme makes certain that enterprise networkers get the
most bang for their budget.
There’s another reason to go with a BlackDiamond: As the core of the Extreme product line, these switches are always first in line
for the most advanced modules—like 10 Gigabit Ethernet.
Meet the Family
The BlackDiamond product line comprises three modular chassis. At 11 rack units, the 6804 features four slots for I/O modules,
two for MSM, and two bays for load-sharing power supplies. Slotting in redundant supplies and management modules boosts
switch reliability. Further, the power supplies and MSMs are hot swappable; they can be replaced in a matter of minutes while the
6804 keeps working. The 6804 also features a passive nonblocking 64 Gbps backplane; since there are no active components,
there’s nothing to fail—increasing reliability even further. Fully equipped, the 6804 delivers 384 10/100 Mbps ports or 32
Gigabit Ethernet ports or four 10 gig ports and can process 48 million packets per second.
At 15 rack units, the 6808 furnishes eight slots for switching modules, along with two for MSMs and two bays for redundant
power supplies. Its 128 Gbps passive nonblocking backplane—and its ability to accommodate 672 10/100 Mbps ports, 64
Gigabit Ethernet ports, or eight 10 gig ports—make it ideal for heavy-duty aggregation. That enables enterprise networkers to deal
effectively and cost-efficiently with oversubscription, which can easily reach ratios of 20-to-1, 30-to-1 or higher. And the fact that
the 6808 churns through 96 million packets per second also explains why many companies deploy it in their data centers.
TECH BRIEF
The BlackDiamond 6804: One Small Switch from Extreme,
One Big Boost for IT Pros
That leaves the 35 rack-unit 6816, the behemoth of the BlackDiamond family. It boasts a 256 Gbps passive nonblocking
backplane, four MSMs, and four redundant power supplies for quad redundancy. With its 16 slots loaded to the hilt, it can
accommodate 1,440 10/100 Mbps ports, 192 Gigabit Ethernet ports, or sixteen 10 gig ports, which makes it the chassis of
choice for heavy-duty data centers, supercomputing clusters, and other high-performance, high-availability apps. Its ability to rip
through 192 million packets per second doesn’t hurt either.
The Interface Angle
Enterprise networkers who need easily scalable Ethernet will find everything they want—and then some—in the BlackDiamond
blades. They can slot in 10/100 Mbps, 1 gig or 10 gig where and when needed. Extreme never forces them to buy more
bandwidth than they really require or get caught short when it comes to capacity.
BlackDiamond blades also offer a broad range of connectors and configurations. For example, the F96Ti supplies eight RJ-21 (50pin) connectors. Since each RJ-21 can accommodate a dozen 10/100 Ethernet ports, the module supports 96 Ethernet ports all
told, which takes the challenge out of achieving massive connectivity. The F48Ti, in contrast, packs 48 RJ-45 connectors, each of
which provides a single Ethernet port.
If more throughput has to be on tap, the G8Xi accepts eight 1 gig GBICs, optical connectors that enable BlackDiamonds to work
with both single-mode and multimode fiber. Extreme’s multimode-fiber GBIC can be extended to 550 meters; its single-mode
counterparts reach 70 kilometers (ZX GBIC) or 100 kilometers (LX100 GBIC). It doesn’t make any difference if bandwidth is
needed down the hall, across the campus, or at a remote site, the BlackDiamond can go the distance.
And when only a really fat pipe will do, the BlackDiamond is ready, willing, and able. Its one-port 10GLRi pumps out 10 Gbps and
drops right into the 6804, 6808, and 6816, all with a reach of up to 10 kilometers. In fact, the 6816 can be populated with
sixteen 10 gig blades, more than enough bandwidth to meet the needs of the largest enterprise today—and tomorrow. And as
noted, 10 Gigabit Ethernet is only available on the BlackDiamond.
What about 10 gig GBICs? None are planned, but the XENPAK (pronounced “zenpack”) spec will allow different optical interfaces
to be hot-swapped into a 10 Gigabit Ethernet switch, allowing it to work with multimode and single-mode fiber for short and long
hauls. Extreme was one of the earliest backers of XENPAK and is a member of the XENPAK Multisource Agreement (MSA), a
consortium of vendors and customers.
A Lasting Legacy?
