Is based on Barefoot Tofino switching silicon and well-suited for Top-of-Rack/Spine Datacenter, Enterprise, and Cloud Service Provider network deployments. It has 48 x 25GbE SFP28 and 8 x 100GbE QSFP28 interfaces, which can be configured up to 80 x 25G with break-out cables for high-density scenarios, and delivers full 2.0Tbps throughput.
It is a unique network development platform, designed to bring the twin pillars – performance and programmability – together for the first time in the history of networking. The combination of the Tofino programmable switch chip, the P4 programming language, and Capilano toolset are revolutionary.
Barefoot Tofino™ – the world’s fastest switch silicon, that happens also to be programmable.
P4 – Programming Protocol-independent Packet Processors – www.p4.org exists now as an independent entity to develop a rich open source ecosystem. Unlike human languages, a programming language such as P4 can unambiguously specify the behavior of network forwarding behavior. A programmer can describe the behavior once, then compile the program to run on a variety of different platforms.
Capilano – the compilers and development tools needed to compile and debug programs to run on Tofino.
A ready-to-use NOS, SONiC – a collection of networking software components required to have a fully functional L3 device, is available for data center applications.
The switch has a BMC (Baseboard Management Controller) onboard to provide server-like monitoring and power control function through a shared Ethernet interface.
Rapid Prototyping And Deploying New Protocols.
Use intimate local expertise to introduce your own custom protocols to isolate one tenant from another while allowing interconnection of tenants with their applications.
Extend a standard encapsulation protocol to accelerate load-balancing. Implement custom congestion control mechanics, OAM, discovery, and high availability protocols.
Remove Unused Protocols, Simplify And Streamline The Network.
Precious switch resources are often hard-coded to protocols you don't use. Imagine that you can reduce the size of the L2 forwarding table and re-purpose the memory to increase the L3 IP routing tables instead. With Tofino, for example, a DC can easily increase the capacity of an IP routing table from 300K to 1.2M, allowing them to build even bigger networks and address many more servers. Throwing out unused protocols also means less to go wrong; data-center owners report outages caused by protocols they do not even use but were hard-coded into their switches! With P4, you only include the protocols you need, focusing precious tables as-needed, simplifying the switch and making outages less likely.
Ensure Complete Visibility Of The Network And How It Process Every Packet.
With P4, Capilano, and Tofino ASIC network operators can quickly add powerful monitoring, analysis, and diagnostics features for themselves, in the field - and our users have already started to do so. One very popular technique, made possible by P4-capable switches, is called “In-band Network Telemetry” (INT). In a nutshell, the network operator decides exactly what information she wants to observe: For example, the precise latency taken by a packet through each switch it is passes through, or the other packets it shared a queue with, the version of the software, the table entries it matched on. Every data packet can be recruited as a probe, without creating any new traffic. Such unprecedented visibility is made possible by placing programmability in the operator’s hands. And of course, a baseline implementation is already available as the open-source “INT.p4” program. Programmers are already looking at how to fully-automate data collection and remediation, as a step towards making self-managed networks.
Integrating Middlebox Functions Into Every Switch
You can program the features they need directly into your network, eliminating huge numbers of expensive middleboxes. In most cases, the middlebox functions operate much faster than before, because they run on Tofino at full line-rate, rather than on a conventional CPU. Firewalls, intrusion detection systems, address & port translators, traffic de-duplicators, etc. will benefit a lot from this approach.
Implement Part of Distributed Applications Directly In The Network.
A big data center runs many huge distributed applications; and also has a network with tens of thousands of switches. It is interesting to ask if the switches can accelerate distributed applications, offloading the servers. Recently, researchers demonstrated how the Paxos consensus protocol can be added to the network by implementing a portion of it in P4, and added to switches. This led to many of orders of magnitude acceleration of distributed applications. Other have built new key-value management services directly into the network data plane. Many new fast in-network services to be seamlessly integrated into networks, for free.
48x 25G + 8x 100/50/40GbE QSFP28 ports in 1 RU Up to 80x 25/10G SFP28 port via break-out cables
BMC (Baseboard Management Controller) enables remote switch power control and providing health monitoring of the temperature, power status, and cooling fan.
Network OS (NOS) options
Open Network Linux is a Linux distribution for "bare metal" switches, that is, network forwarding devices built from commodity components. ONL uses ONIE to install onto on-board flash memory. Open Network Linux is a part of the Open Compute Project and is a component in a growing collection of open source and commercial projects.
Microsoft SONiC - a collection of networking software components required to have a fully functional L3 device. It is designed to meet the requirements of a cloud data center. It is fully open-sourced at OCP.
