Datasheet Request Price Need Support?
Ruijie RG-S6220 Series Data Center Switches are designed to power next-generation data centers and cloud computing services. Ruijie RG-S6220 series is a collection of 10 GE data center switches, offering non-blocking, unified, and virtualized switching performance with high transparency and sustainability. Ruijie RG-S6220 switches are the solid foundation for enterprise-sized cloud computing network solution. Ruijie RG-S6220 Switches offer the following remarkable features:
The feature-rich RG-S6220 switches provide perfect end-to-end Quality of Service (QoS), excellent virtualization performance for next-generation data centers. Ruijie RG-S6220 switches are perfect acting as the access layer of super-large data center networks, the convergence or core layer of medium and small data center networks, the convergence layer of large campus networks, as well as the core layer of medium and small networks.Ruijie Networks RG-S6220-24XS – Layer 3 24 port 10gb switch for Aggregation / Data Center Switch, supporting 40G Uplink.
What’s Special? – Check out here:
RGOS – Ruijie General Operating System
RGOS means – Ruijie General Operational System. Ruijie shares same operational system across all Switch, Router, Wireless & Security products providing Unified Configuration & Management, Unified IPv4 & IPv4/v6 Stack, Unified Authentication & logging as well Unified User Access Control.
Unified OS, specifically designed for IP Networking, is shared across all Ruijie product portfolio. Unified OS allows more efficient development of Products, Technology and new features. Same time it’s modular structure improves system stability, fault isolation – troubleshooting & bug fixes are made simple. Unified interface also reduces learning curve.
RGOS Operating System has full range of all advanced IP Networking features, all advanced features are supported out of the box without any additional licensing. It is stable, reliable because of it’s modular structure and it is based on Open RFC standards, with means no problems of interoperability.
Integration of 802.1x and WEB Authentication
In order to implement NAC (Network Access Control) in ISP, Corporate and Campus networks, main possible ways are 802.1x RADIUS server based port security or WEB Portal based authentication. Ruijie access switch can perform both on each access switch port basis. Web authentication is easy to deploy and access and it’ s convenient to use in areas with lot of private/guest devices – providing immediate access to various network services according user classification.
Some ports can be used only with 802.1x authentication, some with WEB and some with unified authentication mode. It’ s recommended to use RG-SAM (Ruijie Security Management Platform) – it provides fixed/mobile ePortal for unified user authentication and access control on both – wired and wireless networks and supports 802.1x integration with 3rd party RADIUS Servers.
VSU – Virtual Switch Unit
Traditional redundancy topology is usually realized by using MSTP (Multiple Spanning Tree Protocol) with main function is to block all but one alternate connection paths in order to avoid network loops. In case of distribution layer switch system failure MSTP is unblocking alternate paths, and communication is resumed. Downsides of such architecture are relatively long recovery time – up to 3.2 sec and fact that bandwidth of redundant links are not utilized.
In case of VSU technology links connecting Virtual Switch Unit members are called VSL (Virtual Switching Link) and redundant links to lower network layer is configured as VSU Access Ports with link aggregation. In such case even if one of VSU member switch has total system failure, switch-over of full bandwidth to another member is done in milliseconds.
VSU Technology main advantage over traditional MSTP+VRRP (Virtual Router Redundancy Protocol) technologies are very simple configuration, much faster switch-over/convergence times and usage of available bandwidth in redundant links.
VSU Technology is available without no additional licensing “out of the box” on all Ruijie switches – supporting 8to1 VSU technology on Access and Distribution layer products and 2to1 on Core Layer products.
CPP – CPU Protection Policy
CPP – CPU Protection Policy ! Malicious attacks often occur in networks. By forging a large number of different management and protocol packets, these attacks make the switch too busy to deal with normal management and protocol packets, and thus affecting the security and the switch and the stability of the network at a large extent. CPP feature is enabled by default on all Ruijie switch products and provides smooth network forwarding through CPU and Control Plane protection, protecting switch from common network attack/virus (ARP attack, ICMP attack, IP scanning attack and DHCP exhaustion attacks). CPP feature is realized on Hardware level (separate chip used), as different from many other vendors with using software protection solution.