Extreme also understands that enterprise networkers aren’t only running Ethernet—at least not yet. At many organizations, it’s
Ethernet from the wiring closet to the workstation and asynchronous transfer mode (ATM) from the wiring closet to the backbone.
In some cases, IT managers bought heavily into ATM when it looked like the technology of tomorrow. In others, they inherited
legacy apps and infrastructure from their predecessors. Either way, no company can afford to walk away from its installed
base—especially now that IT budgets are flat or falling.
Thanks to Extreme, they don’t have to. Its four-port OC-3 ATM module lets Ethernet and ATM exist side by side in the enterprise.
That doesn’t just protect legacy investments, it lets IT professionals stop funneling funds into a technology that has no long-term
future on corporate networks. In fact, Extreme even has worked out a migration strategy that makes the cutover from ATM to
Ethernet as painless as possible.
There’s just one thing to keep in mind: The OC-3 ATM module—like the 10 gig blade—is only available for the BlackDiamond.
The QoS Conundrum
It doesn’t matter how much bandwidth is blasting through the pipe, however; if IT managers can’t make full use of it they’re
wasting their money. And as contradictory as it sounds, the bigger the pipe, the more they need Policy-Based QoS.
Page 2
TECH BRIEF
The BlackDiamond 6804: One Small Switch from Extreme,
One Big Boost for IT Pros
Here’s the skinny: Enterprise networks are already supporting a maddening mix of applications and services, each with its own
requirements. Letting bursty web traffic share a 1 Gbps or 10 Gbps link with delay-sensitive apps like voice over IP (VoIP) or
enterprise resource planning (ERP) only guarantees one thing. The bursty data will grab as much of the throughput as it can, while
the delay-sensitive services will slow to a crawl—if they run at all. Further, many legacy apps like IPX databases, which were
intended to stay strictly local, simply can’t stand up to enterprise-level latencies. Of course, these are inevitably the missioncritical services that no one in IT has had time to port over to another protocol.
That’s where Extreme’s Policy-Based QoS comes into play: It offers intelligent bandwidth management and bidrectional traffic
shaping to ensure that every packet gets precisely the processing it needs. What’s more, since every port on every
BlackDiamond blade has eight individual queues, packet prioritization is never a problem. And IT managers can independently set
the bandwidth consumption, latency, and jitter of every queue, allowing them to fine-tune performance parameters to an
extraordinary degree.
QoS Up Close
Let’s get a little closer to Extreme’s Policy-Based QoS: Intelligent bandwidth management makes it possible to control the latency
and jitter of every packet stream passing through the BlackDiamond. That’s obviously good news for delay-sensitive apps like
voice and video. But extending broadcast domains and virtual LANs (VLANs) over long distances also creates delay. Some apps,
like storage, assume they’re on a single subnet and expect rapid response times. Latency can lead to false errors and session
timeouts or can kill these apps entirely.
Bidrectional traffic shaping, meanwhile, lets IT managers set maximum throughput thresholds for any type of traffic. This prevents
aggressive apps from consuming more than their fair share of bandwidth and starving off better-behaved applications (and TCP is
courteous to a fault).
Setting thresholds is fine, but what happens to the packets that cross the line? Instead of simply dumping the overflow, the
BlackDiamond buffers the packets until traffic eases up and then forwards them to their destinations. In addition, Extreme allows
bandwidth not being used by one traffic type to be employed by another, rather than sitting idle. Even at 10 Gbps, the
BlackDiamond makes every packet count.
What’s more, every BlackDiamond can access QoS intelligence available at Layers 4-7, whether it’s switching at Layer 2 or
routing at Layer 3. Extreme also fully supports the industry’s two QoS standards: IEEE 802.1p and IETF IP DiffServ. That
means every BlackDiamond can instantly identify and apply these mechanisms, ensuring that predetermined service classes
are always honored.
Finally, every BlackDiamond can implement all its Policy-Based QoS capabilities at full wire speed, so there’s never a tradeoff
between protecting packets and performance—whether IT managers are working at 10 Mbps or 10 Gbps.
Old Faithful
Business networks are in service 24/7/365. That’s why Extreme engineers its BlackDiamond to make resiliency a reality.