48x 10/25GbE SFP28 + 8x 100/40GbE QSFP28 ports in 1 RU Up to 8 x 25/10G SFP28 ports via break-out cables 1x RJ-45 out-of-band (10/100/1000) management 1x RJ-45 console (RS232) 1x USB
Fan LED System status LED PSU status LED Reset button
Operating temperature: 0~45°C Operating humidity: 20-95% maximum relative humidity (non-condensing)
EMC and safety
FCC CE Declaration of Conformity Reduction of Hazardous Substances (RoHS) 6
• ONIE bootloader and a set of developer tools • Broadcom ICOS • Ubuntu Linux with Open Network Switch Library (OpenNSL) • Open Network Linux • SONiC
Возможности Broadcom ICOS
Текущая версия - ICOS 3.2, в будущем будут обновления. software stack implementation. To be updated along with the development. Примечание: ограничение текущей версии: возможно реализовать либо L3 маршрутизацию, либо аппаратное терминирование VXLAN туннелей, но только что-то одно.
Layer 2 features
L2 MAC address table: 288K
Link aggregation: • 802.3ad with LACP • Cisco EtherChannel • Max number of group: 8 • Unicast/Multicast traffic balance • Virtual Port Channel (MLAG)
IPv6 • V4/V6 dual stack • ICMPv6 • ICMPv6 redirect • IPv6 Path MTU Discovery • IPv6 Neighbor Discovery • Stateless Autoconfiguration • Manual Configuration • DHCPv6 • SNMP over IPv6 • HTTP over IPv6 • SSH over IPv6 • IPv6 Telnet support • IPv6 DNS resolver • IPv6 RADIUS support • IPv6 TACACS+ support • IPv6 Syslog support • IPv6 SNTP support • IPv6 TFTP support • Remote IPv6 ping
QoS features • Number of priority queue: 8 • Scheduling: - WRR - Strict priority - Hybrid (WRR+Strict priority) • CoS: - 802.1p-based CoS - IP TOS Precedence based CoS - IP DSCP based CoS • DiffServ: - 32 classes - 13 rules per class - No. class in policy: 64 - No. policy in class: 28 • Auto VoIP
Layer 3 Features • Number of IP interfaces: 128 • Multinetting/CIDR • /31 subnet support • IP ARP • Proxy ARP • Local proxy ARP • IRDP • Static route • ECMP • OSFP v2/v3 • BGP v4/v6 • Virtual routing and forwarding (VRF) awareness in BGP: - BGP extended communities - BGP route leaking - BGP dynamic neighbors • Multicast: - Multicast groups - IGMP v1/v2/v3 - MLD v1/v2 - DVMRP - PIM-DM v4/v6 - PIM-SM v4/v6 - IGMP proxy • VRRP • Loopback • Routes: - IPv4 - IPv6 - ARP entry - ND entries - IP IGMP/MLD - PIM-SM/DM v4/v6 - DVMRP • Source IP configuration • Policy-based routing (PBR) • IPv6 Tunneling • IPv6 Loopback • DHCPv6 relay • DHCPv6 server
Security • Static/Dynamic Port Security (MAC-based) • 802.1x: - Port based - MAC based - VLAN assignmnet - Guest VLAN - Unauthenticated VLAN - QoS assignment • ACL: - L2: MAC SA/DA, CoS, EtherType - L3: IPv4 SA/DA, subnet based - L3: IPv6 SA/DA, flow-label, DSCP - L4: TCP/UDP port - Time-based ACL - ACL counters • RADIUS: - Authentication - Accounting • TACACS+: - Authentication • HTTPS & SSL • SSH 1.5/2.0 • User authentication: - Local - RADIUS/TACACS+ - AAA • DoS control • MAC filter • IP Source Guard • Dynamic ARP inspection • DHCP snooping • Control Plane Policy (CoPP)
Management • Industry standard CLI • CLI filtering • Telnet/SSH • Software/configuration upload/download using TFTP/XMODEM/HTTP/FTP/SCP/SFTP • Dual image • SNMP v1/v2c/v3 • RMON 1,2,3,9 groups • BOOTP client/relay • DHCP: - Client - Server - Relay - L2 option 82 relay - L3 option 82 relay • Event log • DNS client • Utility: remote ping, traceroute • SNTP v4 • LLDP: 802.1AB, 802.MED • CDP • UDLD • Port mirroring: - SPAN: one-to-one, many-to-one - SPAN with ACL filter - SPAN with VLAN - RSPAN • sFlow v5 • Cable test • Email alerting • Auto install • RESTCONF interface • NetSNMP
Data Center • ONIE enabled boot loader • FIP snooping • Congestion Notification (CN) • ETS • PFC • DCBX for PFC (CEE v1.0) • DCBX for ETS (CEE v1.0) • OpenFlow 1.3 • OpEN API • Puppet/Chef support • Production quality RESTful API • Port locator, dynamic topology map, and prescriptive topology mapping • VXLAN • NVGRE