Page 328 - เอกสารตรวจรับระบบ dr site

P. 328

เอกสารอ้างอิง Network_1G ข้อ 4.4

EX3400 Ethernet Switch
4.4.12
• Neighbor discovery, system logging, Telnet, SSH, Junos • 802.1X dynamic access control list (ACL) based on RADIUS
Web, SNMP, Network Time Protocol (NTP), Domain Name attributes
System (DNS) • 802.1X supported EAP types: MD5, Transport Layer
• Routing protocols: RIPng, OSPF v3 Security (TLS), Tunneled Transport Layer Security (TTLS),
• Static routing Protected Extensible Authentication Protocol (PEAP)
• IPv6 ACL (PACL, VACL, RACL) • IPv6 RA Guard
• IPv6 CoS (BA, MF classification and rewrite, scheduling • IPv6 Neighbor Discovery Inspection
based on TC) • Media Access Control security (MACsec)
• MLDv1/v2 snooping High Availability
• IPv6 ping, traceroute • Link aggregation:
• IPv6 stateless auto-configuration • 802.3ad (LACP) support
• IPv6 Layer 3 forwarding in hardware • Number of link aggregation groups (LAGs) supported: 128
• IPv6 Layer 3 redundancy: VRRP v6 • Maximum number of ports per LAG: 16
• Virtual Router support for IPv6 unicast • Tagged ports support in LAG
• PIM for IPv6 multicast • Graceful Route Engine switchover (GRES) for IGMP v1/v2/
Access control lists (ACLs) (Junos OS firewall filters) v3 snooping
• Port-based ACL (PACL)—ingress and egress • Nonstop routing (OSPF v1/v2/v3, RIP/RIPng, PIM)
• VLAN-based ACL (VACL)—ingress and egress • Nonstop software upgrade (NSSU)
• Router-based ACL (RACL)—ingress and egress Quality of Service (QoS)
• ACL entries (ACE) in hardware per system: 1500 • Layer 2 QoS
• ACL counter for denied packets • Layer 3 QoS
• ACL counter for permitted packets • Ingress policing: two-rate three-color
• Ability to add/remove/change ACL entries in middle of list • Hardware queues per port: 12 (8 unicast, 4 multicast)
(ACL editing) • Scheduling methods (egress): Strict Priority (SP), SDWRR
• L2-L4 ACL • 802.1p, DiffServ code point (DSCP/IP) precedence trust
• Trusted Network Connect (TNC) certified and marking
• Static MAC authentication • L2-L4 classification criteria, including Interface, MAC
address, EtherType, 802.1p, VLAN, IP address, DSCP/IP
• MAC-RADIUS precedence, and TCP/UDP port numbers
• Control plane denial-of-service (DoS) protection • Congestion avoidance capabilities: Tail drop
• Firewall filter on me0 interface (control plane protection) Multicast
• Captive portal—Layer 2 interfaces • IGMP snooping entries: 1000
• Fallback authentication • IGMP snooping
• Media Access Control Security (MACsec) • IGMP v1/v2/v3
Access Security • PIM SM, PIM SSM, PIM DM
• MAC limiting • VRF-Lite support for PIM and IBMP
• Allowed MAC addresses, configurable per port • MLD v1/v2 snooping
• Dynamic ARP inspection (DAI) • IGMP filter
• Proxy ARP • Multicast Source Discovery Protocol (MSDP)
• Static ARP support • PIM for IPv6 multicast
• DHCP snooping Services and Manageability
• 802.1X port-based • Junos OS CLI 4.4.12
• 802.1X multiple supplicants • Web interface: Junos Web support
• 802.1X with VLAN assignment • Out-of-band management: Serial, 10/100BASE-T Ethernet
• 802.1X with authentication bypass access (based on host • ASCII configuration
MAC address) 4.4.15
• 802.1X with VoIP VLAN support • Rescue configuration
• Configuration rollback

Page 7 of 16 7

323 324 325 326 327 328 329 330 331 332 333