At the physical level, the BlackDiamond 6804 and 6808 can be equipped with fully redundant, load-sharing power supplies. As
noted, the 6816 has four supplies, to achieve quad redundancy. And since all supplies are hot swappable, there’s no need to
power down the box if a new supply needs to be slotted in. Further, load-sharing supplies are generally under less stress and last
longer than conventional units.
The same sort of attention to reliability can be seen in the redundant (or quad redundant) management modules. Here again, if
one MSM goes down, the others pick up the slack until a replacement can be hot-swapped in.
At Layer 1, the BlackDiamond delivers three redundancy mechanisms. For starters, there’s Extreme’s implementation of IEEE
802.3ad link aggregation, which trunks up to eight links into a single logical connection. If any individual link fails, the
BlackDiamond’s subsecond recovery time ensures that traffic will be instantly shared across the remaining links.
Page 3
TECH BRIEF
The BlackDiamond 6804: One Small Switch from Extreme,
One Big Boost for IT Pros
The BlackDiamond also can define redundant ports, either in hardware or software. If the primary port goes down, traffic is
immediately shunted to the backup, so there’s no interruption in service. Extreme’s SmartRedundancy™ is similar but a bit
brighter. It also lets IT managers designate a standby port in software, but when the failed link is repaired SmartRedundacy shifts
traffic back onto it—once again making the most out of every connection.
Two True
At Layer 2, Extreme takes an equally extensive approach to redundancy and reliability. To begin with, the BlackDiamond runs
Ethernet Automatic Protection Switching (EAPS™), a recovery mechanism for ring-based topologies. Like spanning tree, EAPS is a
loop prevention scheme, but the resemblance ends there. EAPS delivers subsecond convergence around failures; spanning tree
needs 30 seconds or more for the same task.
What’s the secret to its speed? EAPS implements a single master on a single switch. All other BlackDiamonds on the network
make forwarding decisions in hardware based on link state. Spanning tree, in contrast, runs on every switch; hundreds or
even thousands of instances of the algorithm could need to be coordinated. This also explains why EAPS, which can scale
to thousands of VLANs, is far more stable than spanning tree. Finally, EAPS enables spatial re-use, which means that every link
can carry traffic.
None of this is to suggest that Extreme has ignored IEEE 802.1D spanning tree, the most common Layer 2 redundancy
mechanism. Actually, it’s improved on it with its Extreme spanning tree extensions, a software suite that cuts spanning tree
recovery times to less than a second. In addition, the Extreme spanning tree extensions can use spanning tree’s standby port for
active transmissions, boosting uptime and throughput.
Third Base
And how does the BlackDiamond fare at Layer 3? At Layer 3, the BlackDiamond routes traffic over multiple paths that are updated
dynamically to reflect network trouble spots. Thus, if a link or port goes out of service, packets are automatically routed around
the failure, once again increasing availability and uptime.
Extreme implements two Layer 3 reliability mechanisms: Equal cost multipath (ECMP) and the Extreme Standby Router Protocol
(ESRP™). ECMP routing ensures that redundant paths are always open. When the backup path isn’t needed, ECMP shunts traffic
over it, effectively doubling available bandwidth.
ESRP also is a redundant-path scheme—one that works at both Layer 3 and Layer 2. At the higher layer, ESRP establishes one
active path for each VLAN, as well as one or more standby paths. The key point here is this: If one switch fails, the standby router
transparently takes over by assuming the IP and MAC address “identity” of the failed switch. At Layer 2, its approach to
redundancy is similar to spanning tree, except that its recovery rate ranges from two to six seconds.
So how does ESRP compare to VRRP? VRRP was designed to support older shared-LAN environments made up of hubs and
legacy routers, not today’s switched broadband infrastructures. Also, VRRP assumes that if any link to a subnet is active, the
router has access to the entire subnet. While this assumption may have been valid for legacy shared LANs, it does not result in
very intelligent failover decisions for switched infrastructures.
Today’s networks use intelligent switches and routers, which may require multiple router ports to connect with a single subnet.
Dual-homed configurations are commonly used to provide high availability by eliminating single points of failure.
ESRP makes smarter decisions when link failures occur because it was designed with today’s switched infrastructures in mind.
For example, ESRP counts the number of links active in an ESRP VLAN and determines the primary/backup router status based
on this metric, always keeping the maximum number of connections as the primary device. In this scenario, ESRP would
determine that the backup router has more active links to the VLAN and would therefore initiate a failover to the backup router.