CPP provides CPU usage rate below 30% under any attacking environment;
CPU Protection policy is done in hardware level and it based on 4 steps process – Identification of packet (all most common protocols – it’ s default bandwidth and priority queue configuration you can find in each switch configuration manual), configuration of allowed bandwidth, priority queue mapping, queue scheduling configuration.
NFPP – Network Foundation Protection Policy
NFPP – Network Foundation Protection Policy. NFPP can automatically detect attacks at network layer. When detecting an attack such as ARP attack or scanning which exceeds the security threshold, a switch automatically delivers a security policy immediately to isolate the packets sent from the attack source, and meanwhile guarantees that the normal access of other users to the network is not restricted.
CPP is focused on filtering abnormal rates of protocol packets, but not on isolation of network level attacks. NFPP provides host/port based attack & rate-limit threshold configuration, and its possible to protect following attacks:
- ARP (Address Resolution Protocol) – Against ARP DoS attacks
- IP Guard – Scanning of Dest. IP Address and Sending the IP packets to the inexistent destination IP address at the high-rate
- ICMP (Internet Control Message Protocol) – Against ICMP Flood attacks
- DHCP/DHCPv6 – Against DHCP exhaustion attacks (obtaining all DHCP address fields with pool of fake MAC’ s)
- ND (Neighbor Discovery) – Against High number of ND requests
- User Defined based on various protocols (s OSPF, BGP, RIP and etc.)
Ruijie Unified Switching
In today’s typical Data Center environment usually different network domains are maintained. IP Network for WAN/LAN networking, FC (Fiber Channel network for Storage SAN) or FCoE (Fiber Channel over Ethernet) networks for Storage Connection. Ruijie Datacenter Switch 6220 series support all three technologies, allowing to simplify Data Center structure and introduce Unified Switching. Unified Switching allows to use one set of Network switches for all kind of communications, 1 set of NIC cards, 1 set of cabling!
Using Ruijie 6220 switch is possible to achieve flexible TOR (Top Of The RACK) data center switching scenario – high density of 10G SFP+ ports supporting Ethernet and FCoE technology, as well flexible number of needed FC ports and 40G port options.
DCB Lossless Ethernet
DCB Lossless Ethernet
In the data center, there are three traffic types:
CN (Congestion Notification) Protocol – By reducing packet sending rate of end destination it avoids congestion and addresses such problems as packet re-transmission, increased latency caused by congestion;
PCF (Priority-based Flow Control) – In case of all three traffic type coexistence provides zero packet loss of storage traffic without affecting other types;
ETS (Enriched Transmission Options) – Prevents large bursts of one traffic type from affecting other traffic types and guarantees minimum bandwidth for different traffic types;
DCBX (Data Center Bridging Exchange) – Link Layer Discovery Protocol – automatic inter-devices negotiation and configuration of CN, PCF, & ETS.
Todays modern Data Centers, aggregation layer networks work like L2 switch clusters/matrix. One of problem in this networking is Loop Avoidance – usually addressed by using and implementing Spanning Tree Protocol and its versions (RSTP, MSTP). These protocols provides loop avoidance by blocking ports/alternate links. It solves the main problem, but side effect is waste of bandwidth.
TRILL (Transparent Interconnections of Lots of Links) is Layer 2 Protocol, bringing IS-IS routing protocol to Layer 2. Sometimes TRILL is called “Layer 2 Routing”. TRILL establishes each TRILL supporting switch as Route Bridge, provides neighbor discovery, builds up topology and calculates shortest paths of unicast packets and distribution tree for unicast packets and distribution tree for broadcast packets. TRILL also implements Equal Cost Multipath logic allowing load sharing between equal cost paths.
In Data Center environment, where many Virtual Machines are running in one physical server each VM has Virtual Network Interface Card and inter-VM’s switching is performed by Virtual Switch (VM ware call it vSwitch). Virtual Switch is software switch with some limitations on functionality, especially of security policy enforcement – one infected VM can flood all other VM’ s in same server.
VEPA (Virtual Ethernet Port Aggregation) is IEEE Standard 802.1qbg with allows to bring Virtual Machine switching to physical switch, with usually is much more advanced in security policies and features. VEPA technology was developed and is widely used by HP, Brocade, IBM, Juniper. Same time Cisco develops rival standard/technology – 802.1qbh and it’s called VN-Tag.