This decision preserves connectivity to the entire VLAN.
Page 4
TECH BRIEF
The BlackDiamond 6804: One Small Switch from Extreme,
One Big Boost for IT Pros
It can also use the status of a set of learned routes or a router uplink port as a metric when making a failover decision. When an
uplink failure occurs on an active router, ESRP initiates a failover to the backup router that has an active uplink.
To round out its offerings at Layer 3, BlackDiamond supports all industry-standard routing protocols: For IP unicast that includes
open shortest-path first (OSPF), routing information protocol (RIP) versions 1 and 2, and the border gateway protocol 4 (BGP4)
for either the exterior border gateway protocol (EBGP) or the interior border gateway protocol (IBGP). For the new breed of
applications based on IP multicast, the list includes distance vector multicast routing protocol (DVMRP) and protocol independent
multicast dense mode (PIM-DM) and PIM sparse mode (PIM-SM). And of course, all the multicast streams are delivered at
wire speed.
Playing Safe
When every week seems to bring news of another seemingly unstoppable virus or costly denial-of-service (DoS) attack, IT
managers have good reason to lay awake at night. Extreme’s BlackDiamond could be just what they need to get some sleep.
For starters, ExtremeWare can stop DoS attacks dead, thanks to wire-speed, layer-independent Policy-Based QoS and access
control lists (ACLs). For example, enterprise networkers can create security profiles that limit top throughput, working with the
same simple tools used to set other policies. Since many DOS attacks attempt to flood servers with packets, security profiles
prevent hacks from bringing servers down by discarding traffic once the predefined threshold is reached.
ExtremeWare also gives IT managers the ability to create access lists based on IP addresses and subnet masks. These lists can
be used to make filtering and forwarding decisions; as many as 1,000 rules can be defined and applied at wire speed. In fact,
BlackDiamonds—like all other Extreme switches—execute all authentications and lookups at wire speed. In addition, route maps
can be used to control which route information is learned from neighboring routers. At Extreme, protection never exacts a
performance penalty.
Login Logistics
BlackDiamond’s security strengths don’t stop there. It implements Extreme’s innovative Network Login, which prevents
unauthorized network access by requiring users to submit a username and password that are verified by a Remote Authentication
Dial-In User Service (RADIUS) server. Until RADIUS gives its okay, users can communicate only with the switch; there’s no way to
gain entry to network resources.
What sets Network Login apart from other authentication schemes is that it’s built on a completely centralized database. That
gives authorized personnel the freedom to access the network from anywhere—headquarters, remote sites, home, or on the
road. Also, centralization means enterprise networkers don’t have to deploy authentication software to every desktop, simplifying
troubleshooting and upgrades.
Network Login also gives IT managers the choice of using Terminal Access Controller Access Control System (TACACS++) rather
than RADIUS. TACACS++ (IETF RFC 1492) is based on TCP and validates every user on an individual basis, including
administrators. This affords an additional layer of protection.
Let’s Get Virtual
To make sure that prying eyes inside or outside of a company don’t see more than they should, BlackDiamonds can implement
IEEE 802.1Q VLANs and Layer 2 virtual private networks (VPNs). VLANs isolate traffic flows, keeping private information private.
They also segment a network, which helps minimize damage if an attack occurs. And Extreme’s switches have been rigorously
tested to ensure that packets stay on their own VLANs, thus eliminating the security risks associated with so-called leaky VLANs.
Layer 2 VPNs enable encrypted traffic to travel securely over a public network, such as the Internet. Using the Internet as a
communications backbone to tie together far-flung sites is a lot cheaper than leasing private lines, so IT managers can save
money without scrimping on security.
Page 5
TECH BRIEF
The BlackDiamond 6804: One Small Switch from Extreme,
One Big Boost for IT Pros
Finally, ExtremeWare itself offers a double layer of protection. Only specifically authorized personnel can designate and verify
network administrators, who handle everyday tasks like setting user profiles, adding and deleting users, and changing passwords.
To keep things as locked down as possible, Secure Shell 2 (SSH2) is employed to encrypt telnet sessions between an
administrator and a switch.
Keep It Simple
Despite its array of advanced features, the BlackDiamond is remarkably simple to deploy, maintain and manage. What’s the
secret to its simplicity? The answer is a consistent software architecture that spans the entire network. And Extreme delivers it via
the Infrastructure & Services Management (ISM) software portfolio, which oversees the Layer 2-7 applications infrastructure.
At the heart of ISM is the ExtremeWare software that runs on all of Extreme’s “i”-series switches. It delivers the uncompromising
routing performance, capacity control and security for today’s enterprises using standards-based multilayer switching and PolicyBased QoS. Deploying consistent ExtremeWare software network-wide means plug-and play compatibility and stable wire-speed
performance on BlackDiamond, as well as Extreme’s Summit™ and Alpine™ switches.
For network management, there’s EPICenter®, a web-accessible suite of utilities that keep IT managers in the know about trouble
spots by automatically detecting faults, issuing alarms and reporting statistics—in real time, so fixes don’t take forever.
The configuration manager, for example, takes the effort out of setting up BlackDiamonds and third-party devices. It also archives
configurations, giving IT managers a failsafe way to fall back to an earlier implementation. The big picture is provided by the
topology tool, which hierarchically displays device connectivity on a series of map and submaps.
ExtremeView™, meanwhile, delivers detailed stats about every port on every BlackDiamond, while the MAC/IP address finder
maps IP and media access control (MAC) addresses to any port, cutting down on configuration errors and enabling far more
efficient troubleshooting. The policy manager, as the name suggests, enables IT managers to establish and enforce policies at
Layers 1-4, regardless of whether a BlackDiamond is switching at Layer 2 or routing at Layer 3. The policy manager also allocates
bandwidth and prioritizes applications, ensuring that mission-critical traffic is never slowed or shunted aside in favor of less
important apps.
That leaves ServiceWatch®, a powerful software component that monitors applications at Layers 4-7—from the end-user’s
perspective. ServiceWatch also makes it possible to pinpoint exactly the source of a problem, whether it’s a sluggish server or a
balky back-end database, speeding troubleshooting and putting an end to finger pointing. What’s more, if application response
time falls below a specified level, ServiceWatch immediately notifies the IT manager via e-mail, pager, or on-screen alert. And
when ServiceWatch is teamed with Extreme’s SummitPx1™ Application Switch, it can actually power down servers that appear to
be functioning fine but are actually limited by faulty back-end systems.
The Extreme Advantage
The BlackDiamond isn’t just a family of Ethernet switches that offers unprecedented Policy- Based QoS, matchless modularity,
unsurpassed security, and unbeatable bandwidth. It’s the heart of Extreme’s Ethernet Everywhere® philosophy, a global blueprint
for the future that puts the most flexible, cost-effective products and services at the disposal of IT managers. Extreme delivers a
unified, ultra-high-performance solution that scales simply and cost-effectively from 10 Mbps to 10 Gbps, regardless of transport
or topology. The result: IT managers have an effortless migration strategy that lets them step into tomorrow at their own speed.
3585 Monroe Street Santa Clara, CA 95051-1450 Phone 408.579.2800 Fax 408.579.3000
Email [email protected] Web www.extremenetworks.com
© 2002 Extreme Networks, Inc. All rights reserved. Extreme Networks, BlackDiamond, Summit, Summit7i, ExtremeWare, ServiceWatch, Extreme Ethernet Everywhere,
Ethernet Everywhere, Extreme Velocity, Extreme Turbodrive and the color purple are registered trademarks of Extreme Networks, Inc. in certain jurisdictions. Alpine,
ExtremeWare Vista, Extreme Standby Router Protocol, ESRP, Summit1i, Summit4, Summit4/FX, Summit5i, Summit24, Summit24e2, Summit24e3, Summit48, Summit48i,
SummitLink, SummitGbX, SummitRPS, SummitPx1, PxSilicon, EPICenter, vMAN, the BlackDiamond logo, the Alpine logo and the Extreme Networks logo are trademarks of
Extreme Networks, Inc., which may be registered or pending registration in certain jurisdictions. ExtremeWorks, the Extreme Turbodrive logo and the Go Purple-Extreme
Solution Partner logo are service marks of Extreme Networks, Inc., which may be registered or pending registration in certain jurisdictions. All other registered trademarks,
trademarks and service marks are property of their respective owners. Specifications are subject to change without notice.
L-TB-BD04ENT-205
Page